summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
authorRené Mayrhofer <rene@mayrhofer.eu.org>2011-05-19 13:41:58 +0200
committerRené Mayrhofer <rene@mayrhofer.eu.org>2011-05-19 13:41:58 +0200
commitb590992f735393c97489fce191e7810eaae4f6d7 (patch)
tree286595c4aa43dbf3d616d816e5fade6ac364771a /src/libstrongswan
parent2fce29055b7b5bc2860d503d1ae822931f80b7aa (diff)
parent0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff)
downloadvyos-strongswan-b590992f735393c97489fce191e7810eaae4f6d7.tar.gz
vyos-strongswan-b590992f735393c97489fce191e7810eaae4f6d7.zip
Merge upstream version 4.5.2
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Android.mk5
-rw-r--r--src/libstrongswan/Makefile.am16
-rw-r--r--src/libstrongswan/Makefile.in148
-rw-r--r--src/libstrongswan/asn1/asn1.c68
-rw-r--r--src/libstrongswan/asn1/asn1.h3
-rw-r--r--src/libstrongswan/asn1/asn1_parser.c59
-rw-r--r--src/libstrongswan/asn1/oid.c908
-rw-r--r--src/libstrongswan/asn1/oid.h387
-rw-r--r--src/libstrongswan/asn1/oid.txt37
-rw-r--r--src/libstrongswan/chunk.h2
-rw-r--r--src/libstrongswan/credentials/auth_cfg.c104
-rw-r--r--src/libstrongswan/credentials/auth_cfg.h6
-rw-r--r--src/libstrongswan/credentials/builder.c5
-rw-r--r--src/libstrongswan/credentials/builder.h10
-rw-r--r--src/libstrongswan/credentials/cert_validator.h9
-rw-r--r--src/libstrongswan/credentials/certificates/crl.h3
-rw-r--r--src/libstrongswan/credentials/certificates/x509.h33
-rw-r--r--src/libstrongswan/credentials/cred_encoding.c7
-rw-r--r--src/libstrongswan/credentials/credential_manager.c70
-rw-r--r--src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c6
-rw-r--r--src/libstrongswan/credentials/sets/auth_cfg_wrapper.c4
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.c78
-rw-r--r--src/libstrongswan/credentials/sets/mem_cred.h19
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c149
-rw-r--r--src/libstrongswan/crypto/crypto_factory.h54
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c191
-rw-r--r--src/libstrongswan/crypto/crypto_tester.h26
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c141
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.txt2
-rw-r--r--src/libstrongswan/crypto/transform.c5
-rw-r--r--src/libstrongswan/crypto/transform.h13
-rw-r--r--src/libstrongswan/eap/eap.c21
-rw-r--r--src/libstrongswan/eap/eap.h19
-rw-r--r--src/libstrongswan/enum.c4
-rw-r--r--src/libstrongswan/fetcher/fetcher.c33
-rw-r--r--src/libstrongswan/fetcher/fetcher.h51
-rw-r--r--src/libstrongswan/fetcher/fetcher_manager.c81
-rw-r--r--src/libstrongswan/fetcher/fetcher_manager.h9
-rw-r--r--src/libstrongswan/integrity_checker.c60
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/aes/aes_crypter.c1
-rw-r--r--src/libstrongswan/plugins/aes/aes_plugin.c19
-rw-r--r--src/libstrongswan/plugins/af_alg/Makefile.in3
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_crypter.c5
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_crypter.h4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_hasher.c4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_hasher.h4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_ops.c2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_ops.h2
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_plugin.c16
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_prf.c4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_prf.h4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_signer.c4
-rw-r--r--src/libstrongswan/plugins/af_alg/af_alg_signer.h4
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/agent/agent_plugin.c8
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_crypter.c1
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_plugin.c19
-rw-r--r--src/libstrongswan/plugins/ccm/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ccm/ccm_plugin.c49
-rw-r--r--src/libstrongswan/plugins/constraints/Makefile.in3
-rw-r--r--src/libstrongswan/plugins/constraints/constraints_plugin.c8
-rw-r--r--src/libstrongswan/plugins/ctr/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ctr/ctr_plugin.c28
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/curl/curl_fetcher.c71
-rw-r--r--src/libstrongswan/plugins/curl/curl_plugin.c21
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/des/des_crypter.c1
-rw-r--r--src/libstrongswan/plugins/des/des_plugin.c27
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/dnskey/dnskey_plugin.c22
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c50
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c31
-rw-r--r--src/libstrongswan/plugins/gcm/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gcm/gcm_plugin.c37
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c155
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gmp/gmp_plugin.c64
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/hmac/hmac.c4
-rw-r--r--src/libstrongswan/plugins/hmac/hmac_plugin.c80
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_fetcher.c32
-rw-r--r--src/libstrongswan/plugins/ldap/ldap_plugin.c21
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/md4/md4_plugin.c30
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/md5/md5_plugin.c30
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_database.c37
-rw-r--r--src/libstrongswan/plugins/mysql/mysql_plugin.c20
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crl.c7
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crypter.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c167
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_x509.c75
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_aes_crypter.c4
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_plugin.c39
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pem/pem_encoder.c4
-rw-r--r--src/libstrongswan/plugins/pem/pem_plugin.c21
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_plugin.c29
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_builder.c2
-rw-r--r--src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c21
-rw-r--r--src/libstrongswan/plugins/pkcs11/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_creds.c37
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_library.c48
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_library.h15
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_manager.c6
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c39
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c24
-rw-r--r--src/libstrongswan/plugins/plugin.h16
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c213
-rw-r--r--src/libstrongswan/plugins/plugin_loader.h12
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pubkey/pubkey_plugin.c21
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.c34
-rw-r--r--src/libstrongswan/plugins/random/random_rng.c32
-rw-r--r--src/libstrongswan/plugins/revocation/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/revocation/revocation_plugin.c8
-rw-r--r--src/libstrongswan/plugins/revocation/revocation_validator.c156
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sha1/sha1_plugin.c34
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sha2/sha2_plugin.c42
-rw-r--r--src/libstrongswan/plugins/soup/Makefile.in3
-rw-r--r--src/libstrongswan/plugins/soup/soup_fetcher.c55
-rw-r--r--src/libstrongswan/plugins/soup/soup_plugin.c8
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_database.c43
-rw-r--r--src/libstrongswan/plugins/sqlite/sqlite_plugin.c21
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors/des.c2
-rw-r--r--src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c22
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c454
-rw-r--r--src/libstrongswan/plugins/x509/x509_crl.c88
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_response.c2
-rw-r--r--src/libstrongswan/plugins/x509/x509_plugin.c21
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc.c4
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc_plugin.c36
-rw-r--r--src/libstrongswan/printf_hook.c21
-rw-r--r--src/libstrongswan/processing/jobs/callback_job.c59
-rw-r--r--src/libstrongswan/processing/jobs/callback_job.h17
-rw-r--r--src/libstrongswan/processing/processor.c84
-rw-r--r--src/libstrongswan/processing/scheduler.c57
-rw-r--r--src/libstrongswan/selectors/traffic_selector.c8
-rw-r--r--src/libstrongswan/settings.c474
-rw-r--r--src/libstrongswan/settings.h43
-rw-r--r--src/libstrongswan/threading/thread.c19
-rw-r--r--src/libstrongswan/utils.c13
-rw-r--r--src/libstrongswan/utils.h55
-rw-r--r--src/libstrongswan/utils/backtrace.c19
-rw-r--r--src/libstrongswan/utils/backtrace.h9
-rw-r--r--src/libstrongswan/utils/hashtable.c7
-rw-r--r--src/libstrongswan/utils/host.c7
-rw-r--r--src/libstrongswan/utils/host.h3
-rw-r--r--src/libstrongswan/utils/identification.c65
-rw-r--r--src/libstrongswan/utils/leak_detective.c28
-rw-r--r--src/libstrongswan/utils/linked_list.c1
-rw-r--r--src/libstrongswan/utils/optionsfrom.c29
172 files changed, 1795 insertions, 5249 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index 431543151..259f0a375 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -32,8 +32,7 @@ credentials/keys/private_key.c credentials/keys/private_key.h \
credentials/keys/public_key.c credentials/keys/public_key.h \
credentials/keys/shared_key.c credentials/keys/shared_key.h \
credentials/certificates/certificate.c credentials/certificates/certificate.h \
-credentials/certificates/x509.h credentials/certificates/x509.c \
-credentials/certificates/ac.h \
+credentials/certificates/x509.h credentials/certificates/ac.h \
credentials/certificates/crl.h credentials/certificates/crl.c \
credentials/certificates/pkcs10.h \
credentials/certificates/ocsp_request.h \
@@ -49,7 +48,7 @@ credentials/sets/callback_cred.c credentials/sets/callback_cred.h \
credentials/auth_cfg.c credentials/auth_cfg.h credentials/credential_set.h \
credentials/cert_validator.h \
database/database.h database/database_factory.h database/database_factory.c \
-fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
+fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
eap/eap.h eap/eap.c \
plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h \
processing/jobs/job.h \
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 894d3ae65..b6c70daea 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -30,12 +30,7 @@ credentials/keys/private_key.c credentials/keys/private_key.h \
credentials/keys/public_key.c credentials/keys/public_key.h \
credentials/keys/shared_key.c credentials/keys/shared_key.h \
credentials/certificates/certificate.c credentials/certificates/certificate.h \
-<<<<<<< HEAD
-credentials/certificates/x509.h credentials/certificates/x509.c \
-credentials/certificates/ac.h \
-=======
credentials/certificates/x509.h credentials/certificates/ac.h \
->>>>>>> upstream/4.5.1
credentials/certificates/crl.h credentials/certificates/crl.c \
credentials/certificates/pkcs10.h \
credentials/certificates/ocsp_request.h \
@@ -51,7 +46,7 @@ credentials/sets/callback_cred.c credentials/sets/callback_cred.h \
credentials/auth_cfg.c credentials/auth_cfg.h credentials/credential_set.h \
credentials/cert_validator.h \
database/database.h database/database_factory.h database/database_factory.c \
-fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
+fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
eap/eap.h eap/eap.c \
plugins/plugin_loader.c plugins/plugin_loader.h plugins/plugin.h \
processing/jobs/job.h \
@@ -140,8 +135,6 @@ else
SUBDIRS = .
endif
-<<<<<<< HEAD
-=======
if USE_AF_ALG
SUBDIRS += plugins/af_alg
if MONOLITHIC
@@ -149,7 +142,6 @@ if MONOLITHIC
endif
endif
->>>>>>> upstream/4.5.1
if USE_AES
SUBDIRS += plugins/aes
if MONOLITHIC
@@ -241,8 +233,6 @@ if MONOLITHIC
endif
endif
-<<<<<<< HEAD
-=======
if USE_CONSTRAINTS
SUBDIRS += plugins/constraints
if MONOLITHIC
@@ -250,7 +240,6 @@ if MONOLITHIC
endif
endif
->>>>>>> upstream/4.5.1
if USE_PUBKEY
SUBDIRS += plugins/pubkey
if MONOLITHIC
@@ -293,8 +282,6 @@ if MONOLITHIC
endif
endif
-<<<<<<< HEAD
-=======
if USE_SOUP
SUBDIRS += plugins/soup
if MONOLITHIC
@@ -302,7 +289,6 @@ if MONOLITHIC
endif
endif
->>>>>>> upstream/4.5.1
if USE_LDAP
SUBDIRS += plugins/ldap
if MONOLITHIC
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index af1e5bf3d..c9ae8992e 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -44,72 +44,6 @@ host_triplet = @host@
@USE_INTEGRITY_TEST_TRUE@ integrity_checker.c integrity_checker.h
@USE_VSTR_TRUE@am__append_6 = -lvstr
-<<<<<<< HEAD
-@USE_AES_TRUE@am__append_7 = plugins/aes
-@MONOLITHIC_TRUE@@USE_AES_TRUE@am__append_8 = plugins/aes/libstrongswan-aes.la
-@USE_DES_TRUE@am__append_9 = plugins/des
-@MONOLITHIC_TRUE@@USE_DES_TRUE@am__append_10 = plugins/des/libstrongswan-des.la
-@USE_BLOWFISH_TRUE@am__append_11 = plugins/blowfish
-@MONOLITHIC_TRUE@@USE_BLOWFISH_TRUE@am__append_12 = plugins/blowfish/libstrongswan-blowfish.la
-@USE_MD4_TRUE@am__append_13 = plugins/md4
-@MONOLITHIC_TRUE@@USE_MD4_TRUE@am__append_14 = plugins/md4/libstrongswan-md4.la
-@USE_MD5_TRUE@am__append_15 = plugins/md5
-@MONOLITHIC_TRUE@@USE_MD5_TRUE@am__append_16 = plugins/md5/libstrongswan-md5.la
-@USE_SHA1_TRUE@am__append_17 = plugins/sha1
-@MONOLITHIC_TRUE@@USE_SHA1_TRUE@am__append_18 = plugins/sha1/libstrongswan-sha1.la
-@USE_SHA2_TRUE@am__append_19 = plugins/sha2
-@MONOLITHIC_TRUE@@USE_SHA2_TRUE@am__append_20 = plugins/sha2/libstrongswan-sha2.la
-@USE_GMP_TRUE@am__append_21 = plugins/gmp
-@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_22 = plugins/gmp/libstrongswan-gmp.la
-@USE_RANDOM_TRUE@am__append_23 = plugins/random
-@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_24 = plugins/random/libstrongswan-random.la
-@USE_HMAC_TRUE@am__append_25 = plugins/hmac
-@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_26 = plugins/hmac/libstrongswan-hmac.la
-@USE_XCBC_TRUE@am__append_27 = plugins/xcbc
-@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_28 = plugins/xcbc/libstrongswan-xcbc.la
-@USE_X509_TRUE@am__append_29 = plugins/x509
-@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_30 = plugins/x509/libstrongswan-x509.la
-@USE_REVOCATION_TRUE@am__append_31 = plugins/revocation
-@MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_32 = plugins/revocation/libstrongswan-revocation.la
-@USE_PUBKEY_TRUE@am__append_33 = plugins/pubkey
-@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_34 = plugins/pubkey/libstrongswan-pubkey.la
-@USE_PKCS1_TRUE@am__append_35 = plugins/pkcs1
-@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_36 = plugins/pkcs1/libstrongswan-pkcs1.la
-@USE_PGP_TRUE@am__append_37 = plugins/pgp
-@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_38 = plugins/pgp/libstrongswan-pgp.la
-@USE_DNSKEY_TRUE@am__append_39 = plugins/dnskey
-@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_40 = plugins/dnskey/libstrongswan-dnskey.la
-@USE_PEM_TRUE@am__append_41 = plugins/pem
-@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_42 = plugins/pem/libstrongswan-pem.la
-@USE_CURL_TRUE@am__append_43 = plugins/curl
-@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_44 = plugins/curl/libstrongswan-curl.la
-@USE_LDAP_TRUE@am__append_45 = plugins/ldap
-@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_46 = plugins/ldap/libstrongswan-ldap.la
-@USE_MYSQL_TRUE@am__append_47 = plugins/mysql
-@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_48 = plugins/mysql/libstrongswan-mysql.la
-@USE_SQLITE_TRUE@am__append_49 = plugins/sqlite
-@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_50 = plugins/sqlite/libstrongswan-sqlite.la
-@USE_PADLOCK_TRUE@am__append_51 = plugins/padlock
-@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_52 = plugins/padlock/libstrongswan-padlock.la
-@USE_OPENSSL_TRUE@am__append_53 = plugins/openssl
-@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_54 = plugins/openssl/libstrongswan-openssl.la
-@USE_GCRYPT_TRUE@am__append_55 = plugins/gcrypt
-@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_56 = plugins/gcrypt/libstrongswan-gcrypt.la
-@USE_FIPS_PRF_TRUE@am__append_57 = plugins/fips_prf
-@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_58 = plugins/fips_prf/libstrongswan-fips-prf.la
-@USE_AGENT_TRUE@am__append_59 = plugins/agent
-@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_60 = plugins/agent/libstrongswan-agent.la
-@USE_PKCS11_TRUE@am__append_61 = plugins/pkcs11
-@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_62 = plugins/pkcs11/libstrongswan-pkcs11.la
-@USE_CTR_TRUE@am__append_63 = plugins/ctr
-@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_64 = plugins/ctr/libstrongswan-ctr.la
-@USE_CCM_TRUE@am__append_65 = plugins/ccm
-@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_66 = plugins/ccm/libstrongswan-ccm.la
-@USE_GCM_TRUE@am__append_67 = plugins/gcm
-@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_68 = plugins/gcm/libstrongswan-gcm.la
-@USE_TEST_VECTORS_TRUE@am__append_69 = plugins/test_vectors
-@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_70 = plugins/test_vectors/libstrongswan-test-vectors.la
-=======
@USE_AF_ALG_TRUE@am__append_7 = plugins/af_alg
@MONOLITHIC_TRUE@@USE_AF_ALG_TRUE@am__append_8 = plugins/af_alg/libstrongswan-af-alg.la
@USE_AES_TRUE@am__append_9 = plugins/aes
@@ -180,7 +114,6 @@ host_triplet = @host@
@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_74 = plugins/gcm/libstrongswan-gcm.la
@USE_TEST_VECTORS_TRUE@am__append_75 = plugins/test_vectors
@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_76 = plugins/test_vectors/libstrongswan-test-vectors.la
->>>>>>> upstream/4.5.1
subdir = src/libstrongswan
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
@@ -235,12 +168,8 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
$(am__append_48) $(am__append_50) $(am__append_52) \
$(am__append_54) $(am__append_56) $(am__append_58) \
$(am__append_60) $(am__append_62) $(am__append_64) \
-<<<<<<< HEAD
- $(am__append_66) $(am__append_68) $(am__append_70)
-=======
$(am__append_66) $(am__append_68) $(am__append_70) \
$(am__append_72) $(am__append_74) $(am__append_76)
->>>>>>> upstream/4.5.1
am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
chunk.h debug.c debug.h enum.c enum.h settings.h settings.c \
printf_hook.c printf_hook.h asn1/asn1.c asn1/asn1.h \
@@ -265,12 +194,7 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
credentials/keys/shared_key.h \
credentials/certificates/certificate.c \
credentials/certificates/certificate.h \
-<<<<<<< HEAD
- credentials/certificates/x509.h \
- credentials/certificates/x509.c credentials/certificates/ac.h \
-=======
credentials/certificates/x509.h credentials/certificates/ac.h \
->>>>>>> upstream/4.5.1
credentials/certificates/crl.h credentials/certificates/crl.c \
credentials/certificates/pkcs10.h \
credentials/certificates/ocsp_request.h \
@@ -292,7 +216,7 @@ am__libstrongswan_la_SOURCES_DIST = library.c library.h chunk.c \
credentials/auth_cfg.h credentials/credential_set.h \
credentials/cert_validator.h database/database.h \
database/database_factory.h database/database_factory.c \
- fetcher/fetcher.h fetcher/fetcher_manager.h \
+ fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h \
fetcher/fetcher_manager.c eap/eap.h eap/eap.c \
plugins/plugin_loader.c plugins/plugin_loader.h \
plugins/plugin.h processing/jobs/job.h \
@@ -320,14 +244,10 @@ am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \
crypto_tester.lo diffie_hellman.lo aead.lo transform.lo \
credential_factory.lo builder.lo cred_encoding.lo \
private_key.lo public_key.lo shared_key.lo certificate.lo \
-<<<<<<< HEAD
- x509.lo crl.lo ocsp_response.lo ietf_attributes.lo \
-=======
crl.lo ocsp_response.lo ietf_attributes.lo \
->>>>>>> upstream/4.5.1
credential_manager.lo auth_cfg_wrapper.lo \
ocsp_response_wrapper.lo cert_cache.lo mem_cred.lo \
- callback_cred.lo auth_cfg.lo database_factory.lo \
+ callback_cred.lo auth_cfg.lo database_factory.lo fetcher.lo \
fetcher_manager.lo eap.lo plugin_loader.lo callback_job.lo \
processor.lo scheduler.lo traffic_selector.lo thread.lo \
thread_value.lo mutex.lo rwlock.lo utils.lo host.lo \
@@ -364,16 +284,6 @@ AM_RECURSIVE_TARGETS = $(RECURSIVE_TARGETS:-recursive=) \
distdir
ETAGS = etags
CTAGS = ctags
-<<<<<<< HEAD
-DIST_SUBDIRS = . plugins/aes plugins/des plugins/blowfish plugins/md4 \
- plugins/md5 plugins/sha1 plugins/sha2 plugins/gmp \
- plugins/random plugins/hmac plugins/xcbc plugins/x509 \
- plugins/revocation plugins/pubkey plugins/pkcs1 plugins/pgp \
- plugins/dnskey plugins/pem plugins/curl plugins/ldap \
- plugins/mysql plugins/sqlite plugins/padlock plugins/openssl \
- plugins/gcrypt plugins/fips_prf plugins/agent plugins/pkcs11 \
- plugins/ctr plugins/ccm plugins/gcm plugins/test_vectors
-=======
DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
plugins/blowfish plugins/md4 plugins/md5 plugins/sha1 \
plugins/sha2 plugins/gmp plugins/random plugins/hmac \
@@ -384,7 +294,6 @@ DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
plugins/openssl plugins/gcrypt plugins/fips_prf plugins/agent \
plugins/pkcs11 plugins/ctr plugins/ccm plugins/gcm \
plugins/test_vectors
->>>>>>> upstream/4.5.1
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -530,13 +439,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -557,6 +460,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -575,14 +480,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
@@ -615,12 +518,7 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \
credentials/keys/shared_key.h \
credentials/certificates/certificate.c \
credentials/certificates/certificate.h \
-<<<<<<< HEAD
- credentials/certificates/x509.h \
- credentials/certificates/x509.c credentials/certificates/ac.h \
-=======
credentials/certificates/x509.h credentials/certificates/ac.h \
->>>>>>> upstream/4.5.1
credentials/certificates/crl.h credentials/certificates/crl.c \
credentials/certificates/pkcs10.h \
credentials/certificates/ocsp_request.h \
@@ -642,7 +540,7 @@ libstrongswan_la_SOURCES = library.c library.h chunk.c chunk.h debug.c \
credentials/auth_cfg.h credentials/credential_set.h \
credentials/cert_validator.h database/database.h \
database/database_factory.h database/database_factory.c \
- fetcher/fetcher.h fetcher/fetcher_manager.h \
+ fetcher/fetcher.h fetcher/fetcher.c fetcher/fetcher_manager.h \
fetcher/fetcher_manager.c eap/eap.h eap/eap.c \
plugins/plugin_loader.c plugins/plugin_loader.h \
plugins/plugin.h processing/jobs/job.h \
@@ -671,12 +569,8 @@ libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
$(am__append_48) $(am__append_50) $(am__append_52) \
$(am__append_54) $(am__append_56) $(am__append_58) \
$(am__append_60) $(am__append_62) $(am__append_64) \
-<<<<<<< HEAD
- $(am__append_66) $(am__append_68) $(am__append_70)
-=======
$(am__append_66) $(am__append_68) $(am__append_70) \
$(am__append_72) $(am__append_74) $(am__append_76)
->>>>>>> upstream/4.5.1
INCLUDES = -I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = -DIPSEC_DIR=\"${ipsecdir}\" -DPLUGINDIR=\"${plugindir}\" \
-DSTRONGSWAN_CONF=\"${strongswan_conf}\" $(am__append_1) \
@@ -709,13 +603,9 @@ $(srcdir)/crypto/proposal/proposal_keywords.c
@MONOLITHIC_FALSE@ $(am__append_55) $(am__append_57) \
@MONOLITHIC_FALSE@ $(am__append_59) $(am__append_61) \
@MONOLITHIC_FALSE@ $(am__append_63) $(am__append_65) \
-<<<<<<< HEAD
-@MONOLITHIC_FALSE@ $(am__append_67) $(am__append_69)
-=======
@MONOLITHIC_FALSE@ $(am__append_67) $(am__append_69) \
@MONOLITHIC_FALSE@ $(am__append_71) $(am__append_73) \
@MONOLITHIC_FALSE@ $(am__append_75)
->>>>>>> upstream/4.5.1
# build plugins with their own Makefile
#######################################
@@ -734,13 +624,9 @@ $(srcdir)/crypto/proposal/proposal_keywords.c
@MONOLITHIC_TRUE@ $(am__append_55) $(am__append_57) \
@MONOLITHIC_TRUE@ $(am__append_59) $(am__append_61) \
@MONOLITHIC_TRUE@ $(am__append_63) $(am__append_65) \
-<<<<<<< HEAD
-@MONOLITHIC_TRUE@ $(am__append_67) $(am__append_69)
-=======
@MONOLITHIC_TRUE@ $(am__append_67) $(am__append_69) \
@MONOLITHIC_TRUE@ $(am__append_71) $(am__append_73) \
@MONOLITHIC_TRUE@ $(am__append_75)
->>>>>>> upstream/4.5.1
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -841,6 +727,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eap.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enum.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enumerator.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fetcher.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fetcher_manager.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hashtable.Plo@am__quote@
@@ -878,10 +765,6 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/traffic_selector.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transform.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Plo@am__quote@
-<<<<<<< HEAD
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@
-=======
->>>>>>> upstream/4.5.1
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -1065,16 +948,6 @@ certificate.lo: credentials/certificates/certificate.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certificate.lo `test -f 'credentials/certificates/certificate.c' || echo '$(srcdir)/'`credentials/certificates/certificate.c
-<<<<<<< HEAD
-x509.lo: credentials/certificates/x509.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT x509.lo -MD -MP -MF $(DEPDIR)/x509.Tpo -c -o x509.lo `test -f 'credentials/certificates/x509.c' || echo '$(srcdir)/'`credentials/certificates/x509.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/x509.Tpo $(DEPDIR)/x509.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='credentials/certificates/x509.c' object='x509.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o x509.lo `test -f 'credentials/certificates/x509.c' || echo '$(srcdir)/'`credentials/certificates/x509.c
-
-=======
->>>>>>> upstream/4.5.1
crl.lo: credentials/certificates/crl.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crl.lo -MD -MP -MF $(DEPDIR)/crl.Tpo -c -o crl.lo `test -f 'credentials/certificates/crl.c' || echo '$(srcdir)/'`credentials/certificates/crl.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/crl.Tpo $(DEPDIR)/crl.Plo
@@ -1152,6 +1025,13 @@ database_factory.lo: database/database_factory.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o database_factory.lo `test -f 'database/database_factory.c' || echo '$(srcdir)/'`database/database_factory.c
+fetcher.lo: fetcher/fetcher.c
+@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fetcher.lo -MD -MP -MF $(DEPDIR)/fetcher.Tpo -c -o fetcher.lo `test -f 'fetcher/fetcher.c' || echo '$(srcdir)/'`fetcher/fetcher.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/fetcher.Tpo $(DEPDIR)/fetcher.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='fetcher/fetcher.c' object='fetcher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fetcher.lo `test -f 'fetcher/fetcher.c' || echo '$(srcdir)/'`fetcher/fetcher.c
+
fetcher_manager.lo: fetcher/fetcher_manager.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fetcher_manager.lo -MD -MP -MF $(DEPDIR)/fetcher_manager.Tpo -c -o fetcher_manager.lo `test -f 'fetcher/fetcher_manager.c' || echo '$(srcdir)/'`fetcher/fetcher_manager.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/fetcher_manager.Tpo $(DEPDIR)/fetcher_manager.Plo
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 7f198f9aa..4466b37a4 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -126,15 +126,13 @@ chunk_t asn1_build_known_oid(int n)
/*
* Defined in header.
