diff options
Diffstat (limited to 'src/libtls/tls_eap.c')
-rw-r--r-- | src/libtls/tls_eap.c | 59 |
1 files changed, 33 insertions, 26 deletions
diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c index 25c909ac5..f74030bd4 100644 --- a/src/libtls/tls_eap.c +++ b/src/libtls/tls_eap.c @@ -71,6 +71,9 @@ typedef enum { EAP_TTLS_VERSION = (0x07), } eap_tls_flags_t; +#define EAP_TTLS_SUPPORTED_VERSION 0 +#define EAP_TNC_SUPPORTED_VERSION 1 + /** * EAP-TLS/TTLS packet format */ @@ -92,6 +95,17 @@ METHOD(tls_eap_t, initiate, status_t, .code = EAP_REQUEST, .flags = EAP_TLS_START, }; + switch (this->type) + { + case EAP_TTLS: + pkt.flags |= EAP_TTLS_SUPPORTED_VERSION; + break; + case EAP_TNC: + pkt.flags |= EAP_TNC_SUPPORTED_VERSION; + break; + default: + break; + } htoun16(&pkt.length, sizeof(eap_tls_packet_t)); do { /* start with non-zero random identifier */ @@ -154,9 +168,21 @@ static status_t build_pkt(private_tls_eap_t *this, pkt->type = this->type; pkt->flags = 0; + switch (this->type) + { + case EAP_TTLS: + pkt->flags |= EAP_TTLS_SUPPORTED_VERSION; + break; + case EAP_TNC: + pkt->flags |= EAP_TNC_SUPPORTED_VERSION; + break; + default: + break; + } + if (this->first_fragment) { - pkt->flags = EAP_TLS_LENGTH; + pkt->flags |= EAP_TLS_LENGTH; len = sizeof(buf) - sizeof(eap_tls_packet_t) - sizeof(u_int32_t); status = this->tls->build(this->tls, buf + sizeof(eap_tls_packet_t) + sizeof(u_int32_t), &len, &reclen); @@ -235,9 +261,9 @@ METHOD(tls_eap_t, process, status_t, } if (pkt->flags & EAP_TLS_START) { - if (this->type == EAP_TTLS) + if (this->type == EAP_TTLS || this->type == EAP_TNC) { - DBG1(DBG_TLS, "EAP-TTLS version is v%u", + DBG1(DBG_TLS, "%N version is v%u", eap_type_names, this->type, pkt->flags & EAP_TTLS_VERSION); } } @@ -295,24 +321,9 @@ METHOD(tls_eap_t, destroy, void, /** * See header */ -tls_eap_t *tls_eap_create(eap_type_t type, bool is_server, - identification_t *server, identification_t *peer, - tls_application_t *application, size_t frag_size) +tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size) { private_tls_eap_t *this; - tls_purpose_t purpose; - - switch (type) - { - case EAP_TLS: - purpose = TLS_PURPOSE_EAP_TLS; - break; - case EAP_TTLS: - purpose = TLS_PURPOSE_EAP_TTLS; - break; - default: - return NULL; - }; INIT(this, .public = { @@ -322,15 +333,11 @@ tls_eap_t *tls_eap_create(eap_type_t type, bool is_server, .destroy = _destroy, }, .type = type, - .is_server = is_server, + .is_server = tls->is_server(tls), .first_fragment = TRUE, .frag_size = frag_size, - .tls = tls_create(is_server, server, peer, purpose, application), + .tls = tls, ); - if (!this->tls) - { - free(this); - return NULL; - } + return &this->public; } |