Accept NULL auth_cfg_t passed to credential_manager_t.get_private()

author Martin Willi <martin@revosec.ch>

Mon, 23 Jan 2012 11:25:38 +0000 (12:25 +0100)

committer Martin Willi <martin@revosec.ch>

Tue, 20 Mar 2012 16:31:39 +0000 (17:31 +0100)
author Martin Willi <martin@revosec.ch>
Mon, 23 Jan 2012 11:25:38 +0000 (12:25 +0100)
committer Martin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:39 +0000 (17:31 +0100)
diff --git a/src/conftest/hooks/rebuild_auth.c b/src/conftest/hooks/rebuild_auth.c

index 8ee4e14..eb95833 100644 (file)
--- a/src/conftest/hooks/rebuild_auth.c
+++ b/src/conftest/hooks/rebuild_auth.c
@@ -58,7 +58,6 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
         enumerator_t *enumerator;
         chunk_t octets, auth_data;
         private_key_t *private;
-       auth_cfg_t *auth;
         payload_t *payload;
         auth_payload_t *auth_payload;
         auth_method_t auth_method;
@@ -91,10 +90,8 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
         id = identification_create_from_encoding(data.ptr[4], chunk_skip(data, 8));
         generator->destroy(generator);
  
-       auth = auth_cfg_create();
         private = lib->credmgr->get_private(lib->credmgr, KEY_ANY,
-                                                                               this->id ?: id, auth);
-       auth->destroy(auth);
+                                                                               this->id ?: id, NULL);
         if (private == NULL)
         {
                 DBG1(DBG_CFG, "no private key found for '%Y' to rebuild AUTH",
diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c

index c69eef6..8bb1a98 100644 (file)
--- a/src/libcharon/plugins/stroke/stroke_list.c
+++ b/src/libcharon/plugins/stroke/stroke_list.c
@@ -685,15 +685,12 @@ static void list_public_key(public_key_t *public, FILE *out)
         private_key_t *private = NULL;
         chunk_t keyid;
         identification_t *id;
-       auth_cfg_t *auth;
  
         if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid))
         {
                 id = identification_create_from_encoding(ID_KEY_ID, keyid);
-               auth = auth_cfg_create();
                 private = lib->credmgr->get_private(lib->credmgr,
-                                                                       public->get_type(public), id, auth);
-               auth->destroy(auth);
+                                                                       public->get_type(public), id, NULL);
                 id->destroy(id);
         }
  
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c

index 944c269..b8f8ae8 100644 (file)
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -1047,42 +1047,45 @@ METHOD(credential_manager_t, get_private, private_key_t*,
                 }
         }
  
-       /* if a specific certificate is preferred, check for a matching key */
-       cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
-       if (cert)
+       if (auth)
         {
-               private = get_private_by_cert(this, cert, type);
-               if (private)
+               /* if a specific certificate is preferred, check for a matching key */
+               cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+               if (cert)
                 {
-                       trustchain = build_trustchain(this, cert, auth);
-                       if (trustchain)
+                       private = get_private_by_cert(this, cert, type);
+                       if (private)
                         {
-                               auth->merge(auth, trustchain, FALSE);
-                               trustchain->destroy(trustchain);
+                               trustchain = build_trustchain(this, cert, auth);
+                               if (trustchain)
+                               {
+                                       auth->merge(auth, trustchain, FALSE);
+                                       trustchain->destroy(trustchain);
+                               }
+                               return private;
                         }
-                       return private;
                 }
-       }
  
-       /* try to build a trust chain for each certificate found */
-       enumerator = create_cert_enumerator(this, CERT_ANY, type, id, FALSE);
-       while (enumerator->enumerate(enumerator, &cert))
-       {
-               private = get_private_by_cert(this, cert, type);
-               if (private)
+               /* try to build a trust chain for each certificate found */
+               enumerator = create_cert_enumerator(this, CERT_ANY, type, id, FALSE);
+               while (enumerator->enumerate(enumerator, &cert))
                 {
-                       trustchain = build_trustchain(this, cert, auth);
-                       if (trustchain)
+                       private = get_private_by_cert(this, cert, type);
+                       if (private)
                         {
-                               auth->merge(auth, trustchain, FALSE);
-                               trustchain->destroy(trustchain);
-                               break;
+                               trustchain = build_trustchain(this, cert, auth);
+                               if (trustchain)
+                               {
+                                       auth->merge(auth, trustchain, FALSE);
+                                       trustchain->destroy(trustchain);
+                                       break;
+                               }
+                               private->destroy(private);
+                               private = NULL;
                         }
-                       private->destroy(private);
-                       private = NULL;
                 }
+               enumerator->destroy(enumerator);
         }
-       enumerator->destroy(enumerator);
  
         /* if no valid trustchain was found, fall back to the first usable cert */
         if (!private)
@@ -1093,7 +1096,10 @@ METHOD(credential_manager_t, get_private, private_key_t*,
                         private = get_private_by_cert(this, cert, type);
                         if (private)
                         {
-                               auth->add(auth, AUTH_RULE_SUBJECT_CERT, cert->get_ref(cert));
+                               if (auth)
+                               {
+                                       auth->add(auth, AUTH_RULE_SUBJECT_CERT, cert->get_ref(cert));
+                               }
                                 break;
                         }
                 }
author	Martin Willi <martin@revosec.ch>
	Mon, 23 Jan 2012 11:25:38 +0000 (12:25 +0100)
committer	Martin Willi <martin@revosec.ch>
	Tue, 20 Mar 2012 16:31:39 +0000 (17:31 +0100)
src/conftest/hooks/rebuild_auth.c		patch \| blob \| history
src/libcharon/plugins/stroke/stroke_list.c		patch \| blob \| history
src/libstrongswan/credentials/credential_manager.c		patch \| blob \| history