diff options
| -rw-r--r-- | src/libstrongswan/credentials/auth_cfg.c | 8 | ||||
| -rw-r--r-- | src/libstrongswan/credentials/auth_cfg.h | 2 | ||||
| -rw-r--r-- | src/libstrongswan/credentials/sets/auth_cfg_wrapper.c | 3 |
3 files changed, 12 insertions, 1 deletions
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c index 98659f77b..23a3f62d9 100644 --- a/src/libstrongswan/credentials/auth_cfg.c +++ b/src/libstrongswan/credentials/auth_cfg.c @@ -131,6 +131,7 @@ static void destroy_entry_value(entry_t *entry) case AUTH_RULE_SUBJECT_CERT: case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: + case AUTH_HELPER_REVOCATION_CERT: { certificate_t *cert = (certificate_t*)entry->value; cert->destroy(cert); @@ -192,6 +193,7 @@ static void replace(auth_cfg_t *this, entry_enumerator_t *enumerator, case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: + case AUTH_HELPER_REVOCATION_CERT: /* pointer type */ enumerator->current->value = va_arg(args, void*); break; @@ -261,6 +263,7 @@ static void* get(private_auth_cfg_t *this, auth_rule_t type) case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: + case AUTH_HELPER_REVOCATION_CERT: default: return NULL; } @@ -300,6 +303,7 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...) case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: + case AUTH_HELPER_REVOCATION_CERT: /* pointer type */ entry->value = va_arg(args, void*); break; @@ -561,6 +565,7 @@ static bool complies(private_auth_cfg_t *this, auth_cfg_t *constraints, case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: + case AUTH_HELPER_REVOCATION_CERT: /* skip helpers */ continue; } @@ -607,6 +612,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy case AUTH_RULE_SUBJECT_CERT: case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: + case AUTH_HELPER_REVOCATION_CERT: { certificate_t *cert = (certificate_t*)value; @@ -702,6 +708,7 @@ static bool equals(private_auth_cfg_t *this, private_auth_cfg_t *other) case AUTH_RULE_SUBJECT_CERT: case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: + case AUTH_HELPER_REVOCATION_CERT: { certificate_t *c1, *c2; @@ -815,6 +822,7 @@ static auth_cfg_t* clone_(private_auth_cfg_t *this) case AUTH_RULE_SUBJECT_CERT: case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: + case AUTH_HELPER_REVOCATION_CERT: { certificate_t *cert = (certificate_t*)entry->value; clone->add(clone, entry->type, cert->get_ref(cert)); diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h index 8391f79b0..489ce1134 100644 --- a/src/libstrongswan/credentials/auth_cfg.h +++ b/src/libstrongswan/credentials/auth_cfg.h @@ -105,6 +105,8 @@ enum auth_rule_t { AUTH_HELPER_IM_HASH_URL, /** Hash and URL of a end-entity certificate, char* */ AUTH_HELPER_SUBJECT_HASH_URL, + /** revocation certificate (CRL, OCSP), certificate_t* */ + AUTH_HELPER_REVOCATION_CERT, }; /** diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c index 5e8458616..225fabe31 100644 --- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c +++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c @@ -132,7 +132,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert) } } else if (rule != AUTH_HELPER_SUBJECT_CERT && - rule != AUTH_HELPER_IM_CERT) + rule != AUTH_HELPER_IM_CERT && + rule != AUTH_HELPER_REVOCATION_CERT) { /* handle only HELPER certificates */ continue; } |