From de29e3a683f91d5b392e7a6176c6a0730ebb7847 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Wed, 8 Sep 2010 12:58:40 +0200 Subject: max max_message_count configurable and move it into tls_eap_t --- src/libcharon/plugins/eap_tls/eap_tls.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'src/libcharon/plugins/eap_tls/eap_tls.c') diff --git a/src/libcharon/plugins/eap_tls/eap_tls.c b/src/libcharon/plugins/eap_tls/eap_tls.c index 53b61c847..efe72c437 100644 --- a/src/libcharon/plugins/eap_tls/eap_tls.c +++ b/src/libcharon/plugins/eap_tls/eap_tls.c @@ -32,11 +32,6 @@ struct private_eap_tls_t { */ eap_tls_t public; - /** - * Number of EAP-TLS messages processed so far - */ - int processed; - /** * TLS stack, wrapped by EAP helper */ @@ -68,12 +63,6 @@ METHOD(eap_method_t, process, status_t, status_t status; chunk_t data; - if (++this->processed > MAX_MESSAGE_COUNT) - { - DBG1(DBG_IKE, "EAP-TLS packet count exceeded (%d > %d)", - this->processed, MAX_MESSAGE_COUNT); - return FAILED; - } data = in->get_data(in); status = this->tls_eap->process(this->tls_eap, data, &data); if (status == NEED_MORE) @@ -123,6 +112,7 @@ static eap_tls_t *eap_tls_create(identification_t *server, { private_eap_tls_t *this; size_t frag_size; + int max_msg_count; tls_t *tls; INIT(this, @@ -140,8 +130,10 @@ static eap_tls_t *eap_tls_create(identification_t *server, frag_size = lib->settings->get_int(lib->settings, "charon.plugins.eap-tls.fragment_size", MAX_FRAGMENT_LEN); + max_msg_count = lib->settings->get_int(lib->settings, + "charon.plugins.eap-tls.max_message_count", MAX_MESSAGE_COUNT); tls = tls_create(is_server, server, peer, TLS_PURPOSE_EAP_TLS, NULL); - this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size); + this->tls_eap = tls_eap_create(EAP_TLS, tls, frag_size, max_msg_count); if (!this->tls_eap) { free(this); -- cgit v1.2.3