return talloc_steal(handler, ssn); /* ssn */
}
+/*
+ The S flag is set only within the EAP-TLS start message
+ sent from the EAP server to the peer.
+*/
+int eaptls_start(EAP_DS *eap_ds, int peap_flag)
+{
+ EAPTLS_PACKET reply;
+
+ reply.code = FR_TLS_START;
+ reply.length = TLS_HEADER_LEN + 1/*flags*/;
+
+ reply.flags = peap_flag;
+ reply.flags = SET_START(reply.flags);
+
+ reply.data = NULL;
+ reply.dlen = 0;
+
+ eaptls_compose(eap_ds, &reply);
+
+ return 1;
+}
+
/** Send an EAP-TLS success
*
* Composes an EAP-TLS-Success. This is a message with code EAP_TLS_ESTABLISHED.
EAPTLS_PACKET *eaptls_alloc(void);
void eaptls_free(EAPTLS_PACKET **eaptls_packet_ptr);
tls_session_t *eaptls_session(eap_handler_t *handler, fr_tls_server_conf_t *tls_conf, bool client_cert, bool allow_tls13);
+int eaptls_start(EAP_DS *eap_ds, int peap);
int eaptls_compose(EAP_DS *eap_ds, EAPTLS_PACKET *reply);
fr_tls_server_conf_t *eaptls_conf_parse(CONF_SECTION *cs, char const *key);
* TLS session initialization is over. Now handle TLS
* related handshaking or application data.
*/
- status = eaptls_request(handler->eap_ds, ssn, true);
- if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) {
- REDEBUG("[eaptls start] = %s", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
- } else {
- RDEBUG3("[eaptls start] = %s", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
- }
- if (status == 0) return 0;
+ eaptls_start(handler->eap_ds, ssn->peap_flag);
/*
* The next stage to process the packet.
projects / thirdparty / freeradius-server.git / commitdiff