*/
-<<<<<<< HEAD
-=======
chunk_t asn1_oid_from_string(char *str)
{
enumerator_t *enumerator;
- u_char buf[32];
+ u_char buf[64];
char *end;
- int i = 0, pos = 0;
- u_int val, first = 0;
+ int i = 0, pos = 0, shift;
+ u_int val, shifted_val, first = 0;
enumerator = enumerator_create_token(str, ".", "");
while (enumerator->enumerate(enumerator, &str))
@@ -154,16 +152,17 @@ chunk_t asn1_oid_from_string(char *str)
buf[pos++] = first * 40 + val;
break;
default:
- if (val < 128)
+ shift = 28; /* sufficient to handle 32 bit node numbers */
+ while (shift)
{
- buf[pos++] = val;
+ shifted_val = val >> shift;
+ shift -= 7;
+ if (shifted_val) /* do not encode leading zeroes */
+ {
+ buf[pos++] = 0x80 | (shifted_val & 0x7F);
+ }
}
- else
- {
- buf[pos++] = 128 | (val >> 7);
- buf[pos++] = (val % 256) & 0x7F;
- }
- break;
+ buf[pos++] = val & 0x7F;
}
}
enumerator->destroy(enumerator);
@@ -185,44 +184,37 @@ char *asn1_oid_to_string(chunk_t oid)
return NULL;
}
val = oid.ptr[0] / 40;
- len = snprintf(buf, sizeof(buf), "%d.%d", val, oid.ptr[0] - val * 40);
+ len = snprintf(buf, sizeof(buf), "%u.%u", val, oid.ptr[0] - val * 40);
oid = chunk_skip(oid, 1);
if (len < 0 || len >= sizeof(buf))
{
return NULL;
}
pos += len;
+ val = 0;
while (oid.len)
{
+ val = (val << 7) + (u_int)(oid.ptr[0] & 0x7f);
+
if (oid.ptr[0] < 128)
{
- len = snprintf(pos, sizeof(buf) + buf - pos, ".%d", oid.ptr[0]);
- oid = chunk_skip(oid, 1);
- }
- else
- {
- if (oid.len == 1)
+ len = snprintf(pos, sizeof(buf) + buf - pos, ".%u", val);
+ if (len < 0 || len >= sizeof(buf) + buf - pos)
{
return NULL;
}
- val = ((u_int)(oid.ptr[0] & 0x7F) << 7) + oid.ptr[1];
- len = snprintf(pos, sizeof(buf) + buf - pos, ".%d", val);
- oid = chunk_skip(oid, 2);
- }
- if (len < 0 || len >= sizeof(buf) + buf - pos)
- {
- return NULL;
+ pos += len;
+ val = 0;
}
- pos += len;
+ oid = chunk_skip(oid, 1);
}
- return strdup(buf);
+ return (val == 0) ? strdup(buf) : NULL;
}
/*
* Defined in header.
*/
->>>>>>> upstream/4.5.1
size_t asn1_length(chunk_t *blob)
{
u_char n;
@@ -471,12 +463,22 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private)
{
case ASN1_OID:
oid = asn1_known_oid(object);
- if (oid != OID_UNKNOWN)
+ if (oid == OID_UNKNOWN)
+ {
+ char *oid_str = asn1_oid_to_string(object);
+
+ if (!oid_str)
+ {
+ break;
+ }
+ DBG2(DBG_LIB, " %s", oid_str);
+ free(oid_str);
+ }
+ else
{
DBG2(DBG_LIB, " '%s'", oid_names[oid].name);
- return;
}
- break;
+ return;
case ASN1_UTF8STRING:
case ASN1_IA5STRING:
case ASN1_PRINTABLESTRING:
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index 70411c999..05a060827 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -115,8 +115,6 @@ int asn1_known_oid(chunk_t object);
chunk_t asn1_build_known_oid(int n);
/**
-<<<<<<< HEAD
-=======
* Convert human readable OID to ASN.1 DER encoding, without OID header.
*
* @param str OID string (e.g. 1.2.345.67.8)
@@ -133,7 +131,6 @@ chunk_t asn1_oid_from_string(char *str);
char* asn1_oid_to_string(chunk_t oid);
/**
->>>>>>> upstream/4.5.1
* Returns the length of an ASN.1 object
* The blob pointer is advanced past the tag length fields
*
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index fe02690d9..2a7a38a52 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -78,15 +78,8 @@ struct private_asn1_parser_t {
chunk_t blobs[ASN1_MAX_LEVEL + 2];
};
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.iterate
- */
-static bool iterate(private_asn1_parser_t *this, int *objectID, chunk_t *object)
-=======
METHOD(asn1_parser_t, iterate, bool,
private_asn1_parser_t *this, int *objectID, chunk_t *object)
->>>>>>> upstream/4.5.1
{
chunk_t *blob, *blob1;
u_char *start_ptr;
@@ -239,68 +232,33 @@ end:
return this->success;
}
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.get_level
- */
-static u_int get_level(private_asn1_parser_t *this)
-=======
METHOD(asn1_parser_t, get_level, u_int,
private_asn1_parser_t *this)
->>>>>>> upstream/4.5.1
{
return this->level0 + this->objects[this->line].level;
}
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.set_top_level
- */
-static void set_top_level(private_asn1_parser_t *this, u_int level0)
-=======
METHOD(asn1_parser_t, set_top_level, void,
private_asn1_parser_t *this, u_int level0)
->>>>>>> upstream/4.5.1
{
this->level0 = level0;
}
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.set_flags
- */
-static void set_flags(private_asn1_parser_t *this, bool implicit, bool private)
-=======
METHOD(asn1_parser_t, set_flags, void,
private_asn1_parser_t *this, bool implicit, bool private)
->>>>>>> upstream/4.5.1
{
this->implicit = implicit;
this->private = private;
}
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.success
- */
-static bool success(private_asn1_parser_t *this)
-=======
METHOD(asn1_parser_t, success, bool,
private_asn1_parser_t *this)
->>>>>>> upstream/4.5.1
{
return this->success;
}
-<<<<<<< HEAD
-/**
- * Implementation of asn1_parser_t.destroy
- */
-static void destroy(private_asn1_parser_t *this)
-=======
METHOD(asn1_parser_t, destroy, void,
private_asn1_parser_t *this)
->>>>>>> upstream/4.5.1
{
free(this);
}
@@ -310,22 +268,6 @@ METHOD(asn1_parser_t, destroy, void,
*/
asn1_parser_t* asn1_parser_create(asn1Object_t const *objects, chunk_t blob)
{
-<<<<<<< HEAD
- private_asn1_parser_t *this = malloc_thing(private_asn1_parser_t);
-
- memset(this, '\0', sizeof(private_asn1_parser_t));
- this->objects = objects;
- this->blobs[0] = blob;
- this->line = -1;
- this->success = TRUE;
-
- this->public.iterate = (bool (*)(asn1_parser_t*, int*, chunk_t*))iterate;
- this->public.get_level = (u_int (*)(asn1_parser_t*))get_level;
- this->public.set_top_level = (void (*)(asn1_parser_t*, u_int))set_top_level;
- this->public.set_flags = (void (*)(asn1_parser_t*, bool, bool))set_flags;
- this->public.success = (bool (*)(asn1_parser_t*))success;
- this->public.destroy = (void (*)(asn1_parser_t*))destroy;
-=======
private_asn1_parser_t *this;
INIT(this,
@@ -342,7 +284,6 @@ asn1_parser_t* asn1_parser_create(asn1Object_t const *objects, chunk_t blob)
.line = -1,
.success = TRUE,
);
->>>>>>> upstream/4.5.1
return &this->public;
}
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index b823d6189..6af088fd2 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -10,364 +10,6 @@
#include "oid.h"
const oid_t oid_names[] = {
-<<<<<<< HEAD
- {0x02, 7, 1, 0, "ITU-T Administration" }, /* 0 */
- { 0x82, 0, 1, 1, "" }, /* 1 */
- { 0x06, 0, 1, 2, "Germany ITU-T member" }, /* 2 */
- { 0x01, 0, 1, 3, "Deutsche Telekom AG" }, /* 3 */
- { 0x0A, 0, 1, 4, "" }, /* 4 */
- { 0x07, 0, 1, 5, "" }, /* 5 */
- { 0x14, 0, 0, 6, "ND" }, /* 6 */
- {0x09, 18, 1, 0, "data" }, /* 7 */
- { 0x92, 0, 1, 1, "" }, /* 8 */
- { 0x26, 0, 1, 2, "" }, /* 9 */
- { 0x89, 0, 1, 3, "" }, /* 10 */
- { 0x93, 0, 1, 4, "" }, /* 11 */
- { 0xF2, 0, 1, 5, "" }, /* 12 */
- { 0x2C, 0, 1, 6, "" }, /* 13 */
- { 0x64, 0, 1, 7, "pilot" }, /* 14 */
- { 0x01, 0, 1, 8, "pilotAttributeType" }, /* 15 */
- { 0x01, 17, 0, 9, "UID" }, /* 16 */
- { 0x19, 0, 0, 9, "DC" }, /* 17 */
- {0x55, 64, 1, 0, "X.500" }, /* 18 */
- { 0x04, 36, 1, 1, "X.509" }, /* 19 */
- { 0x03, 21, 0, 2, "CN" }, /* 20 */
- { 0x04, 22, 0, 2, "S" }, /* 21 */
- { 0x05, 23, 0, 2, "SN" }, /* 22 */
- { 0x06, 24, 0, 2, "C" }, /* 23 */
- { 0x07, 25, 0, 2, "L" }, /* 24 */
- { 0x08, 26, 0, 2, "ST" }, /* 25 */
- { 0x0A, 27, 0, 2, "O" }, /* 26 */
- { 0x0B, 28, 0, 2, "OU" }, /* 27 */
- { 0x0C, 29, 0, 2, "T" }, /* 28 */
- { 0x0D, 30, 0, 2, "D" }, /* 29 */
- { 0x24, 31, 0, 2, "userCertificate" }, /* 30 */
- { 0x29, 32, 0, 2, "N" }, /* 31 */
- { 0x2A, 33, 0, 2, "G" }, /* 32 */
- { 0x2B, 34, 0, 2, "I" }, /* 33 */
- { 0x2D, 35, 0, 2, "ID" }, /* 34 */
- { 0x48, 0, 0, 2, "role" }, /* 35 */
- { 0x1D, 0, 1, 1, "id-ce" }, /* 36 */
- { 0x09, 38, 0, 2, "subjectDirectoryAttrs" }, /* 37 */
- { 0x0E, 39, 0, 2, "subjectKeyIdentifier" }, /* 38 */
- { 0x0F, 40, 0, 2, "keyUsage" }, /* 39 */
- { 0x10, 41, 0, 2, "privateKeyUsagePeriod" }, /* 40 */
- { 0x11, 42, 0, 2, "subjectAltName" }, /* 41 */
- { 0x12, 43, 0, 2, "issuerAltName" }, /* 42 */
- { 0x13, 44, 0, 2, "basicConstraints" }, /* 43 */
- { 0x14, 45, 0, 2, "crlNumber" }, /* 44 */
- { 0x15, 46, 0, 2, "reasonCode" }, /* 45 */
- { 0x17, 47, 0, 2, "holdInstructionCode" }, /* 46 */
- { 0x18, 48, 0, 2, "invalidityDate" }, /* 47 */
- { 0x1B, 49, 0, 2, "deltaCrlIndicator" }, /* 48 */
- { 0x1C, 50, 0, 2, "issuingDistributionPoint" }, /* 49 */
- { 0x1D, 51, 0, 2, "certificateIssuer" }, /* 50 */
- { 0x1E, 52, 0, 2, "nameConstraints" }, /* 51 */
- { 0x1F, 53, 0, 2, "crlDistributionPoints" }, /* 52 */
- { 0x20, 55, 1, 2, "certificatePolicies" }, /* 53 */
- { 0x00, 0, 0, 3, "anyPolicy" }, /* 54 */
- { 0x21, 56, 0, 2, "policyMappings" }, /* 55 */
- { 0x23, 57, 0, 2, "authorityKeyIdentifier" }, /* 56 */
- { 0x24, 58, 0, 2, "policyConstraints" }, /* 57 */
- { 0x25, 60, 1, 2, "extendedKeyUsage" }, /* 58 */
- { 0x00, 0, 0, 3, "anyExtendedKeyUsage" }, /* 59 */
- { 0x2E, 61, 0, 2, "freshestCRL" }, /* 60 */
- { 0x36, 62, 0, 2, "inhibitAnyPolicy" }, /* 61 */
- { 0x37, 63, 0, 2, "targetInformation" }, /* 62 */
- { 0x38, 0, 0, 2, "noRevAvail" }, /* 63 */
- {0x2A, 161, 1, 0, "" }, /* 64 */
- { 0x83, 77, 1, 1, "" }, /* 65 */
- { 0x08, 0, 1, 2, "jp" }, /* 66 */
- { 0x8C, 0, 1, 3, "" }, /* 67 */
- { 0x9A, 0, 1, 4, "" }, /* 68 */
- { 0x4B, 0, 1, 5, "" }, /* 69 */
- { 0x3D, 0, 1, 6, "" }, /* 70 */
- { 0x01, 0, 1, 7, "security" }, /* 71 */
- { 0x01, 0, 1, 8, "algorithm" }, /* 72 */
- { 0x01, 0, 1, 9, "symm-encryption-alg" }, /* 73 */
- { 0x02, 75, 0, 10, "camellia128-cbc" }, /* 74 */
- { 0x03, 76, 0, 10, "camellia192-cbc" }, /* 75 */
- { 0x04, 0, 0, 10, "camellia256-cbc" }, /* 76 */
- { 0x86, 0, 1, 1, "" }, /* 77 */
- { 0x48, 0, 1, 2, "us" }, /* 78 */
- { 0x86, 120, 1, 3, "" }, /* 79 */
- { 0xF6, 85, 1, 4, "" }, /* 80 */
- { 0x7D, 0, 1, 5, "NortelNetworks" }, /* 81 */
- { 0x07, 0, 1, 6, "Entrust" }, /* 82 */
- { 0x41, 0, 1, 7, "nsn-ce" }, /* 83 */
- { 0x00, 0, 0, 8, "entrustVersInfo" }, /* 84 */
- { 0xF7, 0, 1, 4, "" }, /* 85 */
- { 0x0D, 0, 1, 5, "RSADSI" }, /* 86 */
- { 0x01, 115, 1, 6, "PKCS" }, /* 87 */
- { 0x01, 97, 1, 7, "PKCS-1" }, /* 88 */
- { 0x01, 90, 0, 8, "rsaEncryption" }, /* 89 */
- { 0x02, 91, 0, 8, "md2WithRSAEncryption" }, /* 90 */
- { 0x04, 92, 0, 8, "md5WithRSAEncryption" }, /* 91 */
- { 0x05, 93, 0, 8, "sha-1WithRSAEncryption" }, /* 92 */
- { 0x0B, 94, 0, 8, "sha256WithRSAEncryption" }, /* 93 */
- { 0x0C, 95, 0, 8, "sha384WithRSAEncryption" }, /* 94 */
- { 0x0D, 96, 0, 8, "sha512WithRSAEncryption" }, /* 95 */
- { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 96 */
- { 0x07, 104, 1, 7, "PKCS-7" }, /* 97 */
- { 0x01, 99, 0, 8, "data" }, /* 98 */
- { 0x02, 100, 0, 8, "signedData" }, /* 99 */
- { 0x03, 101, 0, 8, "envelopedData" }, /* 100 */
- { 0x04, 102, 0, 8, "signedAndEnvelopedData" }, /* 101 */
- { 0x05, 103, 0, 8, "digestedData" }, /* 102 */
- { 0x06, 0, 0, 8, "encryptedData" }, /* 103 */
- { 0x09, 0, 1, 7, "PKCS-9" }, /* 104 */
- { 0x01, 106, 0, 8, "E" }, /* 105 */
- { 0x02, 107, 0, 8, "unstructuredName" }, /* 106 */
- { 0x03, 108, 0, 8, "contentType" }, /* 107 */
- { 0x04, 109, 0, 8, "messageDigest" }, /* 108 */
- { 0x05, 110, 0, 8, "signingTime" }, /* 109 */
- { 0x06, 111, 0, 8, "counterSignature" }, /* 110 */
- { 0x07, 112, 0, 8, "challengePassword" }, /* 111 */
- { 0x08, 113, 0, 8, "unstructuredAddress" }, /* 112 */
- { 0x0E, 114, 0, 8, "extensionRequest" }, /* 113 */
- { 0x0F, 0, 0, 8, "S/MIME Capabilities" }, /* 114 */
- { 0x02, 118, 1, 6, "digestAlgorithm" }, /* 115 */
- { 0x02, 117, 0, 7, "md2" }, /* 116 */
- { 0x05, 0, 0, 7, "md5" }, /* 117 */
- { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 118 */
- { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 119 */
- { 0xCE, 0, 1, 3, "" }, /* 120 */
- { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 121 */
- { 0x02, 124, 1, 5, "id-publicKeyType" }, /* 122 */
- { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 123 */
- { 0x03, 154, 1, 5, "ellipticCurve" }, /* 124 */
- { 0x00, 146, 1, 6, "c-TwoCurve" }, /* 125 */
- { 0x01, 127, 0, 7, "c2pnb163v1" }, /* 126 */
- { 0x02, 128, 0, 7, "c2pnb163v2" }, /* 127 */
- { 0x03, 129, 0, 7, "c2pnb163v3" }, /* 128 */
- { 0x04, 130, 0, 7, "c2pnb176w1" }, /* 129 */
- { 0x05, 131, 0, 7, "c2tnb191v1" }, /* 130 */
- { 0x06, 132, 0, 7, "c2tnb191v2" }, /* 131 */
- { 0x07, 133, 0, 7, "c2tnb191v3" }, /* 132 */
- { 0x08, 134, 0, 7, "c2onb191v4" }, /* 133 */
- { 0x09, 135, 0, 7, "c2onb191v5" }, /* 134 */
- { 0x0A, 136, 0, 7, "c2pnb208w1" }, /* 135 */
- { 0x0B, 137, 0, 7, "c2tnb239v1" }, /* 136 */
- { 0x0C, 138, 0, 7, "c2tnb239v2" }, /* 137 */
- { 0x0D, 139, 0, 7, "c2tnb239v3" }, /* 138 */
- { 0x0E, 140, 0, 7, "c2onb239v4" }, /* 139 */
- { 0x0F, 141, 0, 7, "c2onb239v5" }, /* 140 */
- { 0x10, 142, 0, 7, "c2pnb272w1" }, /* 141 */
- { 0x11, 143, 0, 7, "c2pnb304w1" }, /* 142 */
- { 0x12, 144, 0, 7, "c2tnb359v1" }, /* 143 */
- { 0x13, 145, 0, 7, "c2pnb368w1" }, /* 144 */
- { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 145 */
- { 0x01, 0, 1, 6, "primeCurve" }, /* 146 */
- { 0x01, 148, 0, 7, "prime192v1" }, /* 147 */
- { 0x02, 149, 0, 7, "prime192v2" }, /* 148 */
- { 0x03, 150, 0, 7, "prime192v3" }, /* 149 */
- { 0x04, 151, 0, 7, "prime239v1" }, /* 150 */
- { 0x05, 152, 0, 7, "prime239v2" }, /* 151 */
- { 0x06, 153, 0, 7, "prime239v3" }, /* 152 */
- { 0x07, 0, 0, 7, "prime256v1" }, /* 153 */
- { 0x04, 0, 1, 5, "id-ecSigType" }, /* 154 */
- { 0x01, 156, 0, 6, "ecdsa-with-SHA1" }, /* 155 */
- { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 156 */
- { 0x01, 158, 0, 7, "ecdsa-with-SHA224" }, /* 157 */
- { 0x02, 159, 0, 7, "ecdsa-with-SHA256" }, /* 158 */
- { 0x03, 160, 0, 7, "ecdsa-with-SHA384" }, /* 159 */
- { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 160 */
- {0x2B, 309, 1, 0, "" }, /* 161 */
- { 0x06, 223, 1, 1, "dod" }, /* 162 */
- { 0x01, 0, 1, 2, "internet" }, /* 163 */
- { 0x04, 183, 1, 3, "private" }, /* 164 */
- { 0x01, 0, 1, 4, "enterprise" }, /* 165 */
- { 0x82, 176, 1, 5, "" }, /* 166 */
- { 0x37, 0, 1, 6, "Microsoft" }, /* 167 */
- { 0x0A, 172, 1, 7, "" }, /* 168 */
- { 0x03, 0, 1, 8, "" }, /* 169 */
- { 0x03, 171, 0, 9, "msSGC" }, /* 170 */
- { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 171 */
- { 0x14, 0, 1, 7, "msEnrollmentInfrastructure"}, /* 172 */
- { 0x02, 0, 1, 8, "msCertificateTypeExtension"}, /* 173 */
- { 0x02, 175, 0, 9, "msSmartcardLogon" }, /* 174 */
- { 0x03, 0, 0, 9, "msUPN" }, /* 175 */
- { 0x89, 0, 1, 5, "" }, /* 176 */
- { 0x31, 0, 1, 6, "" }, /* 177 */
- { 0x01, 0, 1, 7, "" }, /* 178 */
- { 0x01, 0, 1, 8, "" }, /* 179 */
- { 0x02, 0, 1, 9, "" }, /* 180 */
- { 0x02, 182, 0, 10, "" }, /* 181 */
- { 0x4B, 0, 0, 10, "TCGID" }, /* 182 */
- { 0x05, 0, 1, 3, "security" }, /* 183 */
- { 0x05, 0, 1, 4, "mechanisms" }, /* 184 */
- { 0x07, 0, 1, 5, "id-pkix" }, /* 185 */
- { 0x01, 190, 1, 6, "id-pe" }, /* 186 */
- { 0x01, 188, 0, 7, "authorityInfoAccess" }, /* 187 */
- { 0x03, 189, 0, 7, "qcStatements" }, /* 188 */
- { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 189 */
- { 0x02, 193, 1, 6, "id-qt" }, /* 190 */
- { 0x01, 192, 0, 7, "cps" }, /* 191 */
- { 0x02, 0, 0, 7, "unotice" }, /* 192 */
- { 0x03, 203, 1, 6, "id-kp" }, /* 193 */
- { 0x01, 195, 0, 7, "serverAuth" }, /* 194 */
- { 0x02, 196, 0, 7, "clientAuth" }, /* 195 */
- { 0x03, 197, 0, 7, "codeSigning" }, /* 196 */
- { 0x04, 198, 0, 7, "emailProtection" }, /* 197 */
- { 0x05, 199, 0, 7, "ipsecEndSystem" }, /* 198 */
- { 0x06, 200, 0, 7, "ipsecTunnel" }, /* 199 */
- { 0x07, 201, 0, 7, "ipsecUser" }, /* 200 */
- { 0x08, 202, 0, 7, "timeStamping" }, /* 201 */
- { 0x09, 0, 0, 7, "ocspSigning" }, /* 202 */
- { 0x08, 205, 1, 6, "id-otherNames" }, /* 203 */
- { 0x05, 0, 0, 7, "xmppAddr" }, /* 204 */
- { 0x0A, 210, 1, 6, "id-aca" }, /* 205 */
- { 0x01, 207, 0, 7, "authenticationInfo" }, /* 206 */
- { 0x02, 208, 0, 7, "accessIdentity" }, /* 207 */
- { 0x03, 209, 0, 7, "chargingIdentity" }, /* 208 */
- { 0x04, 0, 0, 7, "group" }, /* 209 */
- { 0x0B, 211, 0, 6, "subjectInfoAccess" }, /* 210 */
- { 0x30, 0, 1, 6, "id-ad" }, /* 211 */
- { 0x01, 220, 1, 7, "ocsp" }, /* 212 */
- { 0x01, 214, 0, 8, "basic" }, /* 213 */
- { 0x02, 215, 0, 8, "nonce" }, /* 214 */
- { 0x03, 216, 0, 8, "crl" }, /* 215 */
- { 0x04, 217, 0, 8, "response" }, /* 216 */
- { 0x05, 218, 0, 8, "noCheck" }, /* 217 */
- { 0x06, 219, 0, 8, "archiveCutoff" }, /* 218 */
- { 0x07, 0, 0, 8, "serviceLocator" }, /* 219 */
- { 0x02, 221, 0, 7, "caIssuers" }, /* 220 */
- { 0x03, 222, 0, 7, "timeStamping" }, /* 221 */
- { 0x05, 0, 0, 7, "caRepository" }, /* 222 */
- { 0x0E, 229, 1, 1, "oiw" }, /* 223 */
- { 0x03, 0, 1, 2, "secsig" }, /* 224 */
- { 0x02, 0, 1, 3, "algorithms" }, /* 225 */
- { 0x07, 227, 0, 4, "des-cbc" }, /* 226 */
- { 0x1A, 228, 0, 4, "sha-1" }, /* 227 */
- { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 228 */
- { 0x24, 275, 1, 1, "TeleTrusT" }, /* 229 */
- { 0x03, 0, 1, 2, "algorithm" }, /* 230 */
- { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 231 */
- { 0x01, 236, 1, 4, "rsaSignature" }, /* 232 */
- { 0x02, 234, 0, 5, "rsaSigWithripemd160" }, /* 233 */
- { 0x03, 235, 0, 5, "rsaSigWithripemd128" }, /* 234 */
- { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 235 */
- { 0x02, 0, 1, 4, "ecSign" }, /* 236 */
- { 0x01, 238, 0, 5, "ecSignWithsha1" }, /* 237 */
- { 0x02, 239, 0, 5, "ecSignWithripemd160" }, /* 238 */
- { 0x03, 240, 0, 5, "ecSignWithmd2" }, /* 239 */
- { 0x04, 241, 0, 5, "ecSignWithmd5" }, /* 240 */
- { 0x05, 258, 1, 5, "ttt-ecg" }, /* 241 */
- { 0x01, 246, 1, 6, "fieldType" }, /* 242 */
- { 0x01, 0, 1, 7, "characteristictwoField" }, /* 243 */
- { 0x01, 0, 1, 8, "basisType" }, /* 244 */
- { 0x01, 0, 0, 9, "ipBasis" }, /* 245 */
- { 0x02, 248, 1, 6, "keyType" }, /* 246 */
- { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 247 */
- { 0x03, 249, 0, 6, "curve" }, /* 248 */
- { 0x04, 256, 1, 6, "signatures" }, /* 249 */
- { 0x01, 251, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 250 */
- { 0x02, 252, 0, 7, "ecgdsa-with-SHA1" }, /* 251 */
- { 0x03, 253, 0, 7, "ecgdsa-with-SHA224" }, /* 252 */
- { 0x04, 254, 0, 7, "ecgdsa-with-SHA256" }, /* 253 */
- { 0x05, 255, 0, 7, "ecgdsa-with-SHA384" }, /* 254 */
- { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 255 */
- { 0x05, 0, 1, 6, "module" }, /* 256 */
- { 0x01, 0, 0, 7, "1" }, /* 257 */
- { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 258 */
- { 0x01, 0, 1, 6, "ellipticCurve" }, /* 259 */
- { 0x01, 0, 1, 7, "versionOne" }, /* 260 */
- { 0x01, 262, 0, 8, "brainpoolP160r1" }, /* 261 */
- { 0x02, 263, 0, 8, "brainpoolP160t1" }, /* 262 */
- { 0x03, 264, 0, 8, "brainpoolP192r1" }, /* 263 */
- { 0x04, 265, 0, 8, "brainpoolP192t1" }, /* 264 */
- { 0x05, 266, 0, 8, "brainpoolP224r1" }, /* 265 */
- { 0x06, 267, 0, 8, "brainpoolP224t1" }, /* 266 */
- { 0x07, 268, 0, 8, "brainpoolP256r1" }, /* 267 */
- { 0x08, 269, 0, 8, "brainpoolP256t1" }, /* 268 */
