Function added to clear secrets (but not certs) from mem_cred_t.
authorTobias Brunner <tobias@strongswan.org>
Fri, 19 Nov 2010 16:28:12 +0000 (17:28 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 3 Dec 2010 17:00:00 +0000 (18:00 +0100)
src/libstrongswan/credentials/sets/mem_cred.c
src/libstrongswan/credentials/sets/mem_cred.h

index 08a1e71..bd7891b 100644 (file)
@@ -405,6 +405,17 @@ METHOD(mem_cred_t, add_shared, void,
        add_shared_list(this, shared, owners);
 }
 
+METHOD(mem_cred_t, clear_secrets, void,
+       private_mem_cred_t *this)
+{
+       this->lock->write_lock(this->lock);
+       this->keys->destroy_offset(this->keys, offsetof(private_key_t, destroy));
+       this->shared->destroy_function(this->shared, (void*)shared_entry_destroy);
+       this->keys = linked_list_create();
+       this->shared = linked_list_create();
+       this->lock->unlock(this->lock);
+}
+
 METHOD(mem_cred_t, clear_, void,
        private_mem_cred_t *this)
 {
@@ -413,13 +424,11 @@ METHOD(mem_cred_t, clear_, void,
                                                                  offsetof(certificate_t, destroy));
        this->untrusted->destroy_offset(this->untrusted,
                                                                        offsetof(certificate_t, destroy));
-       this->keys->destroy_offset(this->keys, offsetof(private_key_t, destroy));
-       this->shared->destroy_function(this->shared, (void*)shared_entry_destroy);
        this->trusted = linked_list_create();
        this->untrusted = linked_list_create();
-       this->keys = linked_list_create();
-       this->shared = linked_list_create();
        this->lock->unlock(this->lock);
+
+       clear_secrets(this);
 }
 
 METHOD(mem_cred_t, destroy, void,
@@ -456,6 +465,7 @@ mem_cred_t *mem_cred_create()
                        .add_shared = _add_shared,
                        .add_shared_list = _add_shared_list,
                        .clear = _clear_,
+                       .clear_secrets = _clear_secrets,
                        .destroy = _destroy,
                },
                .trusted = linked_list_create(),
index 3db57df..547fe6e 100644 (file)
@@ -87,6 +87,12 @@ struct mem_cred_t {
        void (*clear)(mem_cred_t *this);
 
        /**
+        * Clear the secrets (private and shared keys, not the certificates) from
+        * the credential set.
+        */
+       void (*clear_secrets)(mem_cred_t *this);
+
+       /**
         * Destroy a mem_cred_t.
         */
        void (*destroy)(mem_cred_t *this);