child-rekey: Don't change state to INSTALLED if it was already REKEYING
[strongswan.git] / src / libstrongswan / credentials / credential_manager.c
index de19c8d..95c5cd7 100644 (file)
@@ -1,4 +1,5 @@
 /*
+ * Copyright (C) 2015 Tobias Brunner
  * Copyright (C) 2007 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -698,6 +699,9 @@ static void get_key_strength(certificate_t *cert, auth_cfg_t *auth)
                        case KEY_ECDSA:
                                auth->add(auth, AUTH_RULE_ECDSA_STRENGTH, strength);
                                break;
+                       case KEY_BLISS:
+                               auth->add(auth, AUTH_RULE_BLISS_STRENGTH, strength);
+                               break;
                        default:
                                break;
                }
@@ -914,6 +918,8 @@ METHOD(enumerator_t, trusted_destroy, void,
        DESTROY_IF(this->auth);
        DESTROY_IF(this->candidates);
        this->failed->destroy_offset(this->failed, offsetof(certificate_t, destroy));
+       /* check for delayed certificate cache queue */
+       cache_queue(this->this);
        free(this);
 }
 
@@ -982,7 +988,6 @@ METHOD(enumerator_t, public_destroy, void,
                this->wrapper->destroy(this->wrapper);
        }
        this->this->lock->unlock(this->this->lock);
-
        /* check for delayed certificate cache queue */
        cache_queue(this->this);
        free(this);
@@ -990,7 +995,7 @@ METHOD(enumerator_t, public_destroy, void,
 
 METHOD(credential_manager_t, create_public_enumerator, enumerator_t*,
        private_credential_manager_t *this, key_type_t type, identification_t *id,
-       auth_cfg_t *auth)
+       auth_cfg_t *auth, bool online)
 {
        public_enumerator_t *enumerator;
 
@@ -999,7 +1004,7 @@ METHOD(credential_manager_t, create_public_enumerator, enumerator_t*,
                        .enumerate = (void*)_public_enumerate,
                        .destroy = _public_destroy,
                },
-               .inner = create_trusted_enumerator(this, type, id, TRUE),
+               .inner = create_trusted_enumerator(this, type, id, online),
                .this = this,
        );
        if (auth)
@@ -1279,7 +1284,7 @@ METHOD(credential_manager_t, add_validator, void,
        private_credential_manager_t *this, cert_validator_t *vdtr)
 {
        this->lock->write_lock(this->lock);
-       this->sets->insert_last(this->validators, vdtr);
+       this->validators->insert_last(this->validators, vdtr);
        this->lock->unlock(this->lock);
 }
 
@@ -1349,7 +1354,7 @@ credential_manager_t *credential_manager_create()
 
        this->local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
        this->exclusive_local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
-       if (lib->settings->get_bool(lib->settings, "libstrongswan.cert_cache", TRUE))
+       if (lib->settings->get_bool(lib->settings, "%s.cert_cache", TRUE, lib->ns))
        {
                this->cache = cert_cache_create();
                this->sets->insert_first(this->sets, this->cache);