eap-mschapv2: Provide EAP-MSCHAPv2 username as EAP-Identity
[strongswan.git] / src / libcharon / plugins / eap_mschapv2 / eap_mschapv2.c
index f7f39f9..3411bdb 100644 (file)
@@ -81,6 +81,11 @@ struct private_eap_mschapv2_t
         * Number of retries
         */
        int retries;
+
+       /**
+        * Provide EAP-Identity
+        */
+       auth_cfg_t *auth;
 };
 
 /**
@@ -1084,7 +1089,6 @@ static status_t process_server_response(private_eap_mschapv2_t *this,
                chunk_clear(&nt_hash);
                return FAILED;
        }
-       userid->destroy(userid);
        chunk_clear(&nt_hash);
 
        if (memeq_const(res->response.nt_response, this->nt_response.ptr,
@@ -1109,9 +1113,11 @@ static status_t process_server_response(private_eap_mschapv2_t *this,
                chunk_free(&hex);
                memcpy(eap->data, msg, AUTH_RESPONSE_LEN + sizeof(SUCCESS_MESSAGE));
                *out = eap_payload_create_data(chunk_create((void*) eap, len));
+
+               this->auth->add(this->auth, AUTH_RULE_EAP_IDENTITY, userid);
                return NEED_MORE;
        }
-
+       userid->destroy(userid);
        return process_server_retry(this, out);
 }
 
@@ -1197,11 +1203,18 @@ METHOD(eap_method_t, is_mutual, bool,
        return FALSE;
 }
 
+METHOD(eap_method_t, get_auth, auth_cfg_t*,
+       private_eap_mschapv2_t *this)
+{
+       return this->auth;
+}
+
 METHOD(eap_method_t, destroy, void,
         private_eap_mschapv2_t *this)
 {
        this->peer->destroy(this->peer);
        this->server->destroy(this->server);
+       this->auth->destroy(this->auth);
        chunk_free(&this->challenge);
        chunk_free(&this->nt_response);
        chunk_free(&this->auth_response);
@@ -1224,11 +1237,13 @@ static private_eap_mschapv2_t *eap_mschapv2_create_generic(identification_t *ser
                                .get_msk = _get_msk,
                                .get_identifier = _get_identifier,
                                .set_identifier = _set_identifier,
+                               .get_auth = _get_auth,
                                .destroy = _destroy,
                        },
                },
                .peer = peer->clone(peer),
                .server = server->clone(server),
+               .auth = auth_cfg_create(),
        );
 
        return this;