- { 0x09, 270, 0, 8, "brainpoolP320r1" }, /* 269 */
- { 0x0A, 271, 0, 8, "brainpoolP320t1" }, /* 270 */
- { 0x0B, 272, 0, 8, "brainpoolP384r1" }, /* 271 */
- { 0x0C, 273, 0, 8, "brainpoolP384t1" }, /* 272 */
- { 0x0D, 274, 0, 8, "brainpoolP512r1" }, /* 273 */
- { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 274 */
- { 0x81, 0, 1, 1, "" }, /* 275 */
- { 0x04, 0, 1, 2, "Certicom" }, /* 276 */
- { 0x00, 0, 1, 3, "curve" }, /* 277 */
- { 0x01, 279, 0, 4, "sect163k1" }, /* 278 */
- { 0x02, 280, 0, 4, "sect163r1" }, /* 279 */
- { 0x03, 281, 0, 4, "sect239k1" }, /* 280 */
- { 0x04, 282, 0, 4, "sect113r1" }, /* 281 */
- { 0x05, 283, 0, 4, "sect113r2" }, /* 282 */
- { 0x06, 284, 0, 4, "secp112r1" }, /* 283 */
- { 0x07, 285, 0, 4, "secp112r2" }, /* 284 */
- { 0x08, 286, 0, 4, "secp160r1" }, /* 285 */
- { 0x09, 287, 0, 4, "secp160k1" }, /* 286 */
- { 0x0A, 288, 0, 4, "secp256k1" }, /* 287 */
- { 0x0F, 289, 0, 4, "sect163r2" }, /* 288 */
- { 0x10, 290, 0, 4, "sect283k1" }, /* 289 */
- { 0x11, 291, 0, 4, "sect283r1" }, /* 290 */
- { 0x16, 292, 0, 4, "sect131r1" }, /* 291 */
- { 0x17, 293, 0, 4, "sect131r2" }, /* 292 */
- { 0x18, 294, 0, 4, "sect193r1" }, /* 293 */
- { 0x19, 295, 0, 4, "sect193r2" }, /* 294 */
- { 0x1A, 296, 0, 4, "sect233k1" }, /* 295 */
- { 0x1B, 297, 0, 4, "sect233r1" }, /* 296 */
- { 0x1C, 298, 0, 4, "secp128r1" }, /* 297 */
- { 0x1D, 299, 0, 4, "secp128r2" }, /* 298 */
- { 0x1E, 300, 0, 4, "secp160r2" }, /* 299 */
- { 0x1F, 301, 0, 4, "secp192k1" }, /* 300 */
- { 0x20, 302, 0, 4, "secp224k1" }, /* 301 */
- { 0x21, 303, 0, 4, "secp224r1" }, /* 302 */
- { 0x22, 304, 0, 4, "secp384r1" }, /* 303 */
- { 0x23, 305, 0, 4, "secp521r1" }, /* 304 */
- { 0x24, 306, 0, 4, "sect409k1" }, /* 305 */
- { 0x25, 307, 0, 4, "sect409r1" }, /* 306 */
- { 0x26, 308, 0, 4, "sect571k1" }, /* 307 */
- { 0x27, 0, 0, 4, "sect571r1" }, /* 308 */
- {0x60, 0, 1, 0, "" }, /* 309 */
- { 0x86, 0, 1, 1, "" }, /* 310 */
- { 0x48, 0, 1, 2, "" }, /* 311 */
- { 0x01, 0, 1, 3, "organization" }, /* 312 */
- { 0x65, 331, 1, 4, "gov" }, /* 313 */
- { 0x03, 0, 1, 5, "csor" }, /* 314 */
- { 0x04, 0, 1, 6, "nistalgorithm" }, /* 315 */
- { 0x01, 326, 1, 7, "aes" }, /* 316 */
- { 0x02, 318, 0, 8, "id-aes128-CBC" }, /* 317 */
- { 0x06, 319, 0, 8, "id-aes128-GCM" }, /* 318 */
- { 0x07, 320, 0, 8, "id-aes128-CCM" }, /* 319 */
- { 0x16, 321, 0, 8, "id-aes192-CBC" }, /* 320 */
- { 0x1A, 322, 0, 8, "id-aes192-GCM" }, /* 321 */
- { 0x1B, 323, 0, 8, "id-aes192-CCM" }, /* 322 */
- { 0x2A, 324, 0, 8, "id-aes256-CBC" }, /* 323 */
- { 0x2E, 325, 0, 8, "id-aes256-GCM" }, /* 324 */
- { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 325 */
- { 0x02, 0, 1, 7, "hashalgs" }, /* 326 */
- { 0x01, 328, 0, 8, "id-SHA-256" }, /* 327 */
- { 0x02, 329, 0, 8, "id-SHA-384" }, /* 328 */
- { 0x03, 330, 0, 8, "id-SHA-512" }, /* 329 */
- { 0x04, 0, 0, 8, "id-SHA-224" }, /* 330 */
- { 0x86, 0, 1, 4, "" }, /* 331 */
- { 0xf8, 0, 1, 5, "" }, /* 332 */
- { 0x42, 345, 1, 6, "netscape" }, /* 333 */
- { 0x01, 340, 1, 7, "" }, /* 334 */
- { 0x01, 336, 0, 8, "nsCertType" }, /* 335 */
- { 0x03, 337, 0, 8, "nsRevocationUrl" }, /* 336 */
- { 0x04, 338, 0, 8, "nsCaRevocationUrl" }, /* 337 */
- { 0x08, 339, 0, 8, "nsCaPolicyUrl" }, /* 338 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 339 */
- { 0x03, 343, 1, 7, "directory" }, /* 340 */
- { 0x01, 0, 1, 8, "" }, /* 341 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 342 */
- { 0x04, 0, 1, 7, "policy" }, /* 343 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 344 */
- { 0x45, 0, 1, 6, "verisign" }, /* 345 */
- { 0x01, 0, 1, 7, "pki" }, /* 346 */
- { 0x09, 0, 1, 8, "attributes" }, /* 347 */
- { 0x02, 349, 0, 9, "messageType" }, /* 348 */
- { 0x03, 350, 0, 9, "pkiStatus" }, /* 349 */
- { 0x04, 351, 0, 9, "failInfo" }, /* 350 */
- { 0x05, 352, 0, 9, "senderNonce" }, /* 351 */
- { 0x06, 353, 0, 9, "recipientNonce" }, /* 352 */
- { 0x07, 354, 0, 9, "transID" }, /* 353 */
- { 0x08, 355, 0, 9, "extensionReq" }, /* 354 */
- { 0x08, 0, 0, 9, "extensionReq" } /* 355 */
-=======
{0x02, 7, 1, 0, "ITU-T Administration" }, /* 0 */
{ 0x82, 0, 1, 1, "" }, /* 1 */
{ 0x06, 0, 1, 2, "Germany ITU-T member" }, /* 2 */
@@ -432,7 +74,7 @@ const oid_t oid_names[] = {
{ 0x36, 62, 0, 2, "inhibitAnyPolicy" }, /* 61 */
{ 0x37, 63, 0, 2, "targetInformation" }, /* 62 */
{ 0x38, 0, 0, 2, "noRevAvail" }, /* 63 */
- {0x2A, 161, 1, 0, "" }, /* 64 */
+ {0x2A, 163, 1, 0, "" }, /* 64 */
{ 0x83, 77, 1, 1, "" }, /* 65 */
{ 0x08, 0, 1, 2, "jp" }, /* 66 */
{ 0x8C, 0, 1, 3, "" }, /* 67 */
@@ -447,7 +89,7 @@ const oid_t oid_names[] = {
{ 0x04, 0, 0, 10, "camellia256-cbc" }, /* 76 */
{ 0x86, 0, 1, 1, "" }, /* 77 */
{ 0x48, 0, 1, 2, "us" }, /* 78 */
- { 0x86, 120, 1, 3, "" }, /* 79 */
+ { 0x86, 122, 1, 3, "" }, /* 79 */
{ 0xF6, 85, 1, 4, "" }, /* 80 */
{ 0x7D, 0, 1, 5, "NortelNetworks" }, /* 81 */
{ 0x07, 0, 1, 6, "Entrust" }, /* 82 */
@@ -455,277 +97,285 @@ const oid_t oid_names[] = {
{ 0x00, 0, 0, 8, "entrustVersInfo" }, /* 84 */
{ 0xF7, 0, 1, 4, "" }, /* 85 */
{ 0x0D, 0, 1, 5, "RSADSI" }, /* 86 */
- { 0x01, 115, 1, 6, "PKCS" }, /* 87 */
- { 0x01, 97, 1, 7, "PKCS-1" }, /* 88 */
+ { 0x01, 117, 1, 6, "PKCS" }, /* 87 */
+ { 0x01, 99, 1, 7, "PKCS-1" }, /* 88 */
{ 0x01, 90, 0, 8, "rsaEncryption" }, /* 89 */
{ 0x02, 91, 0, 8, "md2WithRSAEncryption" }, /* 90 */
{ 0x04, 92, 0, 8, "md5WithRSAEncryption" }, /* 91 */
{ 0x05, 93, 0, 8, "sha-1WithRSAEncryption" }, /* 92 */
- { 0x0B, 94, 0, 8, "sha256WithRSAEncryption" }, /* 93 */
- { 0x0C, 95, 0, 8, "sha384WithRSAEncryption" }, /* 94 */
- { 0x0D, 96, 0, 8, "sha512WithRSAEncryption" }, /* 95 */
- { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 96 */
- { 0x07, 104, 1, 7, "PKCS-7" }, /* 97 */
- { 0x01, 99, 0, 8, "data" }, /* 98 */
- { 0x02, 100, 0, 8, "signedData" }, /* 99 */
- { 0x03, 101, 0, 8, "envelopedData" }, /* 100 */
- { 0x04, 102, 0, 8, "signedAndEnvelopedData" }, /* 101 */
- { 0x05, 103, 0, 8, "digestedData" }, /* 102 */
- { 0x06, 0, 0, 8, "encryptedData" }, /* 103 */
- { 0x09, 0, 1, 7, "PKCS-9" }, /* 104 */
- { 0x01, 106, 0, 8, "E" }, /* 105 */
- { 0x02, 107, 0, 8, "unstructuredName" }, /* 106 */
- { 0x03, 108, 0, 8, "contentType" }, /* 107 */
- { 0x04, 109, 0, 8, "messageDigest" }, /* 108 */
- { 0x05, 110, 0, 8, "signingTime" }, /* 109 */
- { 0x06, 111, 0, 8, "counterSignature" }, /* 110 */
- { 0x07, 112, 0, 8, "challengePassword" }, /* 111 */
- { 0x08, 113, 0, 8, "unstructuredAddress" }, /* 112 */
- { 0x0E, 114, 0, 8, "extensionRequest" }, /* 113 */
- { 0x0F, 0, 0, 8, "S/MIME Capabilities" }, /* 114 */
- { 0x02, 118, 1, 6, "digestAlgorithm" }, /* 115 */
- { 0x02, 117, 0, 7, "md2" }, /* 116 */
- { 0x05, 0, 0, 7, "md5" }, /* 117 */
- { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 118 */
- { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 119 */
- { 0xCE, 0, 1, 3, "" }, /* 120 */
- { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 121 */
- { 0x02, 124, 1, 5, "id-publicKeyType" }, /* 122 */
- { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 123 */
- { 0x03, 154, 1, 5, "ellipticCurve" }, /* 124 */
- { 0x00, 146, 1, 6, "c-TwoCurve" }, /* 125 */
- { 0x01, 127, 0, 7, "c2pnb163v1" }, /* 126 */
- { 0x02, 128, 0, 7, "c2pnb163v2" }, /* 127 */
- { 0x03, 129, 0, 7, "c2pnb163v3" }, /* 128 */
- { 0x04, 130, 0, 7, "c2pnb176w1" }, /* 129 */
- { 0x05, 131, 0, 7, "c2tnb191v1" }, /* 130 */
- { 0x06, 132, 0, 7, "c2tnb191v2" }, /* 131 */
- { 0x07, 133, 0, 7, "c2tnb191v3" }, /* 132 */
- { 0x08, 134, 0, 7, "c2onb191v4" }, /* 133 */
- { 0x09, 135, 0, 7, "c2onb191v5" }, /* 134 */
- { 0x0A, 136, 0, 7, "c2pnb208w1" }, /* 135 */
- { 0x0B, 137, 0, 7, "c2tnb239v1" }, /* 136 */
- { 0x0C, 138, 0, 7, "c2tnb239v2" }, /* 137 */
- { 0x0D, 139, 0, 7, "c2tnb239v3" }, /* 138 */
- { 0x0E, 140, 0, 7, "c2onb239v4" }, /* 139 */
- { 0x0F, 141, 0, 7, "c2onb239v5" }, /* 140 */
- { 0x10, 142, 0, 7, "c2pnb272w1" }, /* 141 */
- { 0x11, 143, 0, 7, "c2pnb304w1" }, /* 142 */
- { 0x12, 144, 0, 7, "c2tnb359v1" }, /* 143 */
- { 0x13, 145, 0, 7, "c2pnb368w1" }, /* 144 */
- { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 145 */
- { 0x01, 0, 1, 6, "primeCurve" }, /* 146 */
- { 0x01, 148, 0, 7, "prime192v1" }, /* 147 */
- { 0x02, 149, 0, 7, "prime192v2" }, /* 148 */
- { 0x03, 150, 0, 7, "prime192v3" }, /* 149 */
- { 0x04, 151, 0, 7, "prime239v1" }, /* 150 */
- { 0x05, 152, 0, 7, "prime239v2" }, /* 151 */
- { 0x06, 153, 0, 7, "prime239v3" }, /* 152 */
- { 0x07, 0, 0, 7, "prime256v1" }, /* 153 */
- { 0x04, 0, 1, 5, "id-ecSigType" }, /* 154 */
- { 0x01, 156, 0, 6, "ecdsa-with-SHA1" }, /* 155 */
- { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 156 */
- { 0x01, 158, 0, 7, "ecdsa-with-SHA224" }, /* 157 */
- { 0x02, 159, 0, 7, "ecdsa-with-SHA256" }, /* 158 */
- { 0x03, 160, 0, 7, "ecdsa-with-SHA384" }, /* 159 */
- { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 160 */
- {0x2B, 312, 1, 0, "" }, /* 161 */
- { 0x06, 226, 1, 1, "dod" }, /* 162 */
- { 0x01, 0, 1, 2, "internet" }, /* 163 */
- { 0x04, 186, 1, 3, "private" }, /* 164 */
- { 0x01, 0, 1, 4, "enterprise" }, /* 165 */
- { 0x82, 179, 1, 5, "" }, /* 166 */
- { 0x37, 176, 1, 6, "Microsoft" }, /* 167 */
- { 0x0A, 172, 1, 7, "" }, /* 168 */
- { 0x03, 0, 1, 8, "" }, /* 169 */
- { 0x03, 171, 0, 9, "msSGC" }, /* 170 */
- { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 171 */
- { 0x14, 0, 1, 7, "msEnrollmentInfrastructure"}, /* 172 */
- { 0x02, 0, 1, 8, "msCertificateTypeExtension"}, /* 173 */
- { 0x02, 175, 0, 9, "msSmartcardLogon" }, /* 174 */
- { 0x03, 0, 0, 9, "msUPN" }, /* 175 */
- { 0xA0, 0, 1, 6, "" }, /* 176 */
- { 0x2A, 0, 1, 7, "ITA" }, /* 177 */
- { 0x01, 0, 0, 8, "strongSwan" }, /* 178 */
- { 0x89, 0, 1, 5, "" }, /* 179 */
- { 0x31, 0, 1, 6, "" }, /* 180 */
- { 0x01, 0, 1, 7, "" }, /* 181 */
- { 0x01, 0, 1, 8, "" }, /* 182 */
- { 0x02, 0, 1, 9, "" }, /* 183 */
- { 0x02, 0, 1, 10, "" }, /* 184 */
- { 0x4B, 0, 0, 11, "TCGID" }, /* 185 */
- { 0x05, 0, 1, 3, "security" }, /* 186 */
- { 0x05, 0, 1, 4, "mechanisms" }, /* 187 */
- { 0x07, 0, 1, 5, "id-pkix" }, /* 188 */
- { 0x01, 193, 1, 6, "id-pe" }, /* 189 */
- { 0x01, 191, 0, 7, "authorityInfoAccess" }, /* 190 */
- { 0x03, 192, 0, 7, "qcStatements" }, /* 191 */
- { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 192 */
- { 0x02, 196, 1, 6, "id-qt" }, /* 193 */
- { 0x01, 195, 0, 7, "cps" }, /* 194 */
- { 0x02, 0, 0, 7, "unotice" }, /* 195 */
- { 0x03, 206, 1, 6, "id-kp" }, /* 196 */
- { 0x01, 198, 0, 7, "serverAuth" }, /* 197 */
- { 0x02, 199, 0, 7, "clientAuth" }, /* 198 */
- { 0x03, 200, 0, 7, "codeSigning" }, /* 199 */
- { 0x04, 201, 0, 7, "emailProtection" }, /* 200 */
- { 0x05, 202, 0, 7, "ipsecEndSystem" }, /* 201 */
- { 0x06, 203, 0, 7, "ipsecTunnel" }, /* 202 */
- { 0x07, 204, 0, 7, "ipsecUser" }, /* 203 */
- { 0x08, 205, 0, 7, "timeStamping" }, /* 204 */
- { 0x09, 0, 0, 7, "ocspSigning" }, /* 205 */
- { 0x08, 208, 1, 6, "id-otherNames" }, /* 206 */
- { 0x05, 0, 0, 7, "xmppAddr" }, /* 207 */
- { 0x0A, 213, 1, 6, "id-aca" }, /* 208 */
- { 0x01, 210, 0, 7, "authenticationInfo" }, /* 209 */
- { 0x02, 211, 0, 7, "accessIdentity" }, /* 210 */
- { 0x03, 212, 0, 7, "chargingIdentity" }, /* 211 */
- { 0x04, 0, 0, 7, "group" }, /* 212 */
- { 0x0B, 214, 0, 6, "subjectInfoAccess" }, /* 213 */
- { 0x30, 0, 1, 6, "id-ad" }, /* 214 */
- { 0x01, 223, 1, 7, "ocsp" }, /* 215 */
- { 0x01, 217, 0, 8, "basic" }, /* 216 */
- { 0x02, 218, 0, 8, "nonce" }, /* 217 */
- { 0x03, 219, 0, 8, "crl" }, /* 218 */
- { 0x04, 220, 0, 8, "response" }, /* 219 */
- { 0x05, 221, 0, 8, "noCheck" }, /* 220 */
- { 0x06, 222, 0, 8, "archiveCutoff" }, /* 221 */
- { 0x07, 0, 0, 8, "serviceLocator" }, /* 222 */
- { 0x02, 224, 0, 7, "caIssuers" }, /* 223 */
- { 0x03, 225, 0, 7, "timeStamping" }, /* 224 */
- { 0x05, 0, 0, 7, "caRepository" }, /* 225 */
- { 0x0E, 232, 1, 1, "oiw" }, /* 226 */
- { 0x03, 0, 1, 2, "secsig" }, /* 227 */
- { 0x02, 0, 1, 3, "algorithms" }, /* 228 */
- { 0x07, 230, 0, 4, "des-cbc" }, /* 229 */
- { 0x1A, 231, 0, 4, "sha-1" }, /* 230 */
- { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 231 */
- { 0x24, 278, 1, 1, "TeleTrusT" }, /* 232 */
- { 0x03, 0, 1, 2, "algorithm" }, /* 233 */
- { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 234 */
- { 0x01, 239, 1, 4, "rsaSignature" }, /* 235 */
- { 0x02, 237, 0, 5, "rsaSigWithripemd160" }, /* 236 */
- { 0x03, 238, 0, 5, "rsaSigWithripemd128" }, /* 237 */
- { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 238 */
- { 0x02, 0, 1, 4, "ecSign" }, /* 239 */
- { 0x01, 241, 0, 5, "ecSignWithsha1" }, /* 240 */
- { 0x02, 242, 0, 5, "ecSignWithripemd160" }, /* 241 */
- { 0x03, 243, 0, 5, "ecSignWithmd2" }, /* 242 */
- { 0x04, 244, 0, 5, "ecSignWithmd5" }, /* 243 */
- { 0x05, 261, 1, 5, "ttt-ecg" }, /* 244 */
- { 0x01, 249, 1, 6, "fieldType" }, /* 245 */
- { 0x01, 0, 1, 7, "characteristictwoField" }, /* 246 */
- { 0x01, 0, 1, 8, "basisType" }, /* 247 */
- { 0x01, 0, 0, 9, "ipBasis" }, /* 248 */
- { 0x02, 251, 1, 6, "keyType" }, /* 249 */
- { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 250 */
- { 0x03, 252, 0, 6, "curve" }, /* 251 */
- { 0x04, 259, 1, 6, "signatures" }, /* 252 */
- { 0x01, 254, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 253 */
- { 0x02, 255, 0, 7, "ecgdsa-with-SHA1" }, /* 254 */
- { 0x03, 256, 0, 7, "ecgdsa-with-SHA224" }, /* 255 */
- { 0x04, 257, 0, 7, "ecgdsa-with-SHA256" }, /* 256 */
- { 0x05, 258, 0, 7, "ecgdsa-with-SHA384" }, /* 257 */
- { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 258 */
- { 0x05, 0, 1, 6, "module" }, /* 259 */
- { 0x01, 0, 0, 7, "1" }, /* 260 */
- { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 261 */
- { 0x01, 0, 1, 6, "ellipticCurve" }, /* 262 */
- { 0x01, 0, 1, 7, "versionOne" }, /* 263 */
- { 0x01, 265, 0, 8, "brainpoolP160r1" }, /* 264 */
- { 0x02, 266, 0, 8, "brainpoolP160t1" }, /* 265 */
- { 0x03, 267, 0, 8, "brainpoolP192r1" }, /* 266 */
- { 0x04, 268, 0, 8, "brainpoolP192t1" }, /* 267 */
- { 0x05, 269, 0, 8, "brainpoolP224r1" }, /* 268 */
- { 0x06, 270, 0, 8, "brainpoolP224t1" }, /* 269 */
- { 0x07, 271, 0, 8, "brainpoolP256r1" }, /* 270 */
- { 0x08, 272, 0, 8, "brainpoolP256t1" }, /* 271 */
- { 0x09, 273, 0, 8, "brainpoolP320r1" }, /* 272 */
- { 0x0A, 274, 0, 8, "brainpoolP320t1" }, /* 273 */
- { 0x0B, 275, 0, 8, "brainpoolP384r1" }, /* 274 */
- { 0x0C, 276, 0, 8, "brainpoolP384t1" }, /* 275 */
- { 0x0D, 277, 0, 8, "brainpoolP512r1" }, /* 276 */
- { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 277 */
- { 0x81, 0, 1, 1, "" }, /* 278 */
- { 0x04, 0, 1, 2, "Certicom" }, /* 279 */
- { 0x00, 0, 1, 3, "curve" }, /* 280 */
- { 0x01, 282, 0, 4, "sect163k1" }, /* 281 */
- { 0x02, 283, 0, 4, "sect163r1" }, /* 282 */
- { 0x03, 284, 0, 4, "sect239k1" }, /* 283 */
- { 0x04, 285, 0, 4, "sect113r1" }, /* 284 */
- { 0x05, 286, 0, 4, "sect113r2" }, /* 285 */
- { 0x06, 287, 0, 4, "secp112r1" }, /* 286 */
- { 0x07, 288, 0, 4, "secp112r2" }, /* 287 */
- { 0x08, 289, 0, 4, "secp160r1" }, /* 288 */
- { 0x09, 290, 0, 4, "secp160k1" }, /* 289 */
- { 0x0A, 291, 0, 4, "secp256k1" }, /* 290 */
- { 0x0F, 292, 0, 4, "sect163r2" }, /* 291 */
- { 0x10, 293, 0, 4, "sect283k1" }, /* 292 */
- { 0x11, 294, 0, 4, "sect283r1" }, /* 293 */
- { 0x16, 295, 0, 4, "sect131r1" }, /* 294 */
- { 0x17, 296, 0, 4, "sect131r2" }, /* 295 */
- { 0x18, 297, 0, 4, "sect193r1" }, /* 296 */
- { 0x19, 298, 0, 4, "sect193r2" }, /* 297 */
- { 0x1A, 299, 0, 4, "sect233k1" }, /* 298 */
- { 0x1B, 300, 0, 4, "sect233r1" }, /* 299 */
- { 0x1C, 301, 0, 4, "secp128r1" }, /* 300 */
- { 0x1D, 302, 0, 4, "secp128r2" }, /* 301 */
- { 0x1E, 303, 0, 4, "secp160r2" }, /* 302 */
- { 0x1F, 304, 0, 4, "secp192k1" }, /* 303 */
- { 0x20, 305, 0, 4, "secp224k1" }, /* 304 */
- { 0x21, 306, 0, 4, "secp224r1" }, /* 305 */
- { 0x22, 307, 0, 4, "secp384r1" }, /* 306 */
- { 0x23, 308, 0, 4, "secp521r1" }, /* 307 */
- { 0x24, 309, 0, 4, "sect409k1" }, /* 308 */
- { 0x25, 310, 0, 4, "sect409r1" }, /* 309 */
- { 0x26, 311, 0, 4, "sect571k1" }, /* 310 */
- { 0x27, 0, 0, 4, "sect571r1" }, /* 311 */
- {0x60, 0, 1, 0, "" }, /* 312 */
- { 0x86, 0, 1, 1, "" }, /* 313 */
- { 0x48, 0, 1, 2, "" }, /* 314 */
- { 0x01, 0, 1, 3, "organization" }, /* 315 */
- { 0x65, 334, 1, 4, "gov" }, /* 316 */
- { 0x03, 0, 1, 5, "csor" }, /* 317 */
- { 0x04, 0, 1, 6, "nistalgorithm" }, /* 318 */
- { 0x01, 329, 1, 7, "aes" }, /* 319 */
- { 0x02, 321, 0, 8, "id-aes128-CBC" }, /* 320 */
- { 0x06, 322, 0, 8, "id-aes128-GCM" }, /* 321 */
- { 0x07, 323, 0, 8, "id-aes128-CCM" }, /* 322 */
- { 0x16, 324, 0, 8, "id-aes192-CBC" }, /* 323 */
- { 0x1A, 325, 0, 8, "id-aes192-GCM" }, /* 324 */
- { 0x1B, 326, 0, 8, "id-aes192-CCM" }, /* 325 */
- { 0x2A, 327, 0, 8, "id-aes256-CBC" }, /* 326 */
- { 0x2E, 328, 0, 8, "id-aes256-GCM" }, /* 327 */
- { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 328 */
- { 0x02, 0, 1, 7, "hashalgs" }, /* 329 */
- { 0x01, 331, 0, 8, "id-SHA-256" }, /* 330 */
- { 0x02, 332, 0, 8, "id-SHA-384" }, /* 331 */
- { 0x03, 333, 0, 8, "id-SHA-512" }, /* 332 */
- { 0x04, 0, 0, 8, "id-SHA-224" }, /* 333 */
- { 0x86, 0, 1, 4, "" }, /* 334 */
- { 0xf8, 0, 1, 5, "" }, /* 335 */
- { 0x42, 348, 1, 6, "netscape" }, /* 336 */
- { 0x01, 343, 1, 7, "" }, /* 337 */
- { 0x01, 339, 0, 8, "nsCertType" }, /* 338 */
- { 0x03, 340, 0, 8, "nsRevocationUrl" }, /* 339 */
- { 0x04, 341, 0, 8, "nsCaRevocationUrl" }, /* 340 */
- { 0x08, 342, 0, 8, "nsCaPolicyUrl" }, /* 341 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 342 */
- { 0x03, 346, 1, 7, "directory" }, /* 343 */
- { 0x01, 0, 1, 8, "" }, /* 344 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 345 */
- { 0x04, 0, 1, 7, "policy" }, /* 346 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 347 */
- { 0x45, 0, 1, 6, "verisign" }, /* 348 */
- { 0x01, 0, 1, 7, "pki" }, /* 349 */
- { 0x09, 0, 1, 8, "attributes" }, /* 350 */
- { 0x02, 352, 0, 9, "messageType" }, /* 351 */
- { 0x03, 353, 0, 9, "pkiStatus" }, /* 352 */
- { 0x04, 354, 0, 9, "failInfo" }, /* 353 */
- { 0x05, 355, 0, 9, "senderNonce" }, /* 354 */
- { 0x06, 356, 0, 9, "recipientNonce" }, /* 355 */
- { 0x07, 357, 0, 9, "transID" }, /* 356 */
- { 0x08, 358, 0, 9, "extensionReq" }, /* 357 */
- { 0x08, 0, 0, 9, "extensionReq" } /* 358 */
->>>>>>> upstream/4.5.1
+ { 0x07, 94, 0, 8, "id-RSAES-OAEP" }, /* 93 */
+ { 0x09, 95, 0, 8, "id-pSpecified" }, /* 94 */
+ { 0x0B, 96, 0, 8, "sha256WithRSAEncryption" }, /* 95 */
+ { 0x0C, 97, 0, 8, "sha384WithRSAEncryption" }, /* 96 */
+ { 0x0D, 98, 0, 8, "sha512WithRSAEncryption" }, /* 97 */
+ { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 98 */
+ { 0x07, 106, 1, 7, "PKCS-7" }, /* 99 */
+ { 0x01, 101, 0, 8, "data" }, /* 100 */
+ { 0x02, 102, 0, 8, "signedData" }, /* 101 */
+ { 0x03, 103, 0, 8, "envelopedData" }, /* 102 */
+ { 0x04, 104, 0, 8, "signedAndEnvelopedData" }, /* 103 */
+ { 0x05, 105, 0, 8, "digestedData" }, /* 104 */
+ { 0x06, 0, 0, 8, "encryptedData" }, /* 105 */
