diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/pkcs11/pkcs11_creds.c | 47 |
1 files changed, 34 insertions, 13 deletions
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c index f46161488..1b1448c6a 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c @@ -70,32 +70,53 @@ static void find_certificates(private_pkcs11_creds_t *this, {CKA_LABEL, NULL, 0}, }; enumerator_t *enumerator; + linked_list_t *raw; certificate_t *cert; + struct { + chunk_t value; + chunk_t label; + } *entry; + raw = linked_list_create(); enumerator = this->lib->create_object_enumerator(this->lib, session, tmpl, countof(tmpl), attr, countof(attr)); while (enumerator->enumerate(enumerator, &object)) { + entry = malloc(sizeof(*entry)); + entry->value = chunk_clone( + chunk_create(attr[0].pValue, attr[0].ulValueLen)); + entry->label = chunk_clone( + chunk_create(attr[1].pValue, attr[1].ulValueLen)); + raw->insert_last(raw, entry); + } + enumerator->destroy(enumerator); + + while (raw->remove_first(raw, (void**)&entry) == SUCCESS) + { cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, - BUILD_BLOB_ASN1_DER, - chunk_create(attr[0].pValue, attr[0].ulValueLen), + BUILD_BLOB_ASN1_DER, entry->value, BUILD_END); - if (!cert) + if (cert) { - DBG1(DBG_CFG, " loading cert '%.*s' failed", - attr[1].ulValueLen, attr[1].pValue); - continue; + DBG1(DBG_CFG, " loaded %strusted cert '%.*s'", + trusted ? "" : "un", entry->label.len, entry->label.ptr); + /* trusted certificates are also returned as untrusted */ + this->untrusted->insert_last(this->untrusted, cert); + if (trusted) + { + this->trusted->insert_last(this->trusted, cert->get_ref(cert)); + } } - DBG1(DBG_CFG, " loaded %strusted cert '%.*s'", - trusted ? "" : "un", attr[1].ulValueLen, attr[1].pValue); - /* trusted certificates are also returned as untrusted */ - this->untrusted->insert_last(this->untrusted, cert); - if (trusted) + else { - this->trusted->insert_last(this->trusted, cert->get_ref(cert)); + DBG1(DBG_CFG, " loading cert '%.*s' failed", + entry->label.len, entry->label.ptr); } + free(entry->value.ptr); + free(entry->label.ptr); + free(entry); } - enumerator->destroy(enumerator); + raw->destroy(raw); } /** |