aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/eap_sim
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2012-07-05 18:04:41 +0200
committerMartin Willi <martin@revosec.ch>2012-07-16 14:53:33 +0200
commit264e7021099f725a2d40fd754f9668da25960a26 (patch)
tree8ee6b24a616b68972d8975b3ce40aa485d77f683 /src/libcharon/plugins/eap_sim
parentcbfbba7d8655fbc1feb839d240bbbace374291e3 (diff)
downloadstrongswan-264e7021099f725a2d40fd754f9668da25960a26.tar.bz2
strongswan-264e7021099f725a2d40fd754f9668da25960a26.tar.xz
Add a return value to simaka_message_t.generate()
Diffstat (limited to 'src/libcharon/plugins/eap_sim')
-rw-r--r--src/libcharon/plugins/eap_sim/eap_sim_peer.c128
-rw-r--r--src/libcharon/plugins/eap_sim/eap_sim_server.c41
2 files changed, 128 insertions, 41 deletions
diff --git a/src/libcharon/plugins/eap_sim/eap_sim_peer.c b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
index 1d1ab99e0..f0a48255d 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_peer.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_peer.c
@@ -106,13 +106,30 @@ struct private_eap_sim_peer_t {
static chunk_t version = chunk_from_chars(0x00,0x01);
/**
+ * Generate a payload from a message, destroy message
+ */
+static bool generate_payload(simaka_message_t *message, chunk_t data,
+ eap_payload_t **out)
+{
+ chunk_t chunk;
+ bool ok;
+
+ ok = message->generate(message, data, &chunk);
+ if (ok)
+ {
+ *out = eap_payload_create_data_own(chunk);
+ }
+ message->destroy(message);
+ return ok;
+}
+
+/**
* Create a SIM_CLIENT_ERROR
*/
-static eap_payload_t* create_client_error(private_eap_sim_peer_t *this,
- simaka_client_error_t code)
+static bool create_client_error(private_eap_sim_peer_t *this,
+ simaka_client_error_t code, eap_payload_t **out)
{
simaka_message_t *message;
- eap_payload_t *out;
u_int16_t encoded;
DBG1(DBG_IKE, "sending client error '%N'", simaka_client_error_names, code);
@@ -122,9 +139,7 @@ static eap_payload_t* create_client_error(private_eap_sim_peer_t *this,
encoded = htons(code);
message->add_attribute(message, AT_CLIENT_ERROR_CODE,
chunk_create((char*)&encoded, sizeof(encoded)));
- out = eap_payload_create_data_own(message->generate(message, chunk_empty));
- message->destroy(message);
- return out;
+ return generate_payload(message, chunk_empty, out);
}
/**
@@ -175,8 +190,11 @@ static status_t process_start(private_eap_sim_peer_t *this,
default:
if (!simaka_attribute_skippable(type))
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
enumerator->destroy(enumerator);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
break;
@@ -187,7 +205,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
if (!supported)
{
DBG1(DBG_IKE, "server does not support EAP-SIM version number 1");
- *out = create_client_error(this, SIM_UNSUPPORTED_VERSION);
+ if (!create_client_error(this, SIM_UNSUPPORTED_VERSION, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -234,9 +255,10 @@ static status_t process_start(private_eap_sim_peer_t *this,
{
message->add_attribute(message, AT_IDENTITY, id);
}
- *out = eap_payload_create_data_own(message->generate(message, chunk_empty));
- message->destroy(message);
-
+ if (!generate_payload(message, chunk_empty, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -270,8 +292,11 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
default:
if (!simaka_attribute_skippable(type))
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
enumerator->destroy(enumerator);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
break;
@@ -285,7 +310,10 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
memeq(rands.ptr, rands.ptr + SIM_RAND_LEN, SIM_RAND_LEN))
{
DBG1(DBG_IKE, "no valid AT_RAND received");
- *out = create_client_error(this, SIM_INSUFFICIENT_CHALLENGES);
+ if (!create_client_error(this, SIM_INSUFFICIENT_CHALLENGES, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
/* get two or three KCs/SRESes from SIM using RANDs */
@@ -297,7 +325,10 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
rands.ptr, sres.ptr, kc.ptr))
{
DBG1(DBG_IKE, "unable to get EAP-SIM triplet");
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
DBG3(DBG_IKE, "got triplet for RAND %b\n Kc %b\n SRES %b",
@@ -322,7 +353,10 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
* parse() again after key derivation, reading encrypted attributes */
if (!in->verify(in, this->nonce) || !in->parse(in))
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -352,8 +386,10 @@ static status_t process_challenge(private_eap_sim_peer_t *this,
/* build response with AT_MAC, built over "EAP packet | n*SRES" */
message = simaka_message_create(FALSE, this->identifier, EAP_SIM,
SIM_CHALLENGE, this->crypto);
- *out = eap_payload_create_data_own(message->generate(message, sreses));
- message->destroy(message);
+ if (!generate_payload(message, sreses, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -384,7 +420,10 @@ static status_t process_reauthentication(private_eap_sim_peer_t *this,