+ { 0x09, 0, 1, 7, "PKCS-9" }, /* 106 */
+ { 0x01, 108, 0, 8, "E" }, /* 107 */
+ { 0x02, 109, 0, 8, "unstructuredName" }, /* 108 */
+ { 0x03, 110, 0, 8, "contentType" }, /* 109 */
+ { 0x04, 111, 0, 8, "messageDigest" }, /* 110 */
+ { 0x05, 112, 0, 8, "signingTime" }, /* 111 */
+ { 0x06, 113, 0, 8, "counterSignature" }, /* 112 */
+ { 0x07, 114, 0, 8, "challengePassword" }, /* 113 */
+ { 0x08, 115, 0, 8, "unstructuredAddress" }, /* 114 */
+ { 0x0E, 116, 0, 8, "extensionRequest" }, /* 115 */
+ { 0x0F, 0, 0, 8, "S/MIME Capabilities" }, /* 116 */
+ { 0x02, 120, 1, 6, "digestAlgorithm" }, /* 117 */
+ { 0x02, 119, 0, 7, "md2" }, /* 118 */
+ { 0x05, 0, 0, 7, "md5" }, /* 119 */
+ { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 120 */
+ { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 121 */
+ { 0xCE, 0, 1, 3, "" }, /* 122 */
+ { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 123 */
+ { 0x02, 126, 1, 5, "id-publicKeyType" }, /* 124 */
+ { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 125 */
+ { 0x03, 156, 1, 5, "ellipticCurve" }, /* 126 */
+ { 0x00, 148, 1, 6, "c-TwoCurve" }, /* 127 */
+ { 0x01, 129, 0, 7, "c2pnb163v1" }, /* 128 */
+ { 0x02, 130, 0, 7, "c2pnb163v2" }, /* 129 */
+ { 0x03, 131, 0, 7, "c2pnb163v3" }, /* 130 */
+ { 0x04, 132, 0, 7, "c2pnb176w1" }, /* 131 */
+ { 0x05, 133, 0, 7, "c2tnb191v1" }, /* 132 */
+ { 0x06, 134, 0, 7, "c2tnb191v2" }, /* 133 */
+ { 0x07, 135, 0, 7, "c2tnb191v3" }, /* 134 */
+ { 0x08, 136, 0, 7, "c2onb191v4" }, /* 135 */
+ { 0x09, 137, 0, 7, "c2onb191v5" }, /* 136 */
+ { 0x0A, 138, 0, 7, "c2pnb208w1" }, /* 137 */
+ { 0x0B, 139, 0, 7, "c2tnb239v1" }, /* 138 */
+ { 0x0C, 140, 0, 7, "c2tnb239v2" }, /* 139 */
+ { 0x0D, 141, 0, 7, "c2tnb239v3" }, /* 140 */
+ { 0x0E, 142, 0, 7, "c2onb239v4" }, /* 141 */
+ { 0x0F, 143, 0, 7, "c2onb239v5" }, /* 142 */
+ { 0x10, 144, 0, 7, "c2pnb272w1" }, /* 143 */
+ { 0x11, 145, 0, 7, "c2pnb304w1" }, /* 144 */
+ { 0x12, 146, 0, 7, "c2tnb359v1" }, /* 145 */
+ { 0x13, 147, 0, 7, "c2pnb368w1" }, /* 146 */
+ { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 147 */
+ { 0x01, 0, 1, 6, "primeCurve" }, /* 148 */
+ { 0x01, 150, 0, 7, "prime192v1" }, /* 149 */
+ { 0x02, 151, 0, 7, "prime192v2" }, /* 150 */
+ { 0x03, 152, 0, 7, "prime192v3" }, /* 151 */
+ { 0x04, 153, 0, 7, "prime239v1" }, /* 152 */
+ { 0x05, 154, 0, 7, "prime239v2" }, /* 153 */
+ { 0x06, 155, 0, 7, "prime239v3" }, /* 154 */
+ { 0x07, 0, 0, 7, "prime256v1" }, /* 155 */
+ { 0x04, 0, 1, 5, "id-ecSigType" }, /* 156 */
+ { 0x01, 158, 0, 6, "ecdsa-with-SHA1" }, /* 157 */
+ { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 158 */
+ { 0x01, 160, 0, 7, "ecdsa-with-SHA224" }, /* 159 */
+ { 0x02, 161, 0, 7, "ecdsa-with-SHA256" }, /* 160 */
+ { 0x03, 162, 0, 7, "ecdsa-with-SHA384" }, /* 161 */
+ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 162 */
+ {0x2B, 314, 1, 0, "" }, /* 163 */
+ { 0x06, 228, 1, 1, "dod" }, /* 164 */
+ { 0x01, 0, 1, 2, "internet" }, /* 165 */
+ { 0x04, 188, 1, 3, "private" }, /* 166 */
+ { 0x01, 0, 1, 4, "enterprise" }, /* 167 */
+ { 0x82, 181, 1, 5, "" }, /* 168 */
+ { 0x37, 178, 1, 6, "Microsoft" }, /* 169 */
+ { 0x0A, 174, 1, 7, "" }, /* 170 */
+ { 0x03, 0, 1, 8, "" }, /* 171 */
+ { 0x03, 173, 0, 9, "msSGC" }, /* 172 */
+ { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 173 */
+ { 0x14, 0, 1, 7, "msEnrollmentInfrastructure"}, /* 174 */
+ { 0x02, 0, 1, 8, "msCertificateTypeExtension"}, /* 175 */
+ { 0x02, 177, 0, 9, "msSmartcardLogon" }, /* 176 */
+ { 0x03, 0, 0, 9, "msUPN" }, /* 177 */
+ { 0xA0, 0, 1, 6, "" }, /* 178 */
+ { 0x2A, 0, 1, 7, "ITA" }, /* 179 */
+ { 0x01, 0, 0, 8, "strongSwan" }, /* 180 */
+ { 0x89, 0, 1, 5, "" }, /* 181 */
+ { 0x31, 0, 1, 6, "" }, /* 182 */
+ { 0x01, 0, 1, 7, "" }, /* 183 */
+ { 0x01, 0, 1, 8, "" }, /* 184 */
+ { 0x02, 0, 1, 9, "" }, /* 185 */
+ { 0x02, 0, 1, 10, "" }, /* 186 */
+ { 0x4B, 0, 0, 11, "TCGID" }, /* 187 */
+ { 0x05, 0, 1, 3, "security" }, /* 188 */
+ { 0x05, 0, 1, 4, "mechanisms" }, /* 189 */
+ { 0x07, 0, 1, 5, "id-pkix" }, /* 190 */
+ { 0x01, 195, 1, 6, "id-pe" }, /* 191 */
+ { 0x01, 193, 0, 7, "authorityInfoAccess" }, /* 192 */
+ { 0x03, 194, 0, 7, "qcStatements" }, /* 193 */
+ { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 194 */
+ { 0x02, 198, 1, 6, "id-qt" }, /* 195 */
+ { 0x01, 197, 0, 7, "cps" }, /* 196 */
+ { 0x02, 0, 0, 7, "unotice" }, /* 197 */
+ { 0x03, 208, 1, 6, "id-kp" }, /* 198 */
+ { 0x01, 200, 0, 7, "serverAuth" }, /* 199 */
+ { 0x02, 201, 0, 7, "clientAuth" }, /* 200 */
+ { 0x03, 202, 0, 7, "codeSigning" }, /* 201 */
+ { 0x04, 203, 0, 7, "emailProtection" }, /* 202 */
+ { 0x05, 204, 0, 7, "ipsecEndSystem" }, /* 203 */
+ { 0x06, 205, 0, 7, "ipsecTunnel" }, /* 204 */
+ { 0x07, 206, 0, 7, "ipsecUser" }, /* 205 */
+ { 0x08, 207, 0, 7, "timeStamping" }, /* 206 */
+ { 0x09, 0, 0, 7, "ocspSigning" }, /* 207 */
+ { 0x08, 210, 1, 6, "id-otherNames" }, /* 208 */
+ { 0x05, 0, 0, 7, "xmppAddr" }, /* 209 */
+ { 0x0A, 215, 1, 6, "id-aca" }, /* 210 */
+ { 0x01, 212, 0, 7, "authenticationInfo" }, /* 211 */
+ { 0x02, 213, 0, 7, "accessIdentity" }, /* 212 */
+ { 0x03, 214, 0, 7, "chargingIdentity" }, /* 213 */
+ { 0x04, 0, 0, 7, "group" }, /* 214 */
+ { 0x0B, 216, 0, 6, "subjectInfoAccess" }, /* 215 */
+ { 0x30, 0, 1, 6, "id-ad" }, /* 216 */
+ { 0x01, 225, 1, 7, "ocsp" }, /* 217 */
+ { 0x01, 219, 0, 8, "basic" }, /* 218 */
+ { 0x02, 220, 0, 8, "nonce" }, /* 219 */
+ { 0x03, 221, 0, 8, "crl" }, /* 220 */
+ { 0x04, 222, 0, 8, "response" }, /* 221 */
+ { 0x05, 223, 0, 8, "noCheck" }, /* 222 */
+ { 0x06, 224, 0, 8, "archiveCutoff" }, /* 223 */
+ { 0x07, 0, 0, 8, "serviceLocator" }, /* 224 */
+ { 0x02, 226, 0, 7, "caIssuers" }, /* 225 */
+ { 0x03, 227, 0, 7, "timeStamping" }, /* 226 */
+ { 0x05, 0, 0, 7, "caRepository" }, /* 227 */
+ { 0x0E, 234, 1, 1, "oiw" }, /* 228 */
+ { 0x03, 0, 1, 2, "secsig" }, /* 229 */
+ { 0x02, 0, 1, 3, "algorithms" }, /* 230 */
+ { 0x07, 232, 0, 4, "des-cbc" }, /* 231 */
+ { 0x1A, 233, 0, 4, "sha-1" }, /* 232 */
+ { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 233 */
+ { 0x24, 280, 1, 1, "TeleTrusT" }, /* 234 */
+ { 0x03, 0, 1, 2, "algorithm" }, /* 235 */
+ { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 236 */
+ { 0x01, 241, 1, 4, "rsaSignature" }, /* 237 */
+ { 0x02, 239, 0, 5, "rsaSigWithripemd160" }, /* 238 */
+ { 0x03, 240, 0, 5, "rsaSigWithripemd128" }, /* 239 */
+ { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 240 */
+ { 0x02, 0, 1, 4, "ecSign" }, /* 241 */
+ { 0x01, 243, 0, 5, "ecSignWithsha1" }, /* 242 */
+ { 0x02, 244, 0, 5, "ecSignWithripemd160" }, /* 243 */
+ { 0x03, 245, 0, 5, "ecSignWithmd2" }, /* 244 */
+ { 0x04, 246, 0, 5, "ecSignWithmd5" }, /* 245 */
+ { 0x05, 263, 1, 5, "ttt-ecg" }, /* 246 */
+ { 0x01, 251, 1, 6, "fieldType" }, /* 247 */
+ { 0x01, 0, 1, 7, "characteristictwoField" }, /* 248 */
+ { 0x01, 0, 1, 8, "basisType" }, /* 249 */
+ { 0x01, 0, 0, 9, "ipBasis" }, /* 250 */
+ { 0x02, 253, 1, 6, "keyType" }, /* 251 */
+ { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 252 */
+ { 0x03, 254, 0, 6, "curve" }, /* 253 */
+ { 0x04, 261, 1, 6, "signatures" }, /* 254 */
+ { 0x01, 256, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 255 */
+ { 0x02, 257, 0, 7, "ecgdsa-with-SHA1" }, /* 256 */
+ { 0x03, 258, 0, 7, "ecgdsa-with-SHA224" }, /* 257 */
+ { 0x04, 259, 0, 7, "ecgdsa-with-SHA256" }, /* 258 */
+ { 0x05, 260, 0, 7, "ecgdsa-with-SHA384" }, /* 259 */
+ { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 260 */
+ { 0x05, 0, 1, 6, "module" }, /* 261 */
+ { 0x01, 0, 0, 7, "1" }, /* 262 */
+ { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 263 */
+ { 0x01, 0, 1, 6, "ellipticCurve" }, /* 264 */
+ { 0x01, 0, 1, 7, "versionOne" }, /* 265 */
+ { 0x01, 267, 0, 8, "brainpoolP160r1" }, /* 266 */
+ { 0x02, 268, 0, 8, "brainpoolP160t1" }, /* 267 */
+ { 0x03, 269, 0, 8, "brainpoolP192r1" }, /* 268 */
+ { 0x04, 270, 0, 8, "brainpoolP192t1" }, /* 269 */
+ { 0x05, 271, 0, 8, "brainpoolP224r1" }, /* 270 */
+ { 0x06, 272, 0, 8, "brainpoolP224t1" }, /* 271 */
+ { 0x07, 273, 0, 8, "brainpoolP256r1" }, /* 272 */
+ { 0x08, 274, 0, 8, "brainpoolP256t1" }, /* 273 */
+ { 0x09, 275, 0, 8, "brainpoolP320r1" }, /* 274 */
+ { 0x0A, 276, 0, 8, "brainpoolP320t1" }, /* 275 */
+ { 0x0B, 277, 0, 8, "brainpoolP384r1" }, /* 276 */
+ { 0x0C, 278, 0, 8, "brainpoolP384t1" }, /* 277 */
+ { 0x0D, 279, 0, 8, "brainpoolP512r1" }, /* 278 */
+ { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 279 */
+ { 0x81, 0, 1, 1, "" }, /* 280 */
+ { 0x04, 0, 1, 2, "Certicom" }, /* 281 */
+ { 0x00, 0, 1, 3, "curve" }, /* 282 */
+ { 0x01, 284, 0, 4, "sect163k1" }, /* 283 */
+ { 0x02, 285, 0, 4, "sect163r1" }, /* 284 */
+ { 0x03, 286, 0, 4, "sect239k1" }, /* 285 */
+ { 0x04, 287, 0, 4, "sect113r1" }, /* 286 */
+ { 0x05, 288, 0, 4, "sect113r2" }, /* 287 */
+ { 0x06, 289, 0, 4, "secp112r1" }, /* 288 */
+ { 0x07, 290, 0, 4, "secp112r2" }, /* 289 */
+ { 0x08, 291, 0, 4, "secp160r1" }, /* 290 */
+ { 0x09, 292, 0, 4, "secp160k1" }, /* 291 */
+ { 0x0A, 293, 0, 4, "secp256k1" }, /* 292 */
+ { 0x0F, 294, 0, 4, "sect163r2" }, /* 293 */
+ { 0x10, 295, 0, 4, "sect283k1" }, /* 294 */
+ { 0x11, 296, 0, 4, "sect283r1" }, /* 295 */
+ { 0x16, 297, 0, 4, "sect131r1" }, /* 296 */
+ { 0x17, 298, 0, 4, "sect131r2" }, /* 297 */
+ { 0x18, 299, 0, 4, "sect193r1" }, /* 298 */
+ { 0x19, 300, 0, 4, "sect193r2" }, /* 299 */
+ { 0x1A, 301, 0, 4, "sect233k1" }, /* 300 */
+ { 0x1B, 302, 0, 4, "sect233r1" }, /* 301 */
+ { 0x1C, 303, 0, 4, "secp128r1" }, /* 302 */
+ { 0x1D, 304, 0, 4, "secp128r2" }, /* 303 */
+ { 0x1E, 305, 0, 4, "secp160r2" }, /* 304 */
+ { 0x1F, 306, 0, 4, "secp192k1" }, /* 305 */
+ { 0x20, 307, 0, 4, "secp224k1" }, /* 306 */
+ { 0x21, 308, 0, 4, "secp224r1" }, /* 307 */
+ { 0x22, 309, 0, 4, "secp384r1" }, /* 308 */
+ { 0x23, 310, 0, 4, "secp521r1" }, /* 309 */
+ { 0x24, 311, 0, 4, "sect409k1" }, /* 310 */
+ { 0x25, 312, 0, 4, "sect409r1" }, /* 311 */
+ { 0x26, 313, 0, 4, "sect571k1" }, /* 312 */
+ { 0x27, 0, 0, 4, "sect571r1" }, /* 313 */
+ {0x60, 360, 1, 0, "" }, /* 314 */
+ { 0x86, 0, 1, 1, "" }, /* 315 */
+ { 0x48, 0, 1, 2, "" }, /* 316 */
+ { 0x01, 0, 1, 3, "organization" }, /* 317 */
+ { 0x65, 336, 1, 4, "gov" }, /* 318 */
+ { 0x03, 0, 1, 5, "csor" }, /* 319 */
+ { 0x04, 0, 1, 6, "nistalgorithm" }, /* 320 */
+ { 0x01, 331, 1, 7, "aes" }, /* 321 */
+ { 0x02, 323, 0, 8, "id-aes128-CBC" }, /* 322 */
+ { 0x06, 324, 0, 8, "id-aes128-GCM" }, /* 323 */
+ { 0x07, 325, 0, 8, "id-aes128-CCM" }, /* 324 */
+ { 0x16, 326, 0, 8, "id-aes192-CBC" }, /* 325 */
+ { 0x1A, 327, 0, 8, "id-aes192-GCM" }, /* 326 */
+ { 0x1B, 328, 0, 8, "id-aes192-CCM" }, /* 327 */
+ { 0x2A, 329, 0, 8, "id-aes256-CBC" }, /* 328 */
+ { 0x2E, 330, 0, 8, "id-aes256-GCM" }, /* 329 */
+ { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 330 */
+ { 0x02, 0, 1, 7, "hashalgs" }, /* 331 */
+ { 0x01, 333, 0, 8, "id-SHA-256" }, /* 332 */
+ { 0x02, 334, 0, 8, "id-SHA-384" }, /* 333 */
+ { 0x03, 335, 0, 8, "id-SHA-512" }, /* 334 */
+ { 0x04, 0, 0, 8, "id-SHA-224" }, /* 335 */
+ { 0x86, 0, 1, 4, "" }, /* 336 */
+ { 0xf8, 0, 1, 5, "" }, /* 337 */
+ { 0x42, 350, 1, 6, "netscape" }, /* 338 */
+ { 0x01, 345, 1, 7, "" }, /* 339 */
+ { 0x01, 341, 0, 8, "nsCertType" }, /* 340 */
+ { 0x03, 342, 0, 8, "nsRevocationUrl" }, /* 341 */
+ { 0x04, 343, 0, 8, "nsCaRevocationUrl" }, /* 342 */
+ { 0x08, 344, 0, 8, "nsCaPolicyUrl" }, /* 343 */
+ { 0x0d, 0, 0, 8, "nsComment" }, /* 344 */
+ { 0x03, 348, 1, 7, "directory" }, /* 345 */
+ { 0x01, 0, 1, 8, "" }, /* 346 */
+ { 0x03, 0, 0, 9, "employeeNumber" }, /* 347 */
+ { 0x04, 0, 1, 7, "policy" }, /* 348 */
+ { 0x01, 0, 0, 8, "nsSGC" }, /* 349 */
+ { 0x45, 0, 1, 6, "verisign" }, /* 350 */
+ { 0x01, 0, 1, 7, "pki" }, /* 351 */
+ { 0x09, 0, 1, 8, "attributes" }, /* 352 */
+ { 0x02, 354, 0, 9, "messageType" }, /* 353 */
+ { 0x03, 355, 0, 9, "pkiStatus" }, /* 354 */
+ { 0x04, 356, 0, 9, "failInfo" }, /* 355 */
+ { 0x05, 357, 0, 9, "senderNonce" }, /* 356 */
+ { 0x06, 358, 0, 9, "recipientNonce" }, /* 357 */
+ { 0x07, 359, 0, 9, "transID" }, /* 358 */
+ { 0x08, 0, 0, 9, "extensionReq" }, /* 359 */
+ {0x67, 0, 1, 0, "" }, /* 360 */
+ { 0x81, 0, 1, 1, "" }, /* 361 */
+ { 0x05, 0, 1, 2, "" }, /* 362 */
+ { 0x02, 0, 1, 3, "tcg-attribute" }, /* 363 */
+ { 0x01, 365, 0, 4, "tcg-at-tpmManufacturer" }, /* 364 */
+ { 0x02, 366, 0, 4, "tcg-at-tpmModel" }, /* 365 */
+ { 0x03, 367, 0, 4, "tcg-at-tpmVersion" }, /* 366 */
+ { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 367 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index e9de81ccf..61db061f7 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -49,16 +49,11 @@ extern const oid_t oid_names[];
#define OID_DELTA_CRL_INDICATOR 48
#define OID_NAME_CONSTRAINTS 51
#define OID_CRL_DISTRIBUTION_POINTS 52
-<<<<<<< HEAD
-#define OID_ANY_POLICY 54
-#define OID_AUTHORITY_KEY_ID 56
-=======
#define OID_CERTIFICATE_POLICIES 53
#define OID_ANY_POLICY 54
#define OID_POLICY_MAPPINGS 55
#define OID_AUTHORITY_KEY_ID 56
#define OID_POLICY_CONSTRAINTS 57
->>>>>>> upstream/4.5.1
#define OID_EXTENDED_KEY_USAGE 58
#define OID_FRESHEST_CRL 60
#define OID_INHIBIT_ANY_POLICY 61
@@ -71,239 +66,155 @@ extern const oid_t oid_names[];
#define OID_MD2_WITH_RSA 90
#define OID_MD5_WITH_RSA 91
#define OID_SHA1_WITH_RSA 92
-#define OID_SHA256_WITH_RSA 93
-#define OID_SHA384_WITH_RSA 94
-#define OID_SHA512_WITH_RSA 95
-#define OID_SHA224_WITH_RSA 96
-#define OID_PKCS7_DATA 98
-#define OID_PKCS7_SIGNED_DATA 99
-#define OID_PKCS7_ENVELOPED_DATA 100
-#define OID_PKCS7_SIGNED_ENVELOPED_DATA 101
-#define OID_PKCS7_DIGESTED_DATA 102
-#define OID_PKCS7_ENCRYPTED_DATA 103
-#define OID_EMAIL_ADDRESS 105
-#define OID_UNSTRUCTURED_NAME 106
-#define OID_PKCS9_CONTENT_TYPE 107
-#define OID_PKCS9_MESSAGE_DIGEST 108
-#define OID_PKCS9_SIGNING_TIME 109
-#define OID_CHALLENGE_PASSWORD 111
-#define OID_EXTENSION_REQUEST 113
-#define OID_MD2 116
-#define OID_MD5 117
-#define OID_3DES_EDE_CBC 119
-#define OID_EC_PUBLICKEY 123
-#define OID_C2PNB163V1 126
-#define OID_C2PNB163V2 127
-#define OID_C2PNB163V3 128
-#define OID_C2PNB176W1 129
-#define OID_C2PNB191V1 130
-#define OID_C2PNB191V2 131
-#define OID_C2PNB191V3 132
-#define OID_C2PNB191V4 133
-#define OID_C2PNB191V5 134
-#define OID_C2PNB208W1 135
-#define OID_C2PNB239V1 136
-#define OID_C2PNB239V2 137
-#define OID_C2PNB239V3 138
-#define OID_C2PNB239V4 139
-#define OID_C2PNB239V5 140
-#define OID_C2PNB272W1 141
-#define OID_C2PNB304W1 142
-#define OID_C2PNB359V1 143
-#define OID_C2PNB368W1 144
-#define OID_C2PNB431R1 145
-#define OID_PRIME192V1 147
-#define OID_PRIME192V2 148
-#define OID_PRIME192V3 149
-#define OID_PRIME239V1 150
-#define OID_PRIME239V2 151
-#define OID_PRIME239V3 152
-#define OID_PRIME256V1 153
-#define OID_ECDSA_WITH_SHA1 155
-#define OID_ECDSA_WITH_SHA224 157
-#define OID_ECDSA_WITH_SHA256 158
-#define OID_ECDSA_WITH_SHA384 159
-#define OID_ECDSA_WITH_SHA512 160
-#define OID_USER_PRINCIPAL_NAME 175
-<<<<<<< HEAD
-#define OID_TCGID 182
-#define OID_AUTHORITY_INFO_ACCESS 187
-#define OID_IP_ADDR_BLOCKS 189
-#define OID_SERVER_AUTH 194
-#define OID_CLIENT_AUTH 195
-#define OID_OCSP_SIGNING 202
-#define OID_XMPP_ADDR 204
-#define OID_AUTHENTICATION_INFO 206
-#define OID_ACCESS_IDENTITY 207
-#define OID_CHARGING_IDENTITY 208
-#define OID_GROUP 209
-#define OID_OCSP 212
-#define OID_BASIC 213
-#define OID_NONCE 214
-#define OID_CRL 215
-#define OID_RESPONSE 216
-#define OID_NO_CHECK 217
-#define OID_ARCHIVE_CUTOFF 218
-#define OID_SERVICE_LOCATOR 219
-#define OID_CA_ISSUERS 220
-#define OID_DES_CBC 226
-#define OID_SHA1 227
-#define OID_SHA1_WITH_RSA_OIW 228
-#define OID_ECGDSA_PUBKEY 247
-#define OID_ECGDSA_SIG_WITH_RIPEMD160 250
-#define OID_ECGDSA_SIG_WITH_SHA1 251
-#define OID_ECGDSA_SIG_WITH_SHA224 252
-#define OID_ECGDSA_SIG_WITH_SHA256 253
-#define OID_ECGDSA_SIG_WITH_SHA384 254
-#define OID_ECGDSA_SIG_WITH_SHA512 255
-#define OID_SECT163K1 278
-#define OID_SECT163R1 279
-#define OID_SECT239K1 280
-#define OID_SECT113R1 281
-#define OID_SECT113R2 282
-#define OID_SECT112R1 283
-#define OID_SECT112R2 284
-#define OID_SECT160R1 285
-#define OID_SECT160K1 286
-#define OID_SECT256K1 287
-#define OID_SECT163R2 288
-#define OID_SECT283K1 289
-#define OID_SECT283R1 290
-#define OID_SECT131R1 291
-#define OID_SECT131R2 292
-#define OID_SECT193R1 293
-#define OID_SECT193R2 294
-#define OID_SECT233K1 295
-#define OID_SECT233R1 296
-#define OID_SECT128R1 297
-#define OID_SECT128R2 298
-#define OID_SECT160R2 299
-#define OID_SECT192K1 300
-#define OID_SECT224K1 301
-#define OID_SECT224R1 302
-#define OID_SECT384R1 303
-#define OID_SECT521R1 304
-#define OID_SECT409K1 305
-#define OID_SECT409R1 306
-#define OID_SECT571K1 307
-#define OID_SECT571R1 308
-#define OID_AES128_CBC 317
-#define OID_AES128_GCM 318
-#define OID_AES128_CCM 319
-#define OID_AES192_CBC 320
-#define OID_AES192_GCM 321
-#define OID_AES192_CCM 322
-#define OID_AES256_CBC 323
-#define OID_AES256_GCM 324
-#define OID_AES256_CCM 325
-#define OID_SHA256 327
-#define OID_SHA384 328
-#define OID_SHA512 329
-#define OID_SHA224 330
-#define OID_NS_REVOCATION_URL 336
-#define OID_NS_CA_REVOCATION_URL 337
-#define OID_NS_CA_POLICY_URL 338
-#define OID_NS_COMMENT 339
-#define OID_EMPLOYEE_NUMBER 342
-#define OID_PKI_MESSAGE_TYPE 348
-#define OID_PKI_STATUS 349
-#define OID_PKI_FAIL_INFO 350
-#define OID_PKI_SENDER_NONCE 351
-#define OID_PKI_RECIPIENT_NONCE 352
-#define OID_PKI_TRANS_ID 353
-
-#define OID_MAX 356
-=======
-#define OID_STRONGSWAN 178
-#define OID_TCGID 185
-#define OID_AUTHORITY_INFO_ACCESS 190
-#define OID_IP_ADDR_BLOCKS 192
-#define OID_POLICY_QUALIFIER_CPS 194
-#define OID_POLICY_QUALIFIER_UNOTICE 195
-#define OID_SERVER_AUTH 197
-#define OID_CLIENT_AUTH 198
-#define OID_OCSP_SIGNING 205
-#define OID_XMPP_ADDR 207
-#define OID_AUTHENTICATION_INFO 209
-#define OID_ACCESS_IDENTITY 210
-#define OID_CHARGING_IDENTITY 211
-#define OID_GROUP 212
-#define OID_OCSP 215
-#define OID_BASIC 216
-#define OID_NONCE 217
-#define OID_CRL 218
-#define OID_RESPONSE 219
-#define OID_NO_CHECK 220
-#define OID_ARCHIVE_CUTOFF 221
-#define OID_SERVICE_LOCATOR 222
-#define OID_CA_ISSUERS 223
-#define OID_DES_CBC 229
-#define OID_SHA1 230
-#define OID_SHA1_WITH_RSA_OIW 231
-#define OID_ECGDSA_PUBKEY 250
-#define OID_ECGDSA_SIG_WITH_RIPEMD160 253
-#define OID_ECGDSA_SIG_WITH_SHA1 254
-#define OID_ECGDSA_SIG_WITH_SHA224 255
-#define OID_ECGDSA_SIG_WITH_SHA256 256
-#define OID_ECGDSA_SIG_WITH_SHA384 257
-#define OID_ECGDSA_SIG_WITH_SHA512 258
-#define OID_SECT163K1 281
-#define OID_SECT163R1 282
-#define OID_SECT239K1 283
-#define OID_SECT113R1 284
-#define OID_SECT113R2 285
-#define OID_SECT112R1 286
-#define OID_SECT112R2 287
-#define OID_SECT160R1 288
-#define OID_SECT160K1 289
-#define OID_SECT256K1 290
-#define OID_SECT163R2 291
-#define OID_SECT283K1 292
-#define OID_SECT283R1 293
-#define OID_SECT131R1 294
-#define OID_SECT131R2 295
