diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-09-08 12:58:40 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-09-08 12:58:45 +0200 |
| commit | de29e3a683f91d5b392e7a6176c6a0730ebb7847 (patch) | |
| tree | 5653031fe0ac82841d43c29caa8d61cf4dfe901a /src/libcharon | |
| parent | 99b0f633c2252a6291cad8702110c0156e8c3840 (diff) | |
| download | strongswan-de29e3a683f91d5b392e7a6176c6a0730ebb7847.tar.bz2 strongswan-de29e3a683f91d5b392e7a6176c6a0730ebb7847.tar.xz | |
max max_message_count configurable and move it into tls_eap_t
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/plugins/eap_tls/eap_tls.c | 16 | ||||
| -rw-r--r-- | src/libcharon/plugins/eap_tnc/eap_tnc.c | 16 | ||||
| -rw-r--r-- | src/libcharon/plugins/eap_ttls/eap_ttls.c | 16 |
3 files changed, 12 insertions, 36 deletions
diff --git a/src/libcharon/plugins/eap_tls/eap_tls.c b/src/libcharon/plugins/eap_tls/eap_tls.c index 53b61c847..efe72c437 100644 --- a/src/libcharon/plugins/eap_tls/eap_tls.c +++ b/src/libcharon/plugins/eap_tls/eap_tls.c @@ -33,11 +33,6 @@ struct private_eap_tls_t { eap_tls_t public; /** - * Number of EAP-TLS messages processed so far - */ - int processed; - - /** * TLS stack, wrapped by EAP helper */ tls_eap_t *tls_eap; @@ -68,12 +63,6 @@ METHOD(eap_method_t, process, status_t, status_t status; chunk_t data; - if (++this->processed > MAX_MESSAGE_COUNT) - { - DBG1(DBG_IKE, "EAP-TLS packet count exceeded (%d > %d)", - this->processed, MAX_MESSAGE_COUNT); - return FAILED; - } data = in->get_data(in); status = this->tls_eap->process(this->tls_eap, data, &data); if (status == NEED_MORE) @@ -123,6 +112,7 @@ static eap_tls_t *eap_tls_create(identification_t *server, { private_eap_tls_t *this; size_t frag_size; + int max_msg_count; tls_t *tls; INIT(this, @@ -140,8 +130,10 @@ static eap_tls_t *eap_tls_create(identification_t *server, frag_size = lib->settings->get_int(lib->settings, "charon.plugins.eap-tls.fragment_size", MAX_FRAGMENT_LEN); + max_msg_count = lib->settings->get_int(lib->settings, + "charon.plugins.eap-tls.max_message_count", MAX_MESSAGE_COUNT); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TLS, NULL); - this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size); + this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size, max_msg_count); if (!this->tls_eap) { free(this); diff --git a/src/libcharon/plugins/eap_tnc/eap_tnc.c b/src/libcharon/plugins/eap_tnc/eap_tnc.c index 234b1444d..65f4a23a0 100644 --- a/src/libcharon/plugins/eap_tnc/eap_tnc.c +++ b/src/libcharon/plugins/eap_tnc/eap_tnc.c @@ -34,11 +34,6 @@ struct private_eap_tnc_t { eap_tnc_t public; /** - * Number of EAP-TNC messages processed so far - */ - int processed; - - /** * TLS stack, wrapped by EAP helper */ tls_eap_t *tls_eap; @@ -70,12 +65,6 @@ METHOD(eap_method_t, process, status_t, status_t status; chunk_t data; - if (++this->processed > MAX_MESSAGE_COUNT) - { - DBG1(DBG_IKE, "EAP-TNC packet count exceeded (%d > %d)", - this->processed, MAX_MESSAGE_COUNT); - return FAILED; - } data = in->get_data(in); status = this->tls_eap->process(this->tls_eap, data, &data); if (status == NEED_MORE) @@ -125,6 +114,7 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, { private_eap_tnc_t *this; size_t frag_size; + int max_msg_count; tls_t *tnc_if_tnccs; INIT(this, @@ -142,8 +132,10 @@ static eap_tnc_t *eap_tnc_create(identification_t *server, frag_size = lib->settings->get_int(lib->settings, "charon.plugins.eap-tnc.fragment_size", MAX_FRAGMENT_LEN); + max_msg_count = lib->settings->get_int(lib->settings, + "charon.plugins.eap-tnc.max_message_count", MAX_MESSAGE_COUNT); tnc_if_tnccs = tnc_if_tnccs_create(is_server, TLS_PURPOSE_EAP_TNC); - this->tls_eap = tls_eap_create(EAP_TNC, tnc_if_tnccs, frag_size); + this->tls_eap = tls_eap_create(EAP_TNC, tnc_if_tnccs, frag_size, max_msg_count); if (!this->tls_eap) { free(this); diff --git a/src/libcharon/plugins/eap_ttls/eap_ttls.c b/src/libcharon/plugins/eap_ttls/eap_ttls.c index d9220a33c..a62af6ea4 100644 --- a/src/libcharon/plugins/eap_ttls/eap_ttls.c +++ b/src/libcharon/plugins/eap_ttls/eap_ttls.c @@ -35,11 +35,6 @@ struct private_eap_ttls_t { eap_ttls_t public; /** - * Number of EAP-TLS messages processed so far - */ - int processed; - - /** * TLS stack, wrapped by EAP helper */ tls_eap_t *tls_eap; @@ -70,12 +65,6 @@ METHOD(eap_method_t, process, status_t, status_t status; chunk_t data; - if (++this->processed > MAX_MESSAGE_COUNT) - { - DBG1(DBG_IKE, "EAP-TTLS packet count exceeded (%d > %d)", - this->processed, MAX_MESSAGE_COUNT); - return FAILED; - } data = in->get_data(in); status = this->tls_eap->process(this->tls_eap, data, &data); if (status == NEED_MORE) @@ -126,6 +115,7 @@ static eap_ttls_t *eap_ttls_create(identification_t *server, { private_eap_ttls_t *this; size_t frag_size; + int max_msg_count; tls_t *tls; INIT(this, @@ -147,8 +137,10 @@ static eap_ttls_t *eap_ttls_create(identification_t *server, } frag_size = lib->settings->get_int(lib->settings, "charon.plugins.eap-ttls.fragment_size", MAX_FRAGMENT_LEN); + max_msg_count = lib->settings->get_int(lib->settings, + "charon.plugins.eap-ttls.max_message_count", MAX_MESSAGE_COUNT); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TTLS, application); - this->tls_eap = tls_eap_create(EAP_TTLS, tls, frag_size); + this->tls_eap = tls_eap_create(EAP_TTLS, tls, frag_size, max_msg_count); if (!this->tls_eap) { application->destroy(application); |