renamed tls_reader|writer to bio_* and moved to libstrongswan
This commit is contained in:
parent
4cefb9bd10
commit
7e432eff6b
|
@ -45,7 +45,7 @@ struct private_eap_peap_avp_t {
|
|||
};
|
||||
|
||||
METHOD(eap_peap_avp_t, build, void,
|
||||
private_eap_peap_avp_t *this, tls_writer_t *writer, chunk_t data)
|
||||
private_eap_peap_avp_t *this, bio_writer_t *writer, chunk_t data)
|
||||
{
|
||||
u_int8_t code;
|
||||
eap_packet_t *pkt;
|
||||
|
@ -70,7 +70,7 @@ METHOD(eap_peap_avp_t, build, void,
|
|||
}
|
||||
|
||||
METHOD(eap_peap_avp_t, process, status_t,
|
||||
private_eap_peap_avp_t* this, tls_reader_t *reader, chunk_t *data,
|
||||
private_eap_peap_avp_t* this, bio_reader_t *reader, chunk_t *data,
|
||||
u_int8_t identifier)
|
||||
{
|
||||
u_int8_t code;
|
||||
|
|
|
@ -25,8 +25,8 @@ typedef struct eap_peap_avp_t eap_peap_avp_t;
|
|||
|
||||
#include <library.h>
|
||||
|
||||
#include <tls_reader.h>
|
||||
#include <tls_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
|
||||
/**
|
||||
* EAP-PEAP Attribute-Value Pair (AVP) handler.
|
||||
|
@ -44,7 +44,7 @@ struct eap_peap_avp_t {
|
|||
* - FAILED if AVP processing failed
|
||||
* - NEED_MORE if another invocation of process/build needed
|
||||
*/
|
||||
status_t (*process)(eap_peap_avp_t *this, tls_reader_t *reader,
|
||||
status_t (*process)(eap_peap_avp_t *this, bio_reader_t *reader,
|
||||
chunk_t *data, u_int8_t identifier);
|
||||
|
||||
/**
|
||||
|
@ -53,7 +53,7 @@ struct eap_peap_avp_t {
|
|||
* @param writer TLS data buffer to write to
|
||||
* @param data EAP Message to send
|
||||
*/
|
||||
void (*build)(eap_peap_avp_t *this, tls_writer_t *writer, chunk_t data);
|
||||
void (*build)(eap_peap_avp_t *this, bio_writer_t *writer, chunk_t data);
|
||||
|
||||
/**
|
||||
* Destroy a eap_peap_application_t.
|
||||
|
|
|
@ -63,7 +63,7 @@ struct private_eap_peap_peer_t {
|
|||
};
|
||||
|
||||
METHOD(tls_application_t, process, status_t,
|
||||
private_eap_peap_peer_t *this, tls_reader_t *reader)
|
||||
private_eap_peap_peer_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t data = chunk_empty;
|
||||
status_t status;
|
||||
|
@ -185,7 +185,7 @@ METHOD(tls_application_t, process, status_t,
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, build, status_t,
|
||||
private_eap_peap_peer_t *this, tls_writer_t *writer)
|
||||
private_eap_peap_peer_t *this, bio_writer_t *writer)
|
||||
{
|
||||
chunk_t data;
|
||||
eap_code_t code;
|
||||
|
|
|
@ -158,7 +158,7 @@ static status_t start_phase2_tnc(private_eap_peap_server_t *this)
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, process, status_t,
|
||||
private_eap_peap_server_t *this, tls_reader_t *reader)
|
||||
private_eap_peap_server_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t data = chunk_empty;
|
||||
status_t status;
|
||||
|
@ -330,7 +330,7 @@ METHOD(tls_application_t, process, status_t,
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, build, status_t,
|
||||
private_eap_peap_server_t *this, tls_writer_t *writer)
|
||||
private_eap_peap_server_t *this, bio_writer_t *writer)
|
||||
{
|
||||
chunk_t data;
|
||||
eap_code_t code;
|
||||
|
|
|
@ -54,7 +54,7 @@ struct private_eap_ttls_avp_t {
|
|||
};
|
||||
|
||||
METHOD(eap_ttls_avp_t, build, void,
|
||||
private_eap_ttls_avp_t *this, tls_writer_t *writer, chunk_t data)
|
||||
private_eap_ttls_avp_t *this, bio_writer_t *writer, chunk_t data)
|
||||
{
|
||||
char zero_padding[] = { 0x00, 0x00, 0x00 };
|
||||
chunk_t avp_padding;
|
||||
|
@ -73,14 +73,14 @@ METHOD(eap_ttls_avp_t, build, void,
|
|||
}
|
||||
|
||||
METHOD(eap_ttls_avp_t, process, status_t,
|
||||
private_eap_ttls_avp_t* this, tls_reader_t *reader, chunk_t *data)
|
||||
private_eap_ttls_avp_t* this, bio_reader_t *reader, chunk_t *data)
|
||||
{
|
||||
size_t len;
|
||||
chunk_t buf;
|
||||
|
||||
if (this->process_header)
|
||||
{
|
||||
tls_reader_t *header;
|
||||
bio_reader_t *header;
|
||||
u_int32_t avp_code;
|
||||
u_int8_t avp_flags;
|
||||
u_int32_t avp_len;
|
||||
|
@ -110,7 +110,7 @@ METHOD(eap_ttls_avp_t, process, status_t,
|
|||
}
|
||||
|
||||
/* parse AVP header */
|
||||
header = tls_reader_create(this->input);
|
||||
header = bio_reader_create(this->input);
|
||||
success = header->read_uint32(header, &avp_code) &&
|
||||
header->read_uint8(header, &avp_flags) &&
|
||||
header->read_uint24(header, &avp_len);
|
||||
|
|
|
@ -25,8 +25,8 @@ typedef struct eap_ttls_avp_t eap_ttls_avp_t;
|
|||
|
||||
#include <library.h>
|
||||
|
||||
#include <tls_reader.h>
|
||||
#include <tls_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
|
||||
/**
|
||||
* EAP-TTLS Attribute-Value Pair (AVP) handler.
|
||||
|
@ -43,7 +43,7 @@ struct eap_ttls_avp_t {
|
|||
* - FAILED if AVP processing failed
|
||||
* - NEED_MORE if another invocation of process/build needed
|
||||
*/
|
||||
status_t (*process)(eap_ttls_avp_t *this, tls_reader_t *reader,
|
||||
status_t (*process)(eap_ttls_avp_t *this, bio_reader_t *reader,
|
||||
chunk_t *data);
|
||||
|
||||
/**
|
||||
|
@ -52,7 +52,7 @@ struct eap_ttls_avp_t {
|
|||
* @param writer TLS data buffer to write to
|
||||
* @param data EAP Message to send
|
||||
*/
|
||||
void (*build)(eap_ttls_avp_t *this, tls_writer_t *writer, chunk_t data);
|
||||
void (*build)(eap_ttls_avp_t *this, bio_writer_t *writer, chunk_t data);
|
||||
|
||||
/**
|
||||
* Destroy a eap_ttls_application_t.
|
||||
|
|
|
@ -67,7 +67,7 @@ struct private_eap_ttls_peer_t {
|
|||
#define MAX_RADIUS_ATTRIBUTE_SIZE 253
|
||||
|
||||
METHOD(tls_application_t, process, status_t,
|
||||
private_eap_ttls_peer_t *this, tls_reader_t *reader)
|
||||
private_eap_ttls_peer_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t avp_data = chunk_empty;
|
||||
chunk_t eap_data = chunk_empty;
|
||||
|
@ -229,7 +229,7 @@ METHOD(tls_application_t, process, status_t,
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, build, status_t,
|
||||
private_eap_ttls_peer_t *this, tls_writer_t *writer)
|
||||
private_eap_ttls_peer_t *this, bio_writer_t *writer)
|
||||
{
|
||||
chunk_t data;
|
||||
eap_code_t code;
|
||||
|
|
|
@ -135,7 +135,7 @@ static status_t start_phase2_tnc(private_eap_ttls_server_t *this)
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, process, status_t,
|
||||
private_eap_ttls_server_t *this, tls_reader_t *reader)
|
||||
private_eap_ttls_server_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t data = chunk_empty;
|
||||
status_t status;
|
||||
|
@ -284,7 +284,7 @@ METHOD(tls_application_t, process, status_t,
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, build, status_t,
|
||||
private_eap_ttls_server_t *this, tls_writer_t *writer)
|
||||
private_eap_ttls_server_t *this, bio_writer_t *writer)
|
||||
{
|
||||
chunk_t data;
|
||||
eap_code_t code;
|
||||
|
|
|
@ -8,7 +8,6 @@ if MONOLITHIC
|
|||
noinst_LTLIBRARIES = libstrongswan-tnccs-20.la
|
||||
else
|
||||
plugin_LTLIBRARIES = libstrongswan-tnccs-20.la
|
||||
libstrongswan_tnccs_20_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
|
||||
endif
|
||||
|
||||
libstrongswan_tnccs_20_la_SOURCES = \
|
||||
|
|
|
@ -20,8 +20,8 @@
|
|||
|
||||
#include <debug.h>
|
||||
#include <utils/linked_list.h>
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <tnc/tnccs/tnccs.h>
|
||||
#include <tnc/pen/pen.h>
|
||||
|
||||
|
@ -143,7 +143,7 @@ METHOD(pb_tnc_batch_t, build, void,
|
|||
enumerator_t *enumerator;
|
||||
pb_tnc_msg_type_t msg_type;
|
||||
pb_tnc_msg_t *msg;
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* compute total PB-TNC batch size by summing over all messages */
|
||||
batch_len = PB_TNC_BATCH_HEADER_SIZE;
|
||||
|
@ -157,7 +157,7 @@ METHOD(pb_tnc_batch_t, build, void,
|
|||
enumerator->destroy(enumerator);
|
||||
|
||||
/* build PB-TNC batch header */
|
||||
writer = tls_writer_create(batch_len);
|
||||
writer = bio_writer_create(batch_len);
|
||||
writer->write_uint8 (writer, PB_TNC_VERSION);
|
||||
writer->write_uint8 (writer, this->is_server ?
