handle pluto specific certificates under CRED_CERTIFICATE, not as own credential...
authorMartin Willi <martin@strongswan.org>
Thu, 13 Aug 2009 13:05:14 +0000 (15:05 +0200)
committerMartin Willi <martin@strongswan.org>
Wed, 26 Aug 2009 09:23:49 +0000 (11:23 +0200)
src/libstrongswan/credentials/certificates/certificate.c
src/libstrongswan/credentials/certificates/certificate.h
src/libstrongswan/credentials/credential_factory.h
src/libstrongswan/plugins/pem/pem_builder.c
src/libstrongswan/plugins/pem/pem_plugin.c
src/pluto/ac.c
src/pluto/builder.c
src/pluto/builder.h
src/pluto/certs.c
src/pluto/crl.c
src/pluto/fetch.c

index 041e2f1..24e2d26 100644 (file)
@@ -17,7 +17,7 @@
 
 #include <credentials/certificates/x509.h>
 
-ENUM(certificate_type_names, CERT_ANY, CERT_PGP,
+ENUM(certificate_type_names, CERT_ANY, CERT_PLUTO_CRL,
        "ANY",
        "X509",
        "X509_CRL",
@@ -27,6 +27,9 @@ ENUM(certificate_type_names, CERT_ANY, CERT_PGP,
        "X509_CHAIN",
        "TRUSTED_PUBKEY",
        "PGP",
+       "PLUTO_CERT",
+       "PLUTO_AC",
+       "PLUTO_CRL",
 );
 
 ENUM(cert_validation_names, VALIDATION_GOOD, VALIDATION_REVOKED,
index 81fce55..ef26a43 100644 (file)
@@ -48,7 +48,13 @@ enum certificate_type_t {
        /** trusted, preinstalled public key */
        CERT_TRUSTED_PUBKEY,
        /** PGP certificate */
-       CERT_PGP,
+       CERT_GPG,
+       /** Pluto cert_t (not a certificate_t), either x509 or PGP */
+       CERT_PLUTO_CERT,
+       /** Pluto x509acert_t (not a certificate_t), attribute certificate */
+       CERT_PLUTO_AC,
+       /** Pluto x509crl_t (not a certificate_t), certificate revocation list */
+       CERT_PLUTO_CRL,
 };
 
 /**
index bf1d83e..69a55cf 100644 (file)
@@ -36,8 +36,6 @@ enum credential_type_t {
        CRED_PUBLIC_KEY,
        /** certificates, implemented in certificate_t */
        CRED_CERTIFICATE,
-       /** deprecated pluto style certificates */
-       CRED_PLUTO_CERT,
 };
 
 /**
index 4d8a32a..72cc8a3 100644 (file)
@@ -561,11 +561,3 @@ builder_t *certificate_pem_builder(certificate_type_t type)
        return pem_builder(CRED_CERTIFICATE, type);
 }
 
-/**
- * Pluto specific cert builder.
- */
-builder_t *pluto_pem_builder(certificate_type_t type)
-{
-       return pem_builder(CRED_PLUTO_CERT, type);
-}
-
index 7d82ae3..5289361 100644 (file)
@@ -42,8 +42,6 @@ static void destroy(private_pem_plugin_t *this)
                                                           (builder_constructor_t)public_key_pem_builder);
        lib->creds->remove_builder(lib->creds,
                                                           (builder_constructor_t)certificate_pem_builder);
-       lib->creds->remove_builder(lib->creds,
-                                                          (builder_constructor_t)pluto_pem_builder);
        free(this);
 }
 
@@ -91,16 +89,16 @@ plugin_t *plugin_create()
                                                        (builder_constructor_t)certificate_pem_builder);
        lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_TRUSTED_PUBKEY,
                                                        (builder_constructor_t)certificate_pem_builder);
-       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PGP,
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG,
                                                        (builder_constructor_t)certificate_pem_builder);
        
-       /* pluto specific credentials formats */
-       lib->creds->add_builder(lib->creds, CRED_PLUTO_CERT, 0,
-                                                       (builder_constructor_t)pluto_cert_pem_builder);
-       lib->creds->add_builder(lib->creds, CRED_PLUTO_CRL, 0,
-                                                       (builder_constructor_t)pluto_crl_pem_builder);
-       lib->creds->add_builder(lib->creds, CRED_PLUTO_AC, 0,
-                                                       (builder_constructor_t)pluto_ac_pem_builder);
+       /* register pluto specific certificate formats */
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
+                                                       (builder_constructor_t)certificate_pem_builder);
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_AC,
+                                                       (builder_constructor_t)certificate_pem_builder);
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
+                                                       (builder_constructor_t)certificate_pem_builder);
        
        return &this->public.plugin;
 }
index c09b4f1..ac95364 100644 (file)
@@ -27,6 +27,7 @@
 #include <asn1/asn1.h>
 #include <asn1/asn1_parser.h>
 #include <asn1/oid.h>
+#include <credentials/certificates/certificate.h>
 
