read PDP server name from strongswan.conf
[strongswan.git] / src / libcharon / plugins / tnc_pdp / tnc_pdp.c
index 2e330e7..6daae8f 100644 (file)
@@ -44,6 +44,16 @@ struct private_tnc_pdp_t {
        tnc_pdp_t public;
 
        /**
+        * ID of the server
+        */
+       identification_t *server;
+
+       /**
+        * EAP method type to be used
+        */
+       eap_type_t type;
+
+       /**
         * IPv4 RADIUS socket
         */
        int ipv4;
@@ -226,16 +236,21 @@ static void process_eap(private_tnc_pdp_t *this, radius_message_t *request,
 
                if (eap_type == EAP_IDENTITY)
                {
-                       identification_t *server, *peer;
+                       identification_t *peer;
+                       chunk_t eap_identity;
+
+                       if (message.len < 5)
+                       {
+                               return;
+                       }
+                       eap_identity = chunk_create(message.ptr + 5, message.len - 5);
+                       peer = identification_create_from_data(eap_identity);
 
-                       peer = identification_create_from_string("carol@strongswan.org");
-                       server = identification_create_from_string("server");
-                       this->method = charon->eap->create_instance(charon->eap, EAP_MD5, 0,
-                                                                                               EAP_SERVER, server, peer); 
+                       this->method = charon->eap->create_instance(charon->eap, this->type,
+                                                                                               0, EAP_SERVER, this->server, peer); 
+                       peer->destroy(peer);
                        if (!this->method)
                        {
-                               peer->destroy(peer);
-                               server->destroy(server);
                                in->destroy(in);
                                return;
                        }
@@ -250,17 +265,22 @@ static void process_eap(private_tnc_pdp_t *this, radius_message_t *request,
                                        break;
                                case SUCCESS:
                                        code = RMC_ACCESS_ACCEPT;
+                                       DESTROY_IF(out);
+                                       out = eap_payload_create_code(EAP_SUCCESS,
+                                                                                                 in->get_identifier(in));
                                        break;
                                case FAILED:
                                default:
                                        code = RMC_ACCESS_REJECT;
+                                       DESTROY_IF(out);
+                                       out = eap_payload_create_code(EAP_FAILURE,
+                                                                                                 in->get_identifier(in));
                        }
                }
 
                send_response(this, request, code, out, source);
-
                in->destroy(in);
-               DESTROY_IF(out);
+               out->destroy(out);
        }
 }
 
@@ -380,6 +400,7 @@ METHOD(tnc_pdp_t, destroy, void,
        {
                close(this->ipv6);
        }
+       DESTROY_IF(this->server);
        DESTROY_IF(this->signer);
        DESTROY_IF(this->hasher);
        DESTROY_IF(this->method);
@@ -392,12 +413,13 @@ METHOD(tnc_pdp_t, destroy, void,
 tnc_pdp_t *tnc_pdp_create(u_int16_t port)
 {
        private_tnc_pdp_t *this;
-       char *secret;
+       char *secret, *server;
 
        INIT(this,
                .public = {
                        .destroy = _destroy,
                },
+               .type = EAP_TTLS,
                .ipv4 = open_socket(this, AF_INET,  port),
                .ipv6 = open_socket(this, AF_INET6, port),
                .hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5),
@@ -423,6 +445,17 @@ tnc_pdp_t *tnc_pdp_create(u_int16_t port)
                destroy(this);
                return NULL;
        }
+
+       server = lib->settings->get_str(lib->settings,
+                                               "charon.plugins.tnc-pdp.server", NULL);
+       if (!server)
+       {
+               DBG1(DBG_CFG, "missing PDP server name, PDP disabled");
+               destroy(this);
+               return NULL;
+       }
+       this->server = identification_create_from_string(server);
+
        secret = lib->settings->get_str(lib->settings,
                                                "charon.plugins.tnc-pdp.secret", NULL);
        if (!secret)
@@ -434,6 +467,7 @@ tnc_pdp_t *tnc_pdp_create(u_int16_t port)
        this->secret = chunk_create(secret, strlen(secret));
        this->signer->set_key(this->signer, this->secret);
 
+
        this->job = callback_job_create_with_prio((callback_job_cb_t)receive,
                                                                                this, NULL, NULL, JOB_PRIO_CRITICAL);
        lib->processor->queue_job(lib->processor, (job_t*)this->job);