From: Martin Willi Date: Thu, 15 Dec 2011 12:14:33 +0000 (+0100) Subject: Added an identity getter to XAuth methods to query the actually used identity X-Git-Tag: 5.0.0~338^2~9^2~194 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7a7efbf9d88346609ee4c246936e4fa2a6c72723;p=thirdparty%2Fstrongswan.git Added an identity getter to XAuth methods to query the actually used identity --- diff --git a/src/libcharon/plugins/xauth_generic/xauth_generic.c b/src/libcharon/plugins/xauth_generic/xauth_generic.c index 981ab77d0e..6350a130f4 100644 --- a/src/libcharon/plugins/xauth_generic/xauth_generic.c +++ b/src/libcharon/plugins/xauth_generic/xauth_generic.c @@ -98,7 +98,7 @@ METHOD(xauth_method_t, process_server, status_t, configuration_attribute_t *attr; enumerator_t *enumerator; shared_key_t *shared; - identification_t *id = NULL, *peer; + identification_t *id; chunk_t user = chunk_empty, pass = chunk_empty; status_t status = SUCCESS; @@ -132,31 +132,33 @@ METHOD(xauth_method_t, process_server, status_t, DBG1(DBG_IKE, "failed to parse provided XAuth username"); return FAILED; } + this->peer->destroy(this->peer); + this->peer = id; } - peer = id ?: this->peer; - shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, this->server, - peer); + shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, + this->server, this->peer); if (!shared) { - DBG1(DBG_IKE, "no XAuth secret found for '%Y' - '%Y'", this->server, - peer); + DBG1(DBG_IKE, "no XAuth secret found for '%Y' - '%Y'", + this->server, this->peer); status = FAILED; } else if (!chunk_equals(shared->get_key(shared), pass)) { - DBG1(DBG_IKE, "failed to authenticate '%Y' with XAuth", peer); + DBG1(DBG_IKE, "failed to authenticate '%Y' with XAuth", this->peer); status = FAILED; } - else - { - DBG2(DBG_IKE, "authentication of '%Y' with XAuth successful", peer); - } DESTROY_IF(shared); - DESTROY_IF(id); return status; } +METHOD(xauth_method_t, get_identity, identification_t*, + private_xauth_generic_t *this) +{ + return this->peer; +} + METHOD(xauth_method_t, destroy, void, private_xauth_generic_t *this) { @@ -178,6 +180,7 @@ xauth_generic_t *xauth_generic_create_peer(identification_t *server, .xauth_method = { .initiate = _initiate_peer, .process = _process_peer, + .get_identity = _get_identity, .destroy = _destroy, }, }, @@ -201,6 +204,7 @@ xauth_generic_t *xauth_generic_create_server(identification_t *server, .xauth_method = { .initiate = _initiate_server, .process = _process_server, + .get_identity = _get_identity, .destroy = _destroy, }, }, diff --git a/src/libcharon/sa/authenticators/xauth/xauth_method.h b/src/libcharon/sa/authenticators/xauth/xauth_method.h index c544724b85..9f6067dbf7 100644 --- a/src/libcharon/sa/authenticators/xauth/xauth_method.h +++ b/src/libcharon/sa/authenticators/xauth/xauth_method.h @@ -80,6 +80,13 @@ struct xauth_method_t { status_t (*process) (xauth_method_t *this, cp_payload_t *in, cp_payload_t **out); + /** + * Get the XAuth username received as XAuth initiator. + * + * @return used XAuth username, pointer to internal data + */ + identification_t* (*get_identity)(xauth_method_t *this); + /** * Destroys a eap_method_t object. */