aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/plugins/stroke/stroke_ca.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/plugins/stroke/stroke_ca.c')
-rw-r--r--src/charon/plugins/stroke/stroke_ca.c60
1 files changed, 30 insertions, 30 deletions
diff --git a/src/charon/plugins/stroke/stroke_ca.c b/src/charon/plugins/stroke/stroke_ca.c
index 2f87ba0aa..2c3e2936e 100644
--- a/src/charon/plugins/stroke/stroke_ca.c
+++ b/src/charon/plugins/stroke/stroke_ca.c
@@ -34,17 +34,17 @@ struct private_stroke_ca_t {
* public functions
*/
stroke_ca_t public;
-
+
/**
* read-write lock to lists
*/
rwlock_t *lock;
-
+
/**
* list of starters CA sections and its certificates (ca_section_t)
*/
linked_list_t *sections;
-
+
/**
* stroke credentials, stores our CA certificates
*/
@@ -62,27 +62,27 @@ struct ca_section_t {
* name of the CA section
*/
char *name;
-
+
/**
* reference to cert in trusted_credential_t
*/
certificate_t *cert;
-
+
/**
* CRL URIs
*/
linked_list_t *crl;
-
+
/**
* OCSP URIs
*/
linked_list_t *ocsp;
-
+
/**
* Hashes of certificates issued by this CA
*/
linked_list_t *hashes;
-
+
/**
* Base URI used for certificates from this CA
*/
@@ -90,12 +90,12 @@ struct ca_section_t {
};
/**
- * create a new CA section
+ * create a new CA section
*/
static ca_section_t *ca_section_create(char *name, certificate_t *cert)
{
ca_section_t *ca = malloc_thing(ca_section_t);
-
+
ca->name = strdup(name);
ca->crl = linked_list_create();
ca->ocsp = linked_list_create();
@@ -145,7 +145,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
chunk_t keyid;
enumerator_t *enumerator = NULL;
linked_list_t *list;
-
+
if (data->type == CERT_X509_OCSP_RESPONSE)
{
list = section->ocsp;
@@ -154,7 +154,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
{
list = section->crl;
}
-
+
public = section->cert->get_public_key(section->cert);
if (public)
{
@@ -182,25 +182,25 @@ static enumerator_t *create_inner_cdp_hashandurl(ca_section_t *section, cdp_data
{
enumerator_t *enumerator = NULL, *hash_enum;
identification_t *current;
-
+
if (!data->id || !section->certuribase)
{
return NULL;
}
-
+
hash_enum = section->hashes->create_enumerator(section->hashes);
while (hash_enum->enumerate(hash_enum, &current))
- {
+ {
if (current->matches(current, data->id))
{
char *url, *hash;
-
+
url = malloc(strlen(section->certuribase) + 40 + 1);
strcpy(url, section->certuribase);
hash = chunk_to_hex(current->get_encoding(current), NULL, FALSE).ptr;
strncat(url, hash, 40);
free(hash);
-
+
enumerator = enumerator_create_single(url, free);
break;
}
@@ -231,7 +231,7 @@ static enumerator_t *create_cdp_enumerator(private_stroke_ca_t *this,
data->this = this;
data->type = type;
data->id = id;
-
+
this->lock->read_lock(this->lock);
return enumerator_create_nested(this->sections->create_enumerator(this->sections),
(type == CERT_X509) ? (void*)create_inner_cdp_hashandurl : (void*)create_inner_cdp,
@@ -244,12 +244,12 @@ static void add(private_stroke_ca_t *this, stroke_msg_t *msg)
{
certificate_t *cert;
ca_section_t *ca;
-
+
if (msg->add_ca.cacert == NULL)
{
DBG1(DBG_CFG, "missing cacert parameter");
return;
- }
+ }
cert = this->cred->load_ca(this->cred, msg->add_ca.cacert);
if (cert)
{
@@ -288,7 +288,7 @@ static void del(private_stroke_ca_t *this, stroke_msg_t *msg)
{
enumerator_t *enumerator;
ca_section_t *ca = NULL;
-
+
this->lock->write_lock(this->lock);
enumerator = this->sections->create_enumerator(this->sections);
while (enumerator->enumerate(enumerator, &ca))
@@ -344,14 +344,14 @@ static void check_for_hash_and_url(private_stroke_ca_t *this, certificate_t* cer
{
ca_section_t *section;
enumerator_t *enumerator;
-
+
hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher == NULL)
{
DBG1(DBG_IKE, "unable to use hash-and-url: sha1 not supported");
return;
}
-
+
this->lock->write_lock(this->lock);
enumerator = this->sections->create_enumerator(this->sections);
while (enumerator->enumerate(enumerator, (void**)&section))
@@ -369,7 +369,7 @@ static void check_for_hash_and_url(private_stroke_ca_t *this, certificate_t* cer
}
enumerator->destroy(enumerator);
this->lock->unlock(this->lock);
-
+
hasher->destroy(hasher);
}
@@ -381,7 +381,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out)
bool first = TRUE;
ca_section_t *section;
enumerator_t *enumerator;
-
+
this->lock->read_lock(this->lock);
enumerator = this->sections->create_enumerator(this->sections);
while (enumerator->enumerate(enumerator, (void**)&section))
@@ -389,7 +389,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out)
certificate_t *cert = section->cert;
public_key_t *public = cert->get_public_key(cert);
chunk_t chunk;
-
+
if (first)
{
fprintf(out, "\n");
@@ -398,7 +398,7 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out)
}
fprintf(out, "\n");
fprintf(out, " authname: \"%Y\"\n", cert->get_subject(cert));
-
+
/* list authkey and keyid */
if (public)
{
@@ -439,7 +439,7 @@ static void destroy(private_stroke_ca_t *this)
stroke_ca_t *stroke_ca_create(stroke_cred_t *cred)
{
private_stroke_ca_t *this = malloc_thing(private_stroke_ca_t);
-
+
this->public.set.create_private_enumerator = (void*)return_null;
this->public.set.create_cert_enumerator = (void*)return_null;
this->public.set.create_shared_enumerator = (void*)return_null;
@@ -450,11 +450,11 @@ stroke_ca_t *stroke_ca_create(stroke_cred_t *cred)
this->public.list = (void(*)(stroke_ca_t*, stroke_msg_t *msg, FILE *out))list;
this->public.check_for_hash_and_url = (void(*)(stroke_ca_t*, certificate_t*))check_for_hash_and_url;
this->public.destroy = (void(*)(stroke_ca_t*))destroy;
-
+
this->sections = linked_list_create();
this->lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
this->cred = cred;
-
+
return &this->public;
}