added generic TLS application data handler and specific EAP-TTLS instantiation

4 files changed, 152 insertions, 6 deletions

diff --git a/src/libcharon/plugins/eap_ttls/Makefile.am b/src/libcharon/plugins/eap_ttls/Makefile.am
index fdd4606d0..47be97908 100644
--- a/src/libcharon/plugins/eap_ttls/Makefile.am
+++ b/src/libcharon/plugins/eap_ttls/Makefile.am
@@ -12,6 +12,7 @@ libstrongswan_eap_ttls_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
 endif
 
 libstrongswan_eap_ttls_la_SOURCES = \
-	eap_ttls_plugin.h eap_ttls_plugin.c eap_ttls.h eap_ttls.c
+	eap_ttls_plugin.h eap_ttls_plugin.c eap_ttls.h eap_ttls.c \
+	eap_ttls_peer.h eap_ttls_peer.c
 
 libstrongswan_eap_ttls_la_LDFLAGS = -module -avoid-version
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c
index 1139a3f3d..04ae13854 100644
--- a/src/libcharon/plugins/eap_ttls/eap_ttls.c
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c
@@ -14,6 +14,7 @@
  */
 
 #include "eap_ttls.h"
+#include "eap_ttls_peer.h"
 
 #include <tls.h>
 
@@ -423,7 +424,8 @@ METHOD(eap_method_t, destroy, void,
  * Generic private constructor
  */
 static eap_ttls_t *eap_ttls_create(identification_t *server,
-								 identification_t *peer, bool is_server)
+								 identification_t *peer, bool is_server,
+								 tls_application_t *application)
 {
 	private_eap_ttls_t *this;
 
@@ -439,19 +441,20 @@ static eap_ttls_t *eap_ttls_create(identification_t *server,
 		.is_server = is_server,
 	);
 	/* MSK PRF ASCII constant label according to EAP-TTLS RFC 5281 */
-	this->tls = tls_create(is_server, server, peer, "ttls keying material");
-
+	this->tls = tls_create(is_server, server, peer, "ttls keying material",
+						   application);
 	return &this->public;
 }
 
 eap_ttls_t *eap_ttls_create_server(identification_t *server,
 								 identification_t *peer)
 {
-	return eap_ttls_create(server, peer, TRUE);
+	return eap_ttls_create(server, peer, TRUE, NULL);
 }
 
 eap_ttls_t *eap_ttls_create_peer(identification_t *server,
 							   identification_t *peer)
 {
-	return eap_ttls_create(server, peer, FALSE);
+	return eap_ttls_create(server, peer, FALSE,
+						   &eap_ttls_peer_create(peer)->application);
 }
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
new file mode 100644
index 000000000..0e4d70fa8
--- /dev/null
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "eap_ttls_peer.h"
+
+#include <debug.h>
+
+#define AVP_EAP_MESSAGE		79
+
+typedef struct private_eap_ttls_peer_t private_eap_ttls_peer_t;
+
+/**
+ * Private data of an eap_ttls_peer_t object.
+ */
+struct private_eap_ttls_peer_t {
+
+	/**
+	 * Public eap_ttls_peer_t interface.
+	 */
+	eap_ttls_peer_t public;
+
+	/**
+	 * Peer identity
+	 */
+	identification_t *peer;
+
+	/**
+	 * EAP-TTLS state information
+	 */
+	bool start_phase2;
+};
+
+
+METHOD(tls_application_t, process, status_t,
+	private_eap_ttls_peer_t *this, tls_reader_t *reader)
+{
+	return NEED_MORE;
+}
+
+METHOD(tls_application_t, build, status_t,
+	private_eap_ttls_peer_t *this, tls_writer_t *writer)
+{
+	if (this->start_phase2)
+	{
+		chunk_t data = chunk_from_chars(
+			0x02, 0x00, 0x00, 10, 0x01, 'c', 'a', 'r', 'o', 'l', 0x00, 0x00);
+		u_int8_t avp_flags = 0x40;
+		u_int32_t avp_len;
+
+		avp_len = 8 + data.len - 2;
+		writer->write_uint32(writer, AVP_EAP_MESSAGE);
+		writer->write_uint8(writer, avp_flags);
+		writer->write_uint24(writer, avp_len);
+		writer->write_data(writer, data);
+		this->start_phase2 = FALSE;
+	}
+	return INVALID_STATE;
+}
+
+METHOD(tls_application_t, destroy, void,
+	private_eap_ttls_peer_t *this)
+{
+	free(this);
+}
+
+/**
+ * See header
+ */
+eap_ttls_peer_t *eap_ttls_peer_create(identification_t *peer)
+{
+	private_eap_ttls_peer_t *this;
+
+	INIT(this,
+		.public.application = {
+			.process = _process,
+			.build = _build,
+			.destroy = _destroy,
+		},
+		.peer = peer,
+		.start_phase2 = TRUE,
+	);
+
+	return &this->public;
+}
diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h
new file mode 100644
index 000000000..0338f2631
--- /dev/null
+++ b/src/libcharon/plugins/eap_ttls/eap_ttls_peer.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2010 Andreas Steffen
+ * Copyright (C) 2010 HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup tls_peer tls_peer
+ * @{ @ingroup libtls
+ */
+
+#ifndef EAP_TTLS_PEER_H_
+#define EAP_TTLS_PEER_H_
+
+typedef struct eap_ttls_peer_t eap_ttls_peer_t;
+
+#include "tls_application.h"
+
+#include <library.h>
+
+/**
+ * TLS application data handler as peer.
+ */
+struct eap_ttls_peer_t {
+
+	/**
+	 * Implements the TLS application data handler.
+	 */
+	tls_application_t application;
+};
+
+/**
+ * Create an eap_ttls_peer instance.
+ */
+eap_ttls_peer_t *eap_ttls_peer_create(identification_t *peer);
+
+#endif /** EAP_TTLS_PEER_H_ @}*/