summaryrefslogtreecommitdiff
path: root/src/libstrongswan/credentials
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-05-30 20:59:31 +0200
committerYves-Alexis Perez <corsac@corsac.net>2017-05-30 21:03:44 +0200
commit335b7e322c795d86705aab67d2ecf72f1c9c5614 (patch)
treec3a2256cd4d3c9242c47da2a47077b12b3b7a1a6 /src/libstrongswan/credentials
parent7f6fc258427831ed2e80f7540c4368cf6ceba385 (diff)
downloadvyos-strongswan-335b7e322c795d86705aab67d2ecf72f1c9c5614.tar.gz
vyos-strongswan-335b7e322c795d86705aab67d2ecf72f1c9c5614.zip
New upstream version 5.5.3
Diffstat (limited to 'src/libstrongswan/credentials')
-rw-r--r--src/libstrongswan/credentials/auth_cfg.c21
-rw-r--r--src/libstrongswan/credentials/credential_factory.c26
-rw-r--r--src/libstrongswan/credentials/credential_manager.c54
-rw-r--r--src/libstrongswan/credentials/keys/public_key.c9
-rw-r--r--src/libstrongswan/credentials/sets/auth_cfg_wrapper.c36
-rw-r--r--src/libstrongswan/credentials/sets/callback_cred.c10
-rw-r--r--src/libstrongswan/credentials/sets/cert_cache.c38
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.c230
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.h2
-rw-r--r--src/libstrongswan/credentials/sets/ocsp_response_wrapper.c35
10 files changed, 256 insertions, 205 deletions
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 8a3e659fd..a9c8b3904 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -146,12 +146,14 @@ typedef struct {
bool enumerated[AUTH_RULE_MAX];
} entry_enumerator_t;
-/**
- * enumerate function for item_enumerator_t
- */
-static bool enumerate(entry_enumerator_t *this, auth_rule_t *type, void **value)
+METHOD(enumerator_t, enumerate, bool,
+ entry_enumerator_t *this, va_list args)
{
+ auth_rule_t *type;
entry_t *entry;
+ void **value;
+
+ VA_ARGS_VGET(args, type, value);
while (this->inner->enumerate(this->inner, &entry))
{
@@ -174,10 +176,8 @@ static bool enumerate(entry_enumerator_t *this, auth_rule_t *type, void **value)
return FALSE;
}
-/**
- * destroy function for item_enumerator_t
- */
-static void entry_enumerator_destroy(entry_enumerator_t *this)
+METHOD(enumerator_t, entry_enumerator_destroy, void,
+ entry_enumerator_t *this)
{
this->inner->destroy(this->inner);
free(this);
@@ -190,8 +190,9 @@ METHOD(auth_cfg_t, create_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)enumerate,
- .destroy = (void*)entry_enumerator_destroy,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _enumerate,
+ .destroy = _entry_enumerator_destroy,
},
.inner = array_create_enumerator(this->entries),
);
diff --git a/src/libstrongswan/credentials/credential_factory.c b/src/libstrongswan/credentials/credential_factory.c
index 94c7820e1..07e6ea343 100644
--- a/src/libstrongswan/credentials/credential_factory.c
+++ b/src/libstrongswan/credentials/credential_factory.c
@@ -163,17 +163,23 @@ METHOD(credential_factory_t, create, void*,
return construct;
}
-/**
- * Filter function for builder enumerator
- */
-static bool builder_filter(void *null, entry_t **entry, credential_type_t *type,
- void *dummy1, int *subtype)
+CALLBACK(builder_filter, bool,
+ void *null, enumerator_t *orig, va_list args)
{
- if ((*entry)->final)
+ entry_t *entry;
+ credential_type_t *type;
+ int *subtype;
+
+ VA_ARGS_VGET(args, type, subtype);
+
+ while (orig->enumerate(orig, &entry))
{
- *type = (*entry)->type;
- *subtype = (*entry)->subtype;
- return TRUE;
+ if (entry->final)
+ {
+ *type = entry->type;
