diff options
Diffstat (limited to 'src/libstrongswan/credentials')
-rw-r--r-- | src/libstrongswan/credentials/credential_manager.c | 5 | ||||
-rw-r--r-- | src/libstrongswan/credentials/credential_manager.h | 7 |
2 files changed, 9 insertions, 3 deletions
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c index 371e6404d..736111b93 100644 --- a/src/libstrongswan/credentials/credential_manager.c +++ b/src/libstrongswan/credentials/credential_manager.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -993,7 +994,7 @@ METHOD(enumerator_t, public_destroy, void, METHOD(credential_manager_t, create_public_enumerator, enumerator_t*, private_credential_manager_t *this, key_type_t type, identification_t *id, - auth_cfg_t *auth) + auth_cfg_t *auth, bool online) { public_enumerator_t *enumerator; @@ -1002,7 +1003,7 @@ METHOD(credential_manager_t, create_public_enumerator, enumerator_t*, .enumerate = (void*)_public_enumerate, .destroy = _public_destroy, }, - .inner = create_trusted_enumerator(this, type, id, TRUE), + .inner = create_trusted_enumerator(this, type, id, online), .this = this, ); if (auth) diff --git a/src/libstrongswan/credentials/credential_manager.h b/src/libstrongswan/credentials/credential_manager.h index 445ea3f9c..022ca566c 100644 --- a/src/libstrongswan/credentials/credential_manager.h +++ b/src/libstrongswan/credentials/credential_manager.h @@ -1,4 +1,5 @@ /* + * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007-2009 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -202,14 +203,18 @@ struct credential_manager_t { * where the auth config helper contains rules for constraint checks. * This function is very similar to create_trusted_enumerator(), but * gets public keys directly. + * If online is set, revocations are checked online for the whole + * trustchain. * * @param type type of the key to get * @param id owner of the key, signer of the signature * @param auth authentication infos + * @param online whether revocations should be checked online * @return enumerator */ enumerator_t* (*create_public_enumerator)(credential_manager_t *this, - key_type_t type, identification_t *id, auth_cfg_t *auth); + key_type_t type, identification_t *id, auth_cfg_t *auth, + bool online); /** * Cache a certificate by invoking cache_cert() on all registered sets. |