15 files changed, 43 insertions, 32 deletions

diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index acce5702b..369ade43b 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -54,7 +54,7 @@ utils/mutex.c utils/mutex.h \
 utils/backtrace.c utils/backtrace.h \
 plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h
 
-libstrongswan_la_LIBADD = -lpthread -ldl
+libstrongswan_la_LIBADD = -lpthread $(DLLIB)
 
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
 AM_CFLAGS = \
@@ -81,14 +81,14 @@ if USE_VSTR
 endif
 
 EXTRA_DIST = asn1/oid.txt asn1/oid.pl
-BUILT_SOURCES = asn1/oid.c asn1/oid.h
-MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h
+BUILT_SOURCES = $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h
+MAINTAINERCLEANFILES = $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h
 
-asn1/oid.c :	asn1/oid.pl asn1/oid.txt
-		(cd `dirname $<` && $(PERL) `basename $<`)
+$(srcdir)/asn1/oid.c :	$(srcdir)/asn1/oid.pl $(srcdir)/asn1/oid.txt
+		(cd $(srcdir)/asn1/ && $(PERL) oid.pl)
 
-asn1/oid.h :	asn1/oid.pl asn1/oid.txt
-		(cd `dirname $<` && $(PERL) `basename $<`)
+$(srcdir)/asn1/oid.h :	$(srcdir)/asn1/oid.pl $(srcdir)/asn1/oid.txt
+		(cd $(srcdir)/asn1/ && $(PERL) oid.pl)
 
 
 # build plugins with their own Makefile
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index de8c5ea4c..170095271 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -307,8 +307,8 @@ u_int asn1_length(chunk_t *blob)
  */
 time_t asn1_to_time(const chunk_t *utctime, asn1_t type)
 {
-	struct tm t;
-	time_t tc, tz_offset;
+	struct tm t, local;
+	time_t tc, tz_offset, now;
 	u_char *eot = NULL;
 	
 	if ((eot = memchr(utctime->ptr, 'Z', utctime->len)) != NULL)
@@ -375,9 +375,16 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type)
 	
 	/* convert to time_t */
 	tc = mktime(&t);
+	
+	if (tc == -1)
+	{
+		return TIME_MAX;
+	}
 
 	/* if no conversion overflow occurred, compensate timezone */
-	return (tc == -1) ? TIME_MAX : (tc - timezone - tz_offset);
+	now = time(NULL);
+	localtime_r(&now, &local);
+	return tc - local.tm_gmtoff - tz_offset;
 }
 
 /**
diff --git a/src/libstrongswan/asn1/oid.pl b/src/libstrongswan/asn1/oid.pl
index 027a850fd..ed26febc9 100644
--- a/src/libstrongswan/asn1/oid.pl
+++ b/src/libstrongswan/asn1/oid.pl
@@ -32,6 +32,7 @@ print OID_H "/* Object identifiers (OIDs) used by strongSwan\n",
 	    " * ", $automatic, "\n",
 	    " * ", $warning, "\n",
 	    " */\n\n",
+	    "#include <sys/types.h>\n\n",
 	    "#ifndef OID_H_\n",
 	    "#define OID_H_\n\n",
 	    "typedef struct {\n",
diff --git a/src/libstrongswan/crypto/pkcs7.c b/src/libstrongswan/crypto/pkcs7.c
index 61a027014..2375ad65c 100644
--- a/src/libstrongswan/crypto/pkcs7.c
+++ b/src/libstrongswan/crypto/pkcs7.c
@@ -334,7 +334,7 @@ static bool parse_signedData(private_pkcs7_t *this, x509_t *cacert)
 				identification_t *issuer;
 
 				issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
-				DBG2("  '%D'", issuer);
+				DBG2("  '%Y'", issuer);
 				issuer->destroy(issuer);
 				break;
 			}
@@ -522,7 +522,7 @@ static bool parse_envelopedData(private_pkcs7_t *this, chunk_t serialNumber,
 					identification_t *issuer;
 