|
||||
PB_TNC_BATCH_FLAG_D : PB_TNC_BATCH_FLAG_NONE);
|
||||
|
@ -193,7 +193,7 @@ METHOD(pb_tnc_batch_t, build, void,
|
|||
static status_t process_batch_header(private_pb_tnc_batch_t *this,
|
||||
pb_tnc_state_machine_t *state_machine)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
pb_tnc_msg_t *msg;
|
||||
pb_error_msg_t *err_msg;
|
||||
u_int8_t version, flags, reserved, type;
|
||||
|
@ -209,7 +209,7 @@ static status_t process_batch_header(private_pb_tnc_batch_t *this,
|
|||
goto fatal;
|
||||
}
|
||||
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint8 (reader, &version);
|
||||
reader->read_uint8 (reader, &flags);
|
||||
reader->read_uint8 (reader, &reserved);
|
||||
|
@ -278,7 +278,7 @@ fatal:
|
|||
|
||||
static status_t process_tnc_msg(private_pb_tnc_batch_t *this)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
pb_tnc_msg_t *pb_tnc_msg, *msg;
|
||||
u_int8_t flags;
|
||||
u_int32_t vendor_id, msg_type, msg_len, offset;
|
||||
|
@ -297,7 +297,7 @@ static status_t process_tnc_msg(private_pb_tnc_batch_t *this)
|
|||
goto fatal;
|
||||
}
|
||||
|
||||
reader = tls_reader_create(data);
|
||||
reader = bio_reader_create(data);
|
||||
reader->read_uint8 (reader, &flags);
|
||||
reader->read_uint24(reader, &vendor_id);
|
||||
reader->read_uint32(reader, &msg_type);
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
#include "pb_access_recommendation_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <debug.h>
|
||||
|
||||
ENUM(pb_access_recommendation_code_names, PB_REC_ACCESS_ALLOWED, PB_REC_QUARANTINED,
|
||||
|
@ -80,10 +80,10 @@ METHOD(pb_tnc_msg_t, get_encoding, chunk_t,
|
|||
METHOD(pb_tnc_msg_t, build, void,
|
||||
private_pb_access_recommendation_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message */
|
||||
writer = tls_writer_create(ACCESS_RECOMMENDATION_MSG_SIZE);
|
||||
writer = bio_writer_create(ACCESS_RECOMMENDATION_MSG_SIZE);
|
||||
writer->write_uint16(writer, ACCESS_RECOMMENDATION_RESERVED);
|
||||
writer->write_uint16(writer, this->recommendation);
|
||||
free(this->encoding.ptr);
|
||||
|
@ -95,11 +95,11 @@ METHOD(pb_tnc_msg_t, build, void,
|
|||
METHOD(pb_tnc_msg_t, process, status_t,
|
||||
private_pb_access_recommendation_msg_t *this, u_int32_t *offset)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
u_int16_t reserved;
|
||||
|
||||
/* process message */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint16(reader, &reserved);
|
||||
reader->read_uint16(reader, &this->recommendation);
|
||||
reader->destroy(reader);
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
#include "pb_assessment_result_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <tnc/tncifimv.h>
|
||||
#include <debug.h>
|
||||
|
||||
|
@ -75,10 +75,10 @@ METHOD(pb_tnc_msg_t, get_encoding, chunk_t,
|
|||
METHOD(pb_tnc_msg_t, build, void,
|
||||
private_pb_assessment_result_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message */
|
||||
writer = tls_writer_create(ASSESSMENT_RESULT_MSG_SIZE);
|
||||
writer = bio_writer_create(ASSESSMENT_RESULT_MSG_SIZE);
|
||||
writer->write_uint32(writer, this->assessment_result);
|
||||
free(this->encoding.ptr);
|
||||
this->encoding = writer->get_buf(writer);
|
||||
|
@ -89,10 +89,10 @@ METHOD(pb_tnc_msg_t, build, void,
|
|||
METHOD(pb_tnc_msg_t, process, status_t,
|
||||
private_pb_assessment_result_msg_t *this, u_int32_t *offset)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
|
||||
/* process message */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint32(reader, &this->assessment_result);
|
||||
reader->destroy(reader);
|
||||
|
||||
|
|
|
@ -16,8 +16,8 @@
|
|||
#include "pb_error_msg.h"
|
||||
|
||||
#include <debug.h>
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <tnc/tnccs/tnccs.h>
|
||||
#include <tnc/pen/pen.h>
|
||||
|
||||
|
@ -117,10 +117,10 @@ METHOD(pb_tnc_msg_t, get_encoding, chunk_t,
|
|||
METHOD(pb_tnc_msg_t, build, void,
|
||||
private_pb_error_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message header */
|
||||
writer = tls_writer_create(ERROR_HEADER_SIZE);
|
||||
writer = bio_writer_create(ERROR_HEADER_SIZE);
|
||||
writer->write_uint8 (writer, this->fatal ?
|
||||
ERROR_FLAG_FATAL : ERROR_FLAG_NONE);
|
||||
writer->write_uint24(writer, this->vendor_id);
|
||||
|
@ -153,7 +153,7 @@ METHOD(pb_tnc_msg_t, process, status_t,
|
|||
{
|
||||
u_int8_t flags, max_version, min_version;
|
||||
u_int16_t reserved;
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
|
||||
if (this->encoding.len < ERROR_HEADER_SIZE)
|
||||
{
|
||||
|
@ -163,7 +163,7 @@ METHOD(pb_tnc_msg_t, process, status_t,
|
|||
}
|
||||
|
||||
/* process message header */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint8 (reader, &flags);
|
||||
reader->read_uint24(reader, &this->vendor_id);
|
||||
reader->read_uint16(reader, &this->error_code);
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
#include "pb_language_preference_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <debug.h>
|
||||
|
||||
typedef struct private_pb_language_preference_msg_t private_pb_language_preference_msg_t;
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
|
||||
#include "pb_pa_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <tnc/tnccs/tnccs.h>
|
||||
#include <tnc/pen/pen.h>
|
||||
#include <debug.h>
|
||||
|
@ -125,10 +125,10 @@ METHOD(pb_tnc_msg_t, build, void,
|
|||
private_pb_pa_msg_t *this)
|
||||
{
|
||||
chunk_t msg_header;
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message header */
|
||||
writer = tls_writer_create(64);
|
||||
writer = bio_writer_create(64);
|
||||
writer->write_uint8 (writer, this->excl ? PA_FLAG_EXCL : PA_FLAG_NONE);
|
||||
writer->write_uint24(writer, this->vendor_id);
|
||||
writer->write_uint32(writer, this->subtype);
|
||||
|
@ -147,10 +147,10 @@ METHOD(pb_tnc_msg_t, process, status_t,
|
|||
{
|
||||
u_int8_t flags;
|
||||
size_t msg_body_len;
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
|
||||
/* process message header */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint8 (reader, &flags);
|
||||
reader->read_uint24(reader, &this->vendor_id);
|
||||
reader->read_uint32(reader, &this->subtype);
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
#include "pb_reason_string_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <debug.h>
|
||||
|
||||
typedef struct private_pb_reason_string_msg_t private_pb_reason_string_msg_t;
|
||||
|
@ -81,10 +81,10 @@ METHOD(pb_tnc_msg_t, get_encoding, chunk_t,
|
|||
METHOD(pb_tnc_msg_t, build, void,
|
||||
private_pb_reason_string_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message */
|
||||
writer = tls_writer_create(64);
|
||||
writer = bio_writer_create(64);
|
||||
writer->write_data32(writer, this->reason_string);
|
||||
writer->write_data8 (writer, this->language_code);
|
||||
|
||||
|
@ -97,10 +97,10 @@ METHOD(pb_tnc_msg_t, build, void,
|
|||
METHOD(pb_tnc_msg_t, process, status_t,
|
||||
private_pb_reason_string_msg_t *this, u_int32_t *offset)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
|
||||
/* process message */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
if (!reader->read_data32(reader, &this->reason_string))
|
||||
{
|
||||
DBG1(DBG_TNC, "could not parse reason string");
|
||||
|
|
|
@ -15,8 +15,8 @@
|
|||
|
||||
#include "pb_remediation_parameters_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <debug.h>
|
||||
|
||||
ENUM(pb_tnc_remed_param_type_names, PB_REMEDIATION_URI, PB_REMEDIATION_STRING,
|
||||
|
@ -106,10 +106,10 @@ METHOD(pb_tnc_msg_t, get_encoding, chunk_t,
|
|||
METHOD(pb_tnc_msg_t, build, void,
|
||||
private_pb_remediation_parameters_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
/* build message */
|
||||
writer = tls_writer_create(64);
|
||||
writer = bio_writer_create(64);
|
||||
writer->write_uint32(writer, this->vendor_id);
|
||||
writer->write_uint32(writer, this->parameters_type);
|
||||
writer->write_data32(writer, this->remediation_string);
|
||||
|
@ -124,10 +124,10 @@ METHOD(pb_tnc_msg_t, build, void,
|
|||
METHOD(pb_tnc_msg_t, process, status_t,
|
||||
private_pb_remediation_parameters_msg_t *this, u_int32_t *offset)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
|
||||
/* process message */
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
reader->read_uint32(reader, &this->vendor_id);
|
||||
reader->read_uint32(reader, &this->parameters_type);
|
||||
|
||||
|
|
|
@ -8,7 +8,6 @@ if MONOLITHIC
|
|||
noinst_LTLIBRARIES = libstrongswan-tnccs-dynamic.la
|
||||
else
|
||||
plugin_LTLIBRARIES = libstrongswan-tnccs-dynamic.la
|
||||
libstrongswan_tnccs_dynamic_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
|
||||
endif
|
||||
|
||||
libstrongswan_tnccs_dynamic_la_SOURCES = \
|
||||
|
|
|
@ -1,11 +1,8 @@
|
