handle pluto specific certificates under CRED_CERTIFICATE, not as own credential kind

author: Martin Willi <martin@strongswan.org> 2009-08-13 15:05:14 +0200
committer: Martin Willi <martin@strongswan.org> 2009-08-26 11:23:49 +0200
commit: cbb62e8f4c48c795a3cf63899048845ee3bfe75c (patch)
tree: de9adde5bcfa691b214a5423b49141c6a60991bd /src
parent: f11a78f10a71756a48e318f00a0772f42226b1ef (diff)
download: strongswan-cbb62e8f4c48c795a3cf63899048845ee3bfe75c.tar.bz2
strongswan-cbb62e8f4c48c795a3cf63899048845ee3bfe75c.tar.xz
11 files changed, 40 insertions, 43 deletions
diff --git a/src/libstrongswan/credentials/certificates/certificate.c b/src/libstrongswan/credentials/certificates/certificate.c
index 041e2f1db..24e2d265b 100644
--- a/src/libstrongswan/credentials/certificates/certificate.c
+++ b/src/libstrongswan/credentials/certificates/certificate.c
@@ -17,7 +17,7 @@
 
 #include <credentials/certificates/x509.h>
 
-ENUM(certificate_type_names, CERT_ANY, CERT_PGP,
+ENUM(certificate_type_names, CERT_ANY, CERT_PLUTO_CRL,
 	"ANY",
 	"X509",
 	"X509_CRL",
@@ -27,6 +27,9 @@ ENUM(certificate_type_names, CERT_ANY, CERT_PGP,
 	"X509_CHAIN",
 	"TRUSTED_PUBKEY",
 	"PGP",
+	"PLUTO_CERT",
+	"PLUTO_AC",
+	"PLUTO_CRL",
 );
 
 ENUM(cert_validation_names, VALIDATION_GOOD, VALIDATION_REVOKED,
diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h
index 81fce5508..ef26a437a 100644
--- a/src/libstrongswan/credentials/certificates/certificate.h
+++ b/src/libstrongswan/credentials/certificates/certificate.h
@@ -48,7 +48,13 @@ enum certificate_type_t {
 	/** trusted, preinstalled public key */
 	CERT_TRUSTED_PUBKEY,
 	/** PGP certificate */
-	CERT_PGP,
+	CERT_GPG,
+	/** Pluto cert_t (not a certificate_t), either x509 or PGP */
+	CERT_PLUTO_CERT,
+	/** Pluto x509acert_t (not a certificate_t), attribute certificate */
+	CERT_PLUTO_AC,
+	/** Pluto x509crl_t (not a certificate_t), certificate revocation list */
+	CERT_PLUTO_CRL,
 };
 
 /**
diff --git a/src/libstrongswan/credentials/credential_factory.h b/src/libstrongswan/credentials/credential_factory.h
index bf1d83e59..69a55cf36 100644
--- a/src/libstrongswan/credentials/credential_factory.h
+++ b/src/libstrongswan/credentials/credential_factory.h
@@ -36,8 +36,6 @@ enum credential_type_t {
 	CRED_PUBLIC_KEY,
 	/** certificates, implemented in certificate_t */
 	CRED_CERTIFICATE,
-	/** deprecated pluto style certificates */
-	CRED_PLUTO_CERT,
 };
 
 /**
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c
index 4d8a32a07..72cc8a301 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -561,11 +561,3 @@ builder_t *certificate_pem_builder(certificate_type_t type)
 	return pem_builder(CRED_CERTIFICATE, type);
 }
 
-/**
- * Pluto specific cert builder.
- */
-builder_t *pluto_pem_builder(certificate_type_t type)
-{
-	return pem_builder(CRED_PLUTO_CERT, type);
-}
-
diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c
index 7d82ae38c..5289361f2 100644
--- a/src/libstrongswan/plugins/pem/pem_plugin.c
+++ b/src/libstrongswan/plugins/pem/pem_plugin.c
@@ -42,8 +42,6 @@ static void destroy(private_pem_plugin_t *this)
 							   (builder_constructor_t)public_key_pem_builder);
 	lib->creds->remove_builder(lib->creds,
 							   (builder_constructor_t)certificate_pem_builder);
-	lib->creds->remove_builder(lib->creds,
-							   (builder_constructor_t)pluto_pem_builder);
 	free(this);
 }
 
@@ -91,16 +89,16 @@ plugin_t *plugin_create()
 							(builder_constructor_t)certificate_pem_builder);
 	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_TRUSTED_PUBKEY,
 							(builder_constructor_t)certificate_pem_builder);
-	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PGP,
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG,
 							(builder_constructor_t)certificate_pem_builder);
 	
-	/* pluto specific credentials formats */
-	lib->creds->add_builder(lib->creds, CRED_PLUTO_CERT, 0,
-							(builder_constructor_t)pluto_cert_pem_builder);
-	lib->creds->add_builder(lib->creds, CRED_PLUTO_CRL, 0,
-							(builder_constructor_t)pluto_crl_pem_builder);
-	lib->creds->add_builder(lib->creds, CRED_PLUTO_AC, 0,
-							(builder_constructor_t)pluto_ac_pem_builder);
+	/* register pluto specific certificate formats */
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
+							(builder_constructor_t)certificate_pem_builder);
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_AC,
+							(builder_constructor_t)certificate_pem_builder);
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
+							(builder_constructor_t)certificate_pem_builder);
 	
 	return &this->public.plugin;
 }
diff --git a/src/pluto/ac.c b/src/pluto/ac.c
index c09b4f12c..ac95364af 100644
--- a/src/pluto/ac.c
+++ b/src/pluto/ac.c
@@ -27,6 +27,7 @@
 #include <asn1/asn1.h>
 #include <asn1/asn1_parser.h>
 #include <asn1/oid.h>
+#include <credentials/certificates/certificate.h>
 