+ *subtype = entry->subtype;
+ return TRUE;
+ }
}
return FALSE;
}
@@ -184,7 +190,7 @@ METHOD(credential_factory_t, create_builder_enumerator, enumerator_t*,
this->lock->read_lock(this->lock);
return enumerator_create_filter(
this->constructors->create_enumerator(this->constructors),
- (void*)builder_filter, this->lock, (void*)this->lock->unlock);
+ builder_filter, this->lock, (void*)this->lock->unlock);
}
METHOD(credential_factory_t, destroy, void,
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index 95c5cd777..0a8d3d101 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -155,8 +155,12 @@ METHOD(credential_manager_t, call_hook, void,
}
METHOD(enumerator_t, sets_enumerate, bool,
- sets_enumerator_t *this, credential_set_t **set)
+ sets_enumerator_t *this, va_list args)
{
+ credential_set_t **set;
+
+ VA_ARGS_VGET(args, set);
+
if (this->exclusive)
{
if (this->exclusive->enumerate(this->exclusive, set))
@@ -166,19 +170,19 @@ METHOD(enumerator_t, sets_enumerate, bool,
return TRUE;
}
}
- if (this->global)
+ if (this->local)
{
- if (this->global->enumerate(this->global, set))
+ if (this->local->enumerate(this->local, set))
{
return TRUE;
}
- /* end of global sets, look for local */
- this->global->destroy(this->global);
- this->global = NULL;
+ /* end of local sets, look for global */
+ this->local->destroy(this->local);
+ this->local = NULL;
}
- if (this->local)
+ if (this->global)
{
- return this->local->enumerate(this->local, set);
+ return this->global->enumerate(this->global, set);
}
return FALSE;
}
@@ -202,7 +206,8 @@ static enumerator_t *create_sets_enumerator(private_credential_manager_t *this)
INIT(enumerator,
.public = {
- .enumerate = (void*)_sets_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _sets_enumerate,
.destroy = _sets_destroy,
},
);
@@ -807,11 +812,12 @@ static bool verify_trust_chain(private_credential_manager_t *this,
return trusted;
}
-/**
- * List find match function for certificates
- */
-static bool cert_equals(certificate_t *a, certificate_t *b)
+CALLBACK(cert_equals, bool,
+ certificate_t *a, va_list args)
{
+ certificate_t *b;
+
+ VA_ARGS_VGET(args, b);
return a->equals(a, b);
}
@@ -840,9 +846,12 @@ typedef struct {
} trusted_enumerator_t;
METHOD(enumerator_t, trusted_enumerate, bool,
- trusted_enumerator_t *this, certificate_t **cert, auth_cfg_t **auth)
+ trusted_enumerator_t *this, va_list args)
{
- certificate_t *current;
+ certificate_t *current, **cert;
+ auth_cfg_t **auth;
+
+ VA_ARGS_VGET(args, cert, auth);
DESTROY_IF(this->auth);
this->auth = auth_cfg_create();
@@ -888,8 +897,7 @@ METHOD(enumerator_t, trusted_enumerate, bool,
continue;
}
- if (this->failed->find_first(this->failed, (void*)cert_equals,
- NULL, current) == SUCCESS)
+ if (this->failed->find_first(this->failed, cert_equals, NULL, current))
{ /* check each candidate only once */
continue;
}
@@ -931,7 +939,8 @@ METHOD(credential_manager_t, create_trusted_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_trusted_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _trusted_enumerate,
.destroy = _trusted_destroy,
},
.this = this,
@@ -960,9 +969,13 @@ typedef struct {
} public_enumerator_t;
METHOD(enumerator_t, public_enumerate, bool,
- public_enumerator_t *this, public_key_t **key, auth_cfg_t **auth)
+ public_enumerator_t *this, va_list args)
{
certificate_t *cert;
+ public_key_t **key;
+ auth_cfg_t **auth;
+
+ VA_ARGS_VGET(args, key, auth);