|||
|
||||
INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libcharon \
|
||||
-I$(top_srcdir)/src/libtls
|
||||
INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libcharon
|
||||
|
||||
noinst_LTLIBRARIES = libimcv.la
|
||||
|
||||
libimcv_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
|
||||
|
||||
libimcv_la_SOURCES = \
|
||||
imc/imc_agent.h imc/imc_agent.c imc/imc_state.h \
|
||||
imv/imv_agent.h imv/imv_agent.c imv/imv_state.h \
|
||||
|
|
|
@ -16,8 +16,8 @@
|
|||
|
||||
#include "pa_tnc_msg.h"
|
||||
|
||||
#include <tls_writer.h>
|
||||
#include <tls_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
#include <bio/bio_reader.h>
|
||||
#include <utils/linked_list.h>
|
||||
#include <tnc/pen/pen.h>
|
||||
#include <debug.h>
|
||||
|
@ -103,7 +103,7 @@ METHOD(pa_tnc_msg_t, add_attribute, void,
|
|||
METHOD(pa_tnc_msg_t, build, void,
|
||||
private_pa_tnc_msg_t *this)
|
||||
{
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
enumerator_t *enumerator;
|
||||
pa_tnc_attr_t *attr;
|
||||
pen_t vendor_id;
|
||||
|
@ -119,7 +119,7 @@ METHOD(pa_tnc_msg_t, build, void,
|
|||
DBG2(DBG_TNC, "creating PA-TNC message with ID 0x%08x", this->identifier);
|
||||
|
||||
/* build message header */
|
||||
writer = tls_writer_create(PA_TNC_HEADER_SIZE);
|
||||
writer = bio_writer_create(PA_TNC_HEADER_SIZE);
|
||||
writer->write_uint8 (writer, PA_TNC_VERSION);
|
||||
writer->write_uint24(writer, PA_TNC_RESERVED);
|
||||
writer->write_uint32(writer, this->identifier);
|
||||
|
@ -156,10 +156,10 @@ METHOD(pa_tnc_msg_t, process, status_t,
|
|||
{
|
||||
u_int8_t version;
|
||||
u_int32_t reserved;
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
status_t status = FAILED;
|
||||
|
||||
reader = tls_reader_create(this->encoding);
|
||||
reader = bio_reader_create(this->encoding);
|
||||
|
||||
/* process message header */
|
||||
if (reader->remaining(reader) < PA_TNC_HEADER_SIZE)
|
||||
|
|
|
@ -10,6 +10,7 @@ printf_hook.c printf_hook.h \
|
|||
asn1/asn1.c asn1/asn1.h \
|
||||
asn1/asn1_parser.c asn1/asn1_parser.h \
|
||||
asn1/oid.c asn1/oid.h \
|
||||
bio/bio_reader.h bio/bio_reader.c bio/bio_writer.h bio/bio_writer.c \
|
||||
crypto/crypters/crypter.c crypto/crypters/crypter.h \
|
||||
crypto/hashers/hasher.h crypto/hashers/hasher.c \
|
||||
crypto/pkcs9.c crypto/pkcs9.h \
|
||||
|
|
|
@ -13,21 +13,21 @@
|
|||
* for more details.
|
||||
*/
|
||||
|
||||
#include "tls_reader.h"
|
||||
#include "bio_reader.h"
|
||||
|
||||
#include <debug.h>
|
||||
|
||||
typedef struct private_tls_reader_t private_tls_reader_t;
|
||||
typedef struct private_bio_reader_t private_bio_reader_t;
|
||||
|
||||
/**
|
||||
* Private data of an tls_reader_t object.
|
||||
* Private data of an bio_reader_t object.
|
||||
*/
|
||||
struct private_tls_reader_t {
|
||||
struct private_bio_reader_t {
|
||||
|
||||
/**
|
||||
* Public tls_reader_t interface.
|
||||
* Public bio_reader_t interface.
|
||||
*/
|
||||
tls_reader_t public;
|
||||
bio_reader_t public;
|
||||
|
||||
/**
|
||||
* Remaining data to process
|
||||
|
@ -35,24 +35,24 @@ struct private_tls_reader_t {
|
|||
chunk_t buf;
|
||||
};
|
||||
|
||||
METHOD(tls_reader_t, remaining, u_int32_t,
|
||||
private_tls_reader_t *this)
|
||||
METHOD(bio_reader_t, remaining, u_int32_t,
|
||||
private_bio_reader_t *this)
|
||||
{
|
||||
return this->buf.len;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, peek, chunk_t,
|
||||
private_tls_reader_t *this)
|
||||
METHOD(bio_reader_t, peek, chunk_t,
|
||||
private_bio_reader_t *this)
|
||||
{
|
||||
return this->buf;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_uint8, bool,
|
||||
private_tls_reader_t *this, u_int8_t *res)
|
||||
METHOD(bio_reader_t, read_uint8, bool,
|
||||
private_bio_reader_t *this, u_int8_t *res)
|
||||
{
|
||||
if (this->buf.len < 1)
|
||||
{
|
||||
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int8 data",
|
||||
DBG1(DBG_LIB, "%d bytes insufficient to parse u_int8 data",
|
||||
this->buf.len);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -61,12 +61,12 @@ METHOD(tls_reader_t, read_uint8, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_uint16, bool,
|
||||
private_tls_reader_t *this, u_int16_t *res)
|
||||
METHOD(bio_reader_t, read_uint16, bool,
|
||||
private_bio_reader_t *this, u_int16_t *res)
|
||||
{
|
||||
if (this->buf.len < 2)
|
||||
{
|
||||
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int16 data",
|
||||
DBG1(DBG_LIB, "%d bytes insufficient to parse u_int16 data",
|
||||
this->buf.len);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -75,12 +75,12 @@ METHOD(tls_reader_t, read_uint16, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_uint24, bool,
|
||||
private_tls_reader_t *this, u_int32_t *res)
|
||||
METHOD(bio_reader_t, read_uint24, bool,
|
||||
private_bio_reader_t *this, u_int32_t *res)
|
||||
{
|
||||
if (this->buf.len < 3)
|
||||
{
|
||||
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int24 data",
|
||||
DBG1(DBG_LIB, "%d bytes insufficient to parse u_int24 data",
|
||||
this->buf.len);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -89,12 +89,12 @@ METHOD(tls_reader_t, read_uint24, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_uint32, bool,
|
||||
private_tls_reader_t *this, u_int32_t *res)
|
||||
METHOD(bio_reader_t, read_uint32, bool,
|
||||
private_bio_reader_t *this, u_int32_t *res)
|
||||
{
|
||||
if (this->buf.len < 4)
|
||||
{
|
||||
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int32 data",
|
||||
DBG1(DBG_LIB, "%d bytes insufficient to parse u_int32 data",
|
||||
this->buf.len);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -103,12 +103,12 @@ METHOD(tls_reader_t, read_uint32, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_data, bool,
|
||||
private_tls_reader_t *this, u_int32_t len, chunk_t *res)
|
||||
METHOD(bio_reader_t, read_data, bool,
|
||||
private_bio_reader_t *this, u_int32_t len, chunk_t *res)
|
||||
{
|
||||
if (this->buf.len < len)
|
||||
{
|
||||
DBG1(DBG_TLS, "%d bytes insufficient to parse %d bytes of data",
|
||||
DBG1(DBG_LIB, "%d bytes insufficient to parse %d bytes of data",
|
||||
this->buf.len, len);
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -117,8 +117,8 @@ METHOD(tls_reader_t, read_data, bool,
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_data8, bool,
|
||||
private_tls_reader_t *this, chunk_t *res)
|
||||
METHOD(bio_reader_t, read_data8, bool,
|
||||
private_bio_reader_t *this, chunk_t *res)
|
||||
{
|
||||
u_int8_t len;
|
||||
|
||||
|
@ -129,8 +129,8 @@ METHOD(tls_reader_t, read_data8, bool,
|
|||
return read_data(this, len, res);
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_data16, bool,
|
||||
private_tls_reader_t *this, chunk_t *res)
|
||||
METHOD(bio_reader_t, read_data16, bool,
|
||||
private_bio_reader_t *this, chunk_t *res)
|
||||
{
|
||||
u_int16_t len;
|
||||
|
||||
|
@ -141,8 +141,8 @@ METHOD(tls_reader_t, read_data16, bool,
|
|||
return read_data(this, len, res);
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_data24, bool,
|
||||
private_tls_reader_t *this, chunk_t *res)
|
||||
METHOD(bio_reader_t, read_data24, bool,
|
||||
private_bio_reader_t *this, chunk_t *res)
|
||||
{
|
||||
u_int32_t len;
|
||||
|
||||
|
@ -153,8 +153,8 @@ METHOD(tls_reader_t, read_data24, bool,
|
|||
return read_data(this, len, res);
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, read_data32, bool,
|
||||
private_tls_reader_t *this, chunk_t *res)
|
||||
METHOD(bio_reader_t, read_data32, bool,
|
||||
private_bio_reader_t *this, chunk_t *res)
|
||||
{
|
||||
u_int32_t len;
|
||||
|
||||
|
@ -165,8 +165,8 @@ METHOD(tls_reader_t, read_data32, bool,
|
|||
return read_data(this, len, res);
|
||||
}
|
||||
|
||||
METHOD(tls_reader_t, destroy, void,
|
||||
private_tls_reader_t *this)
|
||||
METHOD(bio_reader_t, destroy, void,
|
||||
private_bio_reader_t *this)
|
||||
{
|
||||
free(this);
|
||||
}
|
||||
|
@ -174,9 +174,9 @@ METHOD(tls_reader_t, destroy, void,
|
|||
/**
|
||||
* See header
|
||||
*/
|
||||
tls_reader_t *tls_reader_create(chunk_t data)
|
||||
bio_reader_t *bio_reader_create(chunk_t data)
|
||||
{
|
||||
private_tls_reader_t *this;
|
||||
private_bio_reader_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
|
|
|
@ -14,35 +14,35 @@
|
|||
*/
|
||||
|
||||
/**
|
||||
* @defgroup tls_reader tls_reader
|
||||
* @{ @ingroup libtls
|
||||
* @defgroup bio_reader bio_reader
|
||||
* @{ @ingroup bio
|
||||
*/
|
||||
|
||||
#ifndef TLS_READER_H_
|
||||
#define TLS_READER_H_
|
||||
#ifndef BIO_READER_H_
|
||||
#define BIO_READER_H_
|
||||
|
||||
typedef struct tls_reader_t tls_reader_t;
|
||||
typedef struct bio_reader_t bio_reader_t;
|
||||
|
||||
#include <library.h>
|
||||
|
||||
/**
|
||||
* TLS record parser.
