DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Use wpabuf with tls_connection_ia_send_phase_finished()

Browse source
This commit is contained in:
Jouni Malinen 2009-12-20 21:33:32 +02:00
parent a206a29a54
commit 496c5d981e
9 changed files with 44 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/crypto/tls.h
View file

@ -484,16 +484,13 @@ unsigned int tls_capabilities(void *tls_ctx);
* @tls_ctx: TLS context data from tls_init() * @tls_ctx: TLS context data from tls_init()
* @conn: Connection context data from tls_connection_init() * @conn: Connection context data from tls_connection_init()
* @final: 1 = FinalPhaseFinished, 0 = IntermediatePhaseFinished * @final: 1 = FinalPhaseFinished, 0 = IntermediatePhaseFinished
* @out_data: Pointer to output buffer (encrypted TLS/IA data) * Returns: Encrypted TLS/IA data, %NULL on failure
* @out_len: Maximum out_data length
* Returns: Number of bytes written to out_data on success, -1 on failure
* *
* This function is used to send the TLS/IA end phase message, e.g., when the * This function is used to send the TLS/IA end phase message, e.g., when the
* EAP server completes EAP-TTLSv1. * EAP server completes EAP-TTLSv1.
*/ */
int __must_check tls_connection_ia_send_phase_finished( struct wpabuf * tls_connection_ia_send_phase_finished(
void *tls_ctx, struct tls_connection *conn, int final, void *tls_ctx, struct tls_connection *conn, int final);
u8 *out_data, size_t out_len);
/** /**
* tls_connection_ia_final_phase_finished - Has final phase been completed * tls_connection_ia_final_phase_finished - Has final phase been completed

24
src/crypto/tls_gnutls.c
View file

@ -1336,16 +1336,15 @@ int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final)
int final,
u8 *out_data, size_t out_len)
{ {
#ifdef GNUTLS_IA #ifdef GNUTLS_IA
int ret; int ret;
struct wpabuf *buf;
if (conn == NULL || conn->session == NULL || !conn->tls_ia) if (conn == NULL || conn->session == NULL || !conn->tls_ia)
return -1; return NULL;
ret = gnutls_ia_permute_inner_secret(conn->session, ret = gnutls_ia_permute_inner_secret(conn->session,
conn->session_keys_len, conn->session_keys_len,
@ -1359,26 +1358,21 @@ int tls_connection_ia_send_phase_finished(void *tls_ctx,
if (ret) { if (ret) {
wpa_printf(MSG_DEBUG, "%s: Failed to permute inner secret: %s", wpa_printf(MSG_DEBUG, "%s: Failed to permute inner secret: %s",
__func__, gnutls_strerror(ret)); __func__, gnutls_strerror(ret));
return -1; return NULL;
} }
ret = gnutls_ia_endphase_send(conn->session, final); ret = gnutls_ia_endphase_send(conn->session, final);
if (ret) { if (ret) {
wpa_printf(MSG_DEBUG, "%s: Failed to send endphase: %s", wpa_printf(MSG_DEBUG, "%s: Failed to send endphase: %s",
__func__, gnutls_strerror(ret)); __func__, gnutls_strerror(ret));
return -1; return NULL;
} }
if (conn->push_buf == NULL) buf = conn->push_buf;
return -1;
if (wpabuf_len(conn->push_buf) < out_len)
out_len = wpabuf_len(conn->push_buf);
os_memcpy(out_data, wpabuf_head(conn->push_buf), out_len);
wpabuf_free(conn->push_buf);
conn->push_buf = NULL; conn->push_buf = NULL;
return out_len; return buf;
#else /* GNUTLS_IA */ #else /* GNUTLS_IA */
return -1; return NULL;
#endif /* GNUTLS_IA */ #endif /* GNUTLS_IA */
} }

8
src/crypto/tls_internal.c
View file

@ -608,12 +608,10 @@ unsigned int tls_capabilities(void *tls_ctx)
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final)
int final,
u8 *out_data, size_t out_len)
{ {
return -1; return NULL;
} }

