sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-11-15 00:01:42 -05:00
Code Issues Projects Releases Wiki Activity

load-tester: Add a crl option to include a CRL uri in generated certificates

Browse Source
This commit is contained in:
Martin Willi 2014-06-19 10:48:27 +02:00
parent 8b855a97c2
commit 9f950af17a
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/libcharon/plugins/load_tester/load_tester_creds.c
View File

@ -68,6 +68,11 @@ struct private_load_tester_creds_t {
* Password for EAP * Password for EAP
*/ */
shared_key_t *pwd; shared_key_t *pwd;
/**
* List of certificate distribution points to include in generated certs
*/
linked_list_t *cdps;
}; };
/** /**
@ -377,6 +382,7 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
BUILD_NOT_BEFORE_TIME, now - 60 * 60 * 24, BUILD_NOT_BEFORE_TIME, now - 60 * 60 * 24,
BUILD_NOT_AFTER_TIME, now + 60 * 60 * 24, BUILD_NOT_AFTER_TIME, now + 60 * 60 * 24,
BUILD_SERIAL, chunk_from_thing(serial), BUILD_SERIAL, chunk_from_thing(serial),
BUILD_CRL_DISTRIBUTION_POINTS, this->cdps,
BUILD_END); BUILD_END);
peer_key->destroy(peer_key); peer_key->destroy(peer_key);
sans->destroy(sans); sans->destroy(sans);
@ -436,13 +442,14 @@ METHOD(load_tester_creds_t, destroy, void,
DESTROY_IF(this->ca); DESTROY_IF(this->ca);
this->psk->destroy(this->psk); this->psk->destroy(this->psk);
this->pwd->destroy(this->pwd); this->pwd->destroy(this->pwd);
this->cdps->destroy_function(this->cdps, free);
free(this); free(this);
} }
load_tester_creds_t *load_tester_creds_create() load_tester_creds_t *load_tester_creds_create()
{ {
private_load_tester_creds_t *this; private_load_tester_creds_t *this;
char *pwd, *psk, *digest; char *pwd, *psk, *digest, *crl;
psk = lib->settings->get_str(lib->settings, psk = lib->settings->get_str(lib->settings,
"%s.plugins.load-tester.preshared_key", default_psk, lib->ns); "%s.plugins.load-tester.preshared_key", default_psk, lib->ns);
@ -450,6 +457,8 @@ load_tester_creds_t *load_tester_creds_create()
"%s.plugins.load-tester.eap_password", default_pwd, lib->ns); "%s.plugins.load-tester.eap_password", default_pwd, lib->ns);
digest = lib->settings->get_str(lib->settings, digest = lib->settings->get_str(lib->settings,
"%s.plugins.load-tester.digest", "sha1", lib->ns); "%s.plugins.load-tester.digest", "sha1", lib->ns);
crl = lib->settings->get_str(lib->settings,
"%s.plugins.load-tester.crl", NULL, lib->ns);
INIT(this, INIT(this,
.public = { .public = {
@ -465,6 +474,7 @@ load_tester_creds_t *load_tester_creds_create()
.private = load_issuer_key(), .private = load_issuer_key(),
.ca = load_issuer_cert(), .ca = load_issuer_cert(),
.cas = linked_list_create(), .cas = linked_list_create(),
.cdps = linked_list_create(),
.psk = shared_key_create(SHARED_IKE, .psk = shared_key_create(SHARED_IKE,
chunk_clone(chunk_create(psk, strlen(psk)))), chunk_clone(chunk_create(psk, strlen(psk)))),
.pwd = shared_key_create(SHARED_EAP, .pwd = shared_key_create(SHARED_EAP,
@ -482,6 +492,16 @@ load_tester_creds_t *load_tester_creds_create()
this->digest = HASH_SHA1; this->digest = HASH_SHA1;
} }
if (crl)
{
x509_cdp_t *cdp;
INIT(cdp,
.uri = crl,
);
this->cdps->insert_last(this->cdps, cdp);
}
load_ca_certs(this); load_ca_certs(this);
return &this->public; return &this->public;