|
||||
* Buffered input parser.
|
||||
*/
|
||||
struct tls_reader_t {
|
||||
struct bio_reader_t {
|
||||
|
||||
/**
|
||||
* Get the number of remaining bytes.
|
||||
*
|
||||
* @return number of remaining bytes in buffer
|
||||
*/
|
||||
u_int32_t (*remaining)(tls_reader_t *this);
|
||||
u_int32_t (*remaining)(bio_reader_t *this);
|
||||
|
||||
/**
|
||||
* Peek the remaining data, not consuming any bytes.
|
||||
*
|
||||
* @return remaining data
|
||||
*/
|
||||
chunk_t (*peek)(tls_reader_t *this);
|
||||
chunk_t (*peek)(bio_reader_t *this);
|
||||
|
||||
/**
|
||||
* Read a 8-bit integer from the buffer, advance.
|
||||
|
@ -50,7 +50,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result
|
||||
* @return TRUE if integer read successfully
|
||||
*/
|
||||
bool (*read_uint8)(tls_reader_t *this, u_int8_t *res);
|
||||
bool (*read_uint8)(bio_reader_t *this, u_int8_t *res);
|
||||
|
||||
/**
|
||||
* Read a 16-bit integer from the buffer, advance.
|
||||
|
@ -58,7 +58,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result
|
||||
* @return TRUE if integer read successfully
|
||||
*/
|
||||
bool (*read_uint16)(tls_reader_t *this, u_int16_t *res);
|
||||
bool (*read_uint16)(bio_reader_t *this, u_int16_t *res);
|
||||
|
||||
/**
|
||||
* Read a 24-bit integer from the buffer, advance.
|
||||
|
@ -66,7 +66,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result
|
||||
* @return TRUE if integer read successfully
|
||||
*/
|
||||
bool (*read_uint24)(tls_reader_t *this, u_int32_t *res);
|
||||
bool (*read_uint24)(bio_reader_t *this, u_int32_t *res);
|
||||
|
||||
/**
|
||||
* Read a 32-bit integer from the buffer, advance.
|
||||
|
@ -74,7 +74,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result
|
||||
* @return TRUE if integer read successfully
|
||||
*/
|
||||
bool (*read_uint32)(tls_reader_t *this, u_int32_t *res);
|
||||
bool (*read_uint32)(bio_reader_t *this, u_int32_t *res);
|
||||
|
||||
/**
|
||||
* Read a chunk of len bytes, advance.
|
||||
|
@ -83,7 +83,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data)(tls_reader_t *this, u_int32_t len, chunk_t *res);
|
||||
bool (*read_data)(bio_reader_t *this, u_int32_t len, chunk_t *res);
|
||||
|
||||
/**
|
||||
* Read a chunk of bytes with a 8-bit length header, advance.
|
||||
|
@ -91,7 +91,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data8)(tls_reader_t *this, chunk_t *res);
|
||||
bool (*read_data8)(bio_reader_t *this, chunk_t *res);
|
||||
|
||||
/**
|
||||
* Read a chunk of bytes with a 16-bit length header, advance.
|
||||
|
@ -99,7 +99,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data16)(tls_reader_t *this, chunk_t *res);
|
||||
bool (*read_data16)(bio_reader_t *this, chunk_t *res);
|
||||
|
||||
/**
|
||||
* Read a chunk of bytes with a 24-bit length header, advance.
|
||||
|
@ -107,7 +107,7 @@ struct tls_reader_t {
|
|||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data24)(tls_reader_t *this, chunk_t *res);
|
||||
bool (*read_data24)(bio_reader_t *this, chunk_t *res);
|
||||
|
||||
/**
|
||||
* Read a chunk of bytes with a 32-bit length header, advance.
|
||||
|
@ -115,17 +115,17 @@ struct tls_reader_t {
|
|||
* @param res pointer to result, not cloned
|
||||
* @return TRUE if data read successfully
|
||||
*/
|
||||
bool (*read_data32)(tls_reader_t *this, chunk_t *res);
|
||||
bool (*read_data32)(bio_reader_t *this, chunk_t *res);
|
||||
|
||||
/**
|
||||
* Destroy a tls_reader_t.
|
||||
* Destroy a bio_reader_t.
|
||||
*/
|
||||
void (*destroy)(tls_reader_t *this);
|
||||
void (*destroy)(bio_reader_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a tls_reader instance.
|
||||
* Create a bio_reader instance.
|
||||
*/
|
||||
tls_reader_t *tls_reader_create(chunk_t data);
|
||||
bio_reader_t *bio_reader_create(chunk_t data);
|
||||
|
||||
#endif /** tls_reader_H_ @}*/
|
||||
#endif /** bio_reader_H_ @}*/
|
||||
|
|
|
@ -13,19 +13,19 @@
|
|||
* for more details.
|
||||
*/
|
||||
|
||||
#include "tls_writer.h"
|
||||
#include "bio_writer.h"
|
||||
|
||||
typedef struct private_tls_writer_t private_tls_writer_t;
|
||||
typedef struct private_bio_writer_t private_bio_writer_t;
|
||||
|
||||
/**
|
||||
* Private data of an tls_writer_t object.
|
||||
* Private data of an bio_writer_t object.
|
||||
*/
|
||||
struct private_tls_writer_t {
|
||||
struct private_bio_writer_t {
|
||||
|
||||
/**
|
||||
* Public tls_writer_t interface.
|
||||
* Public bio_writer_t interface.
|
||||
*/
|
||||
tls_writer_t public;
|
||||
bio_writer_t public;
|
||||
|
||||
/**
|
||||
* Allocated buffer
|
||||
|
@ -46,14 +46,14 @@ struct private_tls_writer_t {
|
|||
/**
|
||||
* Increase buffer size
|
||||
*/
|
||||
static void increase(private_tls_writer_t *this)
|
||||
static void increase(private_bio_writer_t *this)
|
||||
{
|
||||
this->buf.len += this->increase;
|
||||
this->buf.ptr = realloc(this->buf.ptr, this->buf.len);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_uint8, void,
|
||||
private_tls_writer_t *this, u_int8_t value)
|
||||
METHOD(bio_writer_t, write_uint8, void,
|
||||
private_bio_writer_t *this, u_int8_t value)
|
||||
{
|
||||
if (this->used + 1 > this->buf.len)
|
||||
{
|
||||
|
@ -63,8 +63,8 @@ METHOD(tls_writer_t, write_uint8, void,
|
|||
this->used += 1;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_uint16, void,
|
||||
private_tls_writer_t *this, u_int16_t value)
|
||||
METHOD(bio_writer_t, write_uint16, void,
|
||||
private_bio_writer_t *this, u_int16_t value)
|
||||
{
|
||||
if (this->used + 2 > this->buf.len)
|
||||
{
|
||||
|
@ -74,8 +74,8 @@ METHOD(tls_writer_t, write_uint16, void,
|
|||
this->used += 2;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_uint24, void,
|
||||
private_tls_writer_t *this, u_int32_t value)
|
||||
METHOD(bio_writer_t, write_uint24, void,
|
||||
private_bio_writer_t *this, u_int32_t value)
|
||||
{
|
||||
if (this->used + 3 > this->buf.len)
|
||||
{
|
||||
|
@ -86,8 +86,8 @@ METHOD(tls_writer_t, write_uint24, void,
|
|||
this->used += 3;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_uint32, void,
|
||||
private_tls_writer_t *this, u_int32_t value)
|
||||
METHOD(bio_writer_t, write_uint32, void,
|
||||
private_bio_writer_t *this, u_int32_t value)
|
||||
{
|
||||
if (this->used + 4 > this->buf.len)
|
||||
{
|
||||
|
@ -97,8 +97,8 @@ METHOD(tls_writer_t, write_uint32, void,
|
|||
this->used += 4;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_data, void,
|
||||
private_tls_writer_t *this, chunk_t value)
|
||||
METHOD(bio_writer_t, write_data, void,
|
||||
private_bio_writer_t *this, chunk_t value)
|
||||
{
|
||||
while (this->used + value.len > this->buf.len)
|
||||
{
|
||||
|
@ -108,36 +108,36 @@ METHOD(tls_writer_t, write_data, void,
|
|||
this->used += value.len;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_data8, void,
|
||||
private_tls_writer_t *this, chunk_t value)
|
||||
METHOD(bio_writer_t, write_data8, void,
|
||||
private_bio_writer_t *this, chunk_t value)
|
||||
{
|
||||
write_uint8(this, value.len);
|
||||
write_data(this, value);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_data16, void,
|
||||
private_tls_writer_t *this, chunk_t value)
|
||||
METHOD(bio_writer_t, write_data16, void,
|
||||
private_bio_writer_t *this, chunk_t value)
|
||||
{
|
||||
write_uint16(this, value.len);
|
||||
write_data(this, value);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_data24, void,
|
||||
private_tls_writer_t *this, chunk_t value)
|
||||
METHOD(bio_writer_t, write_data24, void,
|
||||
private_bio_writer_t *this, chunk_t value)
|
||||
{
|
||||
write_uint24(this, value.len);
|
||||
write_data(this, value);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, write_data32, void,
|
||||
private_tls_writer_t *this, chunk_t value)
|
||||
METHOD(bio_writer_t, write_data32, void,