8
src/crypto/tls_none.c
View file

@ -207,12 +207,10 @@ unsigned int tls_capabilities(void *tls_ctx)
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final)
int final,
u8 *out_data, size_t out_len)
{ {
return -1; return NULL;
} }

8
src/crypto/tls_nss.c
View file

@ -649,12 +649,10 @@ unsigned int tls_capabilities(void *tls_ctx)
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final)
int final,
u8 *out_data, size_t out_len)
{ {
return -1; return NULL;
} }

8
src/crypto/tls_openssl.c
View file

@ -2493,12 +2493,10 @@ int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final)
int final,
u8 *out_data, size_t out_len)
{ {
return -1; return NULL;
} }

8
src/crypto/tls_schannel.c
View file

@ -745,12 +745,10 @@ int tls_connection_set_ia(void *tls_ctx, struct tls_connection *conn,
} }
int tls_connection_ia_send_phase_finished(void *tls_ctx, struct wpabuf * tls_connection_ia_send_phase_finished(
struct tls_connection *conn, void *tls_ctx, struct tls_connection *conn, int final);
int final,
u8 *out_data, size_t out_len)
{ {
return -1; return NULL;
} }

31
src/eap_peer/eap_ttls.c
View file

@ -16,6 +16,7 @@
#include "common.h" #include "common.h"
#include "crypto/ms_funcs.h" #include "crypto/ms_funcs.h"
#include "crypto/sha1.h"
#include "crypto/tls.h" #include "crypto/tls.h"
#include "eap_common/chap.h" #include "eap_common/chap.h"
#include "eap_common/eap_ttls.h" #include "eap_common/eap_ttls.h"
@ -1030,27 +1031,25 @@ static int eap_ttls_phase2_request(struct eap_sm *sm,
static struct wpabuf * eap_ttls_build_phase_finished( static struct wpabuf * eap_ttls_build_phase_finished(
struct eap_sm *sm, struct eap_ttls_data *data, int id, int final) struct eap_sm *sm, struct eap_ttls_data *data, int id, int final)
{ {
int len; struct wpabuf *req, *buf;
struct wpabuf *req;
u8 *pos;
const int max_len = 300;
req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TTLS, 1 + max_len, buf = tls_connection_ia_send_phase_finished(sm->ssl_ctx,
EAP_CODE_RESPONSE, id); data->ssl.conn,
if (req == NULL) final);
if (buf == NULL)
return NULL; return NULL;
wpabuf_put_u8(req, data->ttls_version); req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TTLS,
1 + wpabuf_len(buf),
pos = wpabuf_put(req, 0); EAP_CODE_RESPONSE, id);
len = tls_connection_ia_send_phase_finished(sm->ssl_ctx, if (req == NULL) {
data->ssl.conn, wpabuf_free(buf);
final, pos, max_len);
if (len < 0) {
wpabuf_free(req);
return NULL; return NULL;
} }
wpabuf_put(req, len);
wpabuf_put_u8(req, data->ttls_version);
wpabuf_put_buf(req, buf);
wpabuf_free(buf);
eap_update_len(req); eap_update_len(req);
return req; return req;

21
src/eap_server/eap_ttls.c
View file

@ -519,25 +519,8 @@ static struct wpabuf * eap_ttls_build_phase2_mschapv2(
static struct wpabuf * eap_ttls_build_phase_finished( static struct wpabuf * eap_ttls_build_phase_finished(
struct eap_sm *sm, struct eap_ttls_data *data, int final) struct eap_sm *sm, struct eap_ttls_data *data, int final)
{ {
int len; return tls_connection_ia_send_phase_finished(sm->ssl_ctx,
struct wpabuf *req; data->ssl.conn, final);
const int max_len = 300;
req = wpabuf_alloc(max_len);
if (req == NULL)
return NULL;
len = tls_connection_ia_send_phase_finished(sm->ssl_ctx,
data->ssl.conn, final,
wpabuf_mhead(req),
max_len);
if (len < 0) {
wpabuf_free(req);
return NULL;
}
wpabuf_put(req, len);
return req;
} }