diff options
| author | Martin Willi <martin@revosec.ch> | 2012-10-17 15:55:42 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-10-24 13:07:53 +0200 |
| commit | 434902b302a58baedd8767b61e0b37c70bd69c8b (patch) | |
| tree | 51501501a26c0beb61793d3776738e2f4bff220f /src | |
| parent | 794d713dca1d9da19aa795e779e485b7c2f51ccb (diff) | |
| download | strongswan-434902b302a58baedd8767b61e0b37c70bd69c8b.tar.bz2 strongswan-434902b302a58baedd8767b61e0b37c70bd69c8b.tar.xz | |
Add a strongswan.conf option to disable loading of all certificates from a pkcs11 module
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c index 31cfa81dd..dcdff66eb 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c @@ -82,13 +82,18 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11, this->handle_events_lock->read_lock(this->handle_events_lock); if (add && this->handle_events) { - creds = pkcs11_creds_create(p11, slot); - if (creds) + if (lib->settings->get_bool(lib->settings, + "libstrongswan.plugins.pkcs11.modules.%s.load_certs", + TRUE, p11->get_name(p11))) { - this->mutex->lock(this->mutex); - this->creds->insert_last(this->creds, creds); - this->mutex->unlock(this->mutex); - lib->credmgr->add_set(lib->credmgr, &creds->set); + creds = pkcs11_creds_create(p11, slot); + if (creds) + { + this->mutex->lock(this->mutex); + this->creds->insert_last(this->creds, creds); + this->mutex->unlock(this->mutex); + lib->credmgr->add_set(lib->credmgr, &creds->set); + } } } else if (this->handle_events) |