diff options
| author | Martin Willi <martin@strongswan.org> | 2008-05-14 06:49:31 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2008-05-14 06:49:31 +0000 |
| commit | 0fd4caea6624ce250daa86f5ff8ef8a46a2f9f2b (patch) | |
| tree | fa79dc678546257195d5b36780d3d10bb564411c | |
| parent | c0d1ebde71116cbe494b445da9c08cf5454ff201 (diff) | |
| download | strongswan-0fd4caea6624ce250daa86f5ff8ef8a46a2f9f2b.tar.bz2 strongswan-0fd4caea6624ce250daa86f5ff8ef8a46a2f9f2b.tar.xz | |
handle ID_KEY_ID as a ID_PUBKEY_SHA1 for authentication
| -rw-r--r-- | src/charon/credentials/credential_manager.c | 3 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_cred.c | 12 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c index 543aca5e3..251194ba8 100644 --- a/src/charon/credentials/credential_manager.c +++ b/src/charon/credentials/credential_manager.c @@ -447,7 +447,6 @@ static certificate_t *fetch_ocsp(private_credential_manager_t *this, char *url, request->destroy(request); DBG1(DBG_CFG, " requesting ocsp status from '%s' ...", url); - /* TODO: unlock manager while fetching? */ if (lib->fetcher->fetch(lib->fetcher, url, &receive, FETCH_REQUEST_DATA, send, FETCH_REQUEST_TYPE, "application/ocsp-request", @@ -682,7 +681,6 @@ static certificate_t* fetch_crl(private_credential_manager_t *this, char *url) certificate_t *crl; chunk_t chunk; - /* TODO: unlock the manager while fetching? */ DBG1(DBG_CFG, " fetching crl from '%s' ...", url); if (lib->fetcher->fetch(lib->fetcher, url, &chunk, FETCH_END) != SUCCESS) { @@ -1424,6 +1422,7 @@ static private_key_t *get_private(private_credential_manager_t *this, { case ID_PUBKEY_SHA1: case ID_PUBKEY_INFO_SHA1: + case ID_KEY_ID: return get_private_by_keyid(this, type, id); default: break; diff --git a/src/charon/plugins/stroke/stroke_cred.c b/src/charon/plugins/stroke/stroke_cred.c index 9467248f0..52140cb9c 100644 --- a/src/charon/plugins/stroke/stroke_cred.c +++ b/src/charon/plugins/stroke/stroke_cred.c @@ -104,14 +104,22 @@ static bool private_filter(id_data_t *data, private_key_t **in, private_key_t **out) { identification_t *candidate; + id_type_t type; if (data->id == NULL) { *out = *in; return TRUE; } - candidate = (*in)->get_id(*in, data->id->get_type(data->id)); - if (candidate && data->id->equals(data->id, candidate)) + type = data->id->get_type(data->id); + if (type == ID_KEY_ID) + { /* handle ID_KEY_ID as a ID_PUBKEY_SHA1 */ + type = ID_PUBKEY_SHA1; + } + candidate = (*in)->get_id(*in, type); + if (candidate && + chunk_equals(candidate->get_encoding(candidate), + data->id->get_encoding(data->id))) { *out = *in; return TRUE; |