aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/Makefile.am8
-rw-r--r--src/libcharon/plugins/eap_tls/Makefile.am (renamed from src/charon/plugins/eap_tls/Makefile.am)7
-rw-r--r--src/libcharon/plugins/eap_tls/eap_tls.c (renamed from src/charon/plugins/eap_tls/eap_tls.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/eap_tls.h (renamed from src/charon/plugins/eap_tls/eap_tls.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/eap_tls_plugin.c (renamed from src/charon/plugins/eap_tls/eap_tls_plugin.c)2
-rw-r--r--src/libcharon/plugins/eap_tls/eap_tls_plugin.h (renamed from src/charon/plugins/eap_tls/eap_tls_plugin.h)2
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls.c (renamed from src/charon/plugins/eap_tls/tls/tls.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls.h (renamed from src/charon/plugins/eap_tls/tls/tls.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_compression.c (renamed from src/charon/plugins/eap_tls/tls/tls_compression.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_compression.h (renamed from src/charon/plugins/eap_tls/tls/tls_compression.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_crypto.c (renamed from src/charon/plugins/eap_tls/tls/tls_crypto.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_crypto.h (renamed from src/charon/plugins/eap_tls/tls/tls_crypto.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_fragmentation.c (renamed from src/charon/plugins/eap_tls/tls/tls_fragmentation.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_fragmentation.h (renamed from src/charon/plugins/eap_tls/tls/tls_fragmentation.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_handshake.h (renamed from src/charon/plugins/eap_tls/tls/tls_handshake.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_peer.c (renamed from src/charon/plugins/eap_tls/tls/tls_peer.c)34
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_peer.h (renamed from src/charon/plugins/eap_tls/tls/tls_peer.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_prf.c (renamed from src/charon/plugins/eap_tls/tls/tls_prf.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_prf.h (renamed from src/charon/plugins/eap_tls/tls/tls_prf.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_protection.c (renamed from src/charon/plugins/eap_tls/tls/tls_protection.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_protection.h (renamed from src/charon/plugins/eap_tls/tls/tls_protection.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_reader.c (renamed from src/charon/plugins/eap_tls/tls/tls_reader.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_reader.h (renamed from src/charon/plugins/eap_tls/tls/tls_reader.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_server.c (renamed from src/charon/plugins/eap_tls/tls/tls_server.c)34
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_server.h (renamed from src/charon/plugins/eap_tls/tls/tls_server.h)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_writer.c (renamed from src/charon/plugins/eap_tls/tls/tls_writer.c)0
-rw-r--r--src/libcharon/plugins/eap_tls/tls/tls_writer.h (renamed from src/charon/plugins/eap_tls/tls/tls_writer.h)0
-rw-r--r--src/libstrongswan/credentials/auth_cfg.c4
28 files changed, 57 insertions, 34 deletions
diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am
index 44501c0d0..510f5e569 100644
--- a/src/libcharon/Makefile.am
+++ b/src/libcharon/Makefile.am
@@ -344,6 +344,14 @@ if MONOLITHIC
endif
endif
+if USE_EAP_TLS
+ SUBDIRS += plugins/eap_tls
+ PLUGINS += eap-tls
+if MONOLITHIC
+ libcharon_la_LIBADD += plugins/eap_tls/libstrongswan-eap-tls.la
+endif
+endif
+
if USE_MEDSRV
SUBDIRS += plugins/medsrv
PLUGINS += medsrv
diff --git a/src/charon/plugins/eap_tls/Makefile.am b/src/libcharon/plugins/eap_tls/Makefile.am
index d18dda2aa..bd8f82a62 100644
--- a/src/charon/plugins/eap_tls/Makefile.am
+++ b/src/libcharon/plugins/eap_tls/Makefile.am
@@ -1,9 +1,14 @@
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libhydra \