while (this->inner->enumerate(this->inner, &cert, auth))
{
@@ -1001,7 +1014,8 @@ METHOD(credential_manager_t, create_public_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_public_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _public_enumerate,
.destroy = _public_destroy,
},
.inner = create_trusted_enumerator(this, type, id, online),
diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c
index 2c76ad680..87f7e6664 100644
--- a/src/libstrongswan/credentials/keys/public_key.c
+++ b/src/libstrongswan/credentials/keys/public_key.c
@@ -272,8 +272,12 @@ typedef struct {
} private_enumerator_t;
METHOD(enumerator_t, signature_schemes_enumerate, bool,
- private_enumerator_t *this, signature_scheme_t *scheme)
+ private_enumerator_t *this, va_list args)
{
+ signature_scheme_t *scheme;
+
+ VA_ARGS_VGET(args, scheme);
+
while (++this->index < countof(scheme_map))
{
if (this->type == scheme_map[this->index].type &&
@@ -296,7 +300,8 @@ enumerator_t *signature_schemes_for_key(key_type_t type, int size)
INIT(this,
.public = {
- .enumerate = (void*)_signature_schemes_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _signature_schemes_enumerate,
.destroy = (void*)free,
},
.index = -1,
diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
index 8393d5b18..1cd4b9d03 100644
--- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
+++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
@@ -112,15 +112,15 @@ static bool fetch_cert(wrapper_enumerator_t *enumerator,
return TRUE;
}
-/**
- * enumerate function for wrapper_enumerator_t
- */
-static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
+METHOD(enumerator_t, enumerate, bool,
+ wrapper_enumerator_t *this, va_list args)
{
auth_rule_t rule;
- certificate_t *current;
+ certificate_t *current, **cert;
public_key_t *public;
+ VA_ARGS_VGET(args, cert);
+
while (this->inner->enumerate(this->inner, &rule, &current))
{
if (rule == AUTH_HELPER_IM_HASH_URL ||
@@ -164,10 +164,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
return FALSE;
}
-/**
- * destroy function for wrapper_enumerator_t
- */
-static void wrapper_enumerator_destroy(wrapper_enumerator_t *this)
+METHOD(enumerator_t, wrapper_enumerator_destroy, void,
+ wrapper_enumerator_t *this)
{
this->inner->destroy(this->inner);
free(this);
@@ -183,14 +181,18 @@ METHOD(credential_set_t, create_enumerator, enumerator_t*,
{
return NULL;
}
- enumerator = malloc_thing(wrapper_enumerator_t);
- enumerator->auth = this->auth;
- enumerator->cert = cert;
- enumerator->key = key;
- enumerator->id = id;
- enumerator->inner = this->auth->create_enumerator(this->auth);
- enumerator->public.enumerate = (void*)enumerate;
- enumerator->public.destroy = (void*)wrapper_enumerator_destroy;
+ INIT(enumerator,
+ .public = {
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _enumerate,
+ .destroy = _wrapper_enumerator_destroy,
+ },
+ .auth = this->auth,
+ .cert = cert,
+ .key = key,
+ .id = id,
+ .inner = this->auth->create_enumerator(this->auth),
+ );
return &enumerator->public;
}
diff --git a/src/libstrongswan/credentials/sets/callback_cred.c b/src/libstrongswan/credentials/sets/callback_cred.c
index bff33f029..0d72452da 100644
--- a/src/libstrongswan/credentials/sets/callback_cred.c
+++ b/src/libstrongswan/credentials/sets/callback_cred.c
@@ -60,9 +60,12 @@ typedef struct {
} shared_enumerator_t;
METHOD(enumerator_t, shared_enumerate, bool,
- shared_enumerator_t *this, shared_key_t **out,