 #include "ac.h"
 #include "x509.h"
@@ -821,8 +822,9 @@ void load_acerts(void)
                        {
                                x509acert_t *ac;
                                
-                               ac = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_AC,
-                                                         BUILD_FROM_FILE, filelist[n]->d_name, BUILD_END);
+                               ac = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+                                                       CERT_PLUTO_AC, BUILD_FROM_FILE, filelist[n]->d_name,
+                                                       BUILD_END);
                                if (ac)
                                {
                                        add_acert(ac);
index d392f58..d631fd2 100644 (file)
@@ -23,7 +23,8 @@
 
 #include <freeswan.h>
 
-#include "library.h"
+#include <library.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -206,13 +207,13 @@ static builder_t *builder(credential_type_t type, int subtype)
        
        switch (subtype)
        {
-               case CRED_TYPE_CERTIFICATE:
+               case CERT_PLUTO_CERT:
                        this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))cert_add;
                        break;
-               case CRED_TYPE_AC:
+               case CERT_PLUTO_AC:
                        this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))ac_add;
                        break;
-               case CRED_TYPE_CRL:
+               case CERT_PLUTO_CRL:
                        this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))crl_add;
                        break;
                default:
@@ -227,7 +228,11 @@ static builder_t *builder(credential_type_t type, int subtype)
 
 void init_builder(void)
 {
-       lib->creds->add_builder(lib->creds, CRED_PLUTO_CERT, 0,
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
+                                                       (builder_constructor_t)builder);
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_AC,
+                                                       (builder_constructor_t)builder);
+       lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
                                                        (builder_constructor_t)builder);
 }
 
index 17ae853..784751b 100644 (file)
 #ifndef _BUILDER_H
 #define _BUILDER_H
 
-/* types of pluto credentials */
-typedef enum {
-       /* cert_t certificate, either x509 or PGP */
-       CRED_TYPE_CERTIFICATE,
-       /* x509crl_t certificate revocation list */
-       CRED_TYPE_CRL,
-       /* x509acert_t attribute certificate */
-       CRED_TYPE_AC,
-} cred_type_t;
-
 /* register credential builder hooks */
 extern void init_builder();
 /* unregister credential builder hooks */
index 02b8046..ccf48e1 100644 (file)
@@ -23,6 +23,7 @@
 
 #include "library.h"
 #include "asn1/asn1.h"
+#include "credentials/certificates/certificate.h"
 
 #include "constants.h"
 #include "defs.h"
@@ -155,7 +156,7 @@ bool load_cert(char *filename, const char *label, cert_t *out)
 {
        cert_t *cert;
 
-       cert = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_CERTIFICATE,
+       cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
                                                          BUILD_FROM_FILE, filename, BUILD_END);
        if (cert)
        {
index aeb4988..40c5d47 100644 (file)
@@ -28,6 +28,7 @@
 #include <asn1/asn1_parser.h>
 #include <asn1/oid.h>
 #include <crypto/hashers/hasher.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -343,8 +344,8 @@ void load_crls(void)
                                char *filename = filelist[n]->d_name;
                                x509crl_t *crl;
                                
-                               crl = lib->creds->create(lib->creds, CRED_PLUTO_CERT,
-                                                       CRED_TYPE_CRL, BUILD_FROM_FILE, filename, BUILD_END);
+                               crl = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+                                               CERT_PLUTO_CRL, BUILD_FROM_FILE, filename, BUILD_END);
                                if (crl)
                                {
                                        chunk_t crl_uri;
index 827c83d..0c69aa5 100644 (file)
@@ -28,6 +28,7 @@
 #include <library.h>
 #include <debug.h>
 #include <asn1/asn1.h>
+#include <credentials/certificates/certificate.h>
 
 #include "constants.h"
 #include "defs.h"
@@ -272,7 +273,7 @@ x509crl_t* fetch_crl(char *url)
                DBG1("crl fetching failed");
                return FALSE;
        }
-       crl = lib->creds->create(lib->creds, CRED_PLUTO_CERT, CRED_TYPE_CRL,
+       crl = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
                                                         BUILD_BLOB_PEM, blob, BUILD_END);
        free(blob.ptr);
        if (!crl)