struct wpabuf *resp;
const u8 *pos;
struct eap_fast_data *data = priv;
+ struct wpabuf msg;
pos = eap_peer_tls_process_init(sm, &data->ssl, EAP_TYPE_FAST, ret,
reqData, &left, &flags);
left = 0; /* A-ID is not used in further packet processing */
}
+ wpabuf_set(&msg, pos, left);
+
resp = NULL;
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
!data->resuming) {
/* Process tunneled (encrypted) phase 2 data. */
- struct wpabuf msg;
- wpabuf_set(&msg, pos, left);
res = eap_fast_decrypt(sm, data, ret, id, &msg, &resp);
if (res < 0) {
ret->methodState = METHOD_DONE;
/* Continue processing TLS handshake (phase 1). */
res = eap_peer_tls_process_helper(sm, &data->ssl,
EAP_TYPE_FAST,
- data->fast_version, id, pos,
- left, &resp);
+ data->fast_version, id, &msg,
+ &resp);
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
char cipher[80];
}
if (res == 2) {
- struct wpabuf msg;
/*
* Application data included in the handshake message.
*/
wpabuf_free(data->pending_phase2_req);
data->pending_phase2_req = resp;
resp = NULL;
- wpabuf_set(&msg, pos, left);
res = eap_fast_decrypt(sm, data, ret, id, &msg, &resp);
}
}
struct wpabuf *resp;
const u8 *pos;
struct eap_peap_data *data = priv;
+ struct wpabuf msg;
pos = eap_peer_tls_process_init(sm, &data->ssl, EAP_TYPE_PEAP, ret,
reqData, &left, &flags);
* should always be, anyway */
}
+ wpabuf_set(&msg, pos, left);
+
resp = NULL;
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
!data->resuming) {
- struct wpabuf msg;
- wpabuf_set(&msg, pos, left);
res = eap_peap_decrypt(sm, data, ret, req, &msg, &resp);
} else {
res = eap_peer_tls_process_helper(sm, &data->ssl,
EAP_TYPE_PEAP,
- data->peap_version, id, pos,
- left, &resp);
+ data->peap_version, id, &msg,
+ &resp);
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
char *label;
}
if (res == 2) {
- struct wpabuf msg;
/*
* Application data included in the handshake message.
*/
wpabuf_free(data->pending_phase2_req);
data->pending_phase2_req = resp;
resp = NULL;
- wpabuf_set(&msg, pos, left);
res = eap_peap_decrypt(sm, data, ret, req, &msg,
&resp);
}
u8 flags, id;
const u8 *pos;
struct eap_tls_data *data = priv;
+ struct wpabuf msg;
pos = eap_peer_tls_process_init(sm, &data->ssl, data->eap_type, ret,
reqData, &left, &flags);
}
resp = NULL;
+ wpabuf_set(&msg, pos, left);
res = eap_peer_tls_process_helper(sm, &data->ssl, data->eap_type, 0,
- id, pos, left, &resp);
+ id, &msg, &resp);
if (res < 0) {
return eap_tls_failure(sm, data, ret, res, resp, id);
* @sm: Pointer to EAP state machine allocated with eap_peer_sm_init()
* @data: Data for TLS processing
* @in_data: Message received from the server
- * @in_len: Length of in_data
* @out_data: Buffer for returning a pointer to application data (if available)
* Returns: 0 on success, 1 if more input data is needed, 2 if application data
* is available, -1 on failure
*/
static int eap_tls_process_input(struct eap_sm *sm, struct eap_ssl_data *data,
- const u8 *in_data, size_t in_len,
+ const struct wpabuf *in_data,
struct wpabuf **out_data)
{
const struct wpabuf *msg;
int need_more_input;
struct wpabuf *appl_data;
- struct wpabuf buf;
- wpabuf_set(&buf, in_data, in_len);
- msg = eap_peer_tls_data_reassemble(data, &buf, &need_more_input);
+ msg = eap_peer_tls_data_reassemble(data, in_data, &need_more_input);
if (msg == NULL)
return need_more_input ? 1 : -1;
* @peap_version: Version number for EAP-PEAP/TTLS
* @id: EAP identifier for the response
* @in_data: Message received from the server
- * @in_len: Length of in_data
* @out_data: Buffer for returning a pointer to the response message
* Returns: 0 on success, 1 if more input data is needed, 2 if application data
* is available, or -1 on failure
*/
int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
EapType eap_type, int peap_version,
- u8 id, const u8 *in_data, size_t in_len,
+ u8 id, const struct wpabuf *in_data,
struct wpabuf **out_data)
{
int ret = 0;
*out_data = NULL;
- if (data->tls_out && wpabuf_len(data->tls_out) > 0 && in_len > 0) {
+ if (data->tls_out && wpabuf_len(data->tls_out) > 0 &&
+ wpabuf_len(in_data) > 0) {
wpa_printf(MSG_DEBUG, "SSL: Received non-ACK when output "
"fragments are waiting to be sent out");
return -1;
* No more data to send out - expect to receive more data from
* the AS.
*/
- int res = eap_tls_process_input(sm, data, in_data, in_len,
- out_data);
+ int res = eap_tls_process_input(sm, data, in_data, out_data);
if (res) {
/*
* Input processing failed (res = -1) or more data is
size_t *len);
int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
EapType eap_type, int peap_version,
- u8 id, const u8 *in_data, size_t in_len,
+ u8 id, const struct wpabuf *in_data,
struct wpabuf **out_data);
struct wpabuf * eap_peer_tls_build_ack(u8 id, EapType eap_type,
int peap_version);
struct eap_ttls_data *data,
struct eap_method_ret *ret,
u8 identifier,
- const u8 *in_data, size_t in_len,
+ const struct wpabuf *in_data,
struct wpabuf **out_data)
{
int res;
res = eap_peer_tls_process_helper(sm, &data->ssl, EAP_TYPE_TTLS,
data->ttls_version, identifier,
- in_data, in_len, out_data);
+ in_data, out_data);
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: TLS done, proceed to "
}
if (res == 2) {
- struct wpabuf msg;
/*
* Application data included in the handshake message.
*/
wpabuf_free(data->pending_phase2_req);
data->pending_phase2_req = *out_data;
*out_data = NULL;
- wpabuf_set(&msg, in_data, in_len);
- res = eap_ttls_decrypt(sm, data, ret, identifier, &msg,
+ res = eap_ttls_decrypt(sm, data, ret, identifier, in_data,
out_data);
}
struct wpabuf *resp;
const u8 *pos;
struct eap_ttls_data *data = priv;
+ struct wpabuf msg;
pos = eap_peer_tls_process_init(sm, &data->ssl, EAP_TYPE_TTLS, ret,
reqData, &left, &flags);
left = 0;
}
+ wpabuf_set(&msg, pos, left);
+
resp = NULL;
if (tls_connection_established(sm->ssl_ctx, data->ssl.conn) &&
!data->resuming) {
- struct wpabuf msg;
- wpabuf_set(&msg, pos, left);
res = eap_ttls_decrypt(sm, data, ret, id, &msg, &resp);
} else {
res = eap_ttls_process_handshake(sm, data, ret, id,
- pos, left, &resp);
+ &msg, &resp);
}
eap_ttls_check_auth_status(sm, data, ret);
projects / thirdparty / hostap.git / commitdiff