- id_match_t *match_me, id_match_t *match_other)
+ shared_enumerator_t *this, va_list args)
{
+ shared_key_t **out;
+ id_match_t *match_me, *match_other;
+
+ VA_ARGS_VGET(args, out, match_me, match_other);
DESTROY_IF(this->current);
this->current = this->this->cb.shared(this->this->data, this->type,
this->me, this->other, match_me, match_other);
@@ -89,7 +92,8 @@ METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_shared_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _shared_enumerate,
.destroy = _shared_destroy,
},
.this = this,
diff --git a/src/libstrongswan/credentials/sets/cert_cache.c b/src/libstrongswan/credentials/sets/cert_cache.c
index 24fdb194b..92d5efdc6 100644
--- a/src/libstrongswan/credentials/sets/cert_cache.c
+++ b/src/libstrongswan/credentials/sets/cert_cache.c
@@ -252,13 +252,14 @@ typedef struct {
int locked;
} cert_enumerator_t;
-/**
- * filter function for certs enumerator
- */
-static bool cert_enumerate(cert_enumerator_t *this, certificate_t **out)
+METHOD(enumerator_t, cert_enumerate, bool,
+ cert_enumerator_t *this, va_list args)
{
public_key_t *public;
relation_t *rel;
+ certificate_t **out;
+
+ VA_ARGS_VGET(args, out);
if (this->locked >= 0)
{
@@ -311,10 +312,8 @@ static bool cert_enumerate(cert_enumerator_t *this, certificate_t **out)
return FALSE;
}
-/**
- * clean up enumeration data
- */
-static void cert_enumerator_destroy(cert_enumerator_t *this)
+METHOD(enumerator_t, cert_enumerator_destroy, void,
+ cert_enumerator_t *this)
{
relation_t *rel;
@@ -336,16 +335,19 @@ METHOD(credential_set_t, create_enumerator, enumerator_t*,
{
return NULL;
}
- enumerator = malloc_thing(cert_enumerator_t);
- enumerator->public.enumerate = (void*)cert_enumerate;
- enumerator->public.destroy = (void*)cert_enumerator_destroy;
- enumerator->cert = cert;
- enumerator->key = key;
- enumerator->id = id;
- enumerator->relations = this->relations;
- enumerator->index = -1;
- enumerator->locked = -1;
-
+ INIT(enumerator,
+ .public = {
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _cert_enumerate,
+ .destroy = _cert_enumerator_destroy,
+ },
+ .cert = cert,
+ .key = key,
+ .id = id,
+ .relations = this->relations,
+ .index = -1,
+ .locked = -1,
+ );
return &enumerator->public;
}
diff --git a/src/libstrongswan/credentials/sets/mem_cred.c b/src/libstrongswan/credentials/sets/mem_cred.c
index 53e035f98..4d594e439 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.c
+++ b/src/libstrongswan/credentials/sets/mem_cred.c
@@ -74,25 +74,27 @@ typedef struct {
identification_t *id;
} cert_data_t;
-/**
- * destroy cert_data
- */
-static void cert_data_destroy(cert_data_t *data)
+CALLBACK(cert_data_destroy, void,
+ cert_data_t *data)
{
data->lock->unlock(data->lock);
free(data);
}
-/**
- * filter function for certs enumerator
- */
-static bool certs_filter(cert_data_t *data, certificate_t **in, certificate_t **out)
+CALLBACK(certs_filter, bool,
+ cert_data_t *data, enumerator_t *orig, va_list args)
{
public_key_t *public;
- certificate_t *cert = *in;
+ certificate_t *cert, **out;
+
+ VA_ARGS_VGET(args, out);
- if (data->cert == CERT_ANY || data->cert == cert->get_type(cert))
+ while (orig->enumerate(orig, &cert))
{
+ if (data->cert != CERT_ANY && data->cert != cert->get_type(cert))
+ {
+ continue;
+ }
public = cert->get_public_key(cert);
if (public)
{
@@ -102,7 +104,7 @@ static bool certs_filter(cert_data_t *data, certificate_t **in, certificate_t **
