summaryrefslogtreecommitdiff
path: root/src/libstrongswan/utils/identification.c
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2010-02-23 10:34:14 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2010-02-23 10:34:14 +0000
commited7d79f96177044949744da10f4431c1d6242241 (patch)
tree3aabaa55ed3b5291daef891cfee9befb5235e2b8 /src/libstrongswan/utils/identification.c
parent7410d3c6d6a9a1cd7aa55083c938946af6ff9498 (diff)
downloadvyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.tar.gz
vyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.3.6)
Diffstat (limited to 'src/libstrongswan/utils/identification.c')
-rw-r--r--src/libstrongswan/utils/identification.c382
1 files changed, 192 insertions, 190 deletions
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 10daf4679..b0da340bc 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -26,6 +26,7 @@
#include <asn1/oid.h>
#include <asn1/asn1.h>
+#include <crypto/hashers/hasher.h>
ENUM_BEGIN(id_match_names, ID_MATCH_NONE, ID_MATCH_MAX_WILDCARDS,
"MATCH_NONE",
@@ -48,15 +49,14 @@ ENUM_BEGIN(id_type_names, ID_ANY, ID_KEY_ID,
"ID_DER_ASN1_DN",
"ID_DER_ASN1_GN",
"ID_KEY_ID");
-ENUM_NEXT(id_type_names, ID_DER_ASN1_GN_URI, ID_CERT_DER_SHA1, ID_KEY_ID,
- "ID_DER_ASN1_GN_URI",
- "ID_PUBKEY_INFO_SHA1",
- "ID_PUBKEY_SHA1",
- "ID_CERT_DER_SHA1");
-ENUM_END(id_type_names, ID_CERT_DER_SHA1);
+ENUM_NEXT(id_type_names, ID_DER_ASN1_GN_URI, ID_MYID, ID_KEY_ID,
+ "ID_DER_ASN1_GN_URI"
+ "ID_IETF_ATTR_STRING"
+ "ID_MYID");
+ENUM_END(id_type_names, ID_MYID);
/**
- * coding of X.501 distinguished name
+ * coding of X.501 distinguished name
*/
typedef struct {
const u_char *name;
@@ -109,12 +109,12 @@ struct private_identification_t {
* Public interface.
*/
identification_t public;
-
+
/**
* Encoded representation of this ID.
*/
chunk_t encoded;
-
+
/**
* Type of this ID.
*/
@@ -133,14 +133,11 @@ typedef struct {
chunk_t seqs;
} rdn_enumerator_t;
-/**
- * Implementation of rdn_enumerator_t.enumerate
- */
-static bool rdn_enumerate(rdn_enumerator_t *this, chunk_t *oid,
- u_char *type, chunk_t *data)
+METHOD(enumerator_t, rdn_enumerate, bool,
+ rdn_enumerator_t *this, chunk_t *oid, u_char *type, chunk_t *data)
{
chunk_t rdn;
-
+
/* a DN contains one or more SET, each containing one or more SEQUENCES,
* each containing a OID/value RDN */
if (!this->seqs.len)
@@ -155,7 +152,7 @@ static bool rdn_enumerate(rdn_enumerator_t *this, chunk_t *oid,
asn1_unwrap(&rdn, oid) == ASN1_OID)
{
int t = asn1_unwrap(&rdn, data);
-
+
if (t != ASN1_INVALID)
{
*type = t;
@@ -170,11 +167,15 @@ static bool rdn_enumerate(rdn_enumerator_t *this, chunk_t *oid,
*/
static enumerator_t* create_rdn_enumerator(chunk_t dn)
{
- rdn_enumerator_t *e = malloc_thing(rdn_enumerator_t);
-
- e->public.enumerate = (void*)rdn_enumerate;
- e->public.destroy = (void*)free;
-
+ rdn_enumerator_t *e;
+
+ INIT(e,
+ .public = {
+ .enumerate = (void*)_rdn_enumerate,
+ .destroy = (void*)free,
+ },
+ );
+
/* a DN is a SEQUENCE, get the first SET of it */
if (asn1_unwrap(&dn, &e->sets) == ASN1_SEQUENCE)
{
@@ -195,11 +196,8 @@ typedef struct {
enumerator_t *inner;
} rdn_part_enumerator_t;
-/**
- * Implementation of rdn_part_enumerator_t.enumerate().
