[svn-upgrade] Integrating new upstream version, strongswan (4.3.2)

6 files changed, 61 insertions, 64 deletions

diff --git a/src/charon/credentials/sets/auth_info_wrapper.c b/src/charon/credentials/sets/auth_cfg_wrapper.c
index 7ec75be15..b2cf5d960 100644
--- a/src/charon/credentials/sets/auth_info_wrapper.c
+++ b/src/charon/credentials/sets/auth_cfg_wrapper.c
@@ -1,6 +1,6 @@
 /*
+ * Copyright (C) 2008-2009 Martin Willi
  * Copyright (C) 2008 Tobias Brunner
- * Copyright (C) 2008 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -12,42 +12,40 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include <daemon.h>
 
-#include "auth_info_wrapper.h"
+#include "auth_cfg_wrapper.h"
 
-typedef struct private_auth_info_wrapper_t private_auth_info_wrapper_t;
+typedef struct private_auth_cfg_wrapper_t private_auth_cfg_wrapper_t;
 
 /**
- * private data of auth_info_wrapper
+ * private data of auth_cfg_wrapper
  */
-struct private_auth_info_wrapper_t {
+struct private_auth_cfg_wrapper_t {
 
 	/**
 	 * public functions
 	 */
-	auth_info_wrapper_t public;
+	auth_cfg_wrapper_t public;
 	
 	/**
 	 * wrapped auth info
 	 */
-	auth_info_t *auth;
+	auth_cfg_t *auth;
 };
 
 /**
- * enumerator for auth_info_wrapper_t.create_cert_enumerator()
+ * enumerator for auth_cfg_wrapper_t.create_cert_enumerator()
  */
 typedef struct {
 	/** implements enumerator_t */
 	enumerator_t public;
-	/** inner enumerator from auth_info */
+	/** inner enumerator from auth_cfg */
 	enumerator_t *inner;
-	/** wrapped auth info */
-	auth_info_t *auth;
+	/** wrapped auth round */
+	auth_cfg_t *auth;
 	/** enumerated cert type */
 	certificate_type_t cert;
 	/** enumerated key type */
@@ -57,10 +55,11 @@ typedef struct {
 } wrapper_enumerator_t;
 
 /**
- * Tries to fetch a certificate that was supplied as "Hash and URL" (replaces the
- * item's type and value in place).
+ * Tries to fetch a certificate that was supplied as "Hash and URL"
+ * (replaces rule type and value in place).
  */
-static bool fetch_cert(wrapper_enumerator_t *enumerator, auth_item_t *type, void **value)
+static bool fetch_cert(wrapper_enumerator_t *enumerator,
+					   auth_rule_t *rule, void **value)
 {
 	char *url = (char*)*value;
 	if (!url)
@@ -77,29 +76,38 @@ static bool fetch_cert(wrapper_enumerator_t *enumerator, auth_item_t *type, void
 	{
 		DBG1(DBG_CFG, "  fetching certificate failed");
 		/* we set the item to NULL, so we can skip it */
-		enumerator->auth->replace_item(enumerator->inner, *type, NULL);
+		enumerator->auth->replace(enumerator->auth, enumerator->inner,
+								  *rule, NULL);
 		return FALSE;
 	}
 	
 	cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
-					  BUILD_BLOB_ASN1_DER, data, BUILD_END);
+							  BUILD_BLOB_ASN1_DER, data, BUILD_END);
 	free(data.ptr);
 	
 	if (!cert)
 	{
 		DBG1(DBG_CFG, "  parsing fetched certificate failed");
 		/* we set the item to NULL, so we can skip it */
-		enumerator->auth->replace_item(enumerator->inner, *type, NULL);
+		enumerator->auth->replace(enumerator->auth, enumerator->inner,
+								  *rule, NULL);
 		return FALSE;
 	}
 	
-	DBG1(DBG_CFG, "  fetched certificate \"%D\"", cert->get_subject(cert));
+	DBG1(DBG_CFG, "  fetched certificate \"%Y\"", cert->get_subject(cert));
 	charon->credentials->cache_cert(charon->credentials, cert);
 	
