Removed auth_cfg_t.replace_value() and replaced usages with add().
authorTobias Brunner <tobias@strongswan.org>
Tue, 17 Apr 2012 15:44:10 +0000 (17:44 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 18 Apr 2012 16:50:14 +0000 (18:50 +0200)
replace_value() was used to replace identities. Since for these the latest is
now returned by get(), adding the new identity with add() is sufficient.

src/libcharon/plugins/stroke/stroke_config.c
src/libcharon/sa/authenticators/eap_authenticator.c
src/libcharon/sa/tasks/ike_auth.c
src/libstrongswan/credentials/auth_cfg.c
src/libstrongswan/credentials/auth_cfg.h

index 6b74819..5a6c22f 100644 (file)
@@ -1039,11 +1039,7 @@ METHOD(stroke_config_t, set_user_credentials, void,
                auth_class = (uintptr_t)auth_cfg->get(auth_cfg, AUTH_RULE_AUTH_CLASS);
                if (auth_class == AUTH_CLASS_EAP)
                {
-                       identity = id->clone(id);
-                       if (!auth_cfg->replace_value(auth_cfg, AUTH_RULE_EAP_IDENTITY, identity))
-                       {
-                               auth_cfg->add(auth_cfg, AUTH_RULE_EAP_IDENTITY, identity);
-                       }
+                       auth_cfg->add(auth_cfg, AUTH_RULE_EAP_IDENTITY, id->clone(id));
                        /* if aaa_identity is specified use that as remote ID */
                        identity = auth_cfg->get(auth_cfg, AUTH_RULE_AAA_IDENTITY);
                        if (identity && identity->get_type(identity) != ID_ANY)
index 7284dfc..5c8f0b6 100644 (file)
@@ -223,10 +223,7 @@ static void replace_eap_identity(private_eap_authenticator_t *this)
 
        eap_identity = this->eap_identity->clone(this->eap_identity);
        cfg = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
-       if (!cfg->replace_value(cfg, AUTH_RULE_EAP_IDENTITY, eap_identity))
-       {
-               eap_identity->destroy(eap_identity);
-       }
+       cfg->add(cfg, AUTH_RULE_EAP_IDENTITY, eap_identity);
 }
 
 /**
index 7552097..665468f 100644 (file)
@@ -425,10 +425,7 @@ METHOD(task_t, build_i, status_t,
                        DBG1(DBG_CFG, "no IDi configured, fall back on IP address");
                        me = this->ike_sa->get_my_host(this->ike_sa);
                        idi = identification_create_from_sockaddr(me->get_sockaddr(me));
-                       if (!cfg->replace_value(cfg, AUTH_RULE_IDENTITY, idi))
-                       {
-                               cfg->add(cfg, AUTH_RULE_IDENTITY, idi);
-                       }
+                       cfg->add(cfg, AUTH_RULE_IDENTITY, idi);
                }
                this->ike_sa->set_my_id(this->ike_sa, idi->clone(idi));
                id_payload = id_payload_create_from_identification(ID_INITIATOR, idi);
@@ -702,10 +699,7 @@ METHOD(task_t, build_r, status_t,
                                me = this->ike_sa->get_my_host(this->ike_sa);
                                id_cfg = identification_create_from_sockaddr(
                                                                                                                me->get_sockaddr(me));
-                               if (!cfg->replace_value(cfg, AUTH_RULE_IDENTITY, id_cfg))
-                               {
-                                       cfg->add(cfg, AUTH_RULE_IDENTITY, id_cfg);
-                               }
+                               cfg->add(cfg, AUTH_RULE_IDENTITY, id_cfg);
                        }
                        this->ike_sa->set_my_id(this->ike_sa, id_cfg->clone(id_cfg));
                        id = id_cfg;
index a06a028..12f75b2 100644 (file)
@@ -329,47 +329,6 @@ static void destroy_entry_value(entry_t *entry)
 }
 
