- applied patch from andreas, which allows certificate listing via stroke

author: Martin Willi <martin@strongswan.org> 2006-05-19 06:44:08 +0000
committer: Martin Willi <martin@strongswan.org> 2006-05-19 06:44:08 +0000
commit: 86a7937b45b624867af996e30642d6be70f37988 (patch)
tree: 3a4aa31ae4c7e54d1757d64f63823b20516a6890 /src/charon/config
parent: 3e61d63a3a468586b89a5dcf0d6579a58ad5009e (diff)
download: strongswan-86a7937b45b624867af996e30642d6be70f37988.tar.bz2
strongswan-86a7937b45b624867af996e30642d6be70f37988.tar.xz
3 files changed, 40 insertions, 5 deletions
diff --git a/src/charon/config/credentials/credential_store.h b/src/charon/config/credentials/credential_store.h
index 2339469c0..df128fad6 100755
--- a/src/charon/config/credentials/credential_store.h
+++ b/src/charon/config/credentials/credential_store.h
@@ -27,6 +27,7 @@
 #include <crypto/rsa/rsa_private_key.h>
 #include <crypto/rsa/rsa_public_key.h>
 #include <utils/identification.h>
+#include <utils/logger.h>
 
 
 typedef struct credential_store_t credential_store_t;
@@ -81,6 +82,15 @@ struct credential_store_t {
 	rsa_private_key_t *(*get_rsa_private_key) (credential_store_t *this, identification_t *identification);
 
 	/**
+	 * @brief Lists all certificates kept in the local credential store.
+	 *
+	 * @param this		calling object
+	 * @param logger	logger to be used
+	 * @param utc		log dates either in UTC or local time
+	 */
+	void (*log_certificates) (credential_store_t *this, logger_t *logger, bool utc);
+
+	/**
 	 * @brief Destroys a credential_store_t object.
 	 * 
 	 * @param this 					calling object
diff --git a/src/charon/config/credentials/local_credential_store.c b/src/charon/config/credentials/local_credential_store.c
index 2554eec4a..ab17c0d1c 100644
--- a/src/charon/config/credentials/local_credential_store.c
+++ b/src/charon/config/credentials/local_credential_store.c
@@ -141,6 +141,30 @@ static rsa_private_key_t *get_rsa_private_key(private_local_credential_store_t *
 }
 
 /**
+ * Implements credential_store_t.log_certificates
+ */
+static void log_certificates(private_local_credential_store_t *this, logger_t *logger, bool utc)
+{
+	iterator_t *iterator = this->certificates->create_iterator(this->certificates, TRUE);
+
+	if (iterator->get_count(iterator))
+	{
+		logger->log(logger, CONTROL, "");
+		logger->log(logger, CONTROL, "List of X.509 End Entity Certificates:");
+		logger->log(logger, CONTROL, "");
+	}
+
+	while (iterator->has_next(iterator))
+	{
+		x509_t *cert;
+
+		iterator->current(iterator, (void**)&cert);
+		cert->log_certificate(cert, logger, utc);
+	}
+	iterator->destroy(iterator);
+}
+
+/**
  * Implements local_credential_store_t.load_certificates
  */
 static void load_certificates(private_local_credential_store_t *this, const char *path)
@@ -187,8 +211,8 @@ static void load_certificates(private_local_credential_store_t *this, const char
  */
 static identification_t *get_id_for_private_key(private_local_credential_store_t *this, rsa_private_key_t *private_key)
 {
-	iterator_t *iterator;
 	x509_t *cert;
+	iterator_t *iterator;
 	identification_t *found = NULL;
 	rsa_public_key_t *public_key;
 	
@@ -368,6 +392,7 @@ local_credential_store_t * local_credential_store_create(void)
 	this->public.credential_store.get_shared_secret = (status_t(*)(credential_store_t*,identification_t*,chunk_t*))get_shared_secret;
 	this->public.credential_store.get_rsa_private_key = (rsa_private_key_t*(*)(credential_store_t*,identification_t*))get_rsa_private_key;
 	this->public.credential_store.get_rsa_public_key = (rsa_public_key_t*(*)(credential_store_t*,identification_t*))get_rsa_public_key;
+	this->public.credential_store.log_certificates = (void(*)(credential_store_t*,logger_t*,bool))log_certificates;
 	this->public.load_certificates = (void(*)(local_credential_store_t*,const char*))load_certificates;
 	this->public.load_private_keys = (void(*)(local_credential_store_t*,const char*, const char*))load_private_keys;
 	this->public.credential_store.destroy = (void(*)(credential_store_t*))destroy;
diff --git a/src/charon/config/credentials/local_credential_store.h b/src/charon/config/credentials/local_credential_store.h
index 81b7568d7..db71341d0 100644
--- a/src/charon/config/credentials/local_credential_store.h
+++ b/src/charon/config/credentials/local_credential_store.h
@@ -52,7 +52,7 @@ struct local_credential_store_t {
 	/**
 	 * @brief Loads trusted certificates from a folder.
 	 *
-	 * Currently, all keys must be in binary DER format.
+	 * Certificates in both DER and PEM format are accepted
 	 *
 	 * @param this		calling object
 	 * @param path		directory to load certificates from
@@ -60,10 +60,10 @@ struct local_credential_store_t {
 	void (*load_certificates) (local_credential_store_t *this, const char *path);
 	
 	/**
-	 * @brief Loads RSA private keys from a folder.
+	 * @brief Loads RSA private keys defined in ipsec.secrets
 	 * 
-	 * Currently, all keys must be unencrypted in binary DER format. Anything
-	 * other gets ignored. Further, a certificate for the specific private
+	 * Currently, all keys must be unencrypted in either DER or PEM format.
+	 * Other formats are ignored. Further, a certificate for the specific private
 	 * key must already be loaded to get the ID from.
 	 * 
 	 * @param this			calling object
author	Martin Willi <martin@strongswan.org>	2006-05-19 06:44:08 +0000
committer	Martin Willi <martin@strongswan.org>	2006-05-19 06:44:08 +0000
commit	86a7937b45b624867af996e30642d6be70f37988 (patch)
tree	3a4aa31ae4c7e54d1757d64f63823b20516a6890 /src/charon/config
parent	3e61d63a3a468586b89a5dcf0d6579a58ad5009e (diff)
download	strongswan-86a7937b45b624867af996e30642d6be70f37988.tar.bz2 strongswan-86a7937b45b624867af996e30642d6be70f37988.tar.xz