+ -I$(top_srcdir)/src/libcharon
AM_CFLAGS = -rdynamic
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-eap-tls.la
+else
plugin_LTLIBRARIES = libstrongswan-eap-tls.la
+endif
libstrongswan_eap_tls_la_SOURCES = eap_tls_plugin.h eap_tls_plugin.c \
eap_tls.h eap_tls.c tls/tls.h tls/tls.c \
diff --git a/src/charon/plugins/eap_tls/eap_tls.c b/src/libcharon/plugins/eap_tls/eap_tls.c
index cf4294970..cf4294970 100644
--- a/src/charon/plugins/eap_tls/eap_tls.c
+++ b/src/libcharon/plugins/eap_tls/eap_tls.c
diff --git a/src/charon/plugins/eap_tls/eap_tls.h b/src/libcharon/plugins/eap_tls/eap_tls.h
index 6be7b4a4f..6be7b4a4f 100644
--- a/src/charon/plugins/eap_tls/eap_tls.h
+++ b/src/libcharon/plugins/eap_tls/eap_tls.h
diff --git a/src/charon/plugins/eap_tls/eap_tls_plugin.c b/src/libcharon/plugins/eap_tls/eap_tls_plugin.c
index f7da643c2..15165d99f 100644
--- a/src/charon/plugins/eap_tls/eap_tls_plugin.c
+++ b/src/libcharon/plugins/eap_tls/eap_tls_plugin.c
@@ -33,7 +33,7 @@ METHOD(plugin_t, destroy, void,
/*
* see header file
*/
-plugin_t *plugin_create()
+plugin_t *eap_tls_plugin_create()
{
eap_tls_plugin_t *this;
diff --git a/src/charon/plugins/eap_tls/eap_tls_plugin.h b/src/libcharon/plugins/eap_tls/eap_tls_plugin.h
index 5ec383661..5ea719603 100644
--- a/src/charon/plugins/eap_tls/eap_tls_plugin.h
+++ b/src/libcharon/plugins/eap_tls/eap_tls_plugin.h
@@ -42,6 +42,6 @@ struct eap_tls_plugin_t {
/**
* Create a eap_tls_plugin instance.
*/
-plugin_t *plugin_create();
+plugin_t *eap_tls_plugin_create();
#endif /** EAP_TLS_PLUGIN_H_ @}*/
diff --git a/src/charon/plugins/eap_tls/tls/tls.c b/src/libcharon/plugins/eap_tls/tls/tls.c
index ab03037fa..ab03037fa 100644
--- a/src/charon/plugins/eap_tls/tls/tls.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls.c
diff --git a/src/charon/plugins/eap_tls/tls/tls.h b/src/libcharon/plugins/eap_tls/tls/tls.h
index 283f591e7..283f591e7 100644
--- a/src/charon/plugins/eap_tls/tls/tls.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_compression.c b/src/libcharon/plugins/eap_tls/tls/tls_compression.c
index 453558084..453558084 100644
--- a/src/charon/plugins/eap_tls/tls/tls_compression.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_compression.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_compression.h b/src/libcharon/plugins/eap_tls/tls/tls_compression.h
index a61543004..a61543004 100644
--- a/src/charon/plugins/eap_tls/tls/tls_compression.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_compression.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_crypto.c b/src/libcharon/plugins/eap_tls/tls/tls_crypto.c
index f8894629f..f8894629f 100644
--- a/src/charon/plugins/eap_tls/tls/tls_crypto.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_crypto.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_crypto.h b/src/libcharon/plugins/eap_tls/tls/tls_crypto.h
index 69b8da742..69b8da742 100644
--- a/src/charon/plugins/eap_tls/tls/tls_crypto.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_crypto.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_fragmentation.c b/src/libcharon/plugins/eap_tls/tls/tls_fragmentation.c
index 7a99c9235..7a99c9235 100644
--- a/src/charon/plugins/eap_tls/tls/tls_fragmentation.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_fragmentation.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_fragmentation.h b/src/libcharon/plugins/eap_tls/tls/tls_fragmentation.h
index 61bf5488e..61bf5488e 100644
--- a/src/charon/plugins/eap_tls/tls/tls_fragmentation.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_fragmentation.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_handshake.h b/src/libcharon/plugins/eap_tls/tls/tls_handshake.h
index 113974042..113974042 100644
--- a/src/charon/plugins/eap_tls/tls/tls_handshake.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_handshake.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_peer.c b/src/libcharon/plugins/eap_tls/tls/tls_peer.c
index 21bf77c36..95973598b 100644