- */
-static bool rdn_part_enumerate(rdn_part_enumerator_t *this,
- id_part_t *type, chunk_t *data)
+METHOD(enumerator_t, rdn_part_enumerate, bool,
+ rdn_part_enumerator_t *this, id_part_t *type, chunk_t *data)
{
int i, known_oid, strtype;
chunk_t oid, inner_data;
@@ -224,7 +222,7 @@ static bool rdn_part_enumerate(rdn_part_enumerator_t *this,
{OID_EMAIL_ADDRESS, ID_PART_RDN_E},
{OID_EMPLOYEE_NUMBER, ID_PART_RDN_EN},
};
-
+
while (this->inner->enumerate(this->inner, &oid, &strtype, &inner_data))
{
known_oid = asn1_known_oid(oid);
@@ -241,30 +239,29 @@ static bool rdn_part_enumerate(rdn_part_enumerator_t *this,
return FALSE;
}
-/**
- * Implementation of rdn_part_enumerator_t.destroy().
- */
-static void rdn_part_enumerator_destroy(rdn_part_enumerator_t *this)
+METHOD(enumerator_t, rdn_part_enumerator_destroy, void,
+ rdn_part_enumerator_t *this)
{
this->inner->destroy(this->inner);
free(this);
}
-/**
- * Implementation of identification_t.create_part_enumerator
- */
-static enumerator_t* create_part_enumerator(private_identification_t *this)
+METHOD(identification_t, create_part_enumerator, enumerator_t*,
+ private_identification_t *this)
{
switch (this->type)
{
case ID_DER_ASN1_DN:
{
- rdn_part_enumerator_t *e = malloc_thing(rdn_part_enumerator_t);
-
- e->inner = create_rdn_enumerator(this->encoded);
- e->public.enumerate = (void*)rdn_part_enumerate;
- e->public.destroy = (void*)rdn_part_enumerator_destroy;
-
+ rdn_part_enumerator_t *e;
+
+ INIT(e,
+ .inner = create_rdn_enumerator(this->encoded),
+ .public = {
+ .enumerate = (void*)_rdn_part_enumerate,
+ .destroy = _rdn_part_enumerator_destroy,
+ },
+ );
return &e->public;
}
case ID_RFC822_ADDR:
@@ -282,16 +279,16 @@ static enumerator_t* create_part_enumerator(private_identification_t *this)
static void dntoa(chunk_t dn, char *buf, size_t len)
{
enumerator_t *e;
- chunk_t oid_data, data;
+ chunk_t oid_data, data, printable;
u_char type;
int oid, written;
bool finished = FALSE;
-
+
e = create_rdn_enumerator(dn);
while (e->enumerate(e, &oid_data, &type, &data))
{
oid = asn1_known_oid(oid_data);
-
+
if (oid == OID_UNKNOWN)
{
written = snprintf(buf, len, "%#B=", &oid_data);
@@ -302,18 +299,13 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
}
buf += written;
len -= written;
-
- if (chunk_printable(data, NULL, '?'))
- {
- written = snprintf(buf, len, "%.*s", data.len, data.ptr);
- }
- else
- {
- written = snprintf(buf, len, "%#B", &data);
- }
+
+ chunk_printable(data, &printable, '?');
+ written = snprintf(buf, len, "%.*s", printable.len, printable.ptr);
+ chunk_free(&printable);
buf += written;
len -= written;
-
+
if (data.ptr + data.len != dn.ptr + dn.len)
{
written = snprintf(buf, len, ", ");
@@ -347,7 +339,7 @@ static status_t atodn(char *src, chunk_t *dn)
READ_NAME = 3,
UNKNOWN_OID = 4
} state_t;
-
+
chunk_t oid = chunk_empty;
chunk_t name = chunk_empty;
chunk_t rdns[RDN_MAX];
@@ -358,7 +350,7 @@ static status_t atodn(char *src, chunk_t *dn)
asn1_t rdn_type;
state_t state = SEARCH_OID;
status_t status = SUCCESS;
-
+
do
{
switch (state)
@@ -379,7 +371,7 @@ static status_t atodn(char *src, chunk_t *dn)
else
{
bool found = FALSE;
-
+
for (i = 0; i < countof(x501rdns); i++)
{
if (strlen(x501rdns[i].name) == oid.len &&
@@ -424,15 +416,15 @@ static status_t atodn(char *src, chunk_t *dn)
rdn_type = (x501rdns[i].type == ASN1_PRINTABLESTRING
&& !asn1_is_printablestring(name))
? ASN1_T61STRING : x501rdns[i].type;
-
+
if (rdn_count < RDN_MAX)
{
chunk_t rdn_oid;
-
+
rdn_oid = asn1_build_known_oid(x501rdns[i].oid);
if (rdn_oid.len)
{
- rdns[rdn_count] =
+ rdns[rdn_count] =