-	*type = (*type == AUTHN_IM_HASH_URL) ? AUTHN_IM_CERT : AUTHN_SUBJECT_CERT;
+	if (*rule == AUTH_HELPER_IM_HASH_URL)
+	{
+		*rule = AUTH_HELPER_IM_CERT;
+	}
+	else
+	{
+		*rule = AUTH_HELPER_SUBJECT_CERT;
+	}
 	*value = cert;
-	enumerator->auth->replace_item(enumerator->inner, *type, cert);
-	
+	enumerator->auth->replace(enumerator->auth, enumerator->inner,
+							  *rule, cert->get_ref(cert));
 	return TRUE;
 }
 
@@ -108,26 +116,25 @@ static bool fetch_cert(wrapper_enumerator_t *enumerator, auth_item_t *type, void
  */
 static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
 {
-	auth_item_t type;
+	auth_rule_t rule;
 	certificate_t *current;
 	public_key_t *public;
 
-	while (this->inner->enumerate(this->inner, &type, &current))
+	while (this->inner->enumerate(this->inner, &rule, &current))
 	{
-		if (type == AUTHN_IM_HASH_URL ||
-			type == AUTHN_SUBJECT_HASH_URL)
-		{
-			if (!fetch_cert(this, &type, (void**)&current))
+		if (rule == AUTH_HELPER_IM_HASH_URL ||
+			rule == AUTH_HELPER_SUBJECT_HASH_URL)
+		{	/* on-demand fetching of hash and url certificates */
+			if (!fetch_cert(this, &rule, (void**)&current))
 			{
 				continue;
 			}
 		}
-		else if (type != AUTHN_SUBJECT_CERT && 
-				 type != AUTHN_IM_CERT)
-		{
+		else if (rule != AUTH_HELPER_SUBJECT_CERT &&
+				 rule != AUTH_HELPER_IM_CERT)
+		{	/* handle only HELPER certificates */
 			continue;
 		}
-
 		if (this->cert != CERT_ANY && this->cert != current->get_type(current))
 		{	/* CERT type requested, but does not match */
 			continue;
@@ -164,9 +171,9 @@ static void wrapper_enumerator_destroy(wrapper_enumerator_t *this)
 }
 
 /**
- * implementation of auth_info_wrapper_t.set.create_cert_enumerator
+ * implementation of auth_cfg_wrapper_t.set.create_cert_enumerator
  */
-static enumerator_t *create_enumerator(private_auth_info_wrapper_t *this,
+static enumerator_t *create_enumerator(private_auth_cfg_wrapper_t *this,
 									   certificate_type_t cert, key_type_t key, 
 									   identification_t *id, bool trusted)
 {
@@ -181,16 +188,16 @@ static enumerator_t *create_enumerator(private_auth_info_wrapper_t *this,
 	enumerator->cert = cert;
 	enumerator->key = key;
 	enumerator->id = id;
-	enumerator->inner = this->auth->create_item_enumerator(this->auth);
+	enumerator->inner = this->auth->create_enumerator(this->auth);
 	enumerator->public.enumerate = (void*)enumerate;
 	enumerator->public.destroy = (void*)wrapper_enumerator_destroy;
 	return &enumerator->public;
 }
 
 /**
- * Implementation of auth_info_wrapper_t.destroy
+ * Implementation of auth_cfg_wrapper_t.destroy
  */
-static void destroy(private_auth_info_wrapper_t *this)
+static void destroy(private_auth_cfg_wrapper_t *this)
 {
 	free(this);
 }
@@ -198,16 +205,16 @@ static void destroy(private_auth_info_wrapper_t *this)
 /*
  * see header file
  */
-auth_info_wrapper_t *auth_info_wrapper_create(auth_info_t *auth)
+auth_cfg_wrapper_t *auth_cfg_wrapper_create(auth_cfg_t *auth)
 {
-	private_auth_info_wrapper_t *this = malloc_thing(private_auth_info_wrapper_t);
+	private_auth_cfg_wrapper_t *this = malloc_thing(private_auth_cfg_wrapper_t);
 	