 					issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
-					DBG2("  '%D'", issuer);
+					DBG2("  '%Y'", issuer);
 					issuer->destroy(issuer);
 				}
 				break;
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index da7b0fca7..583865a0a 100644
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -101,8 +101,6 @@ void library_init(char *settings)
 					 PRINTF_HOOK_ARGTYPE_END);
 	pfh->add_handler(pfh, 'B', chunk_printf_hook,
 					 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
-	pfh->add_handler(pfh, 'D', identification_printf_hook,
-					 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
 	pfh->add_handler(pfh, 'H', host_printf_hook,
 					 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
 	pfh->add_handler(pfh, 'N', enum_printf_hook,
@@ -114,6 +112,8 @@ void library_init(char *settings)
 	pfh->add_handler(pfh, 'V', time_delta_printf_hook,
 					 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_POINTER,
 					 PRINTF_HOOK_ARGTYPE_END);
+	pfh->add_handler(pfh, 'Y', identification_printf_hook,
+					 PRINTF_HOOK_ARGTYPE_POINTER, PRINTF_HOOK_ARGTYPE_END);
 	
 	this->public.crypto = crypto_factory_create();
 	this->public.creds = credential_factory_create();
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index c5f8244a7..ab52c3c97 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -311,7 +311,7 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme
 /**
  * Implementation of public_key_t.get_keysize.
  */
-static bool encrypt(private_gmp_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain)
+static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain)
 {
 	DBG1("RSA public key encryption not implemented");
 	return FALSE;
@@ -385,7 +385,7 @@ static private_gmp_rsa_public_key_t *gmp_rsa_public_key_create_empty()
 	
 	this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type;
 	this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify;
-	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt;
+	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
 	this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
 	this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id;
 	this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding;
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index ae5ede28d..250221693 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -178,7 +178,7 @@ static bool verify(private_openssl_ec_public_key_t *this, signature_scheme_t sch
 /**
  * Implementation of public_key_t.get_keysize.
  */
-static bool encrypt(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain)
+static bool encrypt_(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain)
 {
 	DBG1("EC public key encryption not implemented");
 	return FALSE;
@@ -279,7 +279,7 @@ static private_openssl_ec_public_key_t *openssl_ec_public_key_create_empty()
 	
 	this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type;
 	this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify;
-	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt;
+	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
 	this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
 	this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id;
 	this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding;
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index eb051b7ab..e35d334e3 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -147,7 +147,7 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc
 /**
  * Implementation of public_key_t.get_keysize.
  */
-static bool encrypt(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain)
+static bool encrypt_(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain)
 {
 	DBG1("RSA public key encryption not implemented");
 	return FALSE;
@@ -263,7 +263,7 @@ static private_openssl_rsa_public_key_t *openssl_rsa_public_key_create_empty()
 	
 	this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type;
 	this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify;
-	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt;
+	this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
 	this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
 	this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id;
 	this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding;
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index b09f446b2..ca03f735d 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -353,7 +353,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0)
 		if (id_type != ID_ANY)
 		{
 			gn = identification_create_from_encoding(id_type, object);
-			DBG2("  '%D'", gn);
+			DBG2("  '%Y'", gn);
 			goto end;
 		}
 	}
@@ -510,9 +510,9 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
 								/* parsing went wrong - abort */
 								goto end;
 							}
-							DBG2("  '%D'", id);
+							DBG2("  '%Y'", id);
 							if (accessMethod == OID_OCSP &&
-								asprintf(&uri, "%D", id) > 0)
+								asprintf(&uri, "%Y", id) > 0)
 							{
 								this->ocsp_uris->insert_last(this->ocsp_uris, uri);
 							}
@@ -619,7 +619,7 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0,
 			{
 				char *uri;
 				