--- a/src/charon/plugins/eap_tls/tls/tls_peer.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_peer.c
@@ -233,8 +233,8 @@ static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader)
return FAILED;
}
id = identification_create_from_encoding(ID_DER_ASN1_DN, data);
- cert = charon->credentials->get_cert(charon->credentials,
- CERT_X509, KEY_ANY, id, TRUE);
+ cert = lib->credmgr->get_cert(lib->credmgr,
+ CERT_X509, KEY_ANY, id, TRUE);
if (cert)
{
DBG1(DBG_IKE, "received cert request for '%Y", id);
@@ -397,7 +397,7 @@ static status_t send_certificate(private_tls_peer_t *this,
tls_writer_t *certs;
chunk_t data;
- this->private = charon->credentials->get_private(charon->credentials,
+ this->private = lib->credmgr->get_private(lib->credmgr,
KEY_ANY, this->peer, this->peer_auth);
if (!this->private)
{
@@ -410,22 +410,26 @@ static status_t send_certificate(private_tls_peer_t *this,
cert = this->peer_auth->get(this->peer_auth, AUTH_RULE_SUBJECT_CERT);
if (cert)
{
- DBG1(DBG_IKE, "sending TLS peer certificate '%Y'",
- cert->get_subject(cert));
- data = cert->get_encoding(cert);
- certs->write_data24(certs, data);
- free(data.ptr);
+ if (cert->get_encoding(cert, CERT_ASN1_DER, &data))
+ {
+ DBG1(DBG_IKE, "sending TLS peer certificate '%Y'",
+ cert->get_subject(cert));
+ certs->write_data24(certs, data);
+ free(data.ptr);
+ }
}
enumerator = this->peer_auth->create_enumerator(this->peer_auth);
while (enumerator->enumerate(enumerator, &rule, &cert))
{
if (rule == AUTH_RULE_IM_CERT)
{
- DBG1(DBG_IKE, "sending TLS intermediate certificate '%Y'",
- cert->get_subject(cert));
- data = cert->get_encoding(cert);
- certs->write_data24(certs, data);
- free(data.ptr);
+ if (cert->get_encoding(cert, CERT_ASN1_DER, &data))
+ {
+ DBG1(DBG_IKE, "sending TLS intermediate certificate '%Y'",
+ cert->get_subject(cert));
+ certs->write_data24(certs, data);
+ free(data.ptr);
+ }
}
}
enumerator->destroy(enumerator);
@@ -466,8 +470,8 @@ static status_t send_key_exchange(private_tls_peer_t *this,
chunk_from_thing(this->client_random),
chunk_from_thing(this->server_random));
- enumerator = charon->credentials->create_public_enumerator(
- charon->credentials, KEY_ANY, this->server, this->server_auth);
+ enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
+ KEY_ANY, this->server, this->server_auth);
while (enumerator->enumerate(enumerator, &current, &auth))
{
public = current->get_ref(current);
diff --git a/src/charon/plugins/eap_tls/tls/tls_peer.h b/src/libcharon/plugins/eap_tls/tls/tls_peer.h
index 7857d3261..7857d3261 100644
--- a/src/charon/plugins/eap_tls/tls/tls_peer.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_peer.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_prf.c b/src/libcharon/plugins/eap_tls/tls/tls_prf.c
index f181d01d3..f181d01d3 100644
--- a/src/charon/plugins/eap_tls/tls/tls_prf.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_prf.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_prf.h b/src/libcharon/plugins/eap_tls/tls/tls_prf.h
index 7326be98c..7326be98c 100644
--- a/src/charon/plugins/eap_tls/tls/tls_prf.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_prf.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_protection.c b/src/libcharon/plugins/eap_tls/tls/tls_protection.c
index 75fae0a71..75fae0a71 100644
--- a/src/charon/plugins/eap_tls/tls/tls_protection.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_protection.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_protection.h b/src/libcharon/plugins/eap_tls/tls/tls_protection.h
index fab913788..fab913788 100644
--- a/src/charon/plugins/eap_tls/tls/tls_protection.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_protection.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_reader.c b/src/libcharon/plugins/eap_tls/tls/tls_reader.c
index b21eb04f3..b21eb04f3 100644
--- a/src/charon/plugins/eap_tls/tls/tls_reader.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_reader.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_reader.h b/src/libcharon/plugins/eap_tls/tls/tls_reader.h
