diff options
Diffstat (limited to 'src/charon/plugins/stroke/stroke_ca.c')
-rw-r--r-- | src/charon/plugins/stroke/stroke_ca.c | 60 |
1 files changed, 30 insertions, 30 deletions
diff --git a/src/charon/plugins/stroke/stroke_ca.c b/src/charon/plugins/stroke/stroke_ca.c index 2f87ba0aa..2c3e2936e 100644 --- a/src/charon/plugins/stroke/stroke_ca.c +++ b/src/charon/plugins/stroke/stroke_ca.c @@ -34,17 +34,17 @@ struct private_stroke_ca_t { * public functions */ stroke_ca_t public; - + /** * read-write lock to lists */ rwlock_t *lock; - + /** * list of starters CA sections and its certificates (ca_section_t) */ linked_list_t *sections; - + /** * stroke credentials, stores our CA certificates */ @@ -62,27 +62,27 @@ struct ca_section_t { * name of the CA section */ char *name; - + /** * reference to cert in trusted_credential_t */ certificate_t *cert; - + /** * CRL URIs */ linked_list_t *crl; - + /** * OCSP URIs */ linked_list_t *ocsp; - + /** * Hashes of certificates issued by this CA */ linked_list_t *hashes; - + /** * Base URI used for certificates from this CA */ @@ -90,12 +90,12 @@ struct ca_section_t { }; /** - * create a new CA section + * create a new CA section */ static ca_section_t *ca_section_create(char *name, certificate_t *cert) { ca_section_t *ca = malloc_thing(ca_section_t); - + ca->name = strdup(name); ca->crl = linked_list_create(); ca->ocsp = linked_list_create(); @@ -145,7 +145,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data) chunk_t keyid; enumerator_t *enumerator = NULL; linked_list_t *list; - + if (data->type == CERT_X509_OCSP_RESPONSE) { list = section->ocsp; @@ -154,7 +154,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data) { list = section->crl; } - + public = section->cert->get_public_key(section->cert); if (public) { @@ -182,25 +182,25 @@ static enumerator_t *create_inner_cdp_hashandurl(ca_section_t *section, cdp_data { enumerator_t *enumerator = NULL, *hash_enum; identification_t *current; - + if (!data->id || !section->certuribase) { return NULL; } - + hash_enum = section->hashes->create_enumerator(section->hashes); while (hash_enum->enumerate(hash_enum, ¤t)) - { + { if (current->matches(current, data->id)) { char *url, *hash; - + url = malloc(strlen(section->certuribase) + 40 + 1); strcpy(url, section->certuribase); hash = chunk_to_hex(current->get_encoding(current), NULL, FALSE).ptr; strncat(url, hash, 40); free(hash); - + enumerator = enumerator_create_single(url, free); break; } @@ -231,7 +231,7 @@ static enumerator_t *create_cdp_enumerator(private_stroke_ca_t *this, data->this = this; data->type = type; data->id = id; - + this->lock->read_lock(this->lock); return enumerator_create_nested(this->sections->create_enumerator(this->sections), (type == CERT_X509) ? (void*)create_inner_cdp_hashandurl : (void*)create_inner_cdp, @@ -244,12 +244,12 @@ static void add(private_stroke_ca_t *this, stroke_msg_t *msg) { certificate_t *cert; ca_section_t *ca; - + if (msg->add_ca.cacert == NULL) { DBG1(DBG_CFG, "missing cacert parameter"); return; - } + } cert = this->cred->load_ca(this->cred, msg->add_ca.cacert); if (cert) { @@ -288,7 +288,7 @@ static void del(private_stroke_ca_t *this, stroke_msg_t *msg) { enumerator_t *enumerator; ca_section_t *ca = NULL; - + this->lock->write_lock(this->lock); enumerator = this->sections->create_enumerator(this->sections); while (enumerator->enumerate(enumerator, &ca)) @@ -344,14 +344,14 @@ static void check_for_hash_and_url(private_stroke_ca_t *this, certificate_t* cer { ca_section_t *section; enumerator_t *enumerator; - + hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { DBG1(DBG_IKE, "unable to use hash-and-url: sha1 not supported"); return; } - + this->lock->write_lock(this->lock); enumerator = this->sections->create_enumerator(this->sections); while (enumerator->enumerate(enumerator, (void**)§ion)) @@ -369,7 +369,7 @@ static void check_for_hash_and_url(private_stroke_ca_t *this, certificate_t* cer } enumerator->destroy(enumerator); this->lock->unlock(this->lock); - + hasher->destroy(hasher); } @@ -381,7 +381,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out) bool first = TRUE; ca_section_t *section; enumerator_t *enumerator; - + this->lock->read_lock(this->lock); enumerator = this->sections->create_enumerator(this->sections); while (enumerator->enumerate(enumerator, (void**)§ion)) @@ -389,7 +389,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out) certificate_t *cert = section->cert; public_key_t *public = cert->get_public_key(cert); chunk_t chunk; - + if (first) { fprintf(out, "\n"); @@ -398,7 +398,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out) } fprintf(out, "\n"); fprintf(out, " authname: \"%Y\"\n", cert->get_subject(cert)); - + /* list authkey and keyid */ if (public) { @@ -439,7 +439,7 @@ static void destroy(private_stroke_ca_t *this) stroke_ca_t *stroke_ca_create(stroke_cred_t *cred) { private_stroke_ca_t *this = malloc_thing(private_stroke_ca_t); - + this->public.set.create_private_enumerator = (void*)return_null; this->public.set.create_cert_enumerator = (void*)return_null; this->public.set.create_shared_enumerator = (void*)return_null; @@ -450,11 +450,11 @@ stroke_ca_t *stroke_ca_create(stroke_cred_t *cred) this->public.list = (void(*)(stroke_ca_t*, stroke_msg_t *msg, FILE *out))list; this->public.check_for_hash_and_url = (void(*)(stroke_ca_t*, certificate_t*))check_for_hash_and_url; this->public.destroy = (void(*)(stroke_ca_t*))destroy; - + this->sections = linked_list_create(); this->lock = rwlock_create(RWLOCK_TYPE_DEFAULT); this->cred = cred; - + return &this->public; } |