-#define OID_SECT193R1 296
-#define OID_SECT193R2 297
-#define OID_SECT233K1 298
-#define OID_SECT233R1 299
-#define OID_SECT128R1 300
-#define OID_SECT128R2 301
-#define OID_SECT160R2 302
-#define OID_SECT192K1 303
-#define OID_SECT224K1 304
-#define OID_SECT224R1 305
-#define OID_SECT384R1 306
-#define OID_SECT521R1 307
-#define OID_SECT409K1 308
-#define OID_SECT409R1 309
-#define OID_SECT571K1 310
-#define OID_SECT571R1 311
-#define OID_AES128_CBC 320
-#define OID_AES128_GCM 321
-#define OID_AES128_CCM 322
-#define OID_AES192_CBC 323
-#define OID_AES192_GCM 324
-#define OID_AES192_CCM 325
-#define OID_AES256_CBC 326
-#define OID_AES256_GCM 327
-#define OID_AES256_CCM 328
-#define OID_SHA256 330
-#define OID_SHA384 331
-#define OID_SHA512 332
-#define OID_SHA224 333
-#define OID_NS_REVOCATION_URL 339
-#define OID_NS_CA_REVOCATION_URL 340
-#define OID_NS_CA_POLICY_URL 341
-#define OID_NS_COMMENT 342
-#define OID_EMPLOYEE_NUMBER 345
-#define OID_PKI_MESSAGE_TYPE 351
-#define OID_PKI_STATUS 352
-#define OID_PKI_FAIL_INFO 353
-#define OID_PKI_SENDER_NONCE 354
-#define OID_PKI_RECIPIENT_NONCE 355
-#define OID_PKI_TRANS_ID 356
+#define OID_RSAES_OAEP 93
+#define OID_SHA256_WITH_RSA 95
+#define OID_SHA384_WITH_RSA 96
+#define OID_SHA512_WITH_RSA 97
+#define OID_SHA224_WITH_RSA 98
+#define OID_PKCS7_DATA 100
+#define OID_PKCS7_SIGNED_DATA 101
+#define OID_PKCS7_ENVELOPED_DATA 102
+#define OID_PKCS7_SIGNED_ENVELOPED_DATA 103
+#define OID_PKCS7_DIGESTED_DATA 104
+#define OID_PKCS7_ENCRYPTED_DATA 105
+#define OID_EMAIL_ADDRESS 107
+#define OID_UNSTRUCTURED_NAME 108
+#define OID_PKCS9_CONTENT_TYPE 109
+#define OID_PKCS9_MESSAGE_DIGEST 110
+#define OID_PKCS9_SIGNING_TIME 111
+#define OID_CHALLENGE_PASSWORD 113
+#define OID_UNSTRUCTURED_ADDRESS 114
+#define OID_EXTENSION_REQUEST 115
+#define OID_MD2 118
+#define OID_MD5 119
+#define OID_3DES_EDE_CBC 121
+#define OID_EC_PUBLICKEY 125
+#define OID_C2PNB163V1 128
+#define OID_C2PNB163V2 129
+#define OID_C2PNB163V3 130
+#define OID_C2PNB176W1 131
+#define OID_C2PNB191V1 132
+#define OID_C2PNB191V2 133
+#define OID_C2PNB191V3 134
+#define OID_C2PNB191V4 135
+#define OID_C2PNB191V5 136
+#define OID_C2PNB208W1 137
+#define OID_C2PNB239V1 138
+#define OID_C2PNB239V2 139
+#define OID_C2PNB239V3 140
+#define OID_C2PNB239V4 141
+#define OID_C2PNB239V5 142
+#define OID_C2PNB272W1 143
+#define OID_C2PNB304W1 144
+#define OID_C2PNB359V1 145
+#define OID_C2PNB368W1 146
+#define OID_C2PNB431R1 147
+#define OID_PRIME192V1 149
+#define OID_PRIME192V2 150
+#define OID_PRIME192V3 151
+#define OID_PRIME239V1 152
+#define OID_PRIME239V2 153
+#define OID_PRIME239V3 154
+#define OID_PRIME256V1 155
+#define OID_ECDSA_WITH_SHA1 157
+#define OID_ECDSA_WITH_SHA224 159
+#define OID_ECDSA_WITH_SHA256 160
+#define OID_ECDSA_WITH_SHA384 161
+#define OID_ECDSA_WITH_SHA512 162
+#define OID_USER_PRINCIPAL_NAME 177
+#define OID_STRONGSWAN 180
+#define OID_TCGID 187
+#define OID_AUTHORITY_INFO_ACCESS 192
+#define OID_IP_ADDR_BLOCKS 194
+#define OID_POLICY_QUALIFIER_CPS 196
+#define OID_POLICY_QUALIFIER_UNOTICE 197
+#define OID_SERVER_AUTH 199
+#define OID_CLIENT_AUTH 200
+#define OID_OCSP_SIGNING 207
+#define OID_XMPP_ADDR 209
+#define OID_AUTHENTICATION_INFO 211
+#define OID_ACCESS_IDENTITY 212
+#define OID_CHARGING_IDENTITY 213
+#define OID_GROUP 214
+#define OID_OCSP 217
+#define OID_BASIC 218
+#define OID_NONCE 219
+#define OID_CRL 220
+#define OID_RESPONSE 221
+#define OID_NO_CHECK 222
+#define OID_ARCHIVE_CUTOFF 223
+#define OID_SERVICE_LOCATOR 224
+#define OID_CA_ISSUERS 225
+#define OID_DES_CBC 231
+#define OID_SHA1 232
+#define OID_SHA1_WITH_RSA_OIW 233
+#define OID_ECGDSA_PUBKEY 252
+#define OID_ECGDSA_SIG_WITH_RIPEMD160 255
+#define OID_ECGDSA_SIG_WITH_SHA1 256
+#define OID_ECGDSA_SIG_WITH_SHA224 257
+#define OID_ECGDSA_SIG_WITH_SHA256 258
+#define OID_ECGDSA_SIG_WITH_SHA384 259
+#define OID_ECGDSA_SIG_WITH_SHA512 260
+#define OID_SECT163K1 283
+#define OID_SECT163R1 284
+#define OID_SECT239K1 285
+#define OID_SECT113R1 286
+#define OID_SECT113R2 287
+#define OID_SECT112R1 288
+#define OID_SECT112R2 289
+#define OID_SECT160R1 290
+#define OID_SECT160K1 291
+#define OID_SECT256K1 292
+#define OID_SECT163R2 293
+#define OID_SECT283K1 294
+#define OID_SECT283R1 295
+#define OID_SECT131R1 296
+#define OID_SECT131R2 297
+#define OID_SECT193R1 298
+#define OID_SECT193R2 299
+#define OID_SECT233K1 300
+#define OID_SECT233R1 301
+#define OID_SECT128R1 302
+#define OID_SECT128R2 303
+#define OID_SECT160R2 304
+#define OID_SECT192K1 305
+#define OID_SECT224K1 306
+#define OID_SECT224R1 307
+#define OID_SECT384R1 308
+#define OID_SECT521R1 309
+#define OID_SECT409K1 310
+#define OID_SECT409R1 311
+#define OID_SECT571K1 312
+#define OID_SECT571R1 313
+#define OID_AES128_CBC 322
+#define OID_AES128_GCM 323
+#define OID_AES128_CCM 324
+#define OID_AES192_CBC 325
+#define OID_AES192_GCM 326
+#define OID_AES192_CCM 327
+#define OID_AES256_CBC 328
+#define OID_AES256_GCM 329
+#define OID_AES256_CCM 330
+#define OID_SHA256 332
+#define OID_SHA384 333
+#define OID_SHA512 334
+#define OID_SHA224 335
+#define OID_NS_REVOCATION_URL 341
+#define OID_NS_CA_REVOCATION_URL 342
+#define OID_NS_CA_POLICY_URL 343
+#define OID_NS_COMMENT 344
+#define OID_EMPLOYEE_NUMBER 347
+#define OID_PKI_MESSAGE_TYPE 353
+#define OID_PKI_STATUS 354
+#define OID_PKI_FAIL_INFO 355
+#define OID_PKI_SENDER_NONCE 356
+#define OID_PKI_RECIPIENT_NONCE 357
+#define OID_PKI_TRANS_ID 358
+#define OID_TPM_MANUFACTURER 364
+#define OID_TPM_MODEL 365
+#define OID_TPM_VERSION 366
+#define OID_TPM_ID_LABEL 367
-#define OID_MAX 359
->>>>>>> upstream/4.5.1
+#define OID_MAX 368
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index bf37dd624..f16287cb2 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -51,19 +51,11 @@
0x1D "certificateIssuer"
0x1E "nameConstraints" OID_NAME_CONSTRAINTS
0x1F "crlDistributionPoints" OID_CRL_DISTRIBUTION_POINTS
-<<<<<<< HEAD
- 0x20 "certificatePolicies"
- 0x00 "anyPolicy" OID_ANY_POLICY
- 0x21 "policyMappings"
- 0x23 "authorityKeyIdentifier" OID_AUTHORITY_KEY_ID
- 0x24 "policyConstraints"
-=======
0x20 "certificatePolicies" OID_CERTIFICATE_POLICIES
0x00 "anyPolicy" OID_ANY_POLICY
0x21 "policyMappings" OID_POLICY_MAPPINGS
0x23 "authorityKeyIdentifier" OID_AUTHORITY_KEY_ID
0x24 "policyConstraints" OID_POLICY_CONSTRAINTS
->>>>>>> upstream/4.5.1
0x25 "extendedKeyUsage" OID_EXTENDED_KEY_USAGE
0x00 "anyExtendedKeyUsage"
0x2E "freshestCRL" OID_FRESHEST_CRL
@@ -99,6 +91,8 @@
0x02 "md2WithRSAEncryption" OID_MD2_WITH_RSA
0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA
0x05 "sha-1WithRSAEncryption" OID_SHA1_WITH_RSA
+ 0x07 "id-RSAES-OAEP" OID_RSAES_OAEP
+ 0x09 "id-pSpecified"
0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA
0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA
0x0D "sha512WithRSAEncryption" OID_SHA512_WITH_RSA
@@ -118,7 +112,7 @@
0x05 "signingTime" OID_PKCS9_SIGNING_TIME
0x06 "counterSignature"
0x07 "challengePassword" OID_CHALLENGE_PASSWORD
- 0x08 "unstructuredAddress"
+ 0x08 "unstructuredAddress" OID_UNSTRUCTURED_ADDRESS
0x0E "extensionRequest" OID_EXTENSION_REQUEST
0x0F "S/MIME Capabilities"
0x02 "digestAlgorithm"
@@ -132,11 +126,7 @@
0x01 "id-ecPublicKey" OID_EC_PUBLICKEY
0x03 "ellipticCurve"
0x00 "c-TwoCurve"
-<<<<<<< HEAD
- 0x01 "c2pnb163v1" OID_C2PNB163V1
-=======
0x01 "c2pnb163v1" OID_C2PNB163V1
->>>>>>> upstream/4.5.1
0x02 "c2pnb163v2" OID_C2PNB163V2
0x03 "c2pnb163v3" OID_C2PNB163V3
0x04 "c2pnb176w1" OID_C2PNB176W1
@@ -186,23 +176,16 @@
0x02 "msCertificateTypeExtension"
0x02 "msSmartcardLogon"
0x03 "msUPN" OID_USER_PRINCIPAL_NAME
-<<<<<<< HEAD
-=======
0xA0 ""
0x2A "ITA"
0x01 "strongSwan" OID_STRONGSWAN
->>>>>>> upstream/4.5.1
0x89 ""
0x31 ""
0x01 ""
0x01 ""
0x02 ""
0x02 ""
-<<<<<<< HEAD
- 0x4B "TCGID" OID_TCGID
-=======
0x4B "TCGID" OID_TCGID
->>>>>>> upstream/4.5.1
0x05 "security"
0x05 "mechanisms"
0x07 "id-pkix"
@@ -211,13 +194,8 @@
0x03 "qcStatements"
0x07 "ipAddrBlocks" OID_IP_ADDR_BLOCKS
0x02 "id-qt"
-<<<<<<< HEAD
- 0x01 "cps"
- 0x02 "unotice"
-=======
0x01 "cps" OID_POLICY_QUALIFIER_CPS
0x02 "unotice" OID_POLICY_QUALIFIER_UNOTICE
->>>>>>> upstream/4.5.1
0x03 "id-kp"
0x01 "serverAuth" OID_SERVER_AUTH
0x02 "clientAuth" OID_CLIENT_AUTH
@@ -380,4 +358,11 @@
0x06 "recipientNonce" OID_PKI_RECIPIENT_NONCE
0x07 "transID" OID_PKI_TRANS_ID
0x08 "extensionReq"
-
+0x67 ""
+ 0x81 ""
+ 0x05 ""
+ 0x02 "tcg-attribute"
+ 0x01 "tcg-at-tpmManufacturer" OID_TPM_MANUFACTURER
+ 0x02 "tcg-at-tpmModel" OID_TPM_MODEL
+ 0x03 "tcg-at-tpmVersion" OID_TPM_VERSION
+ 0x0F "tcg-at-tpmIdLabel" OID_TPM_ID_LABEL
diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h
index f94bdfbf2..63644ac78 100644
--- a/src/libstrongswan/chunk.h
+++ b/src/libstrongswan/chunk.h
@@ -175,7 +175,7 @@ static inline void chunk_clear(chunk_t *chunk)
{
if (chunk->ptr)
{
- memset(chunk->ptr, 0, chunk->len);
+ memwipe(chunk->ptr, chunk->len);
chunk_free(chunk);
}
}
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 9c7df81a6..23a3f62d9 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -131,19 +131,13 @@ static void destroy_entry_value(entry_t *entry)
case AUTH_RULE_SUBJECT_CERT:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
{
certificate_t *cert = (certificate_t*)entry->value;
cert->destroy(cert);
break;
}
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
{
@@ -155,11 +149,8 @@ static void destroy_entry_value(entry_t *entry)
case AUTH_RULE_EAP_VENDOR:
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
break;
}
}
@@ -185,11 +176,8 @@ static void replace(auth_cfg_t *this, entry_enumerator_t *enumerator,
case AUTH_RULE_EAP_VENDOR:
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
/* integer type */
enumerator->current->value = (void*)(uintptr_t)va_arg(args, u_int);
break;
@@ -200,18 +188,12 @@ static void replace(auth_cfg_t *this, entry_enumerator_t *enumerator,
case AUTH_RULE_CA_CERT:
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
/* pointer type */
enumerator->current->value = va_arg(args, void*);
break;
@@ -263,11 +245,8 @@ static void* get(private_auth_cfg_t *this, auth_rule_t type)
case AUTH_RULE_EAP_TYPE:
return (void*)EAP_NAK;
case AUTH_RULE_EAP_VENDOR:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
return (void*)0;
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
@@ -279,18 +258,12 @@ static void* get(private_auth_cfg_t *this, auth_rule_t type)
case AUTH_RULE_CA_CERT:
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
default:
return NULL;
}
@@ -313,11 +286,8 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...)
case AUTH_RULE_EAP_VENDOR:
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
/* integer type */
entry->value = (void*)(uintptr_t)va_arg(args, u_int);
break;
@@ -328,18 +298,12 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...)
case AUTH_RULE_CA_CERT:
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
/* pointer type */
entry->value = va_arg(args, void*);
break;
@@ -410,40 +374,6 @@ static bool complies(private_auth_cfg_t *this, auth_cfg_t *constraints,
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
{
-<<<<<<< HEAD
- cert_validation_t validated, required;
-
- required = (uintptr_t)value;
- validated = (uintptr_t)get(this, t1);
- switch (required)
- {
- case VALIDATION_FAILED:
- /* no constraint */
- break;
- case VALIDATION_SKIPPED:
- if (validated == VALIDATION_SKIPPED)
- {
- break;
- }
- /* FALL */
- case VALIDATION_GOOD:
- if (validated == VALIDATION_GOOD)
- {
- break;
- }
- /* FALL */
- default:
- success = FALSE;
- if (log_error)
- {
- DBG1(DBG_CFG, "constraint check failed: %N is %N, "
- "but requires at least %N", auth_rule_names,
- t1, cert_validation_names, validated,
- cert_validation_names, required);
- }
- break;
- }
-=======
uintptr_t validated;
e2 = create_enumerator(this);
@@ -483,7 +413,6 @@ static bool complies(private_auth_cfg_t *this, auth_cfg_t *constraints,
}
}
e2->destroy(e2);
->>>>>>> upstream/4.5.1
break;
}
case AUTH_RULE_IDENTITY:
@@ -567,8 +496,6 @@ static bool complies(private_auth_cfg_t *this, auth_cfg_t *constraints,
e2->destroy(e2);
break;
}
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
{
@@ -634,15 +561,11 @@ static bool complies(private_auth_cfg_t *this, auth_cfg_t *constraints,
}
break;
}
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
/* skip helpers */
continue;
}
@@ -689,10 +612,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
case AUTH_RULE_SUBJECT_CERT:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
{
certificate_t *cert = (certificate_t*)value;
@@ -704,11 +624,8 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
case AUTH_RULE_AUTH_CLASS:
case AUTH_RULE_EAP_TYPE:
case AUTH_RULE_EAP_VENDOR:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
{
add(this, type, (uintptr_t)value);
break;
@@ -723,10 +640,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
add(this, type, id->clone(id));
break;
}
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
{
@@ -779,11 +693,8 @@ static bool equals(private_auth_cfg_t *this, private_auth_cfg_t *other)
case AUTH_RULE_EAP_VENDOR:
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
{
if (i1->value == i2->value)
{
@@ -797,10 +708,7 @@ static bool equals(private_auth_cfg_t *this, private_auth_cfg_t *other)
case AUTH_RULE_SUBJECT_CERT:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
{
certificate_t *c1, *c2;
@@ -831,10 +739,7 @@ static bool equals(private_auth_cfg_t *this, private_auth_cfg_t *other)
}
continue;
}
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
{
@@ -917,19 +822,13 @@ static auth_cfg_t* clone_(private_auth_cfg_t *this)
case AUTH_RULE_SUBJECT_CERT:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
-<<<<<<< HEAD
-=======
case AUTH_HELPER_REVOCATION_CERT:
->>>>>>> upstream/4.5.1
{
certificate_t *cert = (certificate_t*)entry->value;
clone->add(clone, entry->type, cert->get_ref(cert));
break;
}
-<<<<<<< HEAD
-=======
case AUTH_RULE_CERT_POLICY:
->>>>>>> upstream/4.5.1
case AUTH_HELPER_IM_HASH_URL:
case AUTH_HELPER_SUBJECT_HASH_URL:
{
@@ -941,11 +840,8 @@ static auth_cfg_t* clone_(private_auth_cfg_t *this)
case AUTH_RULE_EAP_VENDOR:
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
-<<<<<<< HEAD
-=======
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
->>>>>>> upstream/4.5.1
clone->add(clone, entry->type, (uintptr_t)entry->value);
break;
}
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h
index 659a7c9ef..489ce1134 100644
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -90,15 +90,12 @@ enum auth_rule_t {
* The group membership constraint is fulfilled if the subject is member of
* one group defined in the constraints. */
AUTH_RULE_GROUP,
-<<<<<<< HEAD
-=======
/** required RSA public key strength, u_int in bits */
AUTH_RULE_RSA_STRENGTH,
/** required ECDSA public key strength, u_int in bits */
AUTH_RULE_ECDSA_STRENGTH,
/** certificatePolicy constraint, numerical OID as char* */
AUTH_RULE_CERT_POLICY,
->>>>>>> upstream/4.5.1
/** intermediate certificate, certificate_t* */
AUTH_HELPER_IM_CERT,
@@ -108,11 +105,8 @@ enum auth_rule_t {
AUTH_HELPER_IM_HASH_URL,
/** Hash and URL of a end-entity certificate, char* */
AUTH_HELPER_SUBJECT_HASH_URL,
-<<<<<<< HEAD
-=======
/** revocation certificate (CRL, OCSP), certificate_t* */
AUTH_HELPER_REVOCATION_CERT,
->>>>>>> upstream/4.5.1
};
/**
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index 4d3a78eab..f9a277a2c 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -43,10 +43,6 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_CRL_DISTRIBUTION_POINTS",
"BUILD_OCSP_ACCESS_LOCATIONS",
"BUILD_PATHLEN",
-<<<<<<< HEAD
- "BUILD_X509_FLAG",
- "BUILD_REVOKED_ENUMERATOR",
-=======
"BUILD_PERMITTED_NAME_CONSTRAINTS",
"BUILD_EXCLUDED_NAME_CONSTRAINTS",
"BUILD_CERTIFICATE_POLICIES",
@@ -57,7 +53,6 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_X509_FLAG",
"BUILD_REVOKED_ENUMERATOR",
"BUILD_BASE_CRL",
->>>>>>> upstream/4.5.1
"BUILD_CHALLENGE_PWD",
"BUILD_PKCS11_MODULE",
"BUILD_PKCS11_SLOT",
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index fc93a6007..325b668cd 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -87,18 +87,12 @@ enum builder_part_t {
BUILD_CA_CERT,
/** a certificate, certificate_t* */
BUILD_CERT,
-<<<<<<< HEAD
- /** CRL distribution point URIs, linked_list_t* containing char* */
-=======
/** CRL distribution point URIs, x509_cdp_t* */
->>>>>>> upstream/4.5.1
BUILD_CRL_DISTRIBUTION_POINTS,
/** OCSP AuthorityInfoAccess locations, linked_list_t* containing char* */
BUILD_OCSP_ACCESS_LOCATIONS,
/** certificate path length constraint */
BUILD_PATHLEN,
-<<<<<<< HEAD
-=======
/** permitted X509 name constraints, linked_list_t* of identification_t* */
BUILD_PERMITTED_NAME_CONSTRAINTS,
/** excluded X509 name constraints, linked_list_t* of identification_t* */
@@ -113,16 +107,12 @@ enum builder_part_t {
BUILD_POLICY_INHIBIT_MAPPING,
/** inhibitAnyPolicy constraint, int */
BUILD_POLICY_INHIBIT_ANY,
->>>>>>> upstream/4.5.1
/** enforce an additional X509 flag, x509_flag_t */
BUILD_X509_FLAG,
/** enumerator_t over (chunk_t serial, time_t date, crl_reason_t reason) */
BUILD_REVOKED_ENUMERATOR,
-<<<<<<< HEAD
-=======
/** Base CRL serial for a delta CRL, chunk_t, */
BUILD_BASE_CRL,
->>>>>>> upstream/4.5.1
/** PKCS#10 challenge password */
BUILD_CHALLENGE_PWD,
/** friendly name of a PKCS#11 module, null terminated char* */
diff --git a/src/libstrongswan/credentials/cert_validator.h b/src/libstrongswan/credentials/cert_validator.h
index f329281d3..733d9d612 100644
--- a/src/libstrongswan/credentials/cert_validator.h
+++ b/src/libstrongswan/credentials/cert_validator.h
@@ -40,14 +40,6 @@ struct cert_validator_t {
* @param subject subject certificate to check
* @param issuer issuer of subject
* @param online wheter to do online revocation checking
-<<<<<<< HEAD
- * @param pathlen the current length of the path up to the root CA
- * @param auth container for resulting authentication info
- */
- bool (*validate)(cert_validator_t *this, certificate_t *subject,
- certificate_t *issuer, bool online, int pathlen,
- auth_cfg_t *auth);
-=======
* @param pathlen the current length of the path bottom-up
* @param anchor is issuer trusted root anchor
* @param auth container for resulting authentication info
@@ -55,7 +47,6 @@ struct cert_validator_t {
bool (*validate)(cert_validator_t *this, certificate_t *subject,
certificate_t *issuer, bool online, u_int pathlen,
bool anchor, auth_cfg_t *auth);
->>>>>>> upstream/4.5.1
};
#endif /** CERT_VALIDATOR_H_ @}*/
diff --git a/src/libstrongswan/credentials/certificates/crl.h b/src/libstrongswan/credentials/certificates/crl.h
index 11ad7f2f3..2f3497474 100644
--- a/src/libstrongswan/credentials/certificates/crl.h
+++ b/src/libstrongswan/credentials/certificates/crl.h
@@ -72,8 +72,6 @@ struct crl_t {
chunk_t (*get_authKeyIdentifier)(crl_t *this);
/**
-<<<<<<< HEAD
-=======
* Is this CRL a delta CRL?