data->id->get_encoding(data->id)))
{
public->destroy(public);
- *out = *in;
+ *out = cert;
return TRUE;
}
}
@@ -110,11 +112,11 @@ static bool certs_filter(cert_data_t *data, certificate_t **in, certificate_t **
}
else if (data->key != KEY_ANY)
{
- return FALSE;
+ continue;
}
- if (data->id == NULL || cert->has_subject(cert, data->id))
+ if (!data->id || cert->has_subject(cert, data->id))
{
- *out = *in;
+ *out = cert;
return TRUE;
}
}
@@ -143,12 +145,16 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
{
enumerator = this->untrusted->create_enumerator(this->untrusted);
}
- return enumerator_create_filter(enumerator, (void*)certs_filter, data,
- (void*)cert_data_destroy);
+ return enumerator_create_filter(enumerator, certs_filter, data,
+ cert_data_destroy);
}
-static bool certificate_equals(certificate_t *item, certificate_t *cert)
+CALLBACK(certificate_equals, bool,
+ certificate_t *item, va_list args)
{
+ certificate_t *cert;
+
+ VA_ARGS_VGET(args, cert);
return item->equals(item, cert);
}
@@ -161,9 +167,8 @@ static certificate_t *add_cert_internal(private_mem_cred_t *this, bool trusted,
{
certificate_t *cached;
this->lock->write_lock(this->lock);
- if (this->untrusted->find_first(this->untrusted,
- (linked_list_match_t)certificate_equals,
- (void**)&cached, cert) == SUCCESS)
+ if (this->untrusted->find_first(this->untrusted, certificate_equals,
+ (void**)&cached, cert))
{
cert->destroy(cert);
cert = cached->get_ref(cached);
@@ -199,9 +204,8 @@ METHOD(mem_cred_t, get_cert_ref, certificate_t*,
certificate_t *cached;
this->lock->read_lock(this->lock);
- if (this->untrusted->find_first(this->untrusted,
- (linked_list_match_t)certificate_equals,
- (void**)&cached, cert) == SUCCESS)
+ if (this->untrusted->find_first(this->untrusted, certificate_equals,
+ (void**)&cached, cert))
{
cert->destroy(cert);
cert = cached->get_ref(cached);
@@ -301,30 +305,30 @@ typedef struct {
identification_t *id;
} key_data_t;
-/**
- * Destroy key enumerator data
- */
-static void key_data_destroy(key_data_t *data)
+CALLBACK(key_data_destroy, void,
+ key_data_t *data)
{
data->lock->unlock(data->lock);
free(data);
}
-/**
- * filter function for private key enumerator
- */
-static bool key_filter(key_data_t *data, private_key_t **in, private_key_t **out)
+CALLBACK(key_filter, bool,
+ key_data_t *data, enumerator_t *orig, va_list args)
{
- private_key_t *key;
+ private_key_t *key, **out;
+
+ VA_ARGS_VGET(args, out);
- key = *in;
- if (data->type == KEY_ANY || data->type == key->get_type(key))
+ while (orig->enumerate(orig, &key))
{
- if (data->id == NULL ||
- key->has_fingerprint(key, data->id->get_encoding(data->id)))
+ if (data->type == KEY_ANY || data->type == key->get_type(key))
{
- *out = key;
- return TRUE;
+ if (data->id == NULL ||
+ key->has_fingerprint(key, data->id->get_encoding(data->id)))
+ {
+ *out = key;
+ return TRUE;
+ }
}
}
return FALSE;
@@ -342,7 +346,7 @@ METHOD(credential_set_t, create_private_enumerator, enumerator_t*,
);
this->lock->read_lock(this->lock);
return enumerator_create_filter(this->keys->create_enumerator(this->keys),
- (void*)key_filter, data, (void*)key_data_destroy);
+ key_filter, data, key_data_destroy);
}
METHOD(mem_cred_t, add_key, void,
@@ -468,10 +472,8 @@ typedef struct {
shared_key_type_t type;
} shared_data_t;
-/**
- * free shared key enumerator data and unlock list
- */
-static void shared_data_destroy(shared_data_t *data)