 /**
- * Replace the type and value of the given entry.
- */
-static void replace_entry(entry_t *entry, auth_rule_t type, va_list args)
-{
-       destroy_entry_value(entry);
-       entry->type = type;
-       switch (type)
-       {
-               case AUTH_RULE_AUTH_CLASS:
-               case AUTH_RULE_EAP_TYPE:
-               case AUTH_RULE_EAP_VENDOR:
-               case AUTH_RULE_CRL_VALIDATION:
-               case AUTH_RULE_OCSP_VALIDATION:
-               case AUTH_RULE_RSA_STRENGTH:
-               case AUTH_RULE_ECDSA_STRENGTH:
-                       /* integer type */
-                       entry->value = (void*)(uintptr_t)va_arg(args, u_int);
-                       break;
-               case AUTH_RULE_IDENTITY:
-               case AUTH_RULE_EAP_IDENTITY:
-               case AUTH_RULE_AAA_IDENTITY:
-               case AUTH_RULE_GROUP:
-               case AUTH_RULE_CA_CERT:
-               case AUTH_RULE_IM_CERT:
-               case AUTH_RULE_SUBJECT_CERT:
-               case AUTH_RULE_CERT_POLICY:
-               case AUTH_HELPER_IM_CERT:
-               case AUTH_HELPER_SUBJECT_CERT:
-               case AUTH_HELPER_IM_HASH_URL:
-               case AUTH_HELPER_SUBJECT_HASH_URL:
-               case AUTH_HELPER_REVOCATION_CERT:
-                       /* pointer type */
-                       entry->value = va_arg(args, void*);
-                       break;
-               case AUTH_RULE_MAX:
-                       entry->value = NULL;
-                       break;
-       }
-}
-
-/**
  * Implementation of auth_cfg_t.replace.
  */
 static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
@@ -377,37 +336,47 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
 {
        if (enumerator->current)
        {
+               entry_t *entry;
                va_list args;
 
                va_start(args, type);
-               replace_entry(enumerator->current, type, args);
-               va_end(args);
-       }
-}
-
-METHOD(auth_cfg_t, replace_value, bool,
-       private_auth_cfg_t *this, auth_rule_t type, ...)
-{
-       enumerator_t *enumerator;
-       entry_t *entry;
-       bool found = FALSE;
-
-       enumerator = this->entries->create_enumerator(this->entries);
-       while (enumerator->enumerate(enumerator, &entry))
-       {
-               if (type == entry->type)
+               entry = enumerator->current;
+               destroy_entry_value(entry);
+               entry->type = type;
+               switch (type)
                {
-                       va_list args;
-
-                       va_start(args, type);
-                       replace_entry(entry, type, args);
-                       va_end(args);
-                       found = TRUE;
-                       break;
+                       case AUTH_RULE_AUTH_CLASS:
+                       case AUTH_RULE_EAP_TYPE:
+                       case AUTH_RULE_EAP_VENDOR:
+                       case AUTH_RULE_CRL_VALIDATION:
+                       case AUTH_RULE_OCSP_VALIDATION:
+                       case AUTH_RULE_RSA_STRENGTH:
+                       case AUTH_RULE_ECDSA_STRENGTH:
+                               /* integer type */
+                               entry->value = (void*)(uintptr_t)va_arg(args, u_int);
+                               break;
+                       case AUTH_RULE_IDENTITY:
+                       case AUTH_RULE_EAP_IDENTITY:
+                       case AUTH_RULE_AAA_IDENTITY:
+                       case AUTH_RULE_GROUP:
+                       case AUTH_RULE_CA_CERT:
+                       case AUTH_RULE_IM_CERT:
+                       case AUTH_RULE_SUBJECT_CERT:
+                       case AUTH_RULE_CERT_POLICY:
+                       case AUTH_HELPER_IM_CERT:
+                       case AUTH_HELPER_SUBJECT_CERT:
+                       case AUTH_HELPER_IM_HASH_URL:
+                       case AUTH_HELPER_SUBJECT_HASH_URL:
+                       case AUTH_HELPER_REVOCATION_CERT:
+                               /* pointer type */
+                               entry->value = va_arg(args, void*);
+                               break;
+                       case AUTH_RULE_MAX:
+                               entry->value = NULL;
+                               break;
                }
+               va_end(args);
        }
-       enumerator->destroy(enumerator);
-       return found;
 }
 
 METHOD(auth_cfg_t, get, void*,
@@ -996,7 +965,6 @@ auth_cfg_t *auth_cfg_create()
                        .get = _get,
                        .create_enumerator = _create_enumerator,
                        .replace = (void(*)(auth_cfg_t*,enumerator_t*,auth_rule_t,...))replace,
-                       .replace_value = _replace_value,
                        .complies = _complies,
                        .merge = (void(*)(auth_cfg_t*,auth_cfg_t*,bool))merge,
                        .purge = _purge,
index 7a484c5..4d12a9c 100644 (file)
@@ -197,15 +197,6 @@ struct auth_cfg_t {
                                        auth_rule_t rule, ...);
 
        /**
-        * Replace the value of the first rule with the given type.
-        *
-        * @param rule          rule type
-        * @param ...           associated value to rule
-        * @return                      TRUE if the rule was found and the value replaced
-        */
-       bool (*replace_value)(auth_cfg_t *this, auth_rule_t rule, ...);
-
-       /**
         * Check if a used config fulfills a set of configured constraints.
         *
         * @param constraints   required authorization rules