*
* @param base_crl gets to baseCrlNumber, if this is a delta CRL
@@ -89,7 +87,6 @@ struct crl_t {
enumerator_t* (*create_delta_crl_uri_enumerator)(crl_t *this);
/**
->>>>>>> upstream/4.5.1
* Create an enumerator over all revoked certificates.
*
* The enumerator takes 3 pointer arguments:
diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h
index 3ab26c8c5..fec02dbad 100644
--- a/src/libstrongswan/credentials/certificates/x509.h
+++ b/src/libstrongswan/credentials/certificates/x509.h
@@ -24,12 +24,6 @@
#include <utils/enumerator.h>
#include <credentials/certificates/certificate.h>
-<<<<<<< HEAD
-#define X509_NO_PATH_LEN_CONSTRAINT -1
-
-typedef struct x509_t x509_t;
-typedef enum x509_flag_t x509_flag_t;
-=======
/* constraints are currently restricted to the range 0..127 */
#define X509_NO_CONSTRAINT 255
@@ -39,7 +33,6 @@ typedef struct x509_policy_mapping_t x509_policy_mapping_t;
typedef struct x509_cdp_t x509_cdp_t;
typedef enum x509_flag_t x509_flag_t;
typedef enum x509_constraint_t x509_constraint_t;
->>>>>>> upstream/4.5.1
/**
* X.509 certificate flags.
@@ -61,14 +54,6 @@ enum x509_flag_t {
X509_SELF_SIGNED = (1<<5),
/** cert has an ipAddrBlocks extension */
X509_IP_ADDR_BLOCKS = (1<<6),
-<<<<<<< HEAD
-};
-
-/**
- * enum names for x509 flags
- */
-extern enum_name_t *x509_flag_names;
-=======
/** cert has CRL sign key usage */
X509_CRL_SIGN = (1<<7),
};
@@ -118,7 +103,6 @@ struct x509_cdp_t {
/** CRL issuer */
identification_t *issuer;
};
->>>>>>> upstream/4.5.1
/**
* X.509 certificate interface.
@@ -162,20 +146,12 @@ struct x509_t {
chunk_t (*get_authKeyIdentifier)(x509_t *this);
/**
-<<<<<<< HEAD
- * Get an optional path length constraint.
- *
- * @return pathLenConstraint, -1 if no constraint exists
- */
- int (*get_pathLenConstraint)(x509_t *this);
-=======
* Get a numerical X.509 constraint.
*
* @param type type of constraint to get
* @return constraint, X509_NO_CONSTRAINT if none found
*/
u_int (*get_constraint)(x509_t *this, x509_constraint_t type);
->>>>>>> upstream/4.5.1
/**
* Create an enumerator over all subjectAltNames.
@@ -185,15 +161,9 @@ struct x509_t {
enumerator_t* (*create_subjectAltName_enumerator)(x509_t *this);
/**
-<<<<<<< HEAD
- * Create an enumerator over all CRL URIs.
- *
- * @return enumerator over URIs as char*
-=======
* Create an enumerator over all CRL URIs and CRL Issuers.
*
* @return enumerator over x509_cdp_t
->>>>>>> upstream/4.5.1
*/
enumerator_t* (*create_crl_uri_enumerator)(x509_t *this);
@@ -210,8 +180,6 @@ struct x509_t {
* @return enumerator over ipAddrBlocks as traffic_selector_t*
*/
enumerator_t* (*create_ipAddrBlock_enumerator)(x509_t *this);
-<<<<<<< HEAD
-=======
/**
* Create an enumerator over name constraints.
@@ -236,7 +204,6 @@ struct x509_t {
enumerator_t* (*create_policy_mapping_enumerator)(x509_t *this);
->>>>>>> upstream/4.5.1
};
#endif /** X509_H_ @}*/
diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c
index edd76205b..ac3266f4c 100644
--- a/src/libstrongswan/credentials/cred_encoding.c
+++ b/src/libstrongswan/credentials/cred_encoding.c
@@ -180,8 +180,13 @@ static bool encode(private_cred_encoding_t *this, cred_encoding_type_t type,
chunk = malloc_thing(chunk_t);
*chunk = *encoding;
this->lock->write_lock(this->lock);
- this->cache[type]->put(this->cache[type], cache, chunk);
+ chunk = this->cache[type]->put(this->cache[type], cache, chunk);
this->lock->unlock(this->lock);
+ if (chunk)
+ {
+ free(chunk->ptr);
+ free(chunk);
+ }
}
return success;
}
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index 3e54368ff..27b97eab3 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -452,13 +452,8 @@ static void cache_queue(private_credential_manager_t *this)
* check a certificate for its lifetime
*/
static bool check_certificate(private_credential_manager_t *this,
-<<<<<<< HEAD
- certificate_t *subject, certificate_t *issuer,
- bool online, int pathlen, auth_cfg_t *auth)
-=======
certificate_t *subject, certificate_t *issuer, bool online,
int pathlen, bool trusted, auth_cfg_t *auth)
->>>>>>> upstream/4.5.1
{
time_t not_before, not_after;
cert_validator_t *validator;
@@ -476,36 +471,12 @@ static bool check_certificate(private_credential_manager_t *this,
&not_before, FALSE, &not_after, FALSE);
return FALSE;
}
-<<<<<<< HEAD
- if (issuer->get_type(issuer) == CERT_X509 &&
- subject->get_type(subject) == CERT_X509)
- {
- int pathlen_constraint;
- x509_t *x509;
-
- /* check path length constraint */
- x509 = (x509_t*)issuer;
- pathlen_constraint = x509->get_pathLenConstraint(x509);
- if (pathlen_constraint != X509_NO_PATH_LEN_CONSTRAINT &&
- pathlen > pathlen_constraint)
- {
- DBG1(DBG_CFG, "path length of %d violates constraint of %d",
- pathlen, pathlen_constraint);
- return FALSE;
- }
- }
-=======
->>>>>>> upstream/4.5.1
enumerator = this->validators->create_enumerator(this->validators);
while (enumerator->enumerate(enumerator, &validator))
{
if (!validator->validate(validator, subject, issuer,
-<<<<<<< HEAD
- online, pathlen, auth))
-=======
online, pathlen, trusted, auth))
->>>>>>> upstream/4.5.1
{
enumerator->destroy(enumerator);
return FALSE;
@@ -563,8 +534,6 @@ static certificate_t *get_issuer_cert(private_credential_manager_t *this,
}
/**
-<<<<<<< HEAD
-=======
* Get the strength of certificate, add it to auth
*/
static void get_key_strength(certificate_t *cert, auth_cfg_t *auth)
@@ -596,7 +565,6 @@ static void get_key_strength(certificate_t *cert, auth_cfg_t *auth)
}
/**
->>>>>>> upstream/4.5.1
* try to verify the trust chain of subject, return TRUE if trusted
*/
static bool verify_trust_chain(private_credential_manager_t *this,
@@ -608,13 +576,9 @@ static bool verify_trust_chain(private_credential_manager_t *this,
int pathlen;
auth = auth_cfg_create();
-<<<<<<< HEAD
- current = subject->get_ref(subject);
-=======
get_key_strength(subject, auth);
current = subject->get_ref(subject);
auth->add(auth, AUTH_RULE_SUBJECT_CERT, current->get_ref(current));
->>>>>>> upstream/4.5.1
for (pathlen = 0; pathlen <= MAX_TRUST_PATH_LEN; pathlen++)
{
@@ -659,25 +623,17 @@ static bool verify_trust_chain(private_credential_manager_t *this,
break;
}
}
-<<<<<<< HEAD
- if (!check_certificate(this, current, issuer, online, pathlen,
- current == subject ? auth : NULL))
-=======
if (!check_certificate(this, current, issuer, online,
pathlen, trusted, auth))
->>>>>>> upstream/4.5.1
{
trusted = FALSE;
issuer->destroy(issuer);
break;
}
-<<<<<<< HEAD
-=======
if (issuer)
{
get_key_strength(issuer, auth);
}
->>>>>>> upstream/4.5.1
current->destroy(current);
current = issuer;
if (trusted)
@@ -701,8 +657,6 @@ static bool verify_trust_chain(private_credential_manager_t *this,
}
/**
-<<<<<<< HEAD
-=======
* List find match function for certificates
*/
static bool cert_equals(certificate_t *a, certificate_t *b)
@@ -711,7 +665,6 @@ static bool cert_equals(certificate_t *a, certificate_t *b)
}
/**
->>>>>>> upstream/4.5.1
* enumerator for trusted certificates
*/
typedef struct {
@@ -731,11 +684,8 @@ typedef struct {
certificate_t *pretrusted;
/** currently enumerating auth config */
auth_cfg_t *auth;
-<<<<<<< HEAD
-=======
/** list of failed candidates */
linked_list_t *failed;
->>>>>>> upstream/4.5.1
} trusted_enumerator_t;
METHOD(enumerator_t, trusted_enumerate, bool,
@@ -763,13 +713,6 @@ METHOD(enumerator_t, trusted_enumerate, bool,
verify_trust_chain(this->this, this->pretrusted, this->auth,
TRUE, this->online))
{
-<<<<<<< HEAD
- this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT,
- this->pretrusted->get_ref(this->pretrusted));
- DBG1(DBG_CFG, " using trusted certificate \"%Y\"",
- this->pretrusted->get_subject(this->pretrusted));
- *cert = this->pretrusted;
-=======
DBG1(DBG_CFG, " using trusted certificate \"%Y\"",
this->pretrusted->get_subject(this->pretrusted));
*cert = this->pretrusted;
@@ -778,7 +721,6 @@ METHOD(enumerator_t, trusted_enumerate, bool,
this->auth->add(this->auth, AUTH_RULE_SUBJECT_CERT,
this->pretrusted->get_ref(this->pretrusted));
}
->>>>>>> upstream/4.5.1
if (auth)
{
*auth = this->auth;
@@ -796,15 +738,12 @@ METHOD(enumerator_t, trusted_enumerate, bool,
continue;
}
-<<<<<<< HEAD
-=======
if (this->failed->find_first(this->failed, (void*)cert_equals,
NULL, current) == SUCCESS)
{ /* check each candidate only once */
continue;
}
->>>>>>> upstream/4.5.1
DBG1(DBG_CFG, " using certificate \"%Y\"",
current->get_subject(current));
if (verify_trust_chain(this->this, current, this->auth, FALSE,
@@ -817,10 +756,7 @@ METHOD(enumerator_t, trusted_enumerate, bool,
}
return TRUE;
}
-<<<<<<< HEAD
-=======
this->failed->insert_last(this->failed, current->get_ref(current));
->>>>>>> upstream/4.5.1
}
return FALSE;
}
@@ -831,10 +767,7 @@ METHOD(enumerator_t, trusted_destroy, void,
DESTROY_IF(this->pretrusted);
DESTROY_IF(this->auth);
DESTROY_IF(this->candidates);
-<<<<<<< HEAD
-=======
this->failed->destroy_offset(this->failed, offsetof(certificate_t, destroy));
->>>>>>> upstream/4.5.1
free(this);
}
@@ -853,10 +786,7 @@ METHOD(credential_manager_t, create_trusted_enumerator, enumerator_t*,
.type = type,
.id = id,
.online = online,
-<<<<<<< HEAD
-=======
.failed = linked_list_create(),
->>>>>>> upstream/4.5.1
);
return &enumerator->public;
}
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
index de5b85bae..fecc9910e 100644
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -189,11 +189,11 @@ static char* get_string(private_ietf_attributes_t *this)
if (oid == OID_UNKNOWN)
{
- written = snprintf(pos, len, "0x#B", &attr->value);
+ written = snprintf(pos, len, "0x%#B", &attr->value);
}
else
{
- written = snprintf(pos, len, "%s", oid_names[oid]);
+ written = snprintf(pos, len, "%s", oid_names[oid].name);
}
break;
}
@@ -331,7 +331,7 @@ static bool matches(private_ietf_attributes_t *this, private_ietf_attributes_t *
/* look for at least one common attribute */
while (TRUE)
{
- bool cmp = attr_a->compare(attr_a, attr_b);
+ int cmp = attr_a->compare(attr_a, attr_b);
if (cmp == 0)
{
diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
index 046ccfd12..225fabe31 100644
--- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
+++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c
@@ -132,12 +132,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
}
}
else if (rule != AUTH_HELPER_SUBJECT_CERT &&
-<<<<<<< HEAD
- rule != AUTH_HELPER_IM_CERT)
-=======
rule != AUTH_HELPER_IM_CERT &&
rule != AUTH_HELPER_REVOCATION_CERT)
->>>>>>> upstream/4.5.1
{ /* handle only HELPER certificates */
continue;
}
diff --git a/src/libstrongswan/credentials/sets/mem_cred.c b/src/libstrongswan/credentials/sets/mem_cred.c
index 5a2385b72..e023e8443 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.c
+++ b/src/libstrongswan/credentials/sets/mem_cred.c
@@ -1,9 +1,6 @@
/*
-<<<<<<< HEAD
-=======
* Copyright (C) 2010 Tobias Brunner
* Hochschule fuer Technik Rapperwsil
->>>>>>> upstream/4.5.1
* Copyright (C) 2010 Martin Willi
* Copyright (C) 2010 revosec AG
*
@@ -59,14 +56,11 @@ struct private_mem_cred_t {
* List of shared keys, as shared_entry_t
*/
linked_list_t *shared;
-<<<<<<< HEAD
-=======
/**
* List of CDPs, as cdp_t
*/
linked_list_t *cdps;
->>>>>>> upstream/4.5.1
};
/**
@@ -157,23 +151,6 @@ static bool certificate_equals(certificate_t *item, certificate_t *cert)
return item->equals(item, cert);
}
-<<<<<<< HEAD
-METHOD(mem_cred_t, add_cert, void,
- private_mem_cred_t *this, bool trusted, certificate_t *cert)
-{
- this->lock->write_lock(this->lock);
- if (this->untrusted->find_last(this->untrusted,
- (linked_list_match_t)certificate_equals, NULL, cert) != SUCCESS)
- {
- if (trusted)
- {
- this->trusted->insert_last(this->trusted, cert->get_ref(cert));
- }
- this->untrusted->insert_last(this->untrusted, cert->get_ref(cert));
- }
- cert->destroy(cert);
- this->lock->unlock(this->lock);
-=======
/**
* Add a certificate the the cache. Returns a reference to "cert" or a
* previously cached certificate that equals "cert".
@@ -272,7 +249,6 @@ METHOD(mem_cred_t, add_crl, bool,
}
this->lock->unlock(this->lock);
return new;
->>>>>>> upstream/4.5.1
}
/**
@@ -332,11 +308,7 @@ METHOD(mem_cred_t, add_key, void,
private_mem_cred_t *this, private_key_t *key)
{
this->lock->write_lock(this->lock);
-<<<<<<< HEAD
- this->keys->insert_last(this->keys, key);
-=======
this->keys->insert_first(this->keys, key);
->>>>>>> upstream/4.5.1
this->lock->unlock(this->lock);
}
@@ -460,20 +432,6 @@ METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
(void*)shared_filter, data, (void*)shared_data_destroy);
}
-<<<<<<< HEAD
-METHOD(mem_cred_t, add_shared, void,
- private_mem_cred_t *this, shared_key_t *shared, ...)
-{
- shared_entry_t *entry;
- identification_t *id;
- va_list args;
-
- INIT(entry,
- .shared = shared,
- .owners = linked_list_create(),
- );
-
-=======
METHOD(mem_cred_t, add_shared_list, void,
private_mem_cred_t *this, shared_key_t *shared, linked_list_t* owners)
{
@@ -496,27 +454,18 @@ METHOD(mem_cred_t, add_shared, void,
linked_list_t *owners = linked_list_create();
va_list args;
->>>>>>> upstream/4.5.1
va_start(args, shared);
do
{
id = va_arg(args, identification_t*);
if (id)
{
-<<<<<<< HEAD
- entry->owners->insert_last(entry->owners, id);
-=======
owners->insert_first(owners, id);
->>>>>>> upstream/4.5.1
}
}
while (id);
va_end(args);
-<<<<<<< HEAD
- this->lock->write_lock(this->lock);
- this->shared->insert_last(this->shared, entry);
-=======
add_shared_list(this, shared, owners);
}
@@ -614,7 +563,6 @@ METHOD(mem_cred_t, clear_secrets, void,
this->shared->destroy_function(this->shared, (void*)shared_entry_destroy);
this->keys = linked_list_create();
this->shared = linked_list_create();
->>>>>>> upstream/4.5.1
this->lock->unlock(this->lock);
}
@@ -626,15 +574,6 @@ METHOD(mem_cred_t, clear_, void,
offsetof(certificate_t, destroy));
this->untrusted->destroy_offset(this->untrusted,
offsetof(certificate_t, destroy));
-<<<<<<< HEAD
- this->keys->destroy_offset(this->keys, offsetof(private_key_t, destroy));
- this->shared->destroy_function(this->shared, (void*)shared_entry_destroy);
- this->trusted = linked_list_create();
- this->untrusted = linked_list_create();
- this->keys = linked_list_create();
- this->shared = linked_list_create();
- this->lock->unlock(this->lock);
-=======
this->cdps->destroy_function(this->cdps, (void*)cdp_destroy);
this->trusted = linked_list_create();
this->untrusted = linked_list_create();
@@ -642,7 +581,6 @@ METHOD(mem_cred_t, clear_, void,
this->lock->unlock(this->lock);
clear_secrets(this);
->>>>>>> upstream/4.5.1
}
METHOD(mem_cred_t, destroy, void,
@@ -653,10 +591,7 @@ METHOD(mem_cred_t, destroy, void,
this->untrusted->destroy(this->untrusted);
this->keys->destroy(this->keys);
this->shared->destroy(this->shared);
-<<<<<<< HEAD
-=======
this->cdps->destroy(this->cdps);
->>>>>>> upstream/4.5.1
this->lock->destroy(this->lock);
free(this);
}
@@ -674,15 +609,6 @@ mem_cred_t *mem_cred_create()
.create_shared_enumerator = _create_shared_enumerator,
.create_private_enumerator = _create_private_enumerator,
.create_cert_enumerator = _create_cert_enumerator,
-<<<<<<< HEAD
- .create_cdp_enumerator = (void*)return_null,
- .cache_cert = (void*)nop,
- },
- .add_cert = _add_cert,
- .add_key = _add_key,
- .add_shared = _add_shared,
- .clear = _clear_,
-=======
.create_cdp_enumerator = _create_cdp_enumerator,
.cache_cert = (void*)nop,
},
@@ -695,17 +621,13 @@ mem_cred_t *mem_cred_create()
.add_cdp = _add_cdp,
.clear = _clear_,
.clear_secrets = _clear_secrets,
->>>>>>> upstream/4.5.1
.destroy = _destroy,
},
.trusted = linked_list_create(),
.untrusted = linked_list_create(),
.keys = linked_list_create(),
.shared = linked_list_create(),
-<<<<<<< HEAD
-=======
.cdps = linked_list_create(),
->>>>>>> upstream/4.5.1
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
);
diff --git a/src/libstrongswan/credentials/sets/mem_cred.h b/src/libstrongswan/credentials/sets/mem_cred.h
index 274e07566..eb46b065b 100644
--- a/src/libstrongswan/credentials/sets/mem_cred.h
+++ b/src/libstrongswan/credentials/sets/mem_cred.h
@@ -1,9 +1,6 @@
/*
-<<<<<<< HEAD
-=======
* Copyright (C) 2010 Tobias Brunner
* Hochschule fuer Technik Rapperswil
->>>>>>> upstream/4.5.1
* Copyright (C) 2010 Martin Willi
* Copyright (C) 2010 revosec AG
*
@@ -29,11 +26,8 @@
typedef struct mem_cred_t mem_cred_t;
#include <credentials/credential_set.h>
-<<<<<<< HEAD
-=======
#include <credentials/certificates/crl.h>
#include <utils/linked_list.h>
->>>>>>> upstream/4.5.1
/**
* Generic in-memory credential set.
@@ -54,8 +48,6 @@ struct mem_cred_t {
void (*add_cert)(mem_cred_t *this, bool trusted, certificate_t *cert);
/**
-<<<<<<< HEAD
-=======
* Add a certificate to the credential set, returning a reference to it or
* to a cached duplicate.
*
@@ -76,7 +68,6 @@ struct mem_cred_t {
bool (*add_crl)(mem_cred_t *this, crl_t *crl);
/**
->>>>>>> upstream/4.5.1
* Add a private key to the credential set.
*
* @param key key, reference gets owned by set
@@ -87,17 +78,11 @@ struct mem_cred_t {
* Add a shared key to the credential set.
*
* @param shared shared key to add, gets owned by set
-<<<<<<< HEAD
- * @param ... NULL terminated list of owners identification_t*
-=======
* @param ... NULL terminated list of owners (identification_t*)
->>>>>>> upstream/4.5.1
*/
void (*add_shared)(mem_cred_t *this, shared_key_t *shared, ...);
/**
-<<<<<<< HEAD
-=======
* Add a shared key to the credential set.
*
* @param shared shared key to add, gets owned by set
@@ -116,21 +101,17 @@ struct mem_cred_t {
identification_t *id, char *uri);
/**
->>>>>>> upstream/4.5.1
* Clear all credentials from the credential set.
*/
void (*clear)(mem_cred_t *this);
/**
-<<<<<<< HEAD
-=======
* Clear the secrets (private and shared keys, not the certificates) from
* the credential set.
*/
void (*clear_secrets)(mem_cred_t *this);
/**
->>>>>>> upstream/4.5.1
* Destroy a mem_cred_t.
*/
void (*destroy)(mem_cred_t *this);
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index 96b4630f7..2d13896d6 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -20,15 +20,6 @@
#include <utils/linked_list.h>
#include <crypto/crypto_tester.h>
-<<<<<<< HEAD
-typedef struct entry_t entry_t;
-struct entry_t {
- /* algorithm */
- u_int algo;
- /* benchmarked speed */
- u_int speed;
- /* constructor */
-=======
const char *default_plugin_name = "default";
typedef struct entry_t entry_t;
@@ -52,7 +43,6 @@ struct entry_t {
/**
* constructor
*/
->>>>>>> upstream/4.5.1
union {
crypter_constructor_t create_crypter;
aead_constructor_t create_aead;
@@ -154,12 +144,8 @@ METHOD(crypto_factory_t, create_crypter, crypter_t*,
{
if (this->test_on_create &&
!this->tester->test_crypter(this->tester, algo, key_size,
-<<<<<<< HEAD
- entry->create_crypter, NULL))
-=======
entry->create_crypter, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -191,12 +177,8 @@ METHOD(crypto_factory_t, create_aead, aead_t*,
{
if (this->test_on_create &&
!this->tester->test_aead(this->tester, algo, key_size,
-<<<<<<< HEAD
- entry->create_aead, NULL))
-=======
entry->create_aead, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -227,12 +209,8 @@ METHOD(crypto_factory_t, create_signer, signer_t*,
{
if (this->test_on_create &&
!this->tester->test_signer(this->tester, algo,
-<<<<<<< HEAD
- entry->create_signer, NULL))
-=======
entry->create_signer, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -264,12 +242,8 @@ METHOD(crypto_factory_t, create_hasher, hasher_t*,
{
if (this->test_on_create && algo != HASH_PREFERRED &&
!this->tester->test_hasher(this->tester, algo,
-<<<<<<< HEAD
- entry->create_hasher, NULL))
-=======
entry->create_hasher, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -300,12 +274,8 @@ METHOD(crypto_factory_t, create_prf, prf_t*,
{
if (this->test_on_create &&
!this->tester->test_prf(this->tester, algo,
-<<<<<<< HEAD
- entry->create_prf, NULL))
-=======
entry->create_prf, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -337,12 +307,8 @@ METHOD(crypto_factory_t, create_rng, rng_t*,
{
if (this->test_on_create &&
!this->tester->test_rng(this->tester, quality,
-<<<<<<< HEAD
- entry->create_rng, NULL))
-=======
entry->create_rng, NULL,
default_plugin_name))
->>>>>>> upstream/4.5.1
{
continue;
}
@@ -406,12 +372,8 @@ METHOD(crypto_factory_t, create_dh, diffie_hellman_t*,
* Insert an algorithm entry to a list
*/
static void add_entry(private_crypto_factory_t *this, linked_list_t *list,
-<<<<<<< HEAD
- int algo, u_int speed, void *create)
-=======
int algo, const char *plugin_name,
u_int speed, void *create)
->>>>>>> upstream/4.5.1
{
entry_t *entry, *current;
linked_list_t *tmp;
@@ -419,10 +381,7 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list,
INIT(entry,
.algo = algo,
-<<<<<<< HEAD
-=======
.plugin_name = plugin_name,
->>>>>>> upstream/4.5.1
.speed = speed,
);
entry->create = create;
@@ -456,27 +415,16 @@ static void add_entry(private_crypto_factory_t *this, linked_list_t *list,
}
METHOD(crypto_factory_t, add_crypter, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, encryption_algorithm_t algo,
- crypter_constructor_t create)
-=======
private_crypto_factory_t *this, encryption_algorithm_t algo,
const char *plugin_name, crypter_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_crypter(this->tester, algo, 0, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->crypters, algo, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->crypters, algo, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -501,27 +449,16 @@ METHOD(crypto_factory_t, remove_crypter, void,
}
METHOD(crypto_factory_t, add_aead, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, encryption_algorithm_t algo,
- aead_constructor_t create)
-=======
private_crypto_factory_t *this, encryption_algorithm_t algo,
const char *plugin_name, aead_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_aead(this->tester, algo, 0, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->aeads, algo, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->aeads, algo, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -546,27 +483,16 @@ METHOD(crypto_factory_t, remove_aead, void,
}
METHOD(crypto_factory_t, add_signer, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, integrity_algorithm_t algo,
- signer_constructor_t create)
-=======
private_crypto_factory_t *this, integrity_algorithm_t algo,
const char *plugin_name, signer_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_signer(this->tester, algo, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->signers, algo, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->signers, algo, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -591,27 +517,16 @@ METHOD(crypto_factory_t, remove_signer, void,
}
METHOD(crypto_factory_t, add_hasher, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, hash_algorithm_t algo,
- hasher_constructor_t create)
-=======
private_crypto_factory_t *this, hash_algorithm_t algo,
const char *plugin_name, hasher_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_hasher(this->tester, algo, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->hashers, algo, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->hashers, algo, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -636,27 +551,16 @@ METHOD(crypto_factory_t, remove_hasher, void,
}
METHOD(crypto_factory_t, add_prf, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, pseudo_random_function_t algo,
- prf_constructor_t create)
-=======
private_crypto_factory_t *this, pseudo_random_function_t algo,
const char *plugin_name, prf_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_prf(this->tester, algo, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->prfs, algo, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->prfs, algo, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -682,25 +586,15 @@ METHOD(crypto_factory_t, remove_prf, void,
METHOD(crypto_factory_t, add_rng, void,
private_crypto_factory_t *this, rng_quality_t quality,
-<<<<<<< HEAD
- rng_constructor_t create)
-=======
const char *plugin_name, rng_constructor_t create)
->>>>>>> upstream/4.5.1
{
u_int speed = 0;
if (!this->test_on_add ||
this->tester->test_rng(this->tester, quality, create,
-<<<<<<< HEAD
- this->bench ? &speed : NULL))
- {
- add_entry(this, this->rngs, quality, speed, create);
-=======
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->rngs, quality, plugin_name, speed, create);
->>>>>>> upstream/4.5.1
}
}
@@ -725,17 +619,10 @@ METHOD(crypto_factory_t, remove_rng, void,
}
METHOD(crypto_factory_t, add_dh, void,
-<<<<<<< HEAD
- private_crypto_factory_t *this, diffie_hellman_group_t group,
- dh_constructor_t create)
-{
- add_entry(this, this->dhs, group, 0, create);
-=======
private_crypto_factory_t *this, diffie_hellman_group_t group,
const char *plugin_name, dh_constructor_t create)
{
add_entry(this, this->dhs, group, plugin_name, 0, create);
->>>>>>> upstream/4.5.1
}
METHOD(crypto_factory_t, remove_dh, void,
@@ -797,17 +684,11 @@ static enumerator_t *create_enumerator(private_crypto_factory_t *this,
/**
* Filter function to enumerate algorithm, not entry
*/
-<<<<<<< HEAD
-static bool crypter_filter(void *n, entry_t **entry, encryption_algorithm_t *algo)
-{
- *algo = (*entry)->algo;
-=======
static bool crypter_filter(void *n, entry_t **entry, encryption_algorithm_t *algo,
void *i2, const char **plugin_name)
{
*algo = (*entry)->algo;
*plugin_name = (*entry)->plugin_name;
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -826,17 +707,11 @@ METHOD(crypto_factory_t, create_aead_enumerator, enumerator_t*,
/**
* Filter function to enumerate algorithm, not entry
*/
-<<<<<<< HEAD
-static bool signer_filter(void *n, entry_t **entry, integrity_algorithm_t *algo)
-{
- *algo = (*entry)->algo;
-=======
static bool signer_filter(void *n, entry_t **entry, integrity_algorithm_t *algo,
void *i2, const char **plugin_name)
{
*algo = (*entry)->algo;
*plugin_name = (*entry)->plugin_name;
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -849,17 +724,11 @@ METHOD(crypto_factory_t, create_signer_enumerator, enumerator_t*,
/**
* Filter function to enumerate algorithm, not entry
*/
-<<<<<<< HEAD
-static bool hasher_filter(void *n, entry_t **entry, hash_algorithm_t *algo)
-{
- *algo = (*entry)->algo;
-=======
static bool hasher_filter(void *n, entry_t **entry, hash_algorithm_t *algo,
void *i2, const char **plugin_name)
{
*algo = (*entry)->algo;
*plugin_name = (*entry)->plugin_name;
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -872,17 +741,11 @@ METHOD(crypto_factory_t, create_hasher_enumerator, enumerator_t*,
/**
* Filter function to enumerate algorithm, not entry
*/
-<<<<<<< HEAD
-static bool prf_filter(void *n, entry_t **entry, pseudo_random_function_t *algo)
-{
- *algo = (*entry)->algo;
-=======
static bool prf_filter(void *n, entry_t **entry, pseudo_random_function_t *algo,
void *i2, const char **plugin_name)
{
*algo = (*entry)->algo;
*plugin_name = (*entry)->plugin_name;
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -895,17 +758,11 @@ METHOD(crypto_factory_t, create_prf_enumerator, enumerator_t*,
/**
* Filter function to enumerate algorithm, not entry
*/
-<<<<<<< HEAD
-static bool dh_filter(void *n, entry_t **entry, diffie_hellman_group_t *group)
-{
- *group = (*entry)->algo;
-=======
static bool dh_filter(void *n, entry_t **entry, diffie_hellman_group_t *group,
void *i2, const char **plugin_name)
{
*group = (*entry)->algo;
*plugin_name = (*entry)->plugin_name;
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -915,8 +772,6 @@ METHOD(crypto_factory_t, create_dh_enumerator, enumerator_t*,
return create_enumerator(this, this->dhs, dh_filter);
}
-<<<<<<< HEAD
-=======
/**
* Filter function to enumerate algorithm, not entry
*/
@@ -933,7 +788,6 @@ METHOD(crypto_factory_t, create_rng_enumerator, enumerator_t*,
{
return create_enumerator(this, this->rngs, rng_filter);
}
->>>>>>> upstream/4.5.1
METHOD(crypto_factory_t, add_test_vector, void,
private_crypto_factory_t *this, transform_type_t type, void *vector)
{
@@ -1008,10 +862,7 @@ crypto_factory_t *crypto_factory_create()
.create_hasher_enumerator = _create_hasher_enumerator,
.create_prf_enumerator = _create_prf_enumerator,
.create_dh_enumerator = _create_dh_enumerator,
-<<<<<<< HEAD
-=======
.create_rng_enumerator = _create_rng_enumerator,
->>>>>>> upstream/4.5.1
.add_test_vector = _add_test_vector,
.destroy = _destroy,
},
diff --git a/src/libstrongswan/crypto/crypto_factory.h b/src/libstrongswan/crypto/crypto_factory.h
index 61c46b59c..8e5db6355 100644
--- a/src/libstrongswan/crypto/crypto_factory.h
+++ b/src/libstrongswan/crypto/crypto_factory.h
@@ -33,11 +33,8 @@ typedef struct crypto_factory_t crypto_factory_t;
#include <crypto/diffie_hellman.h>
#include <crypto/transform.h>
-<<<<<<< HEAD
-=======
#define CRYPTO_MAX_ALG_LINE 120 /* characters */
->>>>>>> upstream/4.5.1
/**
* Constructor function for crypters
*/
@@ -149,19 +146,12 @@ struct crypto_factory_t {
* Register a crypter constructor.
