Menu
▾
▴
[Open1x-commits] SF.net SVN: open1x:[437] trunk/xsupplicant
|
From: <che...@us...> - 2008-11-21 18:17:15
|
Revision: 437
http://open1x.svn.sourceforge.net/open1x/?rev=437&view=rev
Author: chessing
Date: 2008-11-21 18:17:09 +0000 (Fri, 21 Nov 2008)
Log Message:
-----------
More work on EAP-TLS, fixed a path issue in the test tool building.
Modified Paths:
--------------
trunk/xsupplicant/lib/libxsupconfcheck/xsupconfcheck_profile.c
trunk/xsupplicant/src/eap_types/tls/eaptls.c
trunk/xsupplicant/src/eap_types/tls/ossl_tls_funcs.c
trunk/xsupplicant/src/eap_types/tls/tls_funcs.h
trunk/xsupplicant/src/platform/windows/win_cert_handler.c
trunk/xsupplicant-engine-test-suite/vs2005/xsupplicant-test/xsupplicant-test.vcproj
Modified: trunk/xsupplicant/lib/libxsupconfcheck/xsupconfcheck_profile.c
===================================================================
--- trunk/xsupplicant/lib/libxsupconfcheck/xsupconfcheck_profile.c 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant/lib/libxsupconfcheck/xsupconfcheck_profile.c 2008-11-21 18:17:09 UTC (rev 437)
@@ -70,9 +70,9 @@
retval = -1;
}
- if (tls->user_key == NULL)
+ if (tls->store_type == NULL)
{
- if (log == TRUE) error_prequeue_add("A user key file must be specified to use EAP-TLS.");
+ if (log == TRUE) error_prequeue_add("A store type for your certificate must be specified to use EAP-TLS.");
retval = -1;
}
@@ -82,11 +82,19 @@
retval = -1;
}
+#ifndef WINDOWS
+ if (tls->user_key == NULL)
+ {
+ if (log == TRUE) error_prequeue_add("A user key file must be specified to use EAP-TLS.");
+ retval = -1;
+ }
+
if ((tls->user_key_pass == NULL) && (prof->temp_password == NULL))
{
if (log == TRUE) error_prequeue_add("A user key password must be specified to use EAP-TLS.");
retval = PROFILE_NEED_UPW;
}
+#endif
return retval;
}
Modified: trunk/xsupplicant/src/eap_types/tls/eaptls.c
===================================================================
--- trunk/xsupplicant/src/eap_types/tls/eaptls.c 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant/src/eap_types/tls/eaptls.c 2008-11-21 18:17:09 UTC (rev 437)
@@ -88,10 +88,10 @@
mytls_vars->resume = userdata->session_resume;
mytls_vars->verify_cert = TRUE;
- mytls_vars->sessionkeyconst = (uint8_t *)Malloc(TLS_SESSION_KEY_CONST_SIZE);
+ mytls_vars->sessionkeyconst = (uint8_t *)Malloc(TLS_SESSION_KEY_CONST_SIZE+1);
if (mytls_vars->sessionkeyconst == NULL) return XEMALLOC;
- if (Strncpy((char *)mytls_vars->sessionkeyconst, TLS_SESSION_KEY_CONST_SIZE,
+ if (Strncpy((char *)mytls_vars->sessionkeyconst, TLS_SESSION_KEY_CONST_SIZE+1,
TLS_SESSION_KEY_CONST, TLS_SESSION_KEY_CONST_SIZE) != 0)
{
debug_printf(DEBUG_NORMAL, "Attempt to overflow destination string in %s() at %d!\n",
@@ -127,6 +127,7 @@
return XEGENERROR;
}
+#ifndef WINDOWS // Windows doesn't need a password?
if (ctx->prof->temp_password == NULL)
{
if (userdata->user_key_pass == NULL)
@@ -142,7 +143,11 @@
{
password = _strdup(ctx->prof->temp_password);
}
+#endif
+ mytls_vars->certs_loaded &= ~ROOT_CERTS_LOADED;
+ mytls_vars->handshake_done = FALSE;
+
if (certificates_load_user(mytls_vars, userdata->store_type, userdata->user_cert, userdata->user_key, password) != XENONE)
{
debug_printf(DEBUG_NORMAL, "Error loading user certificate!\n");
@@ -236,19 +241,20 @@
tlsconf = (struct config_eap_tls *)eapdata->eap_conf_data;
+#ifndef WINDOWS
if (tlsconf->user_key_pass == NULL)
{
debug_printf(DEBUG_NORMAL, "No password available for TLS certificate!\n");
eap_type_common_fail(eapdata);
return;
}
+#endif
}
-/**************************************************************************
+/**
+ * \brief Process a TLS request.
*
- * Process a TLS request.