asn1_wrap(ASN1_SET, "m",
asn1_wrap(ASN1_SEQUENCE, "mm",
rdn_oid,
@@ -459,20 +451,20 @@ static status_t atodn(char *src, chunk_t *dn)
break;
}
} while (*src++ != '\0');
-
+
/* build the distinguished name sequence */
{
int i;
u_char *pos = asn1_build_object(dn, ASN1_SEQUENCE, dn_len);
-
+
for (i = 0; i < rdn_count; i++)
{
- memcpy(pos, rdns[i].ptr, rdns[i].len);
+ memcpy(pos, rdns[i].ptr, rdns[i].len);
pos += rdns[i].len;
free(rdns[i].ptr);
}
}
-
+
if (status != SUCCESS)
{
free(dn->ptr);
@@ -481,32 +473,26 @@ static status_t atodn(char *src, chunk_t *dn)
return status;
}
-/**
- * Implementation of identification_t.get_encoding.
- */
-static chunk_t get_encoding(private_identification_t *this)
+METHOD(identification_t, get_encoding, chunk_t,
+ private_identification_t *this)
{
return this->encoded;
}
-/**
- * Implementation of identification_t.get_type.
- */
-static id_type_t get_type(private_identification_t *this)
+METHOD(identification_t, get_type, id_type_t,
+ private_identification_t *this)
{
return this->type;
}
-/**
- * Implementation of identification_t.contains_wildcards for ID_DER_ASN1_DN.
- */
-static bool contains_wildcards_dn(private_identification_t *this)
+METHOD(identification_t, contains_wildcards_dn, bool,
+ private_identification_t *this)
{
enumerator_t *enumerator;
bool contains = FALSE;
id_part_t type;
chunk_t data;
-
+
enumerator = create_part_enumerator(this);
while (enumerator->enumerate(enumerator, &type, &data))
{
@@ -520,27 +506,22 @@ static bool contains_wildcards_dn(private_identification_t *this)
return contains;
}
-/**
- * Implementation of identification_t.contains_wildcards using memchr(*).
- */
-static bool contains_wildcards_memchr(private_identification_t *this)
+METHOD(identification_t, contains_wildcards_memchr, bool,
+ private_identification_t *this)
{
return memchr(this->encoded.ptr, '*', this->encoded.len) != NULL;
}
-/**
- * Default implementation of identification_t.equals.
- * compares encoded chunk for equality.
- */
-static bool equals_binary(private_identification_t *this, private_identification_t *other)
+METHOD(identification_t, equals_binary, bool,
+ private_identification_t *this, identification_t *other)
{
- if (this->type == other->type)
+ if (this->type == other->get_type(other))
{
if (this->type == ID_ANY)
{
return TRUE;
}
- return chunk_equals(this->encoded, other->encoded);
+ return chunk_equals(this->encoded, other->get_encoding(other));
}
return FALSE;
}
@@ -554,7 +535,7 @@ static bool compare_dn(chunk_t t_dn, chunk_t o_dn, int *wc)
chunk_t t_oid, o_oid, t_data, o_data;
u_char t_type, o_type;
bool t_next, o_next, finished = FALSE;
-
+
if (wc)
{
*wc = 0;
@@ -571,14 +552,14 @@ static bool compare_dn(chunk_t t_dn, chunk_t o_dn, int *wc)
{
return TRUE;
}
-
+
t = create_rdn_enumerator(t_dn);
o = create_rdn_enumerator(o_dn);
while (TRUE)
{
t_next = t->enumerate(t, &t_oid, &t_type, &t_data);
o_next = o->enumerate(o, &o_oid, &o_type, &o_data);
-
+
if (!o_next && !t_next)
{
break;
@@ -605,8 +586,7 @@ static bool compare_dn(chunk_t t_dn, chunk_t o_dn, int *wc)
if (t_type == o_type &&
(t_type == ASN1_PRINTABLESTRING ||
(t_type == ASN1_IA5STRING &&
- (asn1_known_oid(t_oid) == OID_PKCS9_EMAIL ||
- asn1_known_oid(t_oid) == OID_EMAIL_ADDRESS))))
+ asn1_known_oid(t_oid) == OID_EMAIL_ADDRESS)))
{ /* ignore case for printableStrings and email RDNs */
if (strncasecmp(t_data.ptr, o_data.ptr, t_data.len) != 0)
{
@@ -634,65 +614,55 @@ static bool compare_dn(chunk_t t_dn, chunk_t o_dn, int *wc)
return finished;
}
-/**
- * Special implementation of identification_t.equals for ID_DER_ASN1_DN.
