sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity

Credential backends use has_fingerprint() methods to select keys/certificates

Browse Source
This commit is contained in:
Martin Willi 2009-09-21 17:03:00 +02:00
parent 640ed4d5a5
commit c84b139a87
4 changed files with 7 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/charon/plugins/load_tester/load_tester_creds.c
View File

@ -195,11 +195,7 @@ static enumerator_t* create_private_enumerator(private_load_tester_creds_t *this
}
if (id)
{
chunk_t keyid;
if (!this->private->get_fingerprint(this->private,
KEY_ID_PUBKEY_SHA1, &keyid) ||
!chunk_equals(keyid, id->get_encoding(id)))
if (!this->private->has_fingerprint(this->private, id->get_encoding(id)))
{
return NULL;
}
@ -218,7 +214,6 @@ static enumerator_t* create_cert_enumerator(private_load_tester_creds_t *this,
public_key_t *peer_key, *ca_key;
u_int32_t serial;
time_t now;
chunk_t keyid;
if (this->ca == NULL)
{
@ -239,8 +234,7 @@ static enumerator_t* create_cert_enumerator(private_load_tester_creds_t *this,
ca_key = this->ca->get_public_key(this->ca);
if (ca_key)
{
if (ca_key->get_fingerprint(ca_key, KEY_ID_PUBKEY_SHA1, &keyid) &&
chunk_equals(keyid, id->get_encoding(id)))
if (ca_key->has_fingerprint(ca_key, id->get_encoding(id)))
{
ca_key->destroy(ca_key);
return enumerator_create_single(this->ca, NULL);

9
src/charon/plugins/nm/nm_creds.c
View File

@ -127,7 +127,6 @@ static bool cert_filter(cert_data_t *data, certificate_t **in,
{
certificate_t *cert = *in;
public_key_t *public;
chunk_t keyid;
public = cert->get_public_key(cert);
if (!public)
@ -140,8 +139,7 @@ static bool cert_filter(cert_data_t *data, certificate_t **in,
return FALSE;
}
if (data->id && data->id->get_type(data->id) == ID_KEY_ID &&
public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
chunk_equals(keyid, data->id->get_encoding(data->id)))
public->has_fingerprint(public, data->id->get_encoding(data->id)))
{
public->destroy(public);
*out = cert;
@ -209,11 +207,8 @@ static enumerator_t* create_private_enumerator(private_nm_creds_t *this,
}
if (id && id->get_type(id) != ID_ANY)
{
chunk_t keyid;
if (id->get_type(id) != ID_KEY_ID ||
!this->key->get_fingerprint(this->key, KEY_ID_PUBKEY_SHA1, &keyid) ||
!chunk_equals(keyid, id->get_encoding(id)))
!this->key->has_fingerprint(this->key, id->get_encoding(id)))
{
return NULL;
}

4
src/charon/plugins/stroke/stroke_ca.c
View File

@ -142,7 +142,6 @@ static void cdp_data_destroy(cdp_data_t *data)
static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
{
public_key_t *public;
chunk_t keyid;
enumerator_t *enumerator = NULL;
linked_list_t *list;
@ -164,8 +163,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
}
else
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
chunk_equals(keyid, data->id->get_encoding(data->id)))
if (public->has_fingerprint(public, data->id->get_encoding(data->id)))
{
enumerator = list->create_enumerator(list);
}

8
src/charon/plugins/stroke/stroke_cred.c
View File

@ -107,7 +107,6 @@ static bool private_filter(id_data_t *data,
private_key_t **in, private_key_t **out)
{
private_key_t *key;
chunk_t keyid;
key = *in;
if (data->id == NULL)
@ -115,8 +114,7 @@ static bool private_filter(id_data_t *data,
*out = key;
return TRUE;
}
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid) &&
chunk_equals(keyid, data->id->get_encoding(data->id)))
if (key->has_fingerprint(key, data->id->get_encoding(data->id)))
{
*out = key;
return TRUE;
@ -149,7 +147,6 @@ static bool certs_filter(id_data_t *data, certificate_t **in, certificate_t **ou
{
public_key_t *public;
certificate_t *cert = *in;
chunk_t keyid;
if (data->type != CERT_ANY && data->type != cert->get_type(cert))
{
@ -164,8 +161,7 @@ static bool certs_filter(id_data_t *data, certificate_t **in, certificate_t **ou
public = cert->get_public_key(cert);
if (public)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
chunk_equals(keyid, data->id->get_encoding(data->id)))
if (public->has_fingerprint(public, data->id->get_encoding(data->id)))
{
public->destroy(public);
*out = *in;