diff options
| author | Martin Willi <martin@revosec.ch> | 2015-01-29 11:13:42 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2015-03-03 14:08:00 +0100 |
| commit | 666c5523818cbfc12ba69778ead929700245daed (patch) | |
| tree | b287abf44fdf8fa83cbf4cb034d9f494059307c2 | |
| parent | aba5b76ce170deb486f7a1eb36282b3458545fba (diff) | |
| download | strongswan-666c5523818cbfc12ba69778ead929700245daed.tar.bz2 strongswan-666c5523818cbfc12ba69778ead929700245daed.tar.xz | |
libtls: Add getters for TLS handshake authentication details
| -rw-r--r-- | src/libtls/tls.c | 7 | ||||
| -rw-r--r-- | src/libtls/tls.h | 7 | ||||
| -rw-r--r-- | src/libtls/tls_eap.c | 7 | ||||
| -rw-r--r-- | src/libtls/tls_eap.h | 7 | ||||
| -rw-r--r-- | src/libtls/tls_handshake.h | 7 | ||||
| -rw-r--r-- | src/libtls/tls_peer.c | 7 | ||||
| -rw-r--r-- | src/libtls/tls_server.c | 7 |
7 files changed, 49 insertions, 0 deletions
diff --git a/src/libtls/tls.c b/src/libtls/tls.c index 201612470..08a06f5ef 100644 --- a/src/libtls/tls.c +++ b/src/libtls/tls.c @@ -415,6 +415,12 @@ METHOD(tls_t, get_eap_msk, chunk_t, return this->crypto->get_eap_msk(this->crypto); } +METHOD(tls_t, get_auth, auth_cfg_t*, + private_tls_t *this) +{ + return this->handshake->get_auth(this->handshake); +} + METHOD(tls_t, destroy, void, private_tls_t *this) { @@ -465,6 +471,7 @@ tls_t *tls_create(bool is_server, identification_t *server, .get_purpose = _get_purpose, .is_complete = _is_complete, .get_eap_msk = _get_eap_msk, + .get_auth = _get_auth, .destroy = _destroy, }, .is_server = is_server, diff --git a/src/libtls/tls.h b/src/libtls/tls.h index fc1d9b9fd..f3dc198cf 100644 --- a/src/libtls/tls.h +++ b/src/libtls/tls.h @@ -252,6 +252,13 @@ struct tls_t { chunk_t (*get_eap_msk)(tls_t *this); /** + * Get the authentication details after completing the handshake. + * + * @return authentication details, internal data + */ + auth_cfg_t* (*get_auth)(tls_t *this); + + /** * Destroy a tls_t. */ void (*destroy)(tls_t *this); diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c index ebe5bc3a8..12d5aed53 100644 --- a/src/libtls/tls_eap.c +++ b/src/libtls/tls_eap.c @@ -426,6 +426,12 @@ METHOD(tls_eap_t, set_identifier, void, this->identifier = identifier; } +METHOD(tls_eap_t, get_auth, auth_cfg_t*, + private_tls_eap_t *this) +{ + return this->tls->get_auth(this->tls); +} + METHOD(tls_eap_t, destroy, void, private_tls_eap_t *this) { @@ -453,6 +459,7 @@ tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size, .get_msk = _get_msk, .get_identifier = _get_identifier, .set_identifier = _set_identifier, + .get_auth = _get_auth, .destroy = _destroy, }, .type = type, diff --git a/src/libtls/tls_eap.h b/src/libtls/tls_eap.h index f3fbba078..df41fc4d7 100644 --- a/src/libtls/tls_eap.h +++ b/src/libtls/tls_eap.h @@ -77,6 +77,13 @@ struct tls_eap_t { void (*set_identifier) (tls_eap_t *this, uint8_t identifier); /** + * Get the authentication details after completing the handshake. + * + * @return authentication details, internal data + */ + auth_cfg_t* (*get_auth)(tls_eap_t *this); + + /** * Destroy a tls_eap_t. */ void (*destroy)(tls_eap_t *this); diff --git a/src/libtls/tls_handshake.h b/src/libtls/tls_handshake.h index 7fa660c58..7edb49ba0 100644 --- a/src/libtls/tls_handshake.h +++ b/src/libtls/tls_handshake.h @@ -98,6 +98,13 @@ struct tls_handshake_t { identification_t* (*get_server_id)(tls_handshake_t *this); /** + * Get the peers authentication information after completing the handshake. + * + * @return authentication data, internal data + */ + auth_cfg_t* (*get_auth)(tls_handshake_t *this); + + /** * Destroy a tls_handshake_t. */ void (*destroy)(tls_handshake_t *this); diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index 1bee436c4..08e36de36 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -1154,6 +1154,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*, return this->server; } +METHOD(tls_handshake_t, get_auth, auth_cfg_t*, + private_tls_peer_t *this) +{ + return this->server_auth; +} + METHOD(tls_handshake_t, destroy, void, private_tls_peer_t *this) { @@ -1187,6 +1193,7 @@ tls_peer_t *tls_peer_create(tls_t *tls, tls_crypto_t *crypto, tls_alert_t *alert .finished = _finished, .get_peer_id = _get_peer_id, .get_server_id = _get_server_id, + .get_auth = _get_auth, .destroy = _destroy, }, }, diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c index a861a267a..b6e706d23 100644 --- a/src/libtls/tls_server.c +++ b/src/libtls/tls_server.c @@ -1074,6 +1074,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*, return this->server; } +METHOD(tls_handshake_t, get_auth, auth_cfg_t*, + private_tls_server_t *this) +{ + return this->peer_auth; +} + METHOD(tls_handshake_t, destroy, void, private_tls_server_t *this) { @@ -1108,6 +1114,7 @@ tls_server_t *tls_server_create(tls_t *tls, .finished = _finished, .get_peer_id = _get_peer_id, .get_server_id = _get_server_id, + .get_auth = _get_auth, .destroy = _destroy, }, }, |