{
DBG1(DBG_IKE, "received %N, but not expected",
simaka_subtype_names, SIM_REAUTHENTICATION);
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -394,7 +433,10 @@ static status_t process_reauthentication(private_eap_sim_peer_t *this,
/* verify MAC and parse again with decryption key */
if (!in->verify(in, chunk_empty) || !in->parse(in))
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -415,8 +457,11 @@ static status_t process_reauthentication(private_eap_sim_peer_t *this,
default:
if (!simaka_attribute_skippable(type))
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
enumerator->destroy(enumerator);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
break;
@@ -427,7 +472,10 @@ static status_t process_reauthentication(private_eap_sim_peer_t *this,
if (!nonce.len || !counter.len)
{
DBG1(DBG_IKE, "EAP-SIM/Request/Re-Authentication message incomplete");
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -455,8 +503,10 @@ static status_t process_reauthentication(private_eap_sim_peer_t *this,
}
}
message->add_attribute(message, AT_COUNTER, counter);
- *out = eap_payload_create_data_own(message->generate(message, nonce));
- message->destroy(message);
+ if (!generate_payload(message, nonce, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
@@ -506,13 +556,17 @@ static status_t process_notification(private_eap_sim_peer_t *this,
{ /* empty notification reply */
message = simaka_message_create(FALSE, this->identifier, EAP_SIM,
SIM_NOTIFICATION, this->crypto);
- *out = eap_payload_create_data_own(message->generate(message,
- chunk_empty));
- message->destroy(message);
+ if (!generate_payload(message, chunk_empty, out))
+ {
+ return FAILED;
+ }
}
else
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
}
return NEED_MORE;
}
@@ -529,13 +583,19 @@ METHOD(eap_method_t, process, status_t,
message = simaka_message_create_from_payload(in->get_data(in), this->crypto);
if (!message)
{
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
if (!message->parse(message))
{
message->destroy(message);
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ return FAILED;
+ }
return NEED_MORE;
}
switch (message->get_subtype(message))
@@ -555,8 +615,14 @@ METHOD(eap_method_t, process, status_t,
default:
DBG1(DBG_IKE, "unable to process EAP-SIM subtype %N",
simaka_subtype_names, message->get_subtype(message));
- *out = create_client_error(this, SIM_UNABLE_TO_PROCESS);
- status = NEED_MORE;
+ if (!create_client_error(this, SIM_UNABLE_TO_PROCESS, out))
+ {
+ status = FAILED;
+ }
+ else
+ {
+ status = NEED_MORE;
+ }
break;
}
message->destroy(message);
diff --git a/src/libcharon/plugins/eap_sim/eap_sim_server.c b/src/libcharon/plugins/eap_sim/eap_sim_server.c
index a965476eb..a88ce5706 100644
--- a/src/libcharon/plugins/eap_sim/eap_sim_server.c
+++ b/src/libcharon/plugins/eap_sim/eap_sim_server.c
@@ -113,6 +113,24 @@ struct private_eap_sim_server_t {
/* version of SIM protocol we speak */
static chunk_t version = chunk_from_chars(0x00,0x01);
+/**
+ * Generate a payload from a message, destroy message
+ */
+static bool generate_payload(simaka_message_t *message, chunk_t data,
+ eap_payload_t **out)
+{
+ chunk_t chunk;
+ bool ok;
+
+ ok = message->generate(message, data, &chunk);
+ if (ok)
+ {
+ *out = eap_payload_create_data_own(chunk);
+ }
+ message->destroy(message);
+ return ok;
+}
+
METHOD(eap_method_t, initiate, status_t,
private_eap_sim_server_t *this, eap_payload_t **out)
{
@@ -133,9 +151,10 @@ METHOD(eap_method_t, initiate, status_t,
{
message->add_attribute(message, AT_PERMANENT_ID_REQ, chunk_empty);
}
- *out = eap_payload_create_data_own(message->generate(message, chunk_empty));
- message->destroy(message);
-
+ if (!generate_payload(message, chunk_empty, out))
+ {
+ return FAILED;
+ }
this->pending = SIM_START;
return NEED_MORE;
}
@@ -176,9 +195,10 @@ static status_t reauthenticate(private_eap_sim_server_t *this,
next->get_encoding(next));
next->destroy(next);
}
- *out = eap_payload_create_data_own(message->generate(message, chunk_empty));
- message->destroy(message);
-
+ if (!generate_payload(message, chunk_empty, out))
+ {
+ return FAILED;
+ }
this->pending = SIM_REAUTHENTICATION;
return NEED_MORE;
}
@@ -393,6 +413,7 @@ static status_t process_start(private_eap_sim_server_t *this,
SIM_CHALLENGE, this->crypto);
message->add_attribute(message, AT_RAND, rands);
id = this->mgr->provider_gen_reauth(this->mgr, this->permanent, mk.ptr);
+ free(mk.ptr);
if (id)
{
message->add_attribute(message, AT_NEXT_REAUTH_ID,
@@ -406,10 +427,10 @@ static status_t process_start(private_eap_sim_server_t *this,
id->get_encoding(id));
id->destroy(id);
}
- *out = eap_payload_create_data_own(message->generate(message, nonce));
- message->destroy(message);
-
- free(mk.ptr);
+ if (!generate_payload(message, nonce, out))
+ {
+ return FAILED;
+ }
this->pending = SIM_CHALLENGE;
return NEED_MORE;
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-08 20:36:22 +0000