configure: Fix typo when enabling CPAN modules as dependency
[strongswan.git] / src / libpttls / pt_tls_dispatcher.c
index f89e1a5..5c30637 100644 (file)
@@ -18,7 +18,6 @@
 
 #include <threading/thread.h>
 #include <utils/debug.h>
-#include <networking/host.h>
 #include <processing/jobs/callback_job.h>
 
 #include <errno.h>
@@ -43,30 +42,37 @@ struct private_pt_tls_dispatcher_t {
        int fd;
 
        /**
+        * Client authentication requirements
+        */
+       pt_tls_auth_t auth;
+
+       /**
         * Server identity
         */
        identification_t *server;
+
+       /**
+        * Peer identity
+        */
+       identification_t *peer;
+
+       /**
+        * TNCCS protocol handler constructor
+        */
+       pt_tls_tnccs_constructor_t *create;
 };
 
 /**
  * Open listening server socket
  */
-static bool open_socket(private_pt_tls_dispatcher_t *this,
-                                               char *server, u_int16_t port)
+static bool open_socket(private_pt_tls_dispatcher_t *this, host_t *host)
 {
-       host_t *host;
-
        this->fd = socket(AF_INET, SOCK_STREAM, 0);
        if (this->fd == -1)
        {
                DBG1(DBG_TNC, "opening PT-TLS socket failed: %s", strerror(errno));
                return FALSE;
        }
-       host = host_create_from_dns(server, AF_UNSPEC, port);
-       if (!host)
-       {
-               return FALSE;
-       }
        if (bind(this->fd, host->get_sockaddr(host),
                         *host->get_sockaddr_len(host)) == -1)
        {
@@ -115,11 +121,13 @@ static void cleanup(pt_tls_server_t *connection)
 }
 
 METHOD(pt_tls_dispatcher_t, dispatch, void,
-       private_pt_tls_dispatcher_t *this)
+       private_pt_tls_dispatcher_t *this,
+       pt_tls_tnccs_constructor_t *create)
 {
        while (TRUE)
        {
                pt_tls_server_t *connection;
+               tnccs_t *tnccs;
                bool old;
                int fd;
 
@@ -132,7 +140,13 @@ METHOD(pt_tls_dispatcher_t, dispatch, void,
                        continue;
                }
 
-               connection = pt_tls_server_create(this->server, fd);
+               tnccs = create(this->server, this->peer);
+               if (!tnccs)
+               {
+                       close(fd);
+                       continue;
+               }
+               connection = pt_tls_server_create(this->server, fd, this->auth, tnccs);
                if (!connection)
                {
                        close(fd);
@@ -154,13 +168,15 @@ METHOD(pt_tls_dispatcher_t, destroy, void,
                close(this->fd);
        }
        this->server->destroy(this->server);
+       this->peer->destroy(this->peer);
        free(this);
 }
 
 /**
  * See header
  */
-pt_tls_dispatcher_t *pt_tls_dispatcher_create(char *server, u_int16_t port)
+pt_tls_dispatcher_t *pt_tls_dispatcher_create(host_t *address,
+                                                                       identification_t *id, pt_tls_auth_t auth)
 {
        private_pt_tls_dispatcher_t *this;
 
@@ -169,11 +185,14 @@ pt_tls_dispatcher_t *pt_tls_dispatcher_create(char *server, u_int16_t port)
                        .dispatch = _dispatch,
                        .destroy = _destroy,
                },
-               .server = identification_create_from_string(server),
+               .server = id->clone(id),
+               /* we currently don't authenticate the peer, use %any identity */
+               .peer = identification_create_from_encoding(ID_ANY, chunk_empty),
                .fd = -1,
+               .auth = auth,
        );
 
-       if (!open_socket(this, server, port))
+       if (!open_socket(this, address))
        {
                destroy(this);
                return NULL;