 #include "ac.h"
 #include "x509.h"
@@ -821,8 +822,9 @@ void load_acerts(void)
 			{
 				x509acert_t *ac;
 				
-				ac = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_AC,
-							  BUILD_FROM_FILE, filelist[n]->d_name, BUILD_END);
+				ac = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+							CERT_PLUTO_AC, BUILD_FROM_FILE, filelist[n]->d_name,
+							BUILD_END);
 				if (ac)
 				{
 					add_acert(ac);
diff --git a/src/pluto/builder.c b/src/pluto/builder.c
index d392f58fc..d631fd2c2 100644
--- a/src/pluto/builder.c
+++ b/src/pluto/builder.c
@@ -23,7 +23,8 @@
 
 #include <freeswan.h>
 
-#include "library.h"
+#include <library.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -206,13 +207,13 @@ static builder_t *builder(credential_type_t type, int subtype)
 	
 	switch (subtype)
 	{
-		case CRED_TYPE_CERTIFICATE:
+		case CERT_PLUTO_CERT:
 			this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))cert_add;
 			break;
-		case CRED_TYPE_AC:
+		case CERT_PLUTO_AC:
 			this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))ac_add;
 			break;
-		case CRED_TYPE_CRL:
+		case CERT_PLUTO_CRL:
 			this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))crl_add;
 			break;
 		default:
@@ -227,7 +228,11 @@ static builder_t *builder(credential_type_t type, int subtype)
 
 void init_builder(void)
 {
-	lib->creds->add_builder(lib->creds, CRED_PLUTO_CERT, 0,
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
+							(builder_constructor_t)builder);
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_AC,
+							(builder_constructor_t)builder);
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
 							(builder_constructor_t)builder);
 }
 
diff --git a/src/pluto/builder.h b/src/pluto/builder.h
index 17ae85331..784751b7c 100644
--- a/src/pluto/builder.h
+++ b/src/pluto/builder.h
@@ -16,16 +16,6 @@
 #ifndef _BUILDER_H
 #define _BUILDER_H
 
-/* types of pluto credentials */
-typedef enum {
-	/* cert_t certificate, either x509 or PGP */
-	CRED_TYPE_CERTIFICATE,
-	/* x509crl_t certificate revocation list */
-	CRED_TYPE_CRL,
-	/* x509acert_t attribute certificate */
-	CRED_TYPE_AC,
-} cred_type_t;
-
 /* register credential builder hooks */
 extern void init_builder();
 /* unregister credential builder hooks */
diff --git a/src/pluto/certs.c b/src/pluto/certs.c
index 02b8046ca..ccf48e101 100644
--- a/src/pluto/certs.c
+++ b/src/pluto/certs.c
@@ -23,6 +23,7 @@
 
 #include "library.h"
 #include "asn1/asn1.h"
+#include "credentials/certificates/certificate.h"
 
 #include "constants.h"
 #include "defs.h"
@@ -155,7 +156,7 @@ bool load_cert(char *filename, const char *label, cert_t *out)
 {
 	cert_t *cert;
 
-	cert = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_CERTIFICATE,
+	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
 							  BUILD_FROM_FILE, filename, BUILD_END);
 	if (cert)
 	{
diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index aeb49884a..40c5d474c 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -28,6 +28,7 @@
 #include <asn1/asn1_parser.h>
 #include <asn1/oid.h>
 #include <crypto/hashers/hasher.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -343,8 +344,8 @@ void load_crls(void)
 				char *filename = filelist[n]->d_name;
 				x509crl_t *crl;
 				
-				crl = lib->creds->create(lib->creds, CRED_PLUTO_CERT,
-							CRED_TYPE_CRL, BUILD_FROM_FILE, filename, BUILD_END);
+				crl = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+						CERT_PLUTO_CRL, BUILD_FROM_FILE, filename, BUILD_END);
 				if (crl)
 				{
 					chunk_t crl_uri;
diff --git a/src/pluto/fetch.c b/src/pluto/fetch.c
index 827c83d55..0c69aa526 100644
--- a/src/pluto/fetch.c
+++ b/src/pluto/fetch.c
@@ -28,6 +28,7 @@
 #include <library.h>
 #include <debug.h>
 #include <asn1/asn1.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -272,7 +273,7 @@ x509crl_t* fetch_crl(char *url)
 		DBG1("crl fetching failed");
 		return FALSE;
 	}
-	crl = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_CRL,
+	crl = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
 							 BUILD_BLOB_PEM, blob, BUILD_END);
 	free(blob.ptr);
 	if (!crl)
author	Martin Willi <martin@strongswan.org>	2009-08-13 15:05:14 +0200
committer	Martin Willi <martin@strongswan.org>	2009-08-26 11:23:49 +0200
commit	cbb62e8f4c48c795a3cf63899048845ee3bfe75c (patch)
tree	de9adde5bcfa691b214a5423b49141c6a60991bd /src
parent	f11a78f10a71756a48e318f00a0772f42226b1ef (diff)
download	strongswan-cbb62e8f4c48c795a3cf63899048845ee3bfe75c.tar.bz2 strongswan-cbb62e8f4c48c795a3cf63899048845ee3bfe75c.tar.xz