implemented server side support for EAP-TTLS
[strongswan.git] / src / libcharon / plugins / eap_ttls / eap_ttls.c
index fa1d283..ad3360d 100644 (file)
@@ -14,6 +14,8 @@
  */
 
 #include "eap_ttls.h"
+#include "eap_ttls_peer.h"
+#include "eap_ttls_server.h"
 
 #include <tls.h>
 
@@ -121,7 +123,7 @@ METHOD(eap_method_t, initiate, status_t,
                do {
                        pkt.identifier = random();
                } while (!pkt.identifier);
-               DBG2(DBG_IKE, "sending TLS start packet");
+               DBG2(DBG_IKE, "sending EAP-TLS start packet");
 
                *out = eap_payload_create_data(chunk_from_thing(pkt));
                return NEED_MORE;
@@ -196,7 +198,7 @@ static eap_payload_t *create_ack(private_eap_ttls_t *this, u_int8_t identifier)
                .type = EAP_TTLS,
        };
        htoun16(&pkt.length, sizeof(pkt));
-       DBG2(DBG_IKE, "sending TLS acknowledgement packet");
+       DBG2(DBG_IKE, "sending EAP-TLS acknowledgement packet");
 
        return eap_payload_create_data(chunk_from_thing(pkt));
 }
@@ -232,7 +234,7 @@ static eap_payload_t *read_buf(private_eap_ttls_t *this, u_int8_t identifier)
                        pkt_len += EAP_TTLS_FRAGMENT_LEN;
                        memcpy(start, this->output.ptr + this->outpos, EAP_TTLS_FRAGMENT_LEN);
                        this->outpos += EAP_TTLS_FRAGMENT_LEN;
-                       DBG2(DBG_IKE, "sending TLS packet fragment");
+                       DBG2(DBG_IKE, "sending EAP-TLS packet fragment");
                }
                else
                {
@@ -241,12 +243,12 @@ static eap_payload_t *read_buf(private_eap_ttls_t *this, u_int8_t identifier)
                                   this->output.len - this->outpos);
                        chunk_free(&this->output);
                        this->outpos = 0;
-                       DBG2(DBG_IKE, "sending TLS packet");
+                       DBG2(DBG_IKE, "sending EAP-TLS packet");
                }
        }
        else
        {
-               DBG2(DBG_IKE, "sending TLS acknowledgement packet");
+               DBG2(DBG_IKE, "sending EAP-TLS acknowledgement packet");
        }
        htoun16(&pkt->length, pkt_len);
        return eap_payload_create_data(chunk_create(buf, pkt_len));
@@ -338,7 +340,7 @@ METHOD(eap_method_t, process, status_t,
        if (data.len < sizeof(eap_ttls_packet_t) ||
                untoh16(&pkt->length) != data.len)
        {
-               DBG1(DBG_IKE, "invalid EAP-TTLS packet length");
+               DBG1(DBG_IKE, "invalid EAP-TLS packet length");
                return FAILED;
        }
        if (pkt->flags & EAP_TTLS_START)
@@ -423,7 +425,8 @@ METHOD(eap_method_t, destroy, void,
  * Generic private constructor
  */
 static eap_ttls_t *eap_ttls_create(identification_t *server,
-                                                                identification_t *peer, bool is_server)
+                                                                  identification_t *peer, bool is_server,
+                                                                  tls_application_t *application)
 {
        private_eap_ttls_t *this;
 
@@ -439,19 +442,21 @@ static eap_ttls_t *eap_ttls_create(identification_t *server,
                .is_server = is_server,
        );
        /* MSK PRF ASCII constant label according to EAP-TTLS RFC 5281 */
-       this->tls = tls_create(is_server, server, peer, "ttls keying material");
-
+       this->tls = tls_create(is_server, server, peer, FALSE,
+                                                  "ttls keying material", application);
        return &this->public;
 }
 
 eap_ttls_t *eap_ttls_create_server(identification_t *server,
-                                                                identification_t *peer)
+                                                                  identification_t *peer)
 {
-       return eap_ttls_create(server, peer, TRUE);
+       return eap_ttls_create(server, peer, TRUE,
+                                                  &eap_ttls_server_create(server, peer)->application);
 }
 
 eap_ttls_t *eap_ttls_create_peer(identification_t *server,
-                                                          identification_t *peer)
+                                                                identification_t *peer)
 {
-       return eap_ttls_create(server, peer, FALSE);
+       return eap_ttls_create(server, peer, FALSE,
+                                                  &eap_ttls_peer_create(server, peer)->application);
 }