-				if (asprintf(&uri, "%D", id) > 0)
+				if (asprintf(&uri, "%Y", id) > 0)
 				{
 					this->crl_uris->insert_last(this->crl_uris, uri);
 				}
@@ -714,7 +714,7 @@ static bool parse_certificate(private_x509_cert_t *this)
 				break;
 			case X509_OBJ_ISSUER:
 				this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
-				DBG2("  '%D'", this->issuer);
+				DBG2("  '%Y'", this->issuer);
 				break;
 			case X509_OBJ_NOT_BEFORE:
 				this->notBefore = asn1_parse_time(object, level);
@@ -724,7 +724,7 @@ static bool parse_certificate(private_x509_cert_t *this)
 				break;
 			case X509_OBJ_SUBJECT:
 				this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
-				DBG2("  '%D'", this->subject);
+				DBG2("  '%Y'", this->subject);
 				break;
 			case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
 				this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 3bb097c4d..b6639e476 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -226,7 +226,7 @@ static bool parse(private_x509_crl_t *this)
 				break;
 			case CRL_OBJ_ISSUER:
 				this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
-				DBG2("  '%D'", this->issuer);
+				DBG2("  '%Y'", this->issuer);
 				break;
 			case CRL_OBJ_THIS_UPDATE:
 				this->thisUpdate = asn1_parse_time(object, level);
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index 257ae7597..65978b8eb 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -523,12 +523,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this,
 			case BASIC_RESPONSE_ID_BY_NAME:
 				this->responderId = identification_create_from_encoding(
 													ID_DER_ASN1_DN, object);
-				DBG2("  '%D'", this->responderId);
+				DBG2("  '%Y'", this->responderId);
 				break;
 			case BASIC_RESPONSE_ID_BY_KEY:
 				this->responderId = identification_create_from_encoding(
 													ID_PUBKEY_INFO_SHA1, object);
-				DBG2("  '%D'", this->responderId);
+				DBG2("  '%Y'", this->responderId);
 				break;
 			case BASIC_RESPONSE_PRODUCED_AT:
 				this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/printf_hook.c
index f46718953..ab7bd77ef 100644
--- a/src/libstrongswan/printf_hook.c
+++ b/src/libstrongswan/printf_hook.c
@@ -165,7 +165,7 @@ static int custom_fmt_cb(Vstr_base *base, size_t pos, Vstr_fmt_spec *fmt_spec)
 }
 
 /**
- * Add a custom format handler to the given Vstr_conf object 
+ * Add a custom format handler to the given Vstr_conf object
  */
 static void vstr_fmt_add_handler(Vstr_conf *conf, printf_hook_handler_t *handler)
 {
@@ -340,7 +340,7 @@ static void add_handler(private_printf_hook_t *this, char spec,
 		return;
 	}
 	
-	handler = malloc_thing(printf_hook_handler_t); 
+	handler = malloc_thing(printf_hook_handler_t);
 	handler->hook = hook;
 	
 	va_start(args, hook);
diff --git a/src/libstrongswan/printf_hook.h b/src/libstrongswan/printf_hook.h
index a1773fd26..1906d0159 100644
--- a/src/libstrongswan/printf_hook.h
+++ b/src/libstrongswan/printf_hook.h
@@ -30,10 +30,11 @@ typedef enum printf_hook_argtype_t printf_hook_argtype_t;
 
 #ifdef HAVE_PRINTF_HOOKS
 
+#include <stdio.h>
 #include <printf.h>
 
 enum printf_hook_argtype_t {
-	PRINTF_HOOK_ARGTYPE_END = PA_LAST,
+	PRINTF_HOOK_ARGTYPE_END = -1,
 	PRINTF_HOOK_ARGTYPE_INT = PA_INT,
 	PRINTF_HOOK_ARGTYPE_POINTER = PA_POINTER,
 };
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c
index 75b02a865..ab717fd14 100644
--- a/src/libstrongswan/utils.c
+++ b/src/libstrongswan/utils.c
@@ -22,6 +22,7 @@
 #include <string.h>
 #include <stdio.h>
 #include <unistd.h>
+#include <limits.h>
 #include <dirent.h>
 #include <time.h>
 
diff --git a/src/libstrongswan/utils/enumerator.c b/src/libstrongswan/utils/enumerator.c
index 48c0b5484..0435fb4fa 100644
--- a/src/libstrongswan/utils/enumerator.c
+++ b/src/libstrongswan/utils/enumerator.c
@@ -21,6 +21,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
+#include <limits.h>
 #include <stdio.h>
 #include <dirent.h>
 #include <errno.h>