index a8917dfb6..a8917dfb6 100644
--- a/src/charon/plugins/eap_tls/tls/tls_reader.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_reader.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_server.c b/src/libcharon/plugins/eap_tls/tls/tls_server.c
index ba873c847..60c62684e 100644
--- a/src/charon/plugins/eap_tls/tls/tls_server.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_server.c
@@ -250,8 +250,8 @@ static status_t process_cert_verify(private_tls_server_t *this,
auth_cfg_t *auth;
tls_reader_t *sig;
- enumerator = charon->credentials->create_public_enumerator(
- charon->credentials, KEY_ANY, this->peer, this->peer_auth);
+ enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
+ KEY_ANY, this->peer, this->peer_auth);
while (enumerator->enumerate(enumerator, &public, &auth))
{
sig = tls_reader_create(reader->peek(reader));
@@ -404,7 +404,7 @@ static status_t send_certificate(private_tls_server_t *this,
tls_writer_t *certs;
chunk_t data;
- this->private = charon->credentials->get_private(charon->credentials,
+ this->private = lib->credmgr->get_private(lib->credmgr,
KEY_ANY, this->server, this->server_auth);
if (!this->private)
{
@@ -417,22 +417,26 @@ static status_t send_certificate(private_tls_server_t *this,
cert = this->server_auth->get(this->server_auth, AUTH_RULE_SUBJECT_CERT);
if (cert)
{
- DBG1(DBG_IKE, "sending TLS server certificate '%Y'",
- cert->get_subject(cert));
- data = cert->get_encoding(cert);
- certs->write_data24(certs, data);
- free(data.ptr);
+ if (cert->get_encoding(cert, CERT_ASN1_DER, &data))
+ {
+ DBG1(DBG_IKE, "sending TLS server certificate '%Y'",
+ cert->get_subject(cert));
+ certs->write_data24(certs, data);
+ free(data.ptr);
+ }
}
enumerator = this->server_auth->create_enumerator(this->server_auth);
while (enumerator->enumerate(enumerator, &rule, &cert))
{
if (rule == AUTH_RULE_IM_CERT)
{
- DBG1(DBG_IKE, "sending TLS intermediate certificate '%Y'",
- cert->get_subject(cert));
- data = cert->get_encoding(cert);
- certs->write_data24(certs, data);
- free(data.ptr);
+ if (cert->get_encoding(cert, CERT_ASN1_DER, &data))
+ {
+ DBG1(DBG_IKE, "sending TLS intermediate certificate '%Y'",
+ cert->get_subject(cert));
+ certs->write_data24(certs, data);
+ free(data.ptr);
+ }
}
}
enumerator->destroy(enumerator);
@@ -466,8 +470,8 @@ static status_t send_certificate_request(private_tls_server_t *this,
}
authorities = tls_writer_create(64);
- enumerator = charon->credentials->create_cert_enumerator(
- charon->credentials, CERT_X509, KEY_RSA, NULL, TRUE);
+ enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+ CERT_X509, KEY_RSA, NULL, TRUE);
while (enumerator->enumerate(enumerator, &cert))
{
id = cert->get_subject(cert);
diff --git a/src/charon/plugins/eap_tls/tls/tls_server.h b/src/libcharon/plugins/eap_tls/tls/tls_server.h
index 3fddea225..3fddea225 100644
--- a/src/charon/plugins/eap_tls/tls/tls_server.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_server.h
diff --git a/src/charon/plugins/eap_tls/tls/tls_writer.c b/src/libcharon/plugins/eap_tls/tls/tls_writer.c
index f1d9d790e..f1d9d790e 100644
--- a/src/charon/plugins/eap_tls/tls/tls_writer.c
+++ b/src/libcharon/plugins/eap_tls/tls/tls_writer.c
diff --git a/src/charon/plugins/eap_tls/tls/tls_writer.h b/src/libcharon/plugins/eap_tls/tls/tls_writer.h
index ce8ba6a6e..ce8ba6a6e 100644
--- a/src/charon/plugins/eap_tls/tls/tls_writer.h
+++ b/src/libcharon/plugins/eap_tls/tls/tls_writer.h
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 0ec2a1be7..1e081270e 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -57,7 +57,9 @@ ENUM_BEGIN(eap_type_short_names, EAP_IDENTITY, EAP_GTC,
"MD5",
"OTP",
"GTC");
-ENUM_NEXT(eap_type_short_names, EAP_SIM, EAP_SIM, EAP_GTC,
+ENUM_NEXT(eap_type_short_names, EAP_TLS, EAP_TLS, EAP_GTC,
+ "TLS");
+ENUM_NEXT(eap_type_short_names, EAP_SIM, EAP_SIM, EAP_TLS,
"SIM");
ENUM_NEXT(eap_type_short_names, EAP_AKA, EAP_AKA, EAP_SIM,
"AKA");
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 14:10:52 +0000