|
||||
private_bio_writer_t *this, chunk_t value)
|
||||
{
|
||||
write_uint32(this, value.len);
|
||||
write_data(this, value);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, wrap8, void,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, wrap8, void,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
if (this->used + 1 > this->buf.len)
|
||||
{
|
||||
|
@ -148,8 +148,8 @@ METHOD(tls_writer_t, wrap8, void,
|
|||
this->used += 1;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, wrap16, void,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, wrap16, void,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
if (this->used + 2 > this->buf.len)
|
||||
{
|
||||
|
@ -160,8 +160,8 @@ METHOD(tls_writer_t, wrap16, void,
|
|||
this->used += 2;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, wrap24, void,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, wrap24, void,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
u_int32_t len;
|
||||
|
||||
|
@ -176,8 +176,8 @@ METHOD(tls_writer_t, wrap24, void,
|
|||
this->used += 3;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, wrap32, void,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, wrap32, void,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
if (this->used + 4 > this->buf.len)
|
||||
{
|
||||
|
@ -188,14 +188,14 @@ METHOD(tls_writer_t, wrap32, void,
|
|||
this->used += 4;
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, get_buf, chunk_t,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, get_buf, chunk_t,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
return chunk_create(this->buf.ptr, this->used);
|
||||
}
|
||||
|
||||
METHOD(tls_writer_t, destroy, void,
|
||||
private_tls_writer_t *this)
|
||||
METHOD(bio_writer_t, destroy, void,
|
||||
private_bio_writer_t *this)
|
||||
{
|
||||
free(this->buf.ptr);
|
||||
free(this);
|
||||
|
@ -204,9 +204,9 @@ METHOD(tls_writer_t, destroy, void,
|
|||
/**
|
||||
* See header
|
||||
*/
|
||||
tls_writer_t *tls_writer_create(u_int32_t bufsize)
|
||||
bio_writer_t *bio_writer_create(u_int32_t bufsize)
|
||||
{
|
||||
private_tls_writer_t *this;
|
||||
private_bio_writer_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
|
|
|
@ -14,123 +14,123 @@
|
|||
*/
|
||||
|
||||
/**
|
||||
* @defgroup tls_writer tls_writer
|
||||
* @{ @ingroup libtls
|
||||
* @defgroup bio_writer bio_writer
|
||||
* @{ @ingroup bio
|
||||
*/
|
||||
|
||||
#ifndef TLS_WRITER_H_
|
||||
#define TLS_WRITER_H_
|
||||
#ifndef BIO_WRITER_H_
|
||||
#define BIO_WRITER_H_
|
||||
|
||||
typedef struct tls_writer_t tls_writer_t;
|
||||
typedef struct bio_writer_t bio_writer_t;
|
||||
|
||||
#include <library.h>
|
||||
|
||||
/**
|
||||
* TLS record generator.
|
||||
* Buffered output generator.
|
||||
*/
|
||||
struct tls_writer_t {
|
||||
struct bio_writer_t {
|
||||
|
||||
/**
|
||||
* Append a 8-bit integer to the buffer.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_uint8)(tls_writer_t *this, u_int8_t value);
|
||||
void (*write_uint8)(bio_writer_t *this, u_int8_t value);
|
||||
|
||||
/**
|
||||
* Append a 16-bit integer to the buffer.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_uint16)(tls_writer_t *this, u_int16_t value);
|
||||
void (*write_uint16)(bio_writer_t *this, u_int16_t value);
|
||||
|
||||
/**
|
||||
* Append a 24-bit integer to the buffer.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_uint24)(tls_writer_t *this, u_int32_t value);
|
||||
void (*write_uint24)(bio_writer_t *this, u_int32_t value);
|
||||
|
||||
/**
|
||||
* Append a 32-bit integer to the buffer.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_uint32)(tls_writer_t *this, u_int32_t value);
|
||||
void (*write_uint32)(bio_writer_t *this, u_int32_t value);
|
||||
|
||||
/**
|
||||
* Append a chunk of data without a length header.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_data)(tls_writer_t *this, chunk_t value);
|
||||
void (*write_data)(bio_writer_t *this, chunk_t value);
|
||||
|
||||
/**
|
||||
* Append a chunk of data with a 8-bit length header.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_data8)(tls_writer_t *this, chunk_t value);
|
||||
void (*write_data8)(bio_writer_t *this, chunk_t value);
|
||||
|
||||
/**
|
||||
* Append a chunk of data with a 16-bit length header.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_data16)(tls_writer_t *this, chunk_t value);
|
||||
void (*write_data16)(bio_writer_t *this, chunk_t value);
|
||||
|
||||
/**
|
||||
* Append a chunk of data with a 24-bit length header.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_data24)(tls_writer_t *this, chunk_t value);
|
||||
void (*write_data24)(bio_writer_t *this, chunk_t value);
|
||||
|
||||
/**
|
||||
* Append a chunk of data with a 32-bit length header.
|
||||
*
|
||||
* @param value value to append
|
||||
*/
|
||||
void (*write_data32)(tls_writer_t *this, chunk_t value);
|
||||
void (*write_data32)(bio_writer_t *this, chunk_t value);
|
||||
|
||||
/**
|
||||
* Prepend a 8-bit length header to existing data.
|
||||
*/
|
||||
void (*wrap8)(tls_writer_t *this);
|
||||
void (*wrap8)(bio_writer_t *this);
|
||||
|
||||
/**
|
||||
* Prepend a 16-bit length header to existing data.
|
||||
*/
|
||||
void (*wrap16)(tls_writer_t *this);
|
||||
void (*wrap16)(bio_writer_t *this);
|
||||
|
||||
/**
|
||||
* Prepend a 24-bit length header to existing data.
|
||||
*/
|
||||
void (*wrap24)(tls_writer_t *this);
|
||||
void (*wrap24)(bio_writer_t *this);
|
||||
|
||||
/**
|
||||
* Prepend a 32-bit length header to existing data.
|
||||
*/
|
||||
void (*wrap32)(tls_writer_t *this);
|
||||
void (*wrap32)(bio_writer_t *this);
|
||||
|
||||
/**
|
||||
* Get the encoded data buffer.
|
||||
*
|
||||
* @return chunk to internal buffer
|
||||
*/
|
||||
chunk_t (*get_buf)(tls_writer_t *this);
|
||||
chunk_t (*get_buf)(bio_writer_t *this);
|
||||
|
||||
/**
|
||||
* Destroy a tls_writer_t.
|
||||
* Destroy a bio_writer_t.
|
||||
*/
|
||||
void (*destroy)(tls_writer_t *this);
|
||||
void (*destroy)(bio_writer_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a tls_writer instance.
|
||||
* Create a bio_writer instance.
|
||||
*
|
||||
* @param bufsize initially allocated buffer size
|
||||
*/
|
||||
tls_writer_t *tls_writer_create(u_int32_t bufsize);
|
||||
bio_writer_t *bio_writer_create(u_int32_t bufsize);
|
||||
|
||||
#endif /** TLS_WRITER_H_ @}*/
|
||||
#endif /** BIO_WRITER_H_ @}*/
|
||||
|
|
|
@ -9,8 +9,6 @@ libtls_la_SOURCES = \
|
|||
tls_alert.h tls_alert.c \
|
||||
tls_crypto.h tls_crypto.c \
|
||||
tls_prf.h tls_prf.c \
|
||||
tls_reader.h tls_reader.c \
|
||||
tls_writer.h tls_writer.c \
|
||||
tls_socket.h tls_socket.c \
|
||||
tls_eap.h tls_eap.c \
|
||||
tls_peer.h tls_peer.c \
|
||||
|
|
|
@ -23,8 +23,8 @@
|
|||
|
||||
typedef struct tls_application_t tls_application_t;
|
||||
|
||||
#include "tls_reader.h"
|
||||
#include "tls_writer.h"
|
||||
#include <bio/bio_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
|
||||
/**
|
||||
* TLS application data interface.
|
||||
|
@ -40,7 +40,7 @@ struct tls_application_t {
|
|||
* - FAILED if application data processing failed
|
||||
* - NEED_MORE if another invocation of process/build needed
|
||||
*/
|
||||
status_t (*process)(tls_application_t *this, tls_reader_t *reader);
|
||||
status_t (*process)(tls_application_t *this, bio_reader_t *reader);
|
||||
|
||||
/**
|
||||
* Build TLS application data to send out.
|
||||
|
@ -52,7 +52,7 @@ struct tls_application_t {
|
|||
* - NEED_MORE if more data ready for delivery
|
||||
* - INVALID_STATE if more input to process() required
|
||||
*/
|
||||
status_t (*build)(tls_application_t *this, tls_writer_t *writer);
|
||||
status_t (*build)(tls_application_t *this, bio_writer_t *writer);
|
||||
|
||||
/**
|
||||
* Destroy a tls_application_t.