*
* @param algo algorithm to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_crypter)(crypto_factory_t *this, encryption_algorithm_t algo,
-<<<<<<< HEAD
- crypter_constructor_t create);
-=======
const char *plugin_name, crypter_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a crypter constructor.
@@ -181,37 +171,23 @@ struct crypto_factory_t {
* Register a aead constructor.
*
* @param algo algorithm to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_aead)(crypto_factory_t *this, encryption_algorithm_t algo,
-<<<<<<< HEAD
- aead_constructor_t create);
-=======
const char *plugin_name, aead_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Register a signer constructor.
*
* @param algo algorithm to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_signer)(crypto_factory_t *this, integrity_algorithm_t algo,
-<<<<<<< HEAD
- signer_constructor_t create);
-=======
const char *plugin_name, signer_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a signer constructor.
@@ -227,19 +203,12 @@ struct crypto_factory_t {
* create_hasher(HASH_PREFERRED).
*
* @param algo algorithm to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_hasher)(crypto_factory_t *this, hash_algorithm_t algo,
-<<<<<<< HEAD
- hasher_constructor_t create);
-=======
const char *plugin_name, hasher_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a hasher constructor.
@@ -252,19 +221,12 @@ struct crypto_factory_t {
* Register a prf constructor.
*
* @param algo algorithm to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_prf)(crypto_factory_t *this, pseudo_random_function_t algo,
-<<<<<<< HEAD
- prf_constructor_t create);
-=======
const char *plugin_name, prf_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a prf constructor.
@@ -277,17 +239,11 @@ struct crypto_factory_t {
* Register a source of randomness.
*
* @param quality quality of randomness this RNG serves
-<<<<<<< HEAD
- * @param create constructor function for such a quality
- */
- void (*add_rng)(crypto_factory_t *this, rng_quality_t quality, rng_constructor_t create);
-=======
* @param plugin_name plugin that registered this algorithm
* @param create constructor function for such a quality
*/
void (*add_rng)(crypto_factory_t *this, rng_quality_t quality,
const char *plugin_name, rng_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a source of randomness.
@@ -300,19 +256,12 @@ struct crypto_factory_t {
* Register a diffie hellman constructor.
*
* @param group dh group to constructor
-<<<<<<< HEAD
-=======
* @param plugin_name plugin that registered this algorithm
->>>>>>> upstream/4.5.1
* @param create constructor function for that algorithm
* @return
*/
void (*add_dh)(crypto_factory_t *this, diffie_hellman_group_t group,
-<<<<<<< HEAD
- dh_constructor_t create);
-=======
const char *plugin_name, dh_constructor_t create);
->>>>>>> upstream/4.5.1
/**
* Unregister a diffie hellman constructor.
@@ -364,8 +313,6 @@ struct crypto_factory_t {
enumerator_t* (*create_dh_enumerator)(crypto_factory_t *this);
/**
-<<<<<<< HEAD
-=======
* Create an enumerator over all registered random generators.
*
* @return enumerator over rng_quality_t
@@ -373,7 +320,6 @@ struct crypto_factory_t {
enumerator_t* (*create_rng_enumerator)(crypto_factory_t *this);
/**
->>>>>>> upstream/4.5.1
* Add a test vector to the crypto factory.
*
* @param type type of the test vector
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index d4a8728e2..4635dccea 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -165,11 +165,7 @@ static u_int bench_crypter(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_crypter, bool,
private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size,
-<<<<<<< HEAD
- crypter_constructor_t create, u_int *speed)
-=======
crypter_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
crypter_test_vector_t *vector;
@@ -192,15 +188,11 @@ METHOD(crypto_tester_t, test_crypter, bool,
}
crypter = create(alg, vector->key_size);
if (!crypter)
-<<<<<<< HEAD
- { /* key size not supported... */
-=======
{
DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
encryption_algorithm_names, alg, plugin_name,
BITS_PER_BYTE * vector->key_size);
failed = TRUE;
->>>>>>> upstream/4.5.1
continue;
}
@@ -243,30 +235,19 @@ METHOD(crypto_tester_t, test_crypter, bool,
crypter->destroy(crypter);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- encryption_algorithm_names, alg, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
encryption_algorithm_names, alg, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? "disabled" : "enabled ",
- encryption_algorithm_names, alg);
- return !this->required;
-=======
if (failed)
{
DBG1(DBG_LIB,"disable %N[%s]: no key size supported",
encryption_algorithm_names, alg, plugin_name);
- return FALSE;
+ return FALSE;
}
else
{
@@ -275,30 +256,19 @@ METHOD(crypto_tester_t, test_crypter, bool,
encryption_algorithm_names, alg, plugin_name);
return !this->required;
}
->>>>>>> upstream/4.5.1
}
if (!failed)
{
if (speed)
{
*speed = bench_crypter(this, alg, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- encryption_algorithm_names, alg, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- encryption_algorithm_names, alg, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
- encryption_algorithm_names, alg, tested, plugin_name, *speed);
+ encryption_algorithm_names, alg, plugin_name, tested, *speed);
}
else
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
encryption_algorithm_names, alg, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
@@ -354,11 +324,7 @@ static u_int bench_aead(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_aead, bool,
private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size,
-<<<<<<< HEAD
- aead_constructor_t create, u_int *speed)
-=======
aead_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
aead_test_vector_t *vector;
@@ -382,15 +348,11 @@ METHOD(crypto_tester_t, test_aead, bool,
}
aead = create(alg, vector->key_size);
if (!aead)
-<<<<<<< HEAD
- { /* key size not supported... */
-=======
{
DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
encryption_algorithm_names, alg, plugin_name,
BITS_PER_BYTE * vector->key_size);
failed = TRUE;
->>>>>>> upstream/4.5.1
continue;
}
@@ -443,30 +405,19 @@ METHOD(crypto_tester_t, test_aead, bool,
aead->destroy(aead);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- encryption_algorithm_names, alg, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
encryption_algorithm_names, alg, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? "disabled" : "enabled ",
- encryption_algorithm_names, alg);
- return !this->required;
-=======
if (failed)
{
DBG1(DBG_LIB,"disable %N[%s]: no key size supported",
encryption_algorithm_names, alg, plugin_name);
- return FALSE;
+ return FALSE;
}
else
{
@@ -475,22 +426,12 @@ METHOD(crypto_tester_t, test_aead, bool,
encryption_algorithm_names, alg, plugin_name);
return !this->required;
}
->>>>>>> upstream/4.5.1
}
if (!failed)
{
if (speed)
{
*speed = bench_aead(this, alg, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- encryption_algorithm_names, alg, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- encryption_algorithm_names, alg, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
encryption_algorithm_names, alg, plugin_name, tested, *speed);
}
@@ -498,7 +439,6 @@ METHOD(crypto_tester_t, test_aead, bool,
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
encryption_algorithm_names, alg, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
@@ -546,11 +486,7 @@ static u_int bench_signer(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_signer, bool,
private_crypto_tester_t *this, integrity_algorithm_t alg,
-<<<<<<< HEAD
- signer_constructor_t create, u_int *speed)
-=======
signer_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
signer_test_vector_t *vector;
@@ -572,13 +508,8 @@ METHOD(crypto_tester_t, test_signer, bool,
signer = create(alg);
if (!signer)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: creating instance failed",
- integrity_algorithm_names, alg);
-=======
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
integrity_algorithm_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
failed = TRUE;
break;
}
@@ -633,28 +564,17 @@ METHOD(crypto_tester_t, test_signer, bool,
signer->destroy(signer);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- integrity_algorithm_names, alg, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
integrity_algorithm_names, alg, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? "disabled" : "enabled ",
- integrity_algorithm_names, alg);
-=======
DBG1(DBG_LIB, "%s %N[%s]: no test vectors found",
this->required ? "disabled" : "enabled ",
integrity_algorithm_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
return !this->required;
}
if (!failed)
@@ -662,15 +582,6 @@ METHOD(crypto_tester_t, test_signer, bool,
if (speed)
{
*speed = bench_signer(this, alg, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- integrity_algorithm_names, alg, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- integrity_algorithm_names, alg, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
integrity_algorithm_names, alg, plugin_name, tested, *speed);
}
@@ -678,7 +589,6 @@ METHOD(crypto_tester_t, test_signer, bool,
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
integrity_algorithm_names, alg, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
@@ -720,11 +630,7 @@ static u_int bench_hasher(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_hasher, bool,
private_crypto_tester_t *this, hash_algorithm_t alg,
-<<<<<<< HEAD
- hasher_constructor_t create, u_int *speed)
-=======
hasher_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
hasher_test_vector_t *vector;
@@ -746,13 +652,8 @@ METHOD(crypto_tester_t, test_hasher, bool,
hasher = create(alg);
if (!hasher)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: creating instance failed",
- hash_algorithm_names, alg);
-=======
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
hash_algorithm_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
failed = TRUE;
break;
}
@@ -794,28 +695,17 @@ METHOD(crypto_tester_t, test_hasher, bool,
hasher->destroy(hasher);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- hash_algorithm_names, alg, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
hash_algorithm_names, alg, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? "disabled" : "enabled ",
- hash_algorithm_names, alg);
-=======
DBG1(DBG_LIB, "%s %N[%s]: no test vectors found",
this->required ? "disabled" : "enabled ",
hash_algorithm_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
return !this->required;
}
if (!failed)
@@ -823,15 +713,6 @@ METHOD(crypto_tester_t, test_hasher, bool,
if (speed)
{
*speed = bench_hasher(this, alg, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- hash_algorithm_names, alg, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- hash_algorithm_names, alg, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
hash_algorithm_names, alg, plugin_name, tested, *speed);
}
@@ -839,7 +720,6 @@ METHOD(crypto_tester_t, test_hasher, bool,
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
hash_algorithm_names, alg, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
@@ -881,11 +761,7 @@ static u_int bench_prf(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_prf, bool,
private_crypto_tester_t *this, pseudo_random_function_t alg,
-<<<<<<< HEAD
- prf_constructor_t create, u_int *speed)
-=======
prf_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
prf_test_vector_t *vector;
@@ -907,13 +783,8 @@ METHOD(crypto_tester_t, test_prf, bool,
prf = create(alg);
if (!prf)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: creating instance failed",
- pseudo_random_function_names, alg);
-=======
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
pseudo_random_function_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
failed = TRUE;
break;
}
@@ -966,28 +837,17 @@ METHOD(crypto_tester_t, test_prf, bool,
prf->destroy(prf);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- pseudo_random_function_names, alg, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
pseudo_random_function_names, alg, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? "disabled" : "enabled ",
- pseudo_random_function_names, alg);
-=======
DBG1(DBG_LIB, "%s %N[%s]: no test vectors found",
this->required ? "disabled" : "enabled ",
pseudo_random_function_names, alg, plugin_name);
->>>>>>> upstream/4.5.1
return !this->required;
}
if (!failed)
@@ -995,15 +855,6 @@ METHOD(crypto_tester_t, test_prf, bool,
if (speed)
{
*speed = bench_prf(this, alg, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- pseudo_random_function_names, alg, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- pseudo_random_function_names, alg, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
pseudo_random_function_names, alg, plugin_name, tested, *speed);
}
@@ -1011,7 +862,6 @@ METHOD(crypto_tester_t, test_prf, bool,
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
pseudo_random_function_names, alg, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
@@ -1050,11 +900,7 @@ static u_int bench_rng(private_crypto_tester_t *this,
METHOD(crypto_tester_t, test_rng, bool,
private_crypto_tester_t *this, rng_quality_t quality,
-<<<<<<< HEAD
- rng_constructor_t create, u_int *speed)
-=======
rng_constructor_t create, u_int *speed, const char *plugin_name)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
rng_test_vector_t *vector;
@@ -1063,13 +909,8 @@ METHOD(crypto_tester_t, test_rng, bool,
if (!this->rng_true && quality == RNG_TRUE)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: skipping test (disabled by config)",
- rng_quality_names, quality);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: skipping test (disabled by config)",
rng_quality_names, quality, plugin_name);
->>>>>>> upstream/4.5.1
return TRUE;
}
@@ -1088,13 +929,8 @@ METHOD(crypto_tester_t, test_rng, bool,
rng = create(quality);
if (!rng)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: creating instance failed",
- rng_quality_names, quality);
-=======
DBG1(DBG_LIB, "disabled %N[%s]: creating instance failed",
rng_quality_names, quality, plugin_name);
->>>>>>> upstream/4.5.1
failed = TRUE;
break;
}
@@ -1123,28 +959,17 @@ METHOD(crypto_tester_t, test_rng, bool,
rng->destroy(rng);
if (failed)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "disabled %N: %s test vector failed",
- rng_quality_names, quality, get_name(vector));
-=======
DBG1(DBG_LIB, "disabled %N[%s]: %s test vector failed",
rng_quality_names, quality, plugin_name, get_name(vector));
->>>>>>> upstream/4.5.1
break;
}
}
enumerator->destroy(enumerator);
if (!tested)
{
-<<<<<<< HEAD
- DBG1(DBG_LIB, "%s %N: no test vectors found",
- this->required ? ", disabled" : "enabled ",
- rng_quality_names, quality);
-=======
DBG1(DBG_LIB, "%s %N[%s]: no test vectors found",
this->required ? ", disabled" : "enabled ",
rng_quality_names, quality, plugin_name);
->>>>>>> upstream/4.5.1
return !this->required;
}
if (!failed)
@@ -1152,15 +977,6 @@ METHOD(crypto_tester_t, test_rng, bool,
if (speed)
{
*speed = bench_rng(this, quality, create);
-<<<<<<< HEAD
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors, %d points",
- rng_quality_names, quality, tested, *speed);
- }
- else
- {
- DBG1(DBG_LIB, "enabled %N: passed %u test vectors",
- rng_quality_names, quality, tested);
-=======
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points",
rng_quality_names, quality, plugin_name, tested, *speed);
}
@@ -1168,7 +984,6 @@ METHOD(crypto_tester_t, test_rng, bool,
{
DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors",
rng_quality_names, quality, plugin_name, tested);
->>>>>>> upstream/4.5.1
}
}
return !failed;
diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h
index 1354bec52..9ac665929 100644
--- a/src/libstrongswan/crypto/crypto_tester.h
+++ b/src/libstrongswan/crypto/crypto_tester.h
@@ -72,7 +72,7 @@ struct aead_test_vector_t {
struct signer_test_vector_t {
/** signer algorithm this test vector tests */
- pseudo_random_function_t alg;
+ integrity_algorithm_t alg;
/** key to use, with a length the algorithm expects */
u_char *key;
/** size of the input data */
@@ -143,11 +143,7 @@ struct crypto_tester_t {
*/
bool (*test_crypter)(crypto_tester_t *this, encryption_algorithm_t alg,
size_t key_size, crypter_constructor_t create,
-<<<<<<< HEAD
- u_int *speed);
-=======
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Test an aead algorithm, optionally using a specified key size.
@@ -160,11 +156,7 @@ struct crypto_tester_t {
*/
bool (*test_aead)(crypto_tester_t *this, encryption_algorithm_t alg,
size_t key_size, aead_constructor_t create,
-<<<<<<< HEAD
- u_int *speed);
-=======
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Test a signer algorithm.
*
@@ -174,12 +166,8 @@ struct crypto_tester_t {
* @return TRUE if test passed
*/
bool (*test_signer)(crypto_tester_t *this, integrity_algorithm_t alg,
-<<<<<<< HEAD
- signer_constructor_t create, u_int *speed);
-=======
signer_constructor_t create,
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Test a hasher algorithm.
*
@@ -189,12 +177,8 @@ struct crypto_tester_t {
* @return TRUE if test passed
*/
bool (*test_hasher)(crypto_tester_t *this, hash_algorithm_t alg,
-<<<<<<< HEAD
- hasher_constructor_t create, u_int *speed);
-=======
hasher_constructor_t create,
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Test a PRF algorithm.
*
@@ -204,12 +188,8 @@ struct crypto_tester_t {
* @return TRUE if test passed
*/
bool (*test_prf)(crypto_tester_t *this, pseudo_random_function_t alg,
-<<<<<<< HEAD
- prf_constructor_t create, u_int *speed);
-=======
prf_constructor_t create,
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Test a RNG implementation.
*
@@ -219,12 +199,8 @@ struct crypto_tester_t {
* @return TRUE if test passed
*/
bool (*test_rng)(crypto_tester_t *this, rng_quality_t quality,
-<<<<<<< HEAD
- rng_constructor_t create, u_int *speed);
-=======
rng_constructor_t create,
u_int *speed, const char *plugin_name);
->>>>>>> upstream/4.5.1
/**
* Add a test vector to test a crypter.
*
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index 10ab9fc23..d65955a2e 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -59,12 +59,12 @@ struct proposal_token {
u_int16_t keysize;
};
-#define TOTAL_KEYWORDS 117
+#define TOTAL_KEYWORDS 119
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
#define MIN_HASH_VALUE 9
-#define MAX_HASH_VALUE 209
-/* maximum key range = 201, duplicates = 0 */
+#define MAX_HASH_VALUE 213
+/* maximum key range = 205, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -80,32 +80,32 @@ hash (str, len)
{
static const unsigned char asso_values[] =
{
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 16, 9,
- 4, 41, 66, 19, 8, 4, 5, 3, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 122, 210, 3, 22, 21,
- 3, 111, 103, 48, 7, 4, 210, 210, 3, 210,
- 57, 3, 210, 210, 78, 6, 3, 28, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210, 210, 210, 210,
- 210, 210, 210, 210, 210, 210, 210
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 14, 9,
+ 4, 34, 66, 19, 8, 4, 5, 3, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 131, 214, 3, 22, 21,
+ 3, 1, 101, 48, 3, 4, 214, 214, 3, 214,
+ 57, 4, 214, 214, 94, 6, 3, 32, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214, 214, 214, 214,
+ 214, 214, 214, 214, 214, 214, 214
};
register int hval = len;
@@ -143,14 +143,19 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
{"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
{"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
{"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
{"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
{"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
{"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
{"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
{"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
{"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
{"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
@@ -209,81 +214,79 @@ static const struct proposal_token wordlist[] =
{"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
{"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
{"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
- {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
{"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
{"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
{"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
{"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
- {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
{"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
{"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
{"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
- {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
{"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
+ {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
+ {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
{"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
{"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
{"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
{"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
{"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
- {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
{"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
{"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
{"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
{"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
{"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
+ {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
{"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
{"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
{"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
+ {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
+ {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
{"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
{"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
- {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
{"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
{"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
{"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}
};
static const short lookup[] =
{
-1, -1, -1, -1, -1, -1, -1, -1, -1, 0,
- 1, -1, -1, -1, -1, -1, 2, -1, -1, -1,
- -1, 3, 4, -1, -1, -1, -1, -1, 5, 6,
- 7, 8, -1, -1, -1, 9, 10, 11, 12, 13,
- 14, 15, 16, 17, 18, 19, 20, 21, 22, -1,
- -1, -1, -1, 23, 24, 25, 26, 27, 28, 29,
- 30, -1, 31, -1, 32, 33, 34, 35, 36, 37,
- 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
- 48, -1, 49, -1, 50, -1, 51, -1, 52, -1,
- 53, -1, 54, 55, 56, 57, 58, 59, 60, 61,
- 62, 63, 64, 65, 66, 67, 68, 69, -1, 70,
- -1, 71, -1, 72, 73, 74, 75, 76, -1, 77,
- 78, 79, 80, 81, -1, 82, 83, 84, 85, -1,
- -1, 86, 87, 88, 89, 90, 91, 92, -1, -1,
- 93, 94, 95, 96, 97, 98, 99, 100, 101, 102,
- 103, 104, -1, -1, -1, -1, -1, -1, 105, 106,
- 107, 108, -1, -1, -1, -1, 109, -1, 110, -1,
- -1, -1, -1, -1, 111, -1, -1, -1, -1, 112,
- 113, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ 1, 2, -1, -1, -1, -1, 3, 4, -1, -1,
+ -1, 5, 6, -1, -1, 7, -1, 8, 9, 10,
+ 11, 12, -1, 13, -1, 14, 15, 16, 17, 18,
+ 19, 20, 21, 22, 23, 24, 25, 26, 27, 28,
+ -1, -1, -1, -1, 29, 30, 31, 32, 33, 34,
+ 35, -1, 36, -1, 37, 38, 39, 40, 41, 42,
+ 43, 44, 45, 46, 47, 48, 49, 50, 51, 52,
+ 53, -1, 54, -1, 55, -1, 56, -1, 57, -1,
+ 58, -1, 59, 60, 61, 62, 63, 64, 65, 66,
+ 67, 68, 69, 70, 71, 72, -1, 73, -1, 74,
+ -1, 75, -1, 76, 77, 78, 79, 80, -1, 81,
+ 82, 83, 84, 85, -1, 86, 87, -1, 88, -1,
+ -1, 89, 90, -1, 91, -1, -1, 92, -1, 93,
+ 94, 95, 96, -1, 97, -1, 98, 99, 100, 101,
+ 102, 103, -1, -1, -1, 104, -1, -1, 105, 106,
+ -1, 107, -1, -1, -1, 108, 109, -1, -1, 110,
+ 111, -1, -1, -1, 112, 113, -1, 114, 115, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, 114, 115, -1, -1, -1, 116
+ -1, -1, -1, -1, -1, 116, -1, -1, -1, 117,
+ -1, -1, -1, 118
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.txt b/src/libstrongswan/crypto/proposal/proposal_keywords.txt
index 208c6715b..4ef664d8f 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.txt
@@ -146,3 +146,5 @@ ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0
modp1024s160, DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0
modp2048s224, DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0
modp2048s256, DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0
+noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0
+esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0
diff --git a/src/libstrongswan/crypto/transform.c b/src/libstrongswan/crypto/transform.c
index cec90a616..1e108f1de 100644
--- a/src/libstrongswan/crypto/transform.c
+++ b/src/libstrongswan/crypto/transform.c
@@ -28,3 +28,8 @@ ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS,
"EXTENDED_SEQUENCE_NUMBERS");
ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
+
+ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS,
+ "NO_EXT_SEQ",
+ "EXT_SEQ",
+);
diff --git a/src/libstrongswan/crypto/transform.h b/src/libstrongswan/crypto/transform.h
index 1a2660199..1393c674c 100644
--- a/src/libstrongswan/crypto/transform.h
+++ b/src/libstrongswan/crypto/transform.h
@@ -45,4 +45,17 @@ enum transform_type_t {
*/
extern enum_name_t *transform_type_names;
+/**
+ * Extended sequence numbers, as in IKEv2 RFC 3.3.2.
+ */
+enum extended_sequence_numbers_t {
+ NO_EXT_SEQ_NUMBERS = 0,
+ EXT_SEQ_NUMBERS = 1
+};
+
+/**
+ * enum strings for extended_sequence_numbers_t.
