Move peer certificate wpa_msg() calls to notify.c

This type of wpa_supplicant specific message construction does not need to be at the EAP implementation, so better move it up to notify.c.
2024-11-25 00:38:24 -05:00 · 2011-07-05 12:40:37 +03:00 · 2011-07-05 12:40:37 +03:00 · 4f525d8e5b
commit 4f525d8e5b
parent ade74830b4
3 changed files with 60 additions and 29 deletions
--- a/src/eap_peer/eap.c
+++ b/src/eap_peer/eap.c
@ -1168,7 +1168,6 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 {
 	struct eap_sm *sm = ctx;
 	char *hash_hex = NULL;
-	char *cert_hex = NULL;

 	switch (ev) {
 	case TLS_CERT_CHAIN_FAILURE:
@ -1180,6 +1179,9 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 			data->cert_fail.reason_txt);
 		break;
 	case TLS_PEER_CERTIFICATE:
+		if (!sm->eapol_cb->notify_cert)
+			break;
+
 		if (data->peer_cert.hash) {
 			size_t len = data->peer_cert.hash_len * 2 + 1;
 			hash_hex = os_malloc(len);
@ -1189,38 +1191,15 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
 						 data->peer_cert.hash_len);
 			}
 		}
-		wpa_msg(sm->msg_ctx, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
-			"depth=%d subject='%s'%s%s",
-			data->peer_cert.depth, data->peer_cert.subject,
-			hash_hex ? " hash=" : "", hash_hex ? hash_hex : "");

-		if (data->peer_cert.cert) {
-			size_t len = wpabuf_len(data->peer_cert.cert) * 2 + 1;
-			cert_hex = os_malloc(len);
-			if (cert_hex == NULL)
-				break;
-			wpa_snprintf_hex(cert_hex, len,
-					 wpabuf_head(data->peer_cert.cert),
-					 wpabuf_len(data->peer_cert.cert));
-			wpa_msg_ctrl(sm->msg_ctx, MSG_INFO,
-				     WPA_EVENT_EAP_PEER_CERT
-				     "depth=%d subject='%s' cert=%s",
-				     data->peer_cert.depth,
-				     data->peer_cert.subject,
-				     cert_hex);
-		}
-		if (sm->eapol_cb->notify_cert) {
-			sm->eapol_cb->notify_cert(sm->eapol_ctx,
-						  data->peer_cert.depth,
-						  data->peer_cert.subject,
-						  hash_hex,
-						  data->peer_cert.cert);
-		}
+		sm->eapol_cb->notify_cert(sm->eapol_ctx,
+					  data->peer_cert.depth,
+					  data->peer_cert.subject,
+					  hash_hex, data->peer_cert.cert);
 		break;
 	}

 	os_free(hash_hex);
-	os_free(cert_hex);
 }


--- a/wpa_supplicant/eapol_test.c
+++ b/wpa_supplicant/eapol_test.c
@ -1,6 +1,6 @@
 /*
 * WPA Supplicant - test code
- * Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
@ -29,6 +29,7 @@
 #include "wpa_supplicant_i.h"
 #include "radius/radius.h"
 #include "radius/radius_client.h"
+#include "common/wpa_ctrl.h"
 #include "ctrl_iface.h"
 #include "pcsc_funcs.h"

@ -383,6 +384,35 @@ static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx)
 }


+static void eapol_test_cert_cb(void *ctx, int depth, const char *subject,
+			       const char *cert_hash,
+			       const struct wpabuf *cert)
+{
+	struct eapol_test_data *e = ctx;
+
+	wpa_msg(e->wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
+		"depth=%d subject='%s'%s%s",
+		depth, subject,
+		cert_hash ? " hash=" : "",
+		cert_hash ? cert_hash : "");
+
+	if (cert) {
+		char *cert_hex;
+		size_t len = wpabuf_len(cert) * 2 + 1;
+		cert_hex = os_malloc(len);
+		if (cert_hex) {
+			wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert),
+					 wpabuf_len(cert));
+			wpa_msg_ctrl(e->wpa_s, MSG_INFO,
+				     WPA_EVENT_EAP_PEER_CERT
+				     "depth=%d subject='%s' cert=%s",
+				     depth, subject, cert_hex);
+			os_free(cert_hex);
+		}
+	}
+}
+
+
 static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s,
 		      struct wpa_ssid *ssid)
 {
@ -408,6 +438,7 @@ static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s,
 	ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
 	ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
 	ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
+	ctx->cert_cb = eapol_test_cert_cb;

 	wpa_s->eapol = eapol_sm_init(ctx);
 	if (wpa_s->eapol == NULL) {
--- a/wpa_supplicant/notify.c
+++ b/wpa_supplicant/notify.c
@ -561,6 +561,27 @@ void wpas_notify_certification(struct wpa_supplicant *wpa_s, int depth,
 			       const char *subject, const char *cert_hash,
 			       const struct wpabuf *cert)
 {
+	wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_CERT
+		"depth=%d subject='%s'%s%s",
+		depth, subject,
+		cert_hash ? " hash=" : "",
+		cert_hash ? cert_hash : "");
+
+	if (cert) {
+		char *cert_hex;
+		size_t len = wpabuf_len(cert) * 2 + 1;
+		cert_hex = os_malloc(len);
+		if (cert_hex) {
+			wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert),
+					 wpabuf_len(cert));
+			wpa_msg_ctrl(wpa_s, MSG_INFO,
+				     WPA_EVENT_EAP_PEER_CERT
+				     "depth=%d subject='%s' cert=%s",
+				     depth, subject, cert_hex);
+			os_free(cert_hex);
+		}
+	}
+
 	/* notify the old DBus API */
 	wpa_supplicant_dbus_notify_certification(wpa_s, depth, subject,
 						 cert_hash, cert);