- */
-static bool equals_dn(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, equals_dn, bool,
+ private_identification_t *this, identification_t *other)
{
- return compare_dn(this->encoded, other->encoded, NULL);
+ return compare_dn(this->encoded, other->get_encoding(other), NULL);
}
-/**
- * Special implementation of identification_t.equals for RFC822 and FQDN.
- */
-static bool equals_strcasecmp(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, equals_strcasecmp, bool,
+ private_identification_t *this, identification_t *other)
{
- /* we do some extra sanity checks to check for invalid IDs with a
+ chunk_t encoded = other->get_encoding(other);
+
+ /* we do some extra sanity checks to check for invalid IDs with a
* terminating null in it. */
- if (this->encoded.len == other->encoded.len &&
+ if (this->encoded.len == encoded.len &&
memchr(this->encoded.ptr, 0, this->encoded.len) == NULL &&
- memchr(other->encoded.ptr, 0, other->encoded.len) == NULL &&
- strncasecmp(this->encoded.ptr, other->encoded.ptr, this->encoded.len) == 0)
+ memchr(encoded.ptr, 0, encoded.len) == NULL &&
+ strncasecmp(this->encoded.ptr, encoded.ptr, this->encoded.len) == 0)
{
return TRUE;
}
return FALSE;
}
-/**
- * Default implementation of identification_t.matches.
- */
-static id_match_t matches_binary(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, matches_binary, id_match_t,
+ private_identification_t *this, identification_t *other)
{
- if (other->type == ID_ANY)
+ if (other->get_type(other) == ID_ANY)
{
return ID_MATCH_ANY;
}
- if (this->type == other->type &&
- chunk_equals(this->encoded, other->encoded))
+ if (this->type == other->get_type(other) &&
+ chunk_equals(this->encoded, other->get_encoding(other)))
{
return ID_MATCH_PERFECT;
}
return ID_MATCH_NONE;
}
-/**
- * Special implementation of identification_t.matches for ID_RFC822_ADDR/ID_FQDN.
- * Checks for a wildcard in other-string, and compares it against this-string.
- */
-static id_match_t matches_string(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, matches_string, id_match_t,
+ private_identification_t *this, identification_t *other)
{
- u_int len = other->encoded.len;
-
- if (other->type == ID_ANY)
+ chunk_t encoded = other->get_encoding(other);
+ u_int len = encoded.len;
+
+ if (other->get_type(other) == ID_ANY)
{
return ID_MATCH_ANY;
}
- if (this->type != other->type)
+ if (this->type != other->get_type(other))
{
return ID_MATCH_NONE;
}
@@ -707,15 +677,15 @@ static id_match_t matches_string(private_identification_t *this,
}
/* check for single wildcard at the head of the string */
- if (*other->encoded.ptr == '*')
+ if (*encoded.ptr == '*')
{
/* single asterisk matches any string */
if (len-- == 1)
{ /* not better than ID_ANY */
return ID_MATCH_ANY;
}
- if (strncasecmp(this->encoded.ptr + this->encoded.len - len,
- other->encoded.ptr + 1, len) == 0)
+ if (strncasecmp(this->encoded.ptr + this->encoded.len - len,
+ encoded.ptr + 1, len) == 0)
{
return ID_MATCH_ONE_WILDCARD;
}
@@ -723,36 +693,29 @@ static id_match_t matches_string(private_identification_t *this,
return ID_MATCH_NONE;
}
-/**
- * Special implementation of identification_t.matches for ID_ANY.