+ */
+extern enum_name_t *extended_sequence_numbers_names;
+
#endif /** TRANSFORM_H_ @}*/
diff --git a/src/libstrongswan/eap/eap.c b/src/libstrongswan/eap/eap.c
index 71734017a..11b475d8f 100644
--- a/src/libstrongswan/eap/eap.c
+++ b/src/libstrongswan/eap/eap.c
@@ -44,11 +44,15 @@ ENUM_NEXT(eap_type_names, EAP_TTLS, EAP_TTLS, EAP_SIM,
"EAP_TTLS");
ENUM_NEXT(eap_type_names, EAP_AKA, EAP_AKA, EAP_TTLS,
"EAP_AKA");
-ENUM_NEXT(eap_type_names, EAP_MSCHAPV2, EAP_MSCHAPV2, EAP_AKA,
+ENUM_NEXT(eap_type_names, EAP_PEAP, EAP_MSCHAPV2, EAP_AKA,
+ "EAP_PEAP",
"EAP_MSCHAPV2");
-ENUM_NEXT(eap_type_names, EAP_TNC, EAP_TNC, EAP_MSCHAPV2,
+ENUM_NEXT(eap_type_names, EAP_MSTLV, EAP_MSTLV, EAP_MSCHAPV2,
+ "EAP_MSTLV");
+ENUM_NEXT(eap_type_names, EAP_TNC, EAP_TNC, EAP_MSTLV,
"EAP_TNC");
-ENUM_NEXT(eap_type_names, EAP_RADIUS, EAP_EXPERIMENTAL, EAP_TNC,
+ENUM_NEXT(eap_type_names, EAP_DYNAMIC, EAP_EXPERIMENTAL, EAP_TNC,
+ "EAP_DYNAMIC",
"EAP_RADIUS",
"EAP_EXPANDED",
"EAP_EXPERIMENTAL");
@@ -69,11 +73,15 @@ ENUM_NEXT(eap_type_short_names, EAP_TTLS, EAP_TTLS, EAP_SIM,
"TTLS");
ENUM_NEXT(eap_type_short_names, EAP_AKA, EAP_AKA, EAP_TTLS,
"AKA");
-ENUM_NEXT(eap_type_short_names, EAP_MSCHAPV2, EAP_MSCHAPV2, EAP_AKA,
+ENUM_NEXT(eap_type_short_names, EAP_PEAP, EAP_MSCHAPV2, EAP_AKA,
+ "PEAP",
"MSCHAPV2");
-ENUM_NEXT(eap_type_short_names, EAP_TNC, EAP_TNC, EAP_MSCHAPV2,
+ENUM_NEXT(eap_type_short_names, EAP_MSTLV, EAP_MSTLV, EAP_MSCHAPV2,
+ "MSTLV");
+ENUM_NEXT(eap_type_short_names, EAP_TNC, EAP_TNC, EAP_MSTLV,
"TNC");
-ENUM_NEXT(eap_type_short_names, EAP_RADIUS, EAP_EXPERIMENTAL, EAP_TNC,
+ENUM_NEXT(eap_type_short_names, EAP_DYNAMIC, EAP_EXPERIMENTAL, EAP_TNC,
+ "DYN",
"RAD",
"EXP",
"XP");
@@ -115,6 +123,7 @@ eap_type_t eap_type_from_string(char *name)
{"ttls", EAP_TTLS},
{"sim", EAP_SIM},
{"aka", EAP_AKA},
+ {"peap", EAP_PEAP},
{"mschapv2", EAP_MSCHAPV2},
{"tnc", EAP_TNC},
{"radius", EAP_RADIUS},
diff --git a/src/libstrongswan/eap/eap.h b/src/libstrongswan/eap/eap.h
index cb28d4e2d..945e4bc59 100644
--- a/src/libstrongswan/eap/eap.h
+++ b/src/libstrongswan/eap/eap.h
@@ -60,8 +60,12 @@ enum eap_type_t {
EAP_SIM = 18,
EAP_TTLS = 21,
EAP_AKA = 23,
+ EAP_PEAP = 25,
EAP_MSCHAPV2 = 26,
+ EAP_MSTLV = 33,
EAP_TNC = 38,
+ /** select EAP method dynamically based on i.e. EAP-Identity */
+ EAP_DYNAMIC = 252,
/** not a method, but an implementation providing different methods */
EAP_RADIUS = 253,
EAP_EXPANDED = 254,
@@ -79,14 +83,21 @@ extern enum_name_t *eap_type_names;
extern enum_name_t *eap_type_short_names;
/**
+ * EAP packet format
+ */
+typedef struct __attribute__((packed)) {
+ u_int8_t code;
+ u_int8_t identifier;
+ u_int16_t length;
+ u_int8_t type;
+ u_int8_t data;
+} eap_packet_t;
+
+/**
* Lookup the EAP method type from a string.
*
* @param name EAP method name (such as "md5", "aka")
-<<<<<<< HEAD
- * @return method type, 0 if unkown
-=======
* @return method type, 0 if unknown
->>>>>>> upstream/4.5.1
*/
eap_type_t eap_type_from_string(char *name);
diff --git a/src/libstrongswan/enum.c b/src/libstrongswan/enum.c
index df6a73a81..5c811bd17 100644
--- a/src/libstrongswan/enum.c
+++ b/src/libstrongswan/enum.c
@@ -43,11 +43,7 @@ int enum_from_name(enum_name_t *e, char *name)
{
do
{
-<<<<<<< HEAD
- int i, count = e->last - e->first;
-=======
int i, count = e->last - e->first + 1;
->>>>>>> upstream/4.5.1
for (i = 0; i < count; i++)
{
diff --git a/src/libstrongswan/fetcher/fetcher.c b/src/libstrongswan/fetcher/fetcher.c
new file mode 100644
index 000000000..ca5a72165
--- /dev/null
+++ b/src/libstrongswan/fetcher/fetcher.c
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "fetcher.h"
+
+/**
+ * See header.
+ */
+bool fetcher_default_callback(void *userdata, chunk_t chunk)
+{
+ chunk_t *accu = userdata;
+
+ accu->ptr = realloc(accu->ptr, accu->len + chunk.len);
+ if (accu->ptr)
+ {
+ memcpy(&accu->ptr[accu->len], chunk.ptr, chunk.len);
+ accu->len += chunk.len;
+ return TRUE;
+ }
+ return FALSE;
+}
diff --git a/src/libstrongswan/fetcher/fetcher.h b/src/libstrongswan/fetcher/fetcher.h
index f312206bb..5b734da3d 100644
--- a/src/libstrongswan/fetcher/fetcher.h
+++ b/src/libstrongswan/fetcher/fetcher.h
@@ -1,6 +1,7 @@
/*
- * Copyright (C) 2008 Martin Willi
+ * Copyright (C) 2008-2011 Martin Willi
* Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2011 revosec AG
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -25,6 +26,23 @@ typedef struct fetcher_t fetcher_t;
typedef enum fetcher_option_t fetcher_option_t;
#include <stdarg.h>
+#include <chunk.h>
+
+/**
+ * Constructor function which creates fetcher instances.
+ *
+ * @return fetcher instance
+ */
+typedef fetcher_t* (*fetcher_constructor_t)();
+
+/**
+ * Callback function used with FETCH_CALLBACK.
+ *
+ * @param userdata userdata passed to fetcher_t.fetch()
+ * @param chunk chunk with next chunk of data
+ * @return TRUE to continue with transfer, FALSE to abort
+ */
+typedef bool (*fetcher_callback_t)(void *userdata, chunk_t chunk);
#include <library.h>
@@ -64,19 +82,20 @@ enum fetcher_option_t {
FETCH_TIMEOUT,
/**
+ * Callback to invoke with each chunk of data.
+ * Additional argument fetch_callback_t.
+ * If this option is not given, the fetcher_default_callback is used,
+ * which accumulates the data into an allocated chunk.
+ */
+ FETCH_CALLBACK,
+
+ /**
* end of fetching options
*/
FETCH_END,
};
/**
- * Constructor function which creates fetcher instances.
- *
- * @return fetcher instance
- */
-typedef fetcher_t* (*fetcher_constructor_t)();
-
-/**
* Fetcher interface, an implementation fetches data from an URL.
*/
struct fetcher_t {
@@ -87,15 +106,18 @@ struct fetcher_t {
* The fetcher returns NOT_SUPPORTED to indicate that it is uncappable
* to handle such URLs. Other return values indicate a failure, and
* fetching of that URL gets cancelled.
+ * If no FETCH_CALLBACK function is set as option, userdata must be
+ * a chunk_t*. This chunk gets allocated, accumulated data using the
+ * fetcher_default_callback() function.
*
* @param uri URI to fetch from
- * @param result chunk which receives allocated data
+ * @param userdata userdata to pass to callback function.
* @return
* - SUCCESS if fetch was successful
* - NOT_SUPPORTED if fetcher does not support such URLs
* - FAILED, NOT_FOUND, PARSE_ERROR on failure
*/
- status_t (*fetch)(fetcher_t *this, char *uri, chunk_t *result);
+ status_t (*fetch)(fetcher_t *this, char *uri, void *userdata);
/**
* Set a fetcher option, as defined in fetcher_option_t.
@@ -114,4 +136,13 @@ struct fetcher_t {
void (*destroy)(fetcher_t *this);
};
+/**
+ * Default fetcher callback function, accumulates data to a chunk.
+ *
+ * @param userdata chunk for allocated data, empty on first invocation
+ * @param chunk current chunk of data
+ * @return FALSE if chunk too large to allocate
+ */
+bool fetcher_default_callback(void *userdata, chunk_t chunk);
+
#endif /** FETCHER_H_ @}*/
diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c
index 2c5f5f688..9b363c7eb 100644
--- a/src/libstrongswan/fetcher/fetcher_manager.c
+++ b/src/libstrongswan/fetcher/fetcher_manager.c
@@ -58,11 +58,8 @@ static void entry_destroy(entry_t *entry)
free(entry);
}
-/**
- * Implementation of fetcher_manager_t.fetch.
- */
-static status_t fetch(private_fetcher_manager_t *this,
- char *url, chunk_t *response, ...)
+METHOD(fetcher_manager_t, fetch, status_t,
+ private_fetcher_manager_t *this, char *url, void *userdata, ...)
{
enumerator_t *enumerator;
status_t status = NOT_SUPPORTED;
@@ -89,35 +86,33 @@ static status_t fetch(private_fetcher_manager_t *this,
{
continue;
}
- va_start(args, response);
+ va_start(args, userdata);
while (good)
{
-<<<<<<< HEAD
- opt = va_arg(args, fetcher_option_t);
-=======
opt = va_arg(args, int);
->>>>>>> upstream/4.5.1
switch (opt)
{
case FETCH_REQUEST_DATA:
- good = fetcher->set_option(fetcher, opt, va_arg(args, chunk_t));
+ good = fetcher->set_option(fetcher, opt,
+ va_arg(args, chunk_t));
continue;
case FETCH_REQUEST_TYPE:
case FETCH_REQUEST_HEADER:
- good = fetcher->set_option(fetcher, opt, va_arg(args, char*));
+ good = fetcher->set_option(fetcher, opt,
+ va_arg(args, char*));
continue;
case FETCH_HTTP_VERSION_1_0:
good = fetcher->set_option(fetcher, opt);
continue;
case FETCH_TIMEOUT:
- good = fetcher->set_option(fetcher, opt, va_arg(args, u_int));
+ good = fetcher->set_option(fetcher, opt,
+ va_arg(args, u_int));
continue;
+ case FETCH_CALLBACK:
+ good = fetcher->set_option(fetcher, opt,
+ va_arg(args, fetcher_callback_t));
case FETCH_END:
-<<<<<<< HEAD
- break;;
-=======
break;
->>>>>>> upstream/4.5.1
}
break;
}
@@ -128,7 +123,7 @@ static status_t fetch(private_fetcher_manager_t *this,
continue;
}
- status = fetcher->fetch(fetcher, url, response);
+ status = fetcher->fetch(fetcher, url, userdata);
fetcher->destroy(fetcher);
/* try another fetcher only if this one does not support that URL */
if (status == NOT_SUPPORTED)
@@ -147,27 +142,22 @@ static status_t fetch(private_fetcher_manager_t *this,
return status;
}
-/**
- * Implementation of fetcher_manager_t.add_fetcher.
- */
-static void add_fetcher(private_fetcher_manager_t *this,
- fetcher_constructor_t create, char *url)
+METHOD(fetcher_manager_t, add_fetcher, void,
+ private_fetcher_manager_t *this, fetcher_constructor_t create, char *url)
{
- entry_t *entry = malloc_thing(entry_t);
-
- entry->url = strdup(url);
- entry->create = create;
+ entry_t *entry;
+ INIT(entry,
+ .url = strdup(url),
+ .create = create,
+ );
this->lock->write_lock(this->lock);
this->fetchers->insert_last(this->fetchers, entry);
this->lock->unlock(this->lock);
}
-/**
- * Implementation of fetcher_manager_t.remove_fetcher.
- */
-static void remove_fetcher(private_fetcher_manager_t *this,
- fetcher_constructor_t create)
+METHOD(fetcher_manager_t, remove_fetcher, void,
+ private_fetcher_manager_t *this, fetcher_constructor_t create)
{
enumerator_t *enumerator;
entry_t *entry;
@@ -186,10 +176,8 @@ static void remove_fetcher(private_fetcher_manager_t *this,
this->lock->unlock(this->lock);
}
-/**
- * Implementation of fetcher_manager_t.destroy
- */
-static void destroy(private_fetcher_manager_t *this)
+METHOD(fetcher_manager_t, destroy, void,
+ private_fetcher_manager_t *this)
{
this->fetchers->destroy_function(this->fetchers, (void*)entry_destroy);
this->lock->destroy(this->lock);
@@ -201,15 +189,18 @@ static void destroy(private_fetcher_manager_t *this)
*/
fetcher_manager_t *fetcher_manager_create()
{
- private_fetcher_manager_t *this = malloc_thing(private_fetcher_manager_t);
-
- this->public.fetch = (status_t(*)(fetcher_manager_t*, char *url, chunk_t *response, ...))fetch;
- this->public.add_fetcher = (void(*)(fetcher_manager_t*, fetcher_constructor_t,char*))add_fetcher;
- this->public.remove_fetcher = (void(*)(fetcher_manager_t*, fetcher_constructor_t))remove_fetcher;
- this->public.destroy = (void(*)(fetcher_manager_t*))destroy;
-
- this->fetchers = linked_list_create();
- this->lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ private_fetcher_manager_t *this;
+
+ INIT(this,
+ .public = {
+ .fetch = _fetch,
+ .add_fetcher = _add_fetcher,
+ .remove_fetcher = _remove_fetcher,
+ .destroy = _destroy,
+ },
+ .fetchers = linked_list_create(),
+ .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
+ );
return &this->public;
}
diff --git a/src/libstrongswan/fetcher/fetcher_manager.h b/src/libstrongswan/fetcher/fetcher_manager.h
index a7ac6611e..15250d531 100644
--- a/src/libstrongswan/fetcher/fetcher_manager.h
+++ b/src/libstrongswan/fetcher/fetcher_manager.h
@@ -31,17 +31,20 @@ typedef struct fetcher_manager_t fetcher_manager_t;
struct fetcher_manager_t {
/**
- * Fetch data from URI into chunk.
+ * Fetch data from URI.
*
* The variable argument list contains fetcher_option_t's, followed
* by a option specific data argument.
+ * If no FETCH_CALLBACK function is given as option, userdata must be
+ * a chunk_t*. This chunk gets allocated, accumulated data using the
+ * fetcher_default_callback() function.
*
* @param uri URI to fetch from
- * @param result chunk which receives allocated data
+ * @param userdata userdata to pass to callback function.
* @param options FETCH_END terminated fetcher_option_t arguments
* @return status indicating result of fetch
*/
- status_t (*fetch)(fetcher_manager_t *this, char *url, chunk_t *response, ...);
+ status_t (*fetch)(fetcher_manager_t *this, char *url, void *userdata, ...);
/**
* Register a fetcher implementation.
diff --git a/src/libstrongswan/integrity_checker.c b/src/libstrongswan/integrity_checker.c
index 7060f9ea0..e962aba70 100644
--- a/src/libstrongswan/integrity_checker.c
+++ b/src/libstrongswan/integrity_checker.c
@@ -57,16 +57,8 @@ struct private_integrity_checker_t {
int checksum_count;
};
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.build_file
- */
-static u_int32_t build_file(private_integrity_checker_t *this, char *file,
- size_t *len)
-=======
METHOD(integrity_checker_t, build_file, u_int32_t,
private_integrity_checker_t *this, char *file, size_t *len)
->>>>>>> upstream/4.5.1
{
u_int32_t checksum;
chunk_t contents;
@@ -141,16 +133,8 @@ static int callback(struct dl_phdr_info *dlpi, size_t size, Dl_info *dli)
return 0;
}
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.build_segment
- */
-static u_int32_t build_segment(private_integrity_checker_t *this, void *sym,
- size_t *len)
-=======
METHOD(integrity_checker_t, build_segment, u_int32_t,
private_integrity_checker_t *this, void *sym, size_t *len)
->>>>>>> upstream/4.5.1
{
chunk_t segment;
Dl_info dli;
@@ -190,16 +174,8 @@ static integrity_checksum_t *find_checksum(private_integrity_checker_t *this,
return NULL;
}
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.check_file
- */
-static bool check_file(private_integrity_checker_t *this,
- char *name, char *file)
-=======
METHOD(integrity_checker_t, check_file, bool,
private_integrity_checker_t *this, char *name, char *file)
->>>>>>> upstream/4.5.1
{
integrity_checksum_t *cs;
u_int32_t sum;
@@ -232,16 +208,8 @@ METHOD(integrity_checker_t, check_file, bool,
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.check_segment
- */
-static bool check_segment(private_integrity_checker_t *this,
- char *name, void *sym)
-=======
METHOD(integrity_checker_t, check_segment, bool,
private_integrity_checker_t *this, char *name, void *sym)
->>>>>>> upstream/4.5.1
{
integrity_checksum_t *cs;
u_int32_t sum;
@@ -274,15 +242,8 @@ METHOD(integrity_checker_t, check_segment, bool,
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.check
- */
-static bool check(private_integrity_checker_t *this, char *name, void *sym)
-=======
METHOD(integrity_checker_t, check, bool,
private_integrity_checker_t *this, char *name, void *sym)
->>>>>>> upstream/4.5.1
{
Dl_info dli;
@@ -302,15 +263,8 @@ METHOD(integrity_checker_t, check, bool,
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of integrity_checker_t.destroy.
- */
-static void destroy(private_integrity_checker_t *this)
-=======
METHOD(integrity_checker_t, destroy, void,
private_integrity_checker_t *this)
->>>>>>> upstream/4.5.1
{
if (this->handle)
{
@@ -324,19 +278,6 @@ METHOD(integrity_checker_t, destroy, void,
*/
integrity_checker_t *integrity_checker_create(char *checksum_library)
{
-<<<<<<< HEAD
- private_integrity_checker_t *this = malloc_thing(private_integrity_checker_t);
-
- this->public.check_file = (bool(*)(integrity_checker_t*, char *name, char *file))check_file;
- this->public.build_file = (u_int32_t(*)(integrity_checker_t*, char *file, size_t *len))build_file;
- this->public.check_segment = (bool(*)(integrity_checker_t*, char *name, void *sym))check_segment;
- this->public.build_segment = (u_int32_t(*)(integrity_checker_t*, void *sym, size_t *len))build_segment;
- this->public.check = (bool(*)(integrity_checker_t*, char *name, void *sym))check;
- this->public.destroy = (void(*)(integrity_checker_t*))destroy;
-
- this->checksum_count = 0;
- this->handle = NULL;
-=======
private_integrity_checker_t *this;
INIT(this,
@@ -350,7 +291,6 @@ integrity_checker_t *integrity_checker_create(char *checksum_library)
},
);
->>>>>>> upstream/4.5.1
if (checksum_library)
{
this->handle = dlopen(checksum_library, RTLD_LAZY);
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 6e4aeb9d6..c93f84ca7 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c
index f13e33492..2a1fed944 100644
--- a/src/libstrongswan/plugins/aes/aes_crypter.c
+++ b/src/libstrongswan/plugins/aes/aes_crypter.c
@@ -1518,6 +1518,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_aes_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c
index b859d3167..d17355d1d 100644
--- a/src/libstrongswan/plugins/aes/aes_plugin.c
+++ b/src/libstrongswan/plugins/aes/aes_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "aes_crypter.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "aes";
-
->>>>>>> upstream/4.5.1
typedef struct private_aes_plugin_t private_aes_plugin_t;
/**
@@ -36,6 +31,12 @@ struct private_aes_plugin_t {
aes_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_aes_plugin_t *this)
+{
+ return "aes";
+}
+
METHOD(plugin_t, destroy, void,
private_aes_plugin_t *this)
{
@@ -54,16 +55,14 @@ plugin_t *aes_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
-=======
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this),
(crypter_constructor_t)aes_crypter_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in
index aa8df979e..00b54b026 100644
--- a/src/libstrongswan/plugins/af_alg/Makefile.in
+++ b/src/libstrongswan/plugins/af_alg/Makefile.in
@@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c
index 3416ad8d2..7b3c062aa 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c
@@ -63,6 +63,7 @@ static struct {
size_t iv_size;
} algs[] = {
{ENCR_DES, "cbc(des)", 8, 8, 8, 8, },
+ {ENCR_DES_ECB, "ecb(des)", 8, 8, 8, 0, },
{ENCR_3DES, "cbc(des3_ede)", 8, 24, 24, 8, },
{ENCR_AES_CBC, "cbc(aes)", 16, 16, 16, 16, },
{ENCR_AES_CBC, "cbc(aes)", 16, 24, 24, 16, },
@@ -91,7 +92,7 @@ static struct {
/**
* See header.
*/
-void af_alg_crypter_probe()
+void af_alg_crypter_probe(char *plugin)
{
encryption_algorithm_t prev = -1;
af_alg_ops_t *ops;
@@ -105,7 +106,7 @@ void af_alg_crypter_probe()
if (ops)
{
ops->destroy(ops);
- lib->crypto->add_crypter(lib->crypto, algs[i].id, af_alg_plugin_name,
+ lib->crypto->add_crypter(lib->crypto, algs[i].id, plugin,
(crypter_constructor_t)af_alg_crypter_create);
}
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h
index 711d2fc35..ed7799cc8 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h
@@ -48,7 +48,9 @@ af_alg_crypter_t *af_alg_crypter_create(encryption_algorithm_t algo,
/**
* Probe algorithms and register af_alg_crypter_create().
+ *
+ * @param plugin plugin name to register algorithms for
*/
-void af_alg_crypter_probe();
+void af_alg_crypter_probe(char *plugin);
#endif /** AF_ALG_CRYPTER_H_ @}*/
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
index 7c6297d44..11074c4bd 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c
@@ -59,7 +59,7 @@ static struct {
/**
* See header.
*/
-void af_alg_hasher_probe()
+void af_alg_hasher_probe(char *plugin)
{
af_alg_ops_t *ops;
int i;
@@ -70,7 +70,7 @@ void af_alg_hasher_probe()
if (ops)
{
ops->destroy(ops);
- lib->crypto->add_hasher(lib->crypto, algs[i].id, af_alg_plugin_name,
+ lib->crypto->add_hasher(lib->crypto, algs[i].id, plugin,
(hasher_constructor_t)af_alg_hasher_create);
}
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h
index e0833e23a..f44ba2938 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h
@@ -46,7 +46,9 @@ af_alg_hasher_t *af_alg_hasher_create(hash_algorithm_t algo);
/**
* Probe algorithms and register af_alg_hasher_create().
+ *
+ * @param plugin plugin name to register algorithms for
*/
-void af_alg_hasher_probe();
+void af_alg_hasher_probe(char *plugin);
#endif /** af_alg_HASHER_H_ @}*/
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
index 7bf1d90db..82a227d97 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c
@@ -21,8 +21,6 @@
#include <debug.h>
-const char *af_alg_plugin_name = "af-alg";
-
typedef struct private_af_alg_ops_t private_af_alg_ops_t;
/**
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.h b/src/libstrongswan/plugins/af_alg/af_alg_ops.h
index b7d642c00..ad164029f 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_ops.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.h
@@ -33,8 +33,6 @@
#define SOL_ALG 279
#endif /* SOL_ALG */
-extern const char *af_alg_plugin_name;
-
typedef struct af_alg_ops_t af_alg_ops_t;
/**
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
index 54e39f1a0..280ea4e98 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c
@@ -35,6 +35,12 @@ struct private_af_alg_plugin_t {
af_alg_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_af_alg_plugin_t *this)
+{
+ return "af-alg";
+}
+
METHOD(plugin_t, destroy, void,
private_af_alg_plugin_t *this)
{
@@ -60,15 +66,17 @@ plugin_t *af_alg_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- af_alg_hasher_probe();
- af_alg_signer_probe();
- af_alg_prf_probe();
- af_alg_crypter_probe();
+ af_alg_hasher_probe(get_name(this));
+ af_alg_signer_probe(get_name(this));
+ af_alg_prf_probe(get_name(this));
+ af_alg_crypter_probe(get_name(this));
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
index 575906bae..1c1174abb 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c
@@ -70,7 +70,7 @@ static struct {
/**
* See header.
*/
-void af_alg_prf_probe()
+void af_alg_prf_probe(char *plugin)
{
af_alg_ops_t *ops;
int i;
@@ -81,7 +81,7 @@ void af_alg_prf_probe()
if (ops)
{
ops->destroy(ops);
- lib->crypto->add_prf(lib->crypto, algs[i].id, af_alg_plugin_name,
+ lib->crypto->add_prf(lib->crypto, algs[i].id, plugin,
(prf_constructor_t)af_alg_prf_create);
}
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.h b/src/libstrongswan/plugins/af_alg/af_alg_prf.h
index a3dea5649..d3275e7be 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_prf.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.h
@@ -46,7 +46,9 @@ af_alg_prf_t *af_alg_prf_create(pseudo_random_function_t algo);
/**
* Probe algorithms and register af_alg_prf_create().
+ *
+ * @param plugin plugin name to register algorithms for
*/
-void af_alg_prf_probe();
+void af_alg_prf_probe(char *plugin);
#endif /** AF_ALG_PRF_H_ @}*/
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
index 3d6f907bf..34534a06b 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c
+++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c
@@ -71,7 +71,7 @@ static struct {
/**
* See header.
*/
-void af_alg_signer_probe()
+void af_alg_signer_probe(char *plugin)
{
af_alg_ops_t *ops;
int i;
@@ -82,7 +82,7 @@ void af_alg_signer_probe()
if (ops)
{
ops->destroy(ops);
- lib->crypto->add_signer(lib->crypto, algs[i].id, af_alg_plugin_name,
+ lib->crypto->add_signer(lib->crypto, algs[i].id, plugin,
(signer_constructor_t)af_alg_signer_create);
}
}
diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.h b/src/libstrongswan/plugins/af_alg/af_alg_signer.h
index b1d90707f..21487a118 100644
--- a/src/libstrongswan/plugins/af_alg/af_alg_signer.h
+++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.h
@@ -46,7 +46,9 @@ af_alg_signer_t *af_alg_signer_create(integrity_algorithm_t algo);
/**
* Probe algorithms and register af_alg_signer_create().
+ *
+ * @param plugin plugin name to register algorithms for
*/
-void af_alg_signer_probe();
+void af_alg_signer_probe(char *plugin);
#endif /** AF_ALG_SIGNER_H_ @}*/
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index fa255ad23..ce333660d 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c
index bd3c1ac75..79c13b7c1 100644
--- a/src/libstrongswan/plugins/agent/agent_plugin.c
+++ b/src/libstrongswan/plugins/agent/agent_plugin.c