From: Martin Willi Date: Thu, 29 Jan 2015 10:13:42 +0000 (+0100) Subject: libtls: Add getters for TLS handshake authentication details X-Git-Tag: 5.3.0dr1~46^2~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=666c5523818cbfc12ba69778ead929700245daed;p=thirdparty%2Fstrongswan.git libtls: Add getters for TLS handshake authentication details --- diff --git a/src/libtls/tls.c b/src/libtls/tls.c index 201612470f..08a06f5ef2 100644 --- a/src/libtls/tls.c +++ b/src/libtls/tls.c @@ -415,6 +415,12 @@ METHOD(tls_t, get_eap_msk, chunk_t, return this->crypto->get_eap_msk(this->crypto); } +METHOD(tls_t, get_auth, auth_cfg_t*, + private_tls_t *this) +{ + return this->handshake->get_auth(this->handshake); +} + METHOD(tls_t, destroy, void, private_tls_t *this) { @@ -465,6 +471,7 @@ tls_t *tls_create(bool is_server, identification_t *server, .get_purpose = _get_purpose, .is_complete = _is_complete, .get_eap_msk = _get_eap_msk, + .get_auth = _get_auth, .destroy = _destroy, }, .is_server = is_server, diff --git a/src/libtls/tls.h b/src/libtls/tls.h index fc1d9b9fd0..f3dc198cfe 100644 --- a/src/libtls/tls.h +++ b/src/libtls/tls.h @@ -251,6 +251,13 @@ struct tls_t { */ chunk_t (*get_eap_msk)(tls_t *this); + /** + * Get the authentication details after completing the handshake. + * + * @return authentication details, internal data + */ + auth_cfg_t* (*get_auth)(tls_t *this); + /** * Destroy a tls_t. */ diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c index ebe5bc3a82..12d5aed53b 100644 --- a/src/libtls/tls_eap.c +++ b/src/libtls/tls_eap.c @@ -426,6 +426,12 @@ METHOD(tls_eap_t, set_identifier, void, this->identifier = identifier; } +METHOD(tls_eap_t, get_auth, auth_cfg_t*, + private_tls_eap_t *this) +{ + return this->tls->get_auth(this->tls); +} + METHOD(tls_eap_t, destroy, void, private_tls_eap_t *this) { @@ -453,6 +459,7 @@ tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size, .get_msk = _get_msk, .get_identifier = _get_identifier, .set_identifier = _set_identifier, + .get_auth = _get_auth, .destroy = _destroy, }, .type = type, diff --git a/src/libtls/tls_eap.h b/src/libtls/tls_eap.h index f3fbba078c..df41fc4d7a 100644 --- a/src/libtls/tls_eap.h +++ b/src/libtls/tls_eap.h @@ -76,6 +76,13 @@ struct tls_eap_t { */ void (*set_identifier) (tls_eap_t *this, uint8_t identifier); + /** + * Get the authentication details after completing the handshake. + * + * @return authentication details, internal data + */ + auth_cfg_t* (*get_auth)(tls_eap_t *this); + /** * Destroy a tls_eap_t. */ diff --git a/src/libtls/tls_handshake.h b/src/libtls/tls_handshake.h index 7fa660c58e..7edb49ba05 100644 --- a/src/libtls/tls_handshake.h +++ b/src/libtls/tls_handshake.h @@ -97,6 +97,13 @@ struct tls_handshake_t { */ identification_t* (*get_server_id)(tls_handshake_t *this); + /** + * Get the peers authentication information after completing the handshake. + * + * @return authentication data, internal data + */ + auth_cfg_t* (*get_auth)(tls_handshake_t *this); + /** * Destroy a tls_handshake_t. */ diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index 1bee436c4a..08e36de369 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -1154,6 +1154,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*, return this->server; } +METHOD(tls_handshake_t, get_auth, auth_cfg_t*, + private_tls_peer_t *this) +{ + return this->server_auth; +} + METHOD(tls_handshake_t, destroy, void, private_tls_peer_t *this) { @@ -1187,6 +1193,7 @@ tls_peer_t *tls_peer_create(tls_t *tls, tls_crypto_t *crypto, tls_alert_t *alert .finished = _finished, .get_peer_id = _get_peer_id, .get_server_id = _get_server_id, + .get_auth = _get_auth, .destroy = _destroy, }, }, diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c index a861a267a1..b6e706d234 100644 --- a/src/libtls/tls_server.c +++ b/src/libtls/tls_server.c @@ -1074,6 +1074,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*, return this->server; } +METHOD(tls_handshake_t, get_auth, auth_cfg_t*, + private_tls_server_t *this) +{ + return this->peer_auth; +} + METHOD(tls_handshake_t, destroy, void, private_tls_server_t *this) { @@ -1108,6 +1114,7 @@ tls_server_t *tls_server_create(tls_t *tls, .finished = _finished, .get_peer_id = _get_peer_id, .get_server_id = _get_server_id, + .get_auth = _get_auth, .destroy = _destroy, }, },