* @tls_ctx: TLS context data from tls_init()
* @conn: Connection context data from tls_connection_init()
* @final: 1 = FinalPhaseFinished, 0 = IntermediatePhaseFinished
- * @out_data: Pointer to output buffer (encrypted TLS/IA data)
- * @out_len: Maximum out_data length
- * Returns: Number of bytes written to out_data on success, -1 on failure
+ * Returns: Encrypted TLS/IA data, %NULL on failure
*
* This function is used to send the TLS/IA end phase message, e.g., when the
* EAP server completes EAP-TTLSv1.
*/
-int __must_check tls_connection_ia_send_phase_finished(
- void *tls_ctx, struct tls_connection *conn, int final,
- u8 *out_data, size_t out_len);
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final);
/**
* tls_connection_ia_final_phase_finished - Has final phase been completed
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final)
{
#ifdef GNUTLS_IA
int ret;
+ struct wpabuf *buf;
if (conn == NULL || conn->session == NULL || !conn->tls_ia)
- return -1;
+ return NULL;
ret = gnutls_ia_permute_inner_secret(conn->session,
conn->session_keys_len,
if (ret) {
wpa_printf(MSG_DEBUG, "%s: Failed to permute inner secret: %s",
__func__, gnutls_strerror(ret));
- return -1;
+ return NULL;
}
ret = gnutls_ia_endphase_send(conn->session, final);
if (ret) {
wpa_printf(MSG_DEBUG, "%s: Failed to send endphase: %s",
__func__, gnutls_strerror(ret));
- return -1;
+ return NULL;
}
- if (conn->push_buf == NULL)
- return -1;
- if (wpabuf_len(conn->push_buf) < out_len)
- out_len = wpabuf_len(conn->push_buf);
- os_memcpy(out_data, wpabuf_head(conn->push_buf), out_len);
- wpabuf_free(conn->push_buf);
+ buf = conn->push_buf;
conn->push_buf = NULL;
- return out_len;
+ return buf;
#else /* GNUTLS_IA */
- return -1;
+ return NULL;
#endif /* GNUTLS_IA */
}
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final)
{
- return -1;
+ return NULL;
}
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final)
{
- return -1;
+ return NULL;
}
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final)
{
- return -1;
+ return NULL;
}
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final)
{
- return -1;
+ return NULL;
}
}
-int tls_connection_ia_send_phase_finished(void *tls_ctx,
- struct tls_connection *conn,
- int final,
- u8 *out_data, size_t out_len)
+struct wpabuf * tls_connection_ia_send_phase_finished(
+ void *tls_ctx, struct tls_connection *conn, int final);
{
- return -1;
+ return NULL;
}
#include "common.h"
#include "crypto/ms_funcs.h"
+#include "crypto/sha1.h"
#include "crypto/tls.h"
#include "eap_common/chap.h"
#include "eap_common/eap_ttls.h"
static struct wpabuf * eap_ttls_build_phase_finished(
struct eap_sm *sm, struct eap_ttls_data *data, int id, int final)
{
- int len;
- struct wpabuf *req;
- u8 *pos;
- const int max_len = 300;
+ struct wpabuf *req, *buf;
- req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TTLS, 1 + max_len,
- EAP_CODE_RESPONSE, id);
- if (req == NULL)
+ buf = tls_connection_ia_send_phase_finished(sm->ssl_ctx,
+ data->ssl.conn,
+ final);
+ if (buf == NULL)
return NULL;
- wpabuf_put_u8(req, data->ttls_version);
-
- pos = wpabuf_put(req, 0);
- len = tls_connection_ia_send_phase_finished(sm->ssl_ctx,
- data->ssl.conn,
- final, pos, max_len);
- if (len < 0) {
- wpabuf_free(req);
+ req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TTLS,
+ 1 + wpabuf_len(buf),
+ EAP_CODE_RESPONSE, id);
+ if (req == NULL) {
+ wpabuf_free(buf);
return NULL;
}
- wpabuf_put(req, len);
+
+ wpabuf_put_u8(req, data->ttls_version);
+ wpabuf_put_buf(req, buf);
+ wpabuf_free(buf);
eap_update_len(req);
return req;
static struct wpabuf * eap_ttls_build_phase_finished(
struct eap_sm *sm, struct eap_ttls_data *data, int final)
{
- int len;
- struct wpabuf *req;
- const int max_len = 300;
-
- req = wpabuf_alloc(max_len);
- if (req == NULL)
- return NULL;
-
- len = tls_connection_ia_send_phase_finished(sm->ssl_ctx,
- data->ssl.conn, final,
- wpabuf_mhead(req),
- max_len);
- if (len < 0) {
- wpabuf_free(req);
- return NULL;
- }
- wpabuf_put(req, len);
-
- return req;
+ return tls_connection_ia_send_phase_finished(sm->ssl_ctx,
+ data->ssl.conn, final);
}