Add eap_tls_state() to get closer to EAP-TTLS/PEAP/FAST code

[libeap.git] / src / eap_server / eap_tls.c

diff --git a/src/eap_server/eap_tls.c b/src/eap_server/eap_tls.c
index c52ec5a..e5f1931 100644 (file)
--- a/src/eap_server/eap_tls.c
+++ b/src/eap_server/eap_tls.c
@@ -29,6 +29,32 @@ struct eap_tls_data {
 };
 
 
+static const char * eap_tls_state_txt(int state)
+{
+       switch (state) {
+       case START:
+               return "START";
+       case CONTINUE:
+               return "CONTINUE";
+       case SUCCESS:
+               return "SUCCESS";
+       case FAILURE:
+               return "FAILURE";
+       default:
+               return "Unknown?!";
+       }
+}
+
+
+static void eap_tls_state(struct eap_tls_data *data, int state)
+{
+       wpa_printf(MSG_DEBUG, "EAP-TLS: %s -> %s",
+                  eap_tls_state_txt(data->state),
+                  eap_tls_state_txt(state));
+       data->state = state;
+}
+
+
 static void * eap_tls_init(struct eap_sm *sm)
 {
        struct eap_tls_data *data;
@@ -68,13 +94,13 @@ static struct wpabuf * eap_tls_build_start(struct eap_sm *sm,
        if (req == NULL) {
                wpa_printf(MSG_ERROR, "EAP-TLS: Failed to allocate memory for "
                           "request");
-               data->state = FAILURE;
+               eap_tls_state(data, FAILURE);
                return NULL;
        }
 
        wpabuf_put_u8(req, EAP_TLS_FLAGS_START);
 
-       data->state = CONTINUE;
+       eap_tls_state(data, CONTINUE);
 
        return req;
 }
@@ -100,7 +126,7 @@ static struct wpabuf * eap_tls_buildReq(struct eap_sm *sm, void *priv, u8 id)
        case CONTINUE:
                if (tls_connection_established(sm->ssl_ctx, data->ssl.conn)) {
                        wpa_printf(MSG_DEBUG, "EAP-TLS: Done");
-                       data->state = SUCCESS;
+                       eap_tls_state(data, SUCCESS);
                }
                break;
        default:
@@ -129,41 +155,23 @@ static Boolean eap_tls_check(struct eap_sm *sm, void *priv,
 }
 
 
-static void eap_tls_process(struct eap_sm *sm, void *priv,
-                           struct wpabuf *respData)
+static void eap_tls_process_msg(struct eap_sm *sm, void *priv,
+                               const struct wpabuf *respData)
 {
        struct eap_tls_data *data = priv;
-       const u8 *pos;
-       u8 flags;
-       size_t left;
-       int ret;
-
-       pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_TLS, respData, &left);
-       if (pos == NULL || left < 1)
-               return; /* Should not happen - frame already validated */
-       flags = *pos++;
-       left--;
-       wpa_printf(MSG_DEBUG, "EAP-TLS: Received packet(len=%lu) - "
-                  "Flags 0x%02x", (unsigned long) wpabuf_len(respData),
-                  flags);
-
-       ret = eap_server_tls_reassemble(&data->ssl, flags, &pos, &left);
-       if (ret < 0) {
-               data->state = FAILURE;
-               return;
-       } else if (ret == 1)
-               return;
-
        if (eap_server_tls_phase1(sm, &data->ssl) < 0)
-               data->state = FAILURE;
+               eap_tls_state(data, FAILURE);
+}
 
-       if (tls_connection_get_write_alerts(sm->ssl_ctx, data->ssl.conn) > 1) {
-               wpa_printf(MSG_INFO, "EAP-TLS: Locally detected fatal error "
-                          "in TLS processing");
-               data->state = FAILURE;
-       }
 
-       eap_server_tls_free_in_buf(&data->ssl);
+static void eap_tls_process(struct eap_sm *sm, void *priv,
+                           struct wpabuf *respData)
+{
+       struct eap_tls_data *data = priv;
+       if (eap_server_tls_process(sm, &data->ssl, respData, data,
+                                  EAP_TYPE_TLS, NULL, eap_tls_process_msg) <
+           0)
+               eap_tls_state(data, FAILURE);
 }