- * ANY matches only another ANY, but nothing other
- */
-static id_match_t matches_any(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, matches_any, id_match_t,
+ private_identification_t *this, identification_t *other)
{
- if (other->type == ID_ANY)
+ if (other->get_type(other) == ID_ANY)
{
return ID_MATCH_ANY;
}
return ID_MATCH_NONE;
}
-/**
- * Special implementation of identification_t.matches for ID_DER_ASN1_DN
- */
-static id_match_t matches_dn(private_identification_t *this,
- private_identification_t *other)
+METHOD(identification_t, matches_dn, id_match_t,
+ private_identification_t *this, identification_t *other)
{
int wc;
-
- if (other->type == ID_ANY)
+
+ if (other->get_type(other) == ID_ANY)
{
return ID_MATCH_ANY;
}
-
- if (this->type == other->type)
+
+ if (this->type == other->get_type(other))
{
- if (compare_dn(this->encoded, other->encoded, &wc))
+ if (compare_dn(this->encoded, other->get_encoding(other), &wc))
{
wc = min(wc, ID_MATCH_ONE_WILDCARD - ID_MATCH_MAX_WILDCARDS);
return ID_MATCH_PERFECT - wc;
@@ -770,12 +733,12 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
private_identification_t *this = *((private_identification_t**)(args[0]));
chunk_t proper;
char buf[512];
-
+
if (this == NULL)
{
return print_in_hook(dst, len, "%*s", spec->width, "(null)");
}
-
+
switch (this->type)
{
case ID_ANY:
@@ -810,7 +773,8 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
snprintf(buf, sizeof(buf), "(ASN.1 general Name");
break;
case ID_KEY_ID:
- if (chunk_printable(this->encoded, NULL, '?'))
+ if (chunk_printable(this->encoded, NULL, '?') &&
+ this->encoded.len != HASH_SIZE_SHA1)
{ /* fully printable, use ascii version */
snprintf(buf, sizeof(buf), "%.*s",
this->encoded.len, this->encoded.ptr);
@@ -820,10 +784,8 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
snprintf(buf, sizeof(buf), "%#B", &this->encoded);
}
break;
- case ID_PUBKEY_INFO_SHA1:
- case ID_PUBKEY_SHA1:
- case ID_CERT_DER_SHA1:
- snprintf(buf, sizeof(buf), "%#B", &this->encoded);
+ case ID_MYID:
+ snprintf(buf, sizeof(buf), "%%myid");
break;
default:
snprintf(buf, sizeof(buf), "(unknown ID type: %d)", this->type);
@@ -835,13 +797,12 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
}
return print_in_hook(dst, len, "%*s", spec->width, buf);
}
-/**
- * Implementation of identification_t.clone.
- */
-static identification_t *clone_(private_identification_t *this)
+
+METHOD(identification_t, clone, identification_t*,
+ private_identification_t *this)
{
private_identification_t *clone = malloc_thing(private_identification_t);
-
+
memcpy(clone, this, sizeof(private_identification_t));
if (this->encoded.len)
{
@@ -850,10 +811,8 @@ static identification_t *clone_(private_identification_t *this)
return &clone->public;
}
-/**
- * Implementation of identification_t.destroy.
