aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/authenticators/authenticator.c
diff options
context:
space:
mode:
authorMartin Willi <martin@strongswan.org>2009-04-14 10:34:24 +0000
committerMartin Willi <martin@strongswan.org>2009-04-14 10:34:24 +0000
commita44bb9345f0482b3dace19a27ee40320ddadc75f (patch)
tree34d75bd95b2868900213e13c31ddd892d2fd4904 /src/charon/sa/authenticators/authenticator.c
parent6e5c8d9413234b18a0631cddadd973a9f509708b (diff)
downloadstrongswan-a44bb9345f0482b3dace19a27ee40320ddadc75f.tar.bz2
strongswan-a44bb9345f0482b3dace19a27ee40320ddadc75f.tar.xz
merged multi-auth branch back into trunk
Diffstat (limited to 'src/charon/sa/authenticators/authenticator.c')
-rw-r--r--src/charon/sa/authenticators/authenticator.c46
1 files changed, 33 insertions, 13 deletions
diff --git a/src/charon/sa/authenticators/authenticator.c b/src/charon/sa/authenticators/authenticator.c
index cdd3245fe..0c33528a0 100644
--- a/src/charon/sa/authenticators/authenticator.c
+++ b/src/charon/sa/authenticators/authenticator.c
@@ -1,6 +1,6 @@
/*
+ * Copyright (C) 2006-2009 Martin Willi
* Copyright (C) 2008 Tobias Brunner
- * Copyright (C) 2006-2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
#include <sa/authenticators/pubkey_authenticator.h>
#include <sa/authenticators/psk_authenticator.h>
#include <sa/authenticators/eap_authenticator.h>
+#include <encoding/payloads/auth_payload.h>
ENUM_BEGIN(auth_method_names, AUTH_RSA, AUTH_DSS,
@@ -35,7 +36,8 @@ ENUM_NEXT(auth_method_names, AUTH_ECDSA_256, AUTH_ECDSA_521, AUTH_DSS,
"ECDSA-521 signature");
ENUM_END(auth_method_names, AUTH_ECDSA_521);
-ENUM(auth_class_names, AUTH_CLASS_PUBKEY, AUTH_CLASS_EAP,
+ENUM(auth_class_names, AUTH_CLASS_ANY, AUTH_CLASS_EAP,
+ "any",
"public key",
"pre-shared key",
"EAP",
@@ -44,17 +46,23 @@ ENUM(auth_class_names, AUTH_CLASS_PUBKEY, AUTH_CLASS_EAP,
/**
* Described in header.
*/
-authenticator_t *authenticator_create_from_class(ike_sa_t *ike_sa,
- auth_class_t class)
+authenticator_t *authenticator_create_builder(
+ ike_sa_t *ike_sa, auth_cfg_t *cfg,
+ chunk_t received_nonce, chunk_t sent_init)
{
- switch (class)
+ switch ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS))
{
+ case AUTH_CLASS_ANY:
+ /* defaults to PUBKEY */
case AUTH_CLASS_PUBKEY:
- return (authenticator_t*)pubkey_authenticator_create(ike_sa);
+ return (authenticator_t*)pubkey_authenticator_create_builder(ike_sa,
+ received_nonce, sent_init);
case AUTH_CLASS_PSK:
- return (authenticator_t*)psk_authenticator_create(ike_sa);
+ return (authenticator_t*)psk_authenticator_create_builder(ike_sa,
+ received_nonce, sent_init);
case AUTH_CLASS_EAP:
- return (authenticator_t*)eap_authenticator_create(ike_sa);
+ return (authenticator_t*)eap_authenticator_create_builder(ike_sa,
+ received_nonce, sent_init);
default:
return NULL;
}
@@ -63,19 +71,31 @@ authenticator_t *authenticator_create_from_class(ike_sa_t *ike_sa,
/**
* Described in header.
*/
-authenticator_t *authenticator_create_from_method(ike_sa_t *ike_sa,
- auth_method_t method)
+authenticator_t *authenticator_create_verifier(
+ ike_sa_t *ike_sa, message_t *message,
+ chunk_t sent_nonce, chunk_t received_init)
{
- switch (method)
+ auth_payload_t *auth_payload;
+
+ auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+ if (auth_payload == NULL)
+ {
+ return (authenticator_t*)eap_authenticator_create_verifier(ike_sa,
+ sent_nonce, received_init);
+ }
+ switch (auth_payload->get_auth_method(auth_payload))
{
case AUTH_RSA:
case AUTH_ECDSA_256:
case AUTH_ECDSA_384:
case AUTH_ECDSA_521:
- return (authenticator_t*)pubkey_authenticator_create(ike_sa);
+ return (authenticator_t*)pubkey_authenticator_create_verifier(ike_sa,
+ sent_nonce, received_init);
case AUTH_PSK:
- return (authenticator_t*)psk_authenticator_create(ike_sa);
+ return (authenticator_t*)psk_authenticator_create_verifier(ike_sa,
+ sent_nonce, received_init);
default:
return NULL;
}
}
+