2 * Copyright (C) 2010 Martin Willi, revosec AG
3 * Copyright (C) 2010 Andreas Steffen, HSR Hochschule fuer Technik Rapperswil
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 #include "eap_peap_peer.h"
18 #include "eap_peap_server.h"
25 typedef struct private_eap_peap_t private_eap_peap_t
;
28 * Private data of an eap_peap_t object.
30 struct private_eap_peap_t
{
38 * TLS stack, wrapped by EAP helper
43 /** Maximum number of EAP-PEAP messages/fragments allowed */
44 #define MAX_MESSAGE_COUNT 32
45 /** Default size of a EAP-PEAP fragment */
46 #define MAX_FRAGMENT_LEN 1024
48 METHOD(eap_method_t
, initiate
, status_t
,
49 private_eap_peap_t
*this, eap_payload_t
**out
)
53 if (this->tls_eap
->initiate(this->tls_eap
, &data
) == NEED_MORE
)
55 *out
= eap_payload_create_data(data
);
62 METHOD(eap_method_t
, process
, status_t
,
63 private_eap_peap_t
*this, eap_payload_t
*in
, eap_payload_t
**out
)
68 data
= in
->get_data(in
);
69 status
= this->tls_eap
->process(this->tls_eap
, data
, &data
);
70 if (status
== NEED_MORE
)
72 *out
= eap_payload_create_data(data
);
78 METHOD(eap_method_t
, get_type
, eap_type_t
,
79 private_eap_peap_t
*this, u_int32_t
*vendor
)
85 METHOD(eap_method_t
, get_msk
, status_t
,
86 private_eap_peap_t
*this, chunk_t
*msk
)
88 *msk
= this->tls_eap
->get_msk(this->tls_eap
);
96 METHOD(eap_method_t
, get_identifier
, u_int8_t
,
97 private_eap_peap_t
*this)
99 return this->tls_eap
->get_identifier(this->tls_eap
);
102 METHOD(eap_method_t
, set_identifier
, void,
103 private_eap_peap_t
*this, u_int8_t identifier
)
105 this->tls_eap
->set_identifier(this->tls_eap
, identifier
);
108 METHOD(eap_method_t
, is_mutual
, bool,
109 private_eap_peap_t
*this)
114 METHOD(eap_method_t
, destroy
, void,
115 private_eap_peap_t
*this)
117 this->tls_eap
->destroy(this->tls_eap
);
122 * Create an empty private eap_peap_t object
124 static private_eap_peap_t
*eap_peap_create_empty(void)
126 private_eap_peap_t
*this;
131 .initiate
= _initiate
,
133 .get_type
= _get_type
,
134 .is_mutual
= _is_mutual
,
136 .get_identifier
= _get_identifier
,
137 .set_identifier
= _set_identifier
,
146 * Generic private constructor
148 static eap_peap_t
*eap_peap_create(private_eap_peap_t
* this,
149 identification_t
*server
,
150 identification_t
*peer
, bool is_server
,
151 tls_application_t
*application
)
158 if (is_server
&& !lib
->settings
->get_bool(lib
->settings
,
159 "charon.plugins.eap-peap.request_peer_auth", FALSE
))
163 frag_size
= lib
->settings
->get_int(lib
->settings
,
164 "charon.plugins.eap-peap.fragment_size", MAX_FRAGMENT_LEN
);
165 max_msg_count
= lib
->settings
->get_int(lib
->settings
,
166 "charon.plugins.eap-peap.max_message_count", MAX_MESSAGE_COUNT
);
167 include_length
= lib
->settings
->get_bool(lib
->settings
,
168 "charon.plugins.eap-peap.include_length", FALSE
);
169 tls
= tls_create(is_server
, server
, peer
, TLS_PURPOSE_EAP_PEAP
,
171 this->tls_eap
= tls_eap_create(EAP_PEAP
, tls
, frag_size
, max_msg_count
,
175 application
->destroy(application
);
179 return &this->public;
182 eap_peap_t
*eap_peap_create_server(identification_t
*server
,
183 identification_t
*peer
)
185 private_eap_peap_t
*eap_peap
;
186 eap_method_t
*eap_method
;
187 eap_peap_server_t
*eap_peap_server
;
188 tls_application_t
*application
;
190 /* the tunneled application needs a reference to the outer EAP-PEAP method */
191 eap_peap
= eap_peap_create_empty();
192 eap_method
= &eap_peap
->public.eap_method
;
193 eap_peap_server
= eap_peap_server_create(server
, peer
, eap_method
);
194 application
= &eap_peap_server
->application
;
196 return eap_peap_create(eap_peap
, server
, peer
, TRUE
, application
);
199 eap_peap_t
*eap_peap_create_peer(identification_t
*server
,
200 identification_t
*peer
)
202 private_eap_peap_t
*eap_peap
;
203 eap_method_t
*eap_method
;
204 eap_peap_peer_t
*eap_peap_peer
;
205 tls_application_t
*application
;
207 /* the tunneled application needs a reference to the outer EAP-PEAP method */
208 eap_peap
= eap_peap_create_empty();
209 eap_method
= &eap_peap
->public.eap_method
;
210 eap_peap_peer
= eap_peap_peer_create(server
, peer
, eap_method
);
211 application
= &eap_peap_peer
->application
;
213 return eap_peap_create(eap_peap
, server
, peer
, FALSE
, application
);