- */
-static void destroy(private_identification_t *this)
+METHOD(identification_t, destroy, void,
+ private_identification_t *this)
{
chunk_free(&this->encoded);
free(this);
@@ -864,42 +823,43 @@ static void destroy(private_identification_t *this)
*/
static private_identification_t *identification_create(id_type_t type)
{
- private_identification_t *this = malloc_thing(private_identification_t);
-
- this->public.get_encoding = (chunk_t (*) (identification_t*))get_encoding;
- this->public.get_type = (id_type_t (*) (identification_t*))get_type;
- this->public.create_part_enumerator = (enumerator_t*(*)(identification_t*))create_part_enumerator;
- this->public.clone = (identification_t* (*) (identification_t*))clone_;
- this->public.destroy = (void (*) (identification_t*))destroy;
-
+ private_identification_t *this;
+
+ INIT(this,
+ .public = {
+ .get_encoding = _get_encoding,
+ .get_type = _get_type,
+ .create_part_enumerator = _create_part_enumerator,
+ .clone = _clone,
+ .destroy = _destroy,
+ },
+ .type = type,
+ );
+
switch (type)
{
case ID_ANY:
- this->public.matches = (id_match_t (*)(identification_t*,identification_t*))matches_any;
- this->public.equals = (bool (*) (identification_t*,identification_t*))equals_binary;
- this->public.contains_wildcards = (bool (*) (identification_t *this))return_true;
+ this->public.matches = _matches_any;
+ this->public.equals = _equals_binary;
+ this->public.contains_wildcards = return_true;
break;
case ID_FQDN:
case ID_RFC822_ADDR:
- this->public.matches = (id_match_t (*)(identification_t*,identification_t*))matches_string;
- this->public.equals = (bool (*)(identification_t*,identification_t*))equals_strcasecmp;
- this->public.contains_wildcards = (bool (*) (identification_t *this))contains_wildcards_memchr;
+ this->public.matches = _matches_string;
+ this->public.equals = _equals_strcasecmp;
+ this->public.contains_wildcards = _contains_wildcards_memchr;
break;
case ID_DER_ASN1_DN:
- this->public.equals = (bool (*)(identification_t*,identification_t*))equals_dn;
- this->public.matches = (id_match_t (*)(identification_t*,identification_t*))matches_dn;
- this->public.contains_wildcards = (bool (*) (identification_t *this))contains_wildcards_dn;
+ this->public.equals = _equals_dn;
+ this->public.matches = _matches_dn;
+ this->public.contains_wildcards = _contains_wildcards_dn;
break;
default:
- this->public.equals = (bool (*) (identification_t*,identification_t*))equals_binary;
- this->public.matches = (id_match_t (*) (identification_t*,identification_t*))matches_binary;
- this->public.contains_wildcards = (bool (*) (identification_t *this))return_false;
+ this->public.equals = _equals_binary;
+ this->public.matches = _matches_binary;
+ this->public.contains_wildcards = return_false;
break;
}
-
- this->type = type;
- this->encoded = chunk_empty;
-
return this;
}
@@ -910,7 +870,7 @@ identification_t *identification_create_from_string(char *string)
{
private_identification_t *this;
chunk_t encoded;
-
+
if (string == NULL)
{
string = "%any";
@@ -951,7 +911,7 @@ identification_t *identification_create_from_string(char *string)
{
struct in_addr address;
chunk_t chunk = {(void*)&address, sizeof(address)};
-
+
if (inet_pton(AF_INET, string, &address) > 0)
{ /* is IPv4 */
this = identification_create(ID_IPV4_ADDR);
@@ -968,7 +928,7 @@ identification_t *identification_create_from_string(char *string)
{
struct in6_addr address;
chunk_t chunk = {(void*)&address, sizeof(address)};
-
+
if (inet_pton(AF_INET6, string, &address) > 0)
{ /* is IPv6 */
this = identification_create(ID_IPV6_ADDR);
@@ -1015,11 +975,23 @@ identification_t *identification_create_from_string(char *string)
/*
* Described in header.
*/
+identification_t * identification_create_from_data(chunk_t data)
+{
+ char buf[data.len + 1];
+
+ /* use string constructor */
+ snprintf(buf, sizeof(buf), "%.*s", data.len, data.ptr);
+ return identification_create_from_string(buf);
+}
+
+/*
+ * Described in header.
+ */
identification_t *identification_create_from_encoding(id_type_t type,
chunk_t encoded)
{
private_identification_t *this = identification_create(type);
-
+
/* apply encoded chunk */
if (type != ID_ANY)
{
@@ -1028,3 +1000,33 @@ identification_t *identification_create_from_encoding(id_type_t type,
return &(this->public);
}
+/*
+ * Described in header.
+ */
+identification_t *identification_create_from_sockaddr(sockaddr_t *sockaddr)
+{
+ switch (sockaddr->sa_family)
+ {
+ case AF_INET:
+ {
+ struct in_addr *addr = &(((struct sockaddr_in*)sockaddr)->sin_addr);
+
+ return identification_create_from_encoding(ID_IPV4_ADDR,
+ chunk_create((u_char*)addr, sizeof(struct in_addr)));
+ }
+ case AF_INET6:
+ {
+ struct in6_addr *addr = &(((struct sockaddr_in6*)sockaddr)->sin6_addr);
+
+ return identification_create_from_encoding(ID_IPV6_ADDR,
+ chunk_create((u_char*)addr, sizeof(struct in6_addr)));
+ }
+ default:
+ {
+ private_identification_t *this = identification_create(ID_ANY);
+
+ return &(this->public);
+ }
+ }
+}
+