+CALLBACK(shared_data_destroy, void,
+ shared_data_t *data)
{
data->lock->unlock(data->lock);
free(data);
@@ -499,44 +501,47 @@ static id_match_t has_owner(shared_entry_t *entry, identification_t *owner)
return best;
}
-/**
- * enumerator filter function for shared entries
- */
-static bool shared_filter(shared_data_t *data,
- shared_entry_t **in, shared_key_t **out,
- void **unused1, id_match_t *me,
- void **unused2, id_match_t *other)
+CALLBACK(shared_filter, bool,
+ shared_data_t *data, enumerator_t *orig, va_list args)
{
id_match_t my_match = ID_MATCH_NONE, other_match = ID_MATCH_NONE;
- shared_entry_t *entry = *in;
+ shared_entry_t *entry;
+ shared_key_t **out;
+ id_match_t *me, *other;
- if (data->type != SHARED_ANY &&
- entry->shared->get_type(entry->shared) != data->type)
- {
- return FALSE;
- }
- if (data->me)
- {
- my_match = has_owner(entry, data->me);
- }
- if (data->other)
- {
- other_match = has_owner(entry, data->other);
- }
- if ((data->me || data->other) && (!my_match && !other_match))
- {
- return FALSE;
- }
- *out = entry->shared;
- if (me)
- {
- *me = my_match;
- }
- if (other)
+ VA_ARGS_VGET(args, out, me, other);
+
+ while (orig->enumerate(orig, &entry))
{
- *other = other_match;
+ if (data->type != SHARED_ANY &&
+ entry->shared->get_type(entry->shared) != data->type)
+ {
+ continue;
+ }
+ if (data->me)
+ {
+ my_match = has_owner(entry, data->me);
+ }
+ if (data->other)
+ {
+ other_match = has_owner(entry, data->other);
+ }
+ if ((data->me || data->other) && (!my_match && !other_match))
+ {
+ continue;
+ }
+ *out = entry->shared;
+ if (me)
+ {
+ *me = my_match;
+ }
+ if (other)
+ {
+ *other = other_match;
+ }
+ return TRUE;
}
- return TRUE;
+ return FALSE;
}
METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
@@ -554,7 +559,7 @@ METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
data->lock->read_lock(data->lock);
return enumerator_create_filter(
this->shared->create_enumerator(this->shared),
- (void*)shared_filter, data, (void*)shared_data_destroy);
+ shared_filter, data, shared_data_destroy);
}
METHOD(mem_cred_t, add_shared_unique, void,
@@ -648,23 +653,27 @@ METHOD(mem_cred_t, remove_shared_unique, void,
this->lock->unlock(this->lock);
}
-/**
- * Filter unique ids of shared keys (ingore secrets without unique id)
- */
-static bool unique_filter(void *unused,
- shared_entry_t **in, char **id)
+CALLBACK(unique_filter, bool,
+ void *unused, enumerator_t *orig, va_list args)
{
- shared_entry_t *entry = *in;
+ shared_entry_t *entry;
+ char **id;
- if (!entry->id)
- {
- return FALSE;
- }
- if (id)
+ VA_ARGS_VGET(args, id);
+
+ while (orig->enumerate(orig, &entry))
{
- *id = entry->id;
+ if (!entry->id)
+ {
+ continue;
+ }
+ if (id)
+ {
+ *id = entry->id;
+ }
+ return TRUE;
}
- return TRUE;
+ return FALSE;
}
METHOD(mem_cred_t, create_unique_shared_enumerator, enumerator_t*,
@@ -673,7 +682,7 @@ METHOD(mem_cred_t, create_unique_shared_enumerator, enumerator_t*,
this->lock->read_lock(this->lock);
return enumerator_create_filter(
this->shared->create_enumerator(this->shared),
- (void*)unique_filter, this->lock,
+ unique_filter, this->lock,
(void*)this->lock->unlock);
}
@@ -721,30 +730,35 @@ typedef struct {
rwlock_t *lock;
} cdp_data_t;
-/**
- * Clean up CDP enumerator data
- */
-static void cdp_data_destroy(cdp_data_t *data)
+CALLBACK(cdp_data_destroy, void,
+ cdp_data_t *data)
{
data->lock->unlock(data->lock);
