integrity checker accepts an option checksum library on construction

diff --git a/src/libstrongswan/integrity_checker.c b/src/libstrongswan/integrity_checker.c
index 8f812a7..3979092 100644 (file)
--- a/src/libstrongswan/integrity_checker.c
+++ b/src/libstrongswan/integrity_checker.c
@@ -29,8 +29,6 @@
 #include <debug.h>
 #include <library.h>
 
-#define CHECKSUM_LIBRARY IPSEC_DIR"/libchecksum.so"
-
 typedef struct private_integrity_checker_t private_integrity_checker_t;
 
 /**
@@ -239,7 +237,7 @@ static void destroy(private_integrity_checker_t *this)
 /**
  * See header
  */
-integrity_checker_t *integrity_checker_create()
+integrity_checker_t *integrity_checker_create(char *checksum_library)
 {
        private_integrity_checker_t *this = malloc_thing(private_integrity_checker_t);
        
@@ -250,26 +248,30 @@ integrity_checker_t *integrity_checker_create()
        this->public.destroy = (void(*)(integrity_checker_t*))destroy;
        
        this->checksum_count = 0;
-       this->handle = dlopen(CHECKSUM_LIBRARY, RTLD_LAZY);
-       if (this->handle)
+       this->handle = NULL;
+       if (checksum_library)
        {
-               int *checksum_count;
-               
-               this->checksums = dlsym(this->handle, "checksums");
-               checksum_count = dlsym(this->handle, "checksum_count");
-               if (this->checksums && checksum_count)
+               this->handle = dlopen(checksum_library, RTLD_LAZY);
+               if (this->handle)
                {
-                       this->checksum_count = *checksum_count;
+                       int *checksum_count;
+               
+                       this->checksums = dlsym(this->handle, "checksums");
+                       checksum_count = dlsym(this->handle, "checksum_count");
+                       if (this->checksums && checksum_count)
+                       {
+                               this->checksum_count = *checksum_count;
+                       }
+                       else
+                       {
+                               DBG1("checksum library '%s' invalid", checksum_library);
+                       }
                }
                else
                {
-                       DBG1("checksum library '%s' invalid", CHECKSUM_LIBRARY);
+                       DBG1("loading checksum library '%s' failed", checksum_library);
                }
        }
-       else
-       {
-               DBG1("loading checksum library '%s' failed", CHECKSUM_LIBRARY);
-       }
        return &this->public;
 }
 

diff --git a/src/libstrongswan/integrity_checker.h b/src/libstrongswan/integrity_checker.h
index dbad066..ec4961e 100644 (file)
--- a/src/libstrongswan/integrity_checker.h
+++ b/src/libstrongswan/integrity_checker.h
@@ -89,7 +89,9 @@ struct integrity_checker_t {
 
 /**
  * Create a integrity_checker instance.
+ *
+ * @param checksum_library             library containing checksums
  */
-integrity_checker_t *integrity_checker_create();
+integrity_checker_t *integrity_checker_create(char *checksum_library);
 
 #endif /* INTEGRITY_CHECKER_H_ @}*/

diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index daabad7..ae2d8a9 100644 (file)
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -27,6 +27,8 @@
 #include <utils/leak_detective.h>
 #endif
 
+#define CHECKSUM_LIBRARY IPSEC_DIR"/libchecksum.so"
+
 typedef struct private_library_t private_library_t;
 
 /**
@@ -129,7 +131,7 @@ void library_init(char *settings)
        if (lib->settings->get_bool(lib->settings,
                                                                "libstrongswan.integrity_test", FALSE))
        {
-               this->public.integrity = integrity_checker_create();
+               this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
                if (!lib->integrity->check_segment(lib->integrity,
                                                                                  "libstrongswan", library_init))
                {