|
||||
|
|
|
@ -1057,15 +1057,15 @@ METHOD(tls_crypto_t, get_dh_group, diffie_hellman_group_t,
|
|||
}
|
||||
|
||||
METHOD(tls_crypto_t, get_signature_algorithms, void,
|
||||
private_tls_crypto_t *this, tls_writer_t *writer)
|
||||
private_tls_crypto_t *this, bio_writer_t *writer)
|
||||
{
|
||||
tls_writer_t *supported;
|
||||
bio_writer_t *supported;
|
||||
enumerator_t *enumerator;
|
||||
hash_algorithm_t alg;
|
||||
tls_hash_algorithm_t hash;
|
||||
const char *plugin_name;
|
||||
|
||||
supported = tls_writer_create(32);
|
||||
supported = bio_writer_create(32);
|
||||
enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
|
||||
while (enumerator->enumerate(enumerator, &alg, &plugin_name))
|
||||
{
|
||||
|
@ -1280,13 +1280,13 @@ static signature_scheme_t hashsig_to_scheme(key_type_t type,
|
|||
}
|
||||
|
||||
METHOD(tls_crypto_t, sign, bool,
|
||||
private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer,
|
||||
private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer,
|
||||
chunk_t data, chunk_t hashsig)
|
||||
{
|
||||
if (this->tls->get_version(this->tls) >= TLS_1_2)
|
||||
{
|
||||
signature_scheme_t scheme;
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
u_int8_t hash, alg;
|
||||
chunk_t sig;
|
||||
bool done = FALSE;
|
||||
|
@ -1296,7 +1296,7 @@ METHOD(tls_crypto_t, sign, bool,
|
|||
hashsig = chunk_from_chars(
|
||||
TLS_HASH_SHA1, TLS_SIG_RSA, TLS_HASH_SHA1, TLS_SIG_ECDSA);
|
||||
}
|
||||
reader = tls_reader_create(hashsig);
|
||||
reader = bio_reader_create(hashsig);
|
||||
while (reader->remaining(reader) >= 2)
|
||||
{
|
||||
if (reader->read_uint8(reader, &hash) &&
|
||||
|
@ -1361,7 +1361,7 @@ METHOD(tls_crypto_t, sign, bool,
|
|||
}
|
||||
|
||||
METHOD(tls_crypto_t, verify, bool,
|
||||
private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader,
|
||||
private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader,
|
||||
chunk_t data)
|
||||
{
|
||||
if (this->tls->get_version(this->tls) >= TLS_1_2)
|
||||
|
@ -1432,14 +1432,14 @@ METHOD(tls_crypto_t, verify, bool,
|
|||
}
|
||||
|
||||
METHOD(tls_crypto_t, sign_handshake, bool,
|
||||
private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer,
|
||||
private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer,
|
||||
chunk_t hashsig)
|
||||
{
|
||||
return sign(this, key, writer, this->handshake, hashsig);
|
||||
}
|
||||
|
||||
METHOD(tls_crypto_t, verify_handshake, bool,
|
||||
private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader)
|
||||
private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader)
|
||||
{
|
||||
return verify(this, key, reader, this->handshake);
|
||||
}
|
||||
|
|
|
@ -427,7 +427,7 @@ struct tls_crypto_t {
|
|||
*
|
||||
* @param writer writer to write supported hash/sig algorithms
|
||||
*/
|
||||
void (*get_signature_algorithms)(tls_crypto_t *this, tls_writer_t *writer);
|
||||
void (*get_signature_algorithms)(tls_crypto_t *this, bio_writer_t *writer);
|
||||
|
||||
/**
|
||||
* Create an enumerator over supported ECDH groups.
|
||||
|
@ -464,7 +464,7 @@ struct tls_crypto_t {
|
|||
* @return TRUE if signature create successfully
|
||||
*/
|
||||
bool (*sign)(tls_crypto_t *this, private_key_t *key,
|
||||
tls_writer_t *writer, chunk_t data, chunk_t hashsig);
|
||||
bio_writer_t *writer, chunk_t data, chunk_t hashsig);
|
||||
|
||||
/**
|
||||
* Verify a blob of data, read signature from a reader.
|
||||
|
@ -475,7 +475,7 @@ struct tls_crypto_t {
|
|||
* @return TRUE if signature valid
|
||||
*/
|
||||
bool (*verify)(tls_crypto_t *this, public_key_t *key,
|
||||
tls_reader_t *reader, chunk_t data);
|
||||
bio_reader_t *reader, chunk_t data);
|
||||
|
||||
/**
|
||||
* Create a signature of the handshake data using a given private key.
|
||||
|
@ -486,7 +486,7 @@ struct tls_crypto_t {
|
|||
* @return TRUE if signature create successfully
|
||||
*/
|
||||
bool (*sign_handshake)(tls_crypto_t *this, private_key_t *key,
|
||||
tls_writer_t *writer, chunk_t hashsig);
|
||||
bio_writer_t *writer, chunk_t hashsig);
|
||||
|
||||
/**
|
||||
* Verify the signature over handshake data using a given public key.
|
||||
|
@ -496,7 +496,7 @@ struct tls_crypto_t {
|
|||
* @return TRUE if signature valid
|
||||
*/
|
||||
bool (*verify_handshake)(tls_crypto_t *this, public_key_t *key,
|
||||
tls_reader_t *reader);
|
||||
bio_reader_t *reader);
|
||||
|
||||
/**
|
||||
* Calculate the data of a TLS finished message.
|
||||
|
|
|
@ -15,8 +15,7 @@
|
|||
|
||||
#include "tls_fragmentation.h"
|
||||
|
||||
#include "tls_reader.h"
|
||||
|
||||
#include <bio/bio_reader.h>
|
||||
#include <debug.h>
|
||||
|
||||
typedef struct private_tls_fragmentation_t private_tls_fragmentation_t;
|
||||
|
@ -108,7 +107,7 @@ struct private_tls_fragmentation_t {
|
|||
* Process a TLS alert
|
||||
*/
|
||||
static status_t process_alert(private_tls_fragmentation_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
u_int8_t level, description;
|
||||
|
||||
|
@ -125,11 +124,11 @@ static status_t process_alert(private_tls_fragmentation_t *this,
|
|||
* Process TLS handshake protocol data
|
||||
*/
|
||||
static status_t process_handshake(private_tls_fragmentation_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
while (reader->remaining(reader))
|
||||
{
|
||||
tls_reader_t *msg;
|
||||
bio_reader_t *msg;
|
||||
u_int8_t type;
|
||||
u_int32_t len;
|
||||
status_t status;
|
||||
|
@ -178,7 +177,7 @@ static status_t process_handshake(private_tls_fragmentation_t *this,
|
|||
|
||||
if (this->input.len == this->inpos)
|
||||
{ /* message completely defragmented, process */
|
||||
msg = tls_reader_create(this->input);
|
||||
msg = bio_reader_create(this->input);
|
||||
DBG2(DBG_TLS, "received TLS %N handshake (%u bytes)",
|
||||
tls_handshake_type_names, this->type, this->input.len);
|
||||
status = this->handshake->process(this->handshake, this->type, msg);
|
||||
|
@ -201,7 +200,7 @@ static status_t process_handshake(private_tls_fragmentation_t *this,
|
|||
* Process TLS application data
|
||||
*/
|
||||
static status_t process_application(private_tls_fragmentation_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
while (reader->remaining(reader))
|
||||
{
|
||||
|
@ -236,7 +235,7 @@ static status_t process_application(private_tls_fragmentation_t *this,
|
|||
METHOD(tls_fragmentation_t, process, status_t,
|
||||
private_tls_fragmentation_t *this, tls_content_type_t type, chunk_t data)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
status_t status;
|
||||
|
||||
switch (this->state)
|
||||
|
@ -248,7 +247,7 @@ METHOD(tls_fragmentation_t, process, status_t,
|
|||
case ALERT_NONE:
|
||||
break;
|
||||
}
|
||||
reader = tls_reader_create(data);
|
||||
reader = bio_reader_create(data);
|
||||
switch (type)
|
||||
{
|
||||
case TLS_CHANGE_CIPHER_SPEC:
|
||||
|
@ -284,11 +283,11 @@ static bool check_alerts(private_tls_fragmentation_t *this, chunk_t *data)
|
|||
{
|
||||
tls_alert_level_t level;
|
||||
tls_alert_desc_t desc;
|
||||
tls_writer_t *writer;
|
||||
bio_writer_t *writer;
|
||||
|
||||
if (this->alert->get(this->alert, &level, &desc))
|
||||
{
|
||||
writer = tls_writer_create(2);
|
||||
writer = bio_writer_create(2);
|
||||
|
||||
writer->write_uint8(writer, level);
|
||||
writer->write_uint8(writer, desc);
|
||||
|
@ -305,14 +304,14 @@ static bool check_alerts(private_tls_fragmentation_t *this, chunk_t *data)
|
|||
*/
|
||||
static status_t build_handshake(private_tls_fragmentation_t *this)
|
||||
{
|
||||
tls_writer_t *hs, *msg;
|
||||
bio_writer_t *hs, *msg;
|
||||
tls_handshake_type_t type;
|
||||
status_t status;
|
||||
|
||||
msg = tls_writer_create(64);
|
||||
msg = bio_writer_create(64);
|
||||
while (TRUE)
|
||||
{
|
||||
hs = tls_writer_create(64);
|
||||
hs = bio_writer_create(64);
|
||||
status = this->handshake->build(this->handshake, &type, hs);
|
||||
switch (status)
|
||||
{
|
||||
|
@ -346,10 +345,10 @@ static status_t build_handshake(private_tls_fragmentation_t *this)
|
|||
*/
|
||||
static status_t build_application(private_tls_fragmentation_t *this)
|
||||
{
|
||||
tls_writer_t *msg;
|
||||
bio_writer_t *msg;
|
||||
status_t status;
|
||||
|
||||
msg = tls_writer_create(64);
|
||||
msg = bio_writer_create(64);
|
||||
while (TRUE)
|
||||
{
|
||||
status = this->application->build(this->application, msg);
|
||||
|
|
|
@ -24,8 +24,9 @@
|
|||
typedef struct tls_handshake_t tls_handshake_t;
|
||||
|
||||
#include "tls.h"
|
||||
#include "tls_reader.h"
|
||||
#include "tls_writer.h"
|
||||
|
||||
#include <bio/bio_reader.h>
|
||||
#include <bio/bio_writer.h>
|
||||
|
||||
/**
|
||||
* TLS handshake state machine interface.
|
||||
|
@ -44,7 +45,7 @@ struct tls_handshake_t {
|
|||
* - DESTROY_ME if a fatal TLS alert received
|
||||
*/
|
||||
status_t (*process)(tls_handshake_t *this,
|
||||
tls_handshake_type_t type, tls_reader_t *reader);
|
||||
tls_handshake_type_t type, bio_reader_t *reader);
|
||||
|
||||
/**
|
||||
* Build TLS handshake messages to send out.