- *
- **************************************************************************/
+ **/
void eaptls_process(eap_type_data *eapdata)
{
struct tls_vars *mytls_vars = NULL;
@@ -448,9 +454,7 @@
if (!xsup_assert((eapdata != NULL), "eapdata != NULL", FALSE))
return FALSE;
- if (!xsup_assert((eapdata->eap_data != NULL), "eapdata->eap_data != NULL",
- FALSE))
- return FALSE;
+ if (eapdata->eap_data == NULL) return FALSE;
mytls_vars = (struct tls_vars *)eapdata->eap_data;
Modified: trunk/xsupplicant/src/eap_types/tls/ossl_tls_funcs.c
===================================================================
--- trunk/xsupplicant/src/eap_types/tls/ossl_tls_funcs.c 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant/src/eap_types/tls/ossl_tls_funcs.c 2008-11-21 18:17:09 UTC (rev 437)
@@ -2100,9 +2100,6 @@
queue_destroy(&mytls_vars->tlsinqueue);
queue_destroy(&mytls_vars->tlsoutqueue);
-#ifdef WINDOWS
-#endif
-
// BIOs are freed by the SSL_free call below. Do not try to free them any other
// way, or you will segfault!
if (mytls_vars->ssl != NULL)
Modified: trunk/xsupplicant/src/eap_types/tls/tls_funcs.h
===================================================================
--- trunk/xsupplicant/src/eap_types/tls/tls_funcs.h 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant/src/eap_types/tls/tls_funcs.h 2008-11-21 18:17:09 UTC (rev 437)
@@ -34,7 +34,7 @@
#endif
#ifdef WINDOWS
- void *hcProv;
+ unsigned long *hcProv;
uint32_t pdwKeyspec;
uint32_t pfCallerFreeProv;
#endif // WINDOWS
Modified: trunk/xsupplicant/src/platform/windows/win_cert_handler.c
===================================================================
--- trunk/xsupplicant/src/platform/windows/win_cert_handler.c 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant/src/platform/windows/win_cert_handler.c 2008-11-21 18:17:09 UTC (rev 437)
@@ -1008,7 +1008,7 @@
ERR_clear_error();
// Then, load the private key.
- if (CryptAcquireCertificatePrivateKey(mycert, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, mytls_vars->hcProv,
+ if (CryptAcquireCertificatePrivateKey(mycert, CRYPT_ACQUIRE_COMPARE_KEY_FLAG, NULL, &mytls_vars->hcProv,
&mytls_vars->pdwKeyspec, &mytls_vars->pfCallerFreeProv) == FALSE)
{
debug_printf(DEBUG_NORMAL, "Unable to load the user private key data!\n");
@@ -1042,8 +1042,16 @@
return -1;
}
- if (!SSL_use_certificate(mytls_vars->ssl, wincert))
+ if (mytls_vars->ctx == NULL)
{
+ debug_printf(DEBUG_NORMAL, "No SSL context established!\n");
+ X509_free(wincert);
+ RSA_free(rsa);
+ return -1;
+ }
+
+ if (!SSL_CTX_use_certificate(mytls_vars->ctx, wincert))
+ {
debug_printf(DEBUG_NORMAL, "Unable to use selected user certificate!\n");
X509_free(wincert);
RSA_free(rsa);
@@ -1063,7 +1071,7 @@
return -1;
}
- if (!SSL_use_RSAPrivateKey(mytls_vars->ssl, rsa))
+ if (!SSL_CTX_use_RSAPrivateKey(mytls_vars->ctx, rsa))
{
RSA_free(rsa);
debug_printf(DEBUG_NORMAL, "Couldn't set the OpenSSL RSA Private Key method!\n");
Modified: trunk/xsupplicant-engine-test-suite/vs2005/xsupplicant-test/xsupplicant-test.vcproj
===================================================================
--- trunk/xsupplicant-engine-test-suite/vs2005/xsupplicant-test/xsupplicant-test.vcproj 2008-11-21 00:06:01 UTC (rev 436)
+++ trunk/xsupplicant-engine-test-suite/vs2005/xsupplicant-test/xsupplicant-test.vcproj 2008-11-21 18:17:09 UTC (rev 437)
@@ -60,7 +60,7 @@
<Tool
Name="VCLinkerTool"
AdditionalDependencies="libxsupgui.lib libxsupconfig.lib"
- AdditionalLibraryDirectories=""E:\SEAAnt-multi-config\xsupplicant\vs2005\build-debug""
+ AdditionalLibraryDirectories="..\..\..\xsupplicant\vs2005\build-debug"
IgnoreDefaultLibraryNames="msvcrt"
GenerateDebugInformation="true"
TargetMachine="1"
@@ -134,7 +134,7 @@
<Tool
Name="VCLinkerTool"
AdditionalDependencies="libxsupgui.lib"
- AdditionalLibraryDirectories=""E:\SEAAnt-multi-config\xsupplicant\vs2005\build-release""
+ AdditionalLibraryDirectories="..\..\..\xsupplicant\vs2005\build-debug"
GenerateDebugInformation="true"
OptimizeReferences="2"
EnableCOMDATFolding="2"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|