 	this->public.set.create_private_enumerator = (void*)return_null;
 	this->public.set.create_cert_enumerator = (void*)create_enumerator;
 	this->public.set.create_shared_enumerator = (void*)return_null;
 	this->public.set.create_cdp_enumerator = (void*)return_null;
 	this->public.set.cache_cert = (void*)nop;
-	this->public.destroy = (void(*)(auth_info_wrapper_t*))destroy;
+	this->public.destroy = (void(*)(auth_cfg_wrapper_t*))destroy;
 	
 	this->auth = auth;
 	
diff --git a/src/charon/credentials/sets/auth_info_wrapper.h b/src/charon/credentials/sets/auth_cfg_wrapper.h
index 9186715f0..dd5e0fff6 100644
--- a/src/charon/credentials/sets/auth_info_wrapper.h
+++ b/src/charon/credentials/sets/auth_cfg_wrapper.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008 Martin Willi
+ * Copyright (C) 2008-2009 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -11,27 +11,25 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 /**
- * @defgroup auth_info_wrapper auth_info_wrapper
+ * @defgroup auth_cfg_wrapper auth_cfg_wrapper
  * @{ @ingroup sets
  */
 
-#ifndef AUTH_INFO_WRAPPER_H_
-#define AUTH_INFO_WRAPPER_H_
+#ifndef AUTH_CFG_WRAPPER_H_
+#define AUTH_CFG_WRAPPER_H_
 
+#include <config/auth_cfg.h>
 #include <credentials/credential_set.h>
-#include <credentials/auth_info.h>
 
-typedef struct auth_info_wrapper_t auth_info_wrapper_t;
+typedef struct auth_cfg_wrapper_t auth_cfg_wrapper_t;
 
 /**
- * A wrapper around auth_info_t to handle it like a credential set.
+ * A wrapper around auth_cfg_t to handle it as a credential set.
  */
-struct auth_info_wrapper_t {
+struct auth_cfg_wrapper_t {
 
 	/**
 	 * implements credential_set_t
@@ -39,17 +37,17 @@ struct auth_info_wrapper_t {
 	credential_set_t set;
 		
 	/**
-     * Destroy a auth_info_wrapper instance.
+     * Destroy a auth_cfg_wrapper instance.
      */
-    void (*destroy)(auth_info_wrapper_t *this);
+    void (*destroy)(auth_cfg_wrapper_t *this);
 };
 
 /**
- * Create a auth_info_wrapper instance.
+ * Create a auth_cfg_wrapper instance.
  *
  * @param auth		the wrapped auth info
  * @return			wrapper around auth
  */
-auth_info_wrapper_t *auth_info_wrapper_create(auth_info_t *auth);
+auth_cfg_wrapper_t *auth_cfg_wrapper_create(auth_cfg_t *auth);
 
-#endif /** AUTH_INFO_WRAPPER_H_ @}*/
+#endif /** AUTH_CFG_WRAPPER_H_ @}*/
diff --git a/src/charon/credentials/sets/cert_cache.c b/src/charon/credentials/sets/cert_cache.c
index 83ba8263d..907f5072f 100644
--- a/src/charon/credentials/sets/cert_cache.c
+++ b/src/charon/credentials/sets/cert_cache.c
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include "cert_cache.h"
diff --git a/src/charon/credentials/sets/cert_cache.h b/src/charon/credentials/sets/cert_cache.h
index 40e38e913..a2cae367c 100644
--- a/src/charon/credentials/sets/cert_cache.h
+++ b/src/charon/credentials/sets/cert_cache.h
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 /**
diff --git a/src/charon/credentials/sets/ocsp_response_wrapper.c b/src/charon/credentials/sets/ocsp_response_wrapper.c
index c4d3a5b0f..e9faec472 100644
--- a/src/charon/credentials/sets/ocsp_response_wrapper.c
+++ b/src/charon/credentials/sets/ocsp_response_wrapper.c
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 #include "ocsp_response_wrapper.h"
diff --git a/src/charon/credentials/sets/ocsp_response_wrapper.h b/src/charon/credentials/sets/ocsp_response_wrapper.h
index 068035884..8f141f7a1 100644
--- a/src/charon/credentials/sets/ocsp_response_wrapper.h
+++ b/src/charon/credentials/sets/ocsp_response_wrapper.h
@@ -11,8 +11,6 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
- *
- * $Id$
  */
 
 /**