|
||||
|
@ -58,7 +59,7 @@ struct tls_handshake_t {
|
|||
* - INVALID_STATE if more input to process() required
|
||||
*/
|
||||
status_t (*build)(tls_handshake_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer);
|
||||
tls_handshake_type_t *type, bio_writer_t *writer);
|
||||
|
||||
/**
|
||||
* Check if the cipher spec for outgoing messages has changed.
|
||||
|
|
|
@ -124,7 +124,7 @@ struct private_tls_peer_t {
|
|||
* Process a server hello message
|
||||
*/
|
||||
static status_t process_server_hello(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
u_int8_t compression;
|
||||
u_int16_t version, cipher;
|
||||
|
@ -209,10 +209,10 @@ static bool check_certificate(private_tls_peer_t *this, certificate_t *cert)
|
|||
* Process a Certificate message
|
||||
*/
|
||||
static status_t process_certificate(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
certificate_t *cert;
|
||||
tls_reader_t *certs;
|
||||
bio_reader_t *certs;
|
||||
chunk_t data;
|
||||
bool first = TRUE;
|
||||
|
||||
|
@ -225,7 +225,7 @@ static status_t process_certificate(private_tls_peer_t *this,
|
|||
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
|
||||
return NEED_MORE;
|
||||
}
|
||||
certs = tls_reader_create(data);
|
||||
certs = bio_reader_create(data);
|
||||
while (certs->remaining(certs))
|
||||
{
|
||||
if (!certs->read_data24(certs, &data))
|
||||
|
@ -302,7 +302,7 @@ static public_key_t *find_public_key(private_tls_peer_t *this)
|
|||
* Process a Key Exchange message using MODP Diffie Hellman
|
||||
*/
|
||||
static status_t process_modp_key_exchange(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
chunk_t prime, generator, pub, chunk;
|
||||
public_key_t *public;
|
||||
|
@ -379,7 +379,7 @@ static diffie_hellman_group_t curve_to_ec_group(private_tls_peer_t *this,
|
|||
* Process a Key Exchange message using EC Diffie Hellman
|
||||
*/
|
||||
static status_t process_ec_key_exchange(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
diffie_hellman_group_t group;
|
||||
public_key_t *public;
|
||||
|
@ -466,7 +466,7 @@ static status_t process_ec_key_exchange(private_tls_peer_t *this,
|
|||
* Process a Server Key Exchange
|
||||
*/
|
||||
static status_t process_key_exchange(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
diffie_hellman_group_t group;
|
||||
|
||||
|
@ -491,10 +491,10 @@ static status_t process_key_exchange(private_tls_peer_t *this,
|
|||
/**
|
||||
* Process a Certificate Request message
|
||||
*/
|
||||
static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader)
|
||||
static status_t process_certreq(private_tls_peer_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t types, hashsig, data;
|
||||
tls_reader_t *authorities;
|
||||
bio_reader_t *authorities;
|
||||
identification_t *id;
|
||||
certificate_t *cert;
|
||||
|
||||
|
@ -529,7 +529,7 @@ static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader)
|
|||
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
|
||||
return NEED_MORE;
|
||||
}
|
||||
authorities = tls_reader_create(data);
|
||||
authorities = bio_reader_create(data);
|
||||
while (authorities->remaining(authorities))
|
||||
{
|
||||
if (!authorities->read_data16(authorities, &data))
|
||||
|
@ -565,7 +565,7 @@ static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader)
|
|||
* Process Hello Done message
|
||||
*/
|
||||
static status_t process_hello_done(private_tls_peer_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
this->crypto->append_handshake(this->crypto,
|
||||
TLS_SERVER_HELLO_DONE, reader->peek(reader));
|
||||
|
@ -576,7 +576,7 @@ static status_t process_hello_done(private_tls_peer_t *this,
|
|||
/**
|
||||
* Process finished message
|
||||
*/
|
||||
static status_t process_finished(private_tls_peer_t *this, tls_reader_t *reader)
|
||||
static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t received;
|
||||
char buf[12];
|
||||
|
@ -607,7 +607,7 @@ static status_t process_finished(private_tls_peer_t *this, tls_reader_t *reader)
|
|||
}
|
||||
|
||||
METHOD(tls_handshake_t, process, status_t,
|
||||
private_tls_peer_t *this, tls_handshake_type_t type, tls_reader_t *reader)
|
||||
private_tls_peer_t *this, tls_handshake_type_t type, bio_reader_t *reader)
|
||||
{
|
||||
tls_handshake_type_t expected;
|
||||
|
||||
|
@ -670,10 +670,10 @@ METHOD(tls_handshake_t, process, status_t,
|
|||
* Send a client hello
|
||||
*/
|
||||
static status_t send_client_hello(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
tls_cipher_suite_t *suites;
|
||||
tls_writer_t *extensions, *curves = NULL;
|
||||
bio_writer_t *extensions, *curves = NULL;
|
||||
tls_version_t version;
|
||||
tls_named_curve_t curve;
|
||||
enumerator_t *enumerator;
|
||||
|
@ -711,7 +711,7 @@ static status_t send_client_hello(private_tls_peer_t *this,
|
|||
writer->write_uint8(writer, 1);
|
||||
writer->write_uint8(writer, 0);
|
||||
|
||||
extensions = tls_writer_create(32);
|
||||
extensions = bio_writer_create(32);
|
||||
|
||||
extensions->write_uint16(extensions, TLS_EXT_SIGNATURE_ALGORITHMS);
|
||||
this->crypto->get_signature_algorithms(this->crypto, extensions);
|
||||
|
@ -723,7 +723,7 @@ static status_t send_client_hello(private_tls_peer_t *this,
|
|||
if (!curves)
|
||||
{
|
||||
extensions->write_uint16(extensions, TLS_EXT_ELLIPTIC_CURVES);
|
||||
curves = tls_writer_create(16);
|
||||
curves = bio_writer_create(16);
|
||||
}
|
||||
curves->write_uint16(curves, curve);
|
||||
}
|
||||
|
@ -741,11 +741,11 @@ static status_t send_client_hello(private_tls_peer_t *this,
|
|||
}
|
||||
if (this->server->get_type(this->server) == ID_FQDN)
|
||||
{
|
||||
tls_writer_t *names;
|
||||
bio_writer_t *names;
|
||||
|
||||
DBG2(DBG_TLS, "sending Server Name Indication for '%Y'", this->server);
|
||||
|
||||
names = tls_writer_create(8);
|
||||
names = bio_writer_create(8);
|
||||
names->write_uint8(names, TLS_NAME_TYPE_HOST_NAME);
|
||||
names->write_data16(names, this->server->get_encoding(this->server));
|
||||
names->wrap16(names);
|
||||
|
@ -769,7 +769,7 @@ static status_t send_client_hello(private_tls_peer_t *this,
|
|||
static private_key_t *find_private_key(private_tls_peer_t *this)
|
||||
{
|
||||
private_key_t *key = NULL;
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
key_type_t type;
|
||||
u_int8_t cert;
|
||||
|
||||
|
@ -777,7 +777,7 @@ static private_key_t *find_private_key(private_tls_peer_t *this)
|
|||
{
|
||||
return NULL;
|
||||
}
|
||||
reader = tls_reader_create(this->cert_types);
|
||||
reader = bio_reader_create(this->cert_types);
|
||||
while (reader->remaining(reader) && reader->read_uint8(reader, &cert))
|
||||
{
|
||||
switch (cert)
|
||||
|
@ -806,12 +806,12 @@ static private_key_t *find_private_key(private_tls_peer_t *this)
|
|||
* Send Certificate
|
||||
*/
|
||||
static status_t send_certificate(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
certificate_t *cert;
|
||||
auth_rule_t rule;
|
||||
tls_writer_t *certs;
|
||||
bio_writer_t *certs;
|
||||
chunk_t data;
|
||||
|
||||
this->private = find_private_key(this);
|
||||
|
@ -823,7 +823,7 @@ static status_t send_certificate(private_tls_peer_t *this,
|
|||
}
|
||||
|
||||
/* generate certificate payload */
|
||||
certs = tls_writer_create(256);
|
||||
certs = bio_writer_create(256);
|
||||
if (this->peer)
|
||||
{
|
||||
cert = this->peer_auth->get(this->peer_auth, AUTH_RULE_SUBJECT_CERT);
|
||||
|
@ -867,7 +867,7 @@ static status_t send_certificate(private_tls_peer_t *this,
|
|||
* Send client key exchange, using premaster encryption
|
||||
*/
|
||||
static status_t send_key_exchange_encrypt(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
public_key_t *public;
|
||||
rng_t *rng;
|
||||
|
@ -919,7 +919,7 @@ static status_t send_key_exchange_encrypt(private_tls_peer_t *this,
|
|||
* Send client key exchange, using DHE exchange
|
||||
*/
|
||||
static status_t send_key_exchange_dhe(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
chunk_t premaster, pub;
|
||||
|
||||
|
@ -957,7 +957,7 @@ static status_t send_key_exchange_dhe(private_tls_peer_t *this,
|
|||
* Send client key exchange, depending on suite
|
||||
*/
|
||||
static status_t send_key_exchange(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
if (this->dh)
|
||||
{
|
||||
|
@ -970,7 +970,7 @@ static status_t send_key_exchange(private_tls_peer_t *this,
|
|||
* Send certificate verify
|
||||
*/
|
||||
static status_t send_certificate_verify(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
if (!this->private ||
|
||||
!this->crypto->sign_handshake(this->crypto, this->private,
|
||||
|
@ -991,7 +991,7 @@ static status_t send_certificate_verify(private_tls_peer_t *this,
|
|||
* Send Finished
|
||||
*/
|
||||
static status_t send_finished(private_tls_peer_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
