diff options
author | Jouni Malinen <j@w1.fi> | 2009-12-20 18:17:55 +0200 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2009-12-20 18:17:55 +0200 |
commit | 81c85c069ac0f2980db4745e1f85f521affb8619 (patch) | |
tree | 0fb77479c9a7a95e1cb6df761148955811baf563 /src/eap_server/eap_tls_common.c | |
parent | 94c3e91fc52e4c70098c8eb51f2d97109d65a560 (diff) | |
download | external_wpa_supplicant_8_ti-81c85c069ac0f2980db4745e1f85f521affb8619.zip external_wpa_supplicant_8_ti-81c85c069ac0f2980db4745e1f85f521affb8619.tar.gz external_wpa_supplicant_8_ti-81c85c069ac0f2980db4745e1f85f521affb8619.tar.bz2 |
Convert TLS wrapper to use struct wpabuf
This converts tls_connection_handshake(),
tls_connection_server_handshake(), tls_connection_encrypt(), and
tls_connection_decrypt() to use struct wpa_buf to allow higher layer
code to be cleaned up with consistent struct wpabuf use.
Diffstat (limited to 'src/eap_server/eap_tls_common.c')
-rw-r--r-- | src/eap_server/eap_tls_common.c | 45 |
1 files changed, 13 insertions, 32 deletions
diff --git a/src/eap_server/eap_tls_common.c b/src/eap_server/eap_tls_common.c index d70aff6..c4c7806 100644 --- a/src/eap_server/eap_tls_common.c +++ b/src/eap_server/eap_tls_common.c @@ -1,6 +1,6 @@ /* - * hostapd / EAP-TLS/PEAP/TTLS/FAST common functions - * Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi> + * EAP-TLS/PEAP/TTLS/FAST server common functions + * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as @@ -239,30 +239,22 @@ static int eap_server_tls_process_fragment(struct eap_ssl_data *data, int eap_server_tls_phase1(struct eap_sm *sm, struct eap_ssl_data *data) { - u8 *next; - size_t next_len; - - next = tls_connection_server_handshake( - sm->ssl_ctx, data->conn, - wpabuf_mhead(data->in_buf), - wpabuf_len(data->in_buf), - &next_len); - if (next == NULL) { - wpa_printf(MSG_INFO, "SSL: TLS processing failed"); - return -1; - } if (data->out_buf) { /* This should not happen.. */ wpa_printf(MSG_INFO, "SSL: pending tls_out data when " "processing new message"); - os_free(data->out_buf); + wpabuf_free(data->out_buf); WPA_ASSERT(data->out_buf == NULL); } - data->out_buf = wpabuf_alloc_ext_data(next, next_len); + + data->out_buf = tls_connection_server_handshake(sm->ssl_ctx, + data->conn, + data->in_buf, NULL); if (data->out_buf == NULL) { - os_free(next); + wpa_printf(MSG_INFO, "SSL: TLS processing failed"); return -1; } + return 0; } @@ -337,28 +329,17 @@ static void eap_server_tls_free_in_buf(struct eap_ssl_data *data) struct wpabuf * eap_server_tls_encrypt(struct eap_sm *sm, struct eap_ssl_data *data, - const u8 *plain, size_t plain_len) + const struct wpabuf *plain) { - int res; struct wpabuf *buf; - size_t buf_len; - /* reserve some extra room for encryption overhead */ - buf_len = plain_len + 300; - buf = wpabuf_alloc(buf_len); - if (buf == NULL) - return NULL; - res = tls_connection_encrypt(sm->ssl_ctx, data->conn, - plain, plain_len, wpabuf_put(buf, 0), - buf_len); - if (res < 0) { + buf = tls_connection_encrypt(sm->ssl_ctx, data->conn, + plain); + if (buf == NULL) { wpa_printf(MSG_INFO, "SSL: Failed to encrypt Phase 2 data"); - wpabuf_free(buf); return NULL; } - wpabuf_put(buf, res); - return buf; } |