free(data);
}
-/**
- * CDP enumerator filter
- */
-static bool cdp_filter(cdp_data_t *data, cdp_t **cdp, char **uri)
+CALLBACK(cdp_filter, bool,
+ cdp_data_t *data, enumerator_t *orig, va_list args)
{
- if (data->type != CERT_ANY && data->type != (*cdp)->type)
- {
- return FALSE;
- }
- if (data->id && !(*cdp)->id->matches((*cdp)->id, data->id))
+ cdp_t *cdp;
+ char **uri;
+
+ VA_ARGS_VGET(args, uri);
+
+ while (orig->enumerate(orig, &cdp))
{
- return FALSE;
+ if (data->type != CERT_ANY && data->type != cdp->type)
+ {
+ continue;
+ }
+ if (data->id && !cdp->id->matches(cdp->id, data->id))
+ {
+ continue;
+ }
+ *uri = cdp->uri;
+ return TRUE;
}
- *uri = (*cdp)->uri;
- return TRUE;
+ return FALSE;
}
METHOD(credential_set_t, create_cdp_enumerator, enumerator_t*,
@@ -759,7 +773,7 @@ METHOD(credential_set_t, create_cdp_enumerator, enumerator_t*,
);
this->lock->read_lock(this->lock);
return enumerator_create_filter(this->cdps->create_enumerator(this->cdps),
- (void*)cdp_filter, data, (void*)cdp_data_destroy);
+ cdp_filter, data, cdp_data_destroy);
}
diff --git a/src/libstrongswan/credentials/sets/mem_cred.h b/src/libstrongswan/credentials/sets/mem_cred.h
index 135515260..f55c3ccdf 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.h
+++ b/src/libstrongswan/credentials/sets/mem_cred.h
@@ -62,7 +62,7 @@ struct mem_cred_t {
/**
* Get an existing reference to the same certificate.
*
- * Searches for the same certficate in the set, and returns a reference
+ * Searches for the same certificate in the set, and returns a reference
* to it, destroying the passed certificate. If the passed certificate
* is not found, it is just returned.
*
diff --git a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c
index 151d69216..12d3f8156 100644
--- a/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c
+++ b/src/libstrongswan/credentials/sets/ocsp_response_wrapper.c
@@ -49,14 +49,15 @@ typedef struct {
identification_t *id;
} wrapper_enumerator_t;
-/**
- * enumerate function wrapper_enumerator_t
- */
-static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
+METHOD(enumerator_t, enumerate, bool,
+ wrapper_enumerator_t *this, va_list args)
{
- certificate_t *current;
+ certificate_t *current, **cert;
public_key_t *public;
+
+ VA_ARGS_VGET(args, cert);
+
while (this->inner->enumerate(this->inner, &current))
{
if (this->cert != CERT_ANY && this->cert != current->get_type(current))
@@ -85,10 +86,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
return FALSE;
}
-/**
- * destroy function for wrapper_enumerator_t
- */
-static void enumerator_destroy(wrapper_enumerator_t *this)
+METHOD(enumerator_t, enumerator_destroy, void,
+ wrapper_enumerator_t *this)
{
this->inner->destroy(this->inner);
free(this);
@@ -105,13 +104,17 @@ METHOD(credential_set_t, create_enumerator, enumerator_t*,
return NULL;
}
- enumerator = malloc_thing(wrapper_enumerator_t);
- enumerator->cert = cert;
- enumerator->key = key;
- enumerator->id = id;
- enumerator->inner = this->response->create_cert_enumerator(this->response);
- enumerator->public.enumerate = (void*)enumerate;
- enumerator->public.destroy = (void*)enumerator_destroy;
+ INIT(enumerator,
+ .public = {
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _enumerate,
+ .destroy = _enumerator_destroy,
+ },
+ .cert = cert,
+ .key = key,
+ .id = id,
+ .inner = this->response->create_cert_enumerator(this->response),
+ );
return &enumerator->public;
}