char buf[12];
|
||||
|
||||
|
@ -1011,7 +1011,7 @@ static status_t send_finished(private_tls_peer_t *this,
|
|||
}
|
||||
|
||||
METHOD(tls_handshake_t, build, status_t,
|
||||
private_tls_peer_t *this, tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
private_tls_peer_t *this, tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
switch (this->state)
|
||||
{
|
||||
|
|
|
@ -192,11 +192,11 @@ static bool select_suite_and_key(private_tls_server_t *this,
|
|||
* Process client hello message
|
||||
*/
|
||||
static status_t process_client_hello(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
u_int16_t version, extension;
|
||||
chunk_t random, session, ciphers, compression, ext = chunk_empty;
|
||||
tls_reader_t *extensions;
|
||||
bio_reader_t *extensions;
|
||||
tls_cipher_suite_t *suites;
|
||||
int count, i;
|
||||
|
||||
|
@ -217,7 +217,7 @@ static status_t process_client_hello(private_tls_server_t *this,
|
|||
|
||||
if (ext.len)
|
||||
{
|
||||
extensions = tls_reader_create(ext);
|
||||
extensions = bio_reader_create(ext);
|
||||
while (extensions->remaining(extensions))
|
||||
{
|
||||
if (!extensions->read_uint16(extensions, &extension) ||
|
||||
|
@ -282,10 +282,10 @@ static status_t process_client_hello(private_tls_server_t *this,
|
|||
* Process certificate
|
||||
*/
|
||||
static status_t process_certificate(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
certificate_t *cert;
|
||||
tls_reader_t *certs;
|
||||
bio_reader_t *certs;
|
||||
chunk_t data;
|
||||
bool first = TRUE;
|
||||
|
||||
|
@ -298,7 +298,7 @@ static status_t process_certificate(private_tls_server_t *this,
|
|||
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
|
||||
return NEED_MORE;
|
||||
}
|
||||
certs = tls_reader_create(data);
|
||||
certs = bio_reader_create(data);
|
||||
while (certs->remaining(certs))
|
||||
{
|
||||
if (!certs->read_data24(certs, &data))
|
||||
|
@ -342,7 +342,7 @@ static status_t process_certificate(private_tls_server_t *this,
|
|||
* Process Client Key Exchange, using premaster encryption
|
||||
*/
|
||||
static status_t process_key_exchange_encrypted(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
chunk_t encrypted, decrypted;
|
||||
char premaster[48];
|
||||
|
@ -402,7 +402,7 @@ static status_t process_key_exchange_encrypted(private_tls_server_t *this,
|
|||
* Process client key exchange, using DHE exchange
|
||||
*/
|
||||
static status_t process_key_exchange_dhe(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
chunk_t premaster, pub;
|
||||
bool ec;
|
||||
|
@ -451,7 +451,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this,
|
|||
* Process Client Key Exchange
|
||||
*/
|
||||
static status_t process_key_exchange(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
if (this->dh)
|
||||
{
|
||||
|
@ -464,19 +464,19 @@ static status_t process_key_exchange(private_tls_server_t *this,
|
|||
* Process Certificate verify
|
||||
*/
|
||||
static status_t process_cert_verify(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
bool verified = FALSE;
|
||||
enumerator_t *enumerator;
|
||||
public_key_t *public;
|
||||
auth_cfg_t *auth;
|
||||
tls_reader_t *sig;
|
||||
bio_reader_t *sig;
|
||||
|
||||
enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
|
||||
KEY_ANY, this->peer, this->peer_auth);
|
||||
while (enumerator->enumerate(enumerator, &public, &auth))
|
||||
{
|
||||
sig = tls_reader_create(reader->peek(reader));
|
||||
sig = bio_reader_create(reader->peek(reader));
|
||||
verified = this->crypto->verify_handshake(this->crypto, public, sig);
|
||||
sig->destroy(sig);
|
||||
if (verified)
|
||||
|
@ -505,7 +505,7 @@ static status_t process_cert_verify(private_tls_server_t *this,
|
|||
* Process finished message
|
||||
*/
|
||||
static status_t process_finished(private_tls_server_t *this,
|
||||
tls_reader_t *reader)
|
||||
bio_reader_t *reader)
|
||||
{
|
||||
chunk_t received;
|
||||
char buf[12];
|
||||
|
@ -535,7 +535,7 @@ static status_t process_finished(private_tls_server_t *this,
|
|||
}
|
||||
|
||||
METHOD(tls_handshake_t, process, status_t,
|
||||
private_tls_server_t *this, tls_handshake_type_t type, tls_reader_t *reader)
|
||||
private_tls_server_t *this, tls_handshake_type_t type, bio_reader_t *reader)
|
||||
{
|
||||
tls_handshake_type_t expected;
|
||||
|
||||
|
@ -603,7 +603,7 @@ METHOD(tls_handshake_t, process, status_t,
|
|||
* Send ServerHello message
|
||||
*/
|
||||
static status_t send_server_hello(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
tls_version_t version;
|
||||
rng_t *rng;
|
||||
|
@ -643,16 +643,16 @@ static status_t send_server_hello(private_tls_server_t *this,
|
|||
* Send Certificate
|
||||
*/
|
||||
static status_t send_certificate(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
certificate_t *cert;
|
||||
auth_rule_t rule;
|
||||
tls_writer_t *certs;
|
||||
bio_writer_t *certs;
|
||||
chunk_t data;
|
||||
|
||||
/* generate certificate payload */
|
||||
certs = tls_writer_create(256);
|
||||
certs = bio_writer_create(256);
|
||||
cert = this->server_auth->get(this->server_auth, AUTH_RULE_SUBJECT_CERT);
|
||||
if (cert)
|
||||
{
|
||||
|
@ -693,15 +693,15 @@ static status_t send_certificate(private_tls_server_t *this,
|
|||
* Send Certificate Request
|
||||
*/
|
||||
static status_t send_certificate_request(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
tls_writer_t *authorities, *supported;
|
||||
bio_writer_t *authorities, *supported;
|
||||
enumerator_t *enumerator;
|
||||
certificate_t *cert;
|
||||
x509_t *x509;
|
||||
identification_t *id;
|
||||
|
||||
supported = tls_writer_create(4);
|
||||
supported = bio_writer_create(4);
|
||||
/* we propose both RSA and ECDSA */
|
||||
supported->write_uint8(supported, TLS_RSA_SIGN);
|
||||
supported->write_uint8(supported, TLS_ECDSA_SIGN);
|
||||
|
@ -712,7 +712,7 @@ static status_t send_certificate_request(private_tls_server_t *this,
|
|||
this->crypto->get_signature_algorithms(this->crypto, writer);
|
||||
}
|
||||
|
||||
authorities = tls_writer_create(64);
|
||||
authorities = bio_writer_create(64);
|
||||
enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
|
||||
CERT_X509, KEY_RSA, NULL, TRUE);
|
||||
while (enumerator->enumerate(enumerator, &cert))
|
||||
|
@ -763,14 +763,14 @@ static tls_named_curve_t ec_group_to_curve(private_tls_server_t *this,
|
|||
*/
|
||||
bool peer_supports_curve(private_tls_server_t *this, tls_named_curve_t curve)
|
||||
{
|
||||
tls_reader_t *reader;
|
||||
bio_reader_t *reader;
|
||||
u_int16_t current;
|
||||
|
||||
if (!this->curves_received)
|
||||
{ /* none received, assume yes */
|
||||
return TRUE;
|
||||
}
|
||||
reader = tls_reader_create(this->curves);
|
||||
reader = bio_reader_create(this->curves);
|
||||
while (reader->remaining(reader) && reader->read_uint16(reader, ¤t))
|
||||
{
|
||||
if (current == curve)
|
||||
|
@ -810,7 +810,7 @@ static bool find_supported_curve(private_tls_server_t *this,
|
|||
* Send Server key Exchange
|
||||
*/
|
||||
static status_t send_server_key_exchange(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer,
|
||||
tls_handshake_type_t *type, bio_writer_t *writer,
|
||||
diffie_hellman_group_t group)
|
||||
{
|
||||
diffie_hellman_params_t *params = NULL;
|
||||
|
@ -887,7 +887,7 @@ static status_t send_server_key_exchange(private_tls_server_t *this,
|
|||
* Send Hello Done
|
||||
*/
|
||||
static status_t send_hello_done(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
*type = TLS_SERVER_HELLO_DONE;
|
||||
this->state = STATE_HELLO_DONE;
|
||||
|
@ -899,7 +899,7 @@ static status_t send_hello_done(private_tls_server_t *this,
|
|||
* Send Finished
|
||||
*/
|
||||
static status_t send_finished(private_tls_server_t *this,
|
||||
tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
char buf[12];
|
||||
|
||||
|
@ -921,7 +921,7 @@ static status_t send_finished(private_tls_server_t *this,
|
|||
}
|
||||
|
||||
METHOD(tls_handshake_t, build, status_t,
|
||||
private_tls_server_t *this, tls_handshake_type_t *type, tls_writer_t *writer)
|
||||
private_tls_server_t *this, tls_handshake_type_t *type, bio_writer_t *writer)
|
||||
{
|
||||
diffie_hellman_group_t group;
|
||||
|
||||
|
|
|
@ -67,7 +67,7 @@ struct private_tls_socket_t {
|
|||
};
|
||||
|
||||
METHOD(tls_application_t, process, status_t,
|
||||
private_tls_application_t *this, tls_reader_t *reader)
|
||||
private_tls_application_t *this, bio_reader_t *reader)
|
||||
{
|
||||
chunk_t data;
|
||||
|
||||
|
@ -80,7 +80,7 @@ METHOD(tls_application_t, process, status_t,
|
|||
}
|
||||
|
||||
METHOD(tls_application_t, build, status_t,
|
||||
private_tls_application_t *this, tls_writer_t *writer)
|
||||
private_tls_application_t *this, bio_writer_t *writer)
|
||||
{
|
||||
if (this->out.len)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue