diff options
| author | Martin Willi <martin@strongswan.org> | 2008-02-04 11:43:10 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2008-02-04 11:43:10 +0000 |
| commit | 3b1692c058aa698734cce7a9ae07f214f8e3f91d (patch) | |
| tree | 08efa45bace45ae86a02294f824cf54f5a16fba1 /src | |
| parent | 9514d26c5c7d154034a5c860d418cf7d046ab5dc (diff) | |
| download | strongswan-3b1692c058aa698734cce7a9ae07f214f8e3f91d.tar.bz2 strongswan-3b1692c058aa698734cce7a9ae07f214f8e3f91d.tar.xz | |
use identifiers in EAP_SUCCESS/EAP_FAILURE payloads
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/encoding/payloads/eap_payload.c | 8 | ||||
| -rw-r--r-- | src/charon/encoding/payloads/eap_payload.h | 11 | ||||
| -rw-r--r-- | src/charon/sa/authenticators/eap_authenticator.c | 15 |
3 files changed, 19 insertions, 15 deletions
diff --git a/src/charon/encoding/payloads/eap_payload.c b/src/charon/encoding/payloads/eap_payload.c index 345114af0..da2498c5e 100644 --- a/src/charon/encoding/payloads/eap_payload.c +++ b/src/charon/encoding/payloads/eap_payload.c @@ -312,13 +312,13 @@ eap_payload_t *eap_payload_create_data(chunk_t data) /* * Described in header */ -eap_payload_t *eap_payload_create_code(eap_code_t code) +eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier) { eap_payload_t *this = eap_payload_create(); chunk_t data = chunk_alloca(4); *(data.ptr + 0) = code; - *(data.ptr + 1) = 0; + *(data.ptr + 1) = identifier; *(u_int16_t*)(data.ptr + 2) = htons(data.len); this->set_data(this, data); @@ -328,13 +328,13 @@ eap_payload_t *eap_payload_create_code(eap_code_t code) /* * Described in header */ -eap_payload_t *eap_payload_create_nak() +eap_payload_t *eap_payload_create_nak(u_int8_t identifier) { eap_payload_t *this = eap_payload_create(); chunk_t data = chunk_alloca(5); *(data.ptr + 0) = EAP_RESPONSE; - *(data.ptr + 1) = 0; + *(data.ptr + 1) = identifier; *(u_int16_t*)(data.ptr + 2) = htons(data.len); *(data.ptr + 4) = EAP_NAK; diff --git a/src/charon/encoding/payloads/eap_payload.h b/src/charon/encoding/payloads/eap_payload.h index 3addbb838..e4f8663c2 100644 --- a/src/charon/encoding/payloads/eap_payload.h +++ b/src/charon/encoding/payloads/eap_payload.h @@ -132,19 +132,22 @@ eap_payload_t *eap_payload_create_data(chunk_t data); * Could should be either EAP_SUCCESS/EAP_FAILURE, use * constructor above otherwise. * - * @return eap_payload_t object + * @param code EAP status code + * @param identifier EAP identifier to use in payload + * @return eap_payload_t object * * @ingroup payloads */ -eap_payload_t *eap_payload_create_code(eap_code_t code); +eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier); /** * @brief Creates an eap_payload_t EAP_RESPONSE containing an EAP_NAK. * - * @return eap_payload_t object + * @param identifier EAP identifier to use in payload + * @return eap_payload_t object * * @ingroup payloads */ -eap_payload_t *eap_payload_create_nak(); +eap_payload_t *eap_payload_create_nak(u_int8_t identifier); #endif /* EAP_PAYLOAD_H_ */ diff --git a/src/charon/sa/authenticators/eap_authenticator.c b/src/charon/sa/authenticators/eap_authenticator.c index 6250604a6..edd75da43 100644 --- a/src/charon/sa/authenticators/eap_authenticator.c +++ b/src/charon/sa/authenticators/eap_authenticator.c @@ -147,7 +147,7 @@ static status_t initiate(private_eap_authenticator_t *this, eap_type_t type, { DBG1(DBG_IKE, "client requested EAP authentication, but configuration forbids it"); - *out = eap_payload_create_code(EAP_FAILURE); + *out = eap_payload_create_code(EAP_FAILURE, 0); return FAILED; } @@ -169,14 +169,14 @@ static status_t initiate(private_eap_authenticator_t *this, eap_type_t type, DBG1(DBG_IKE, "configured EAP server method not supported, sending %N", eap_code_names, EAP_FAILURE); - *out = eap_payload_create_code(EAP_FAILURE); + *out = eap_payload_create_code(EAP_FAILURE, 0); return FAILED; } if (this->method->initiate(this->method, out) != NEED_MORE) { DBG1(DBG_IKE, "failed to initiate EAP exchange, sending %N", eap_type_names, type, eap_code_names, EAP_FAILURE); - *out = eap_payload_create_code(EAP_FAILURE); + *out = eap_payload_create_code(EAP_FAILURE, 0); return FAILED; } return NEED_MORE; @@ -234,7 +234,7 @@ static status_t process_peer(private_eap_authenticator_t *this, { DBG1(DBG_IKE, "EAP server requested unsupported " "EAP method, sending EAP_NAK"); - *out = eap_payload_create_nak(); + *out = eap_payload_create_nak(in->get_identifier(in)); return NEED_MORE; } } @@ -303,7 +303,7 @@ static status_t process_server(private_eap_authenticator_t *this, DBG1(DBG_IKE, "EAP method %N succeded, %sMSK established", eap_type_names, type, this->msk.ptr ? "" : "no "); } - *out = eap_payload_create_code(EAP_SUCCESS); + *out = eap_payload_create_code(EAP_SUCCESS, in->get_identifier(in)); return SUCCESS; case FAILED: default: @@ -319,7 +319,7 @@ static status_t process_server(private_eap_authenticator_t *this, eap_type_names, type, this->ike_sa->get_other_id(this->ike_sa)); } - *out = eap_payload_create_code(EAP_FAILURE); + *out = eap_payload_create_code(EAP_FAILURE, in->get_identifier(in)); return FAILED; } } @@ -346,7 +346,8 @@ static status_t process(private_eap_authenticator_t *this, eap_payload_t *in, { DBG1(DBG_IKE, "received %N, sending %N", eap_code_names, code, eap_code_names, EAP_FAILURE); - *out = eap_payload_create_code(EAP_FAILURE); + *out = eap_payload_create_code(EAP_FAILURE, + in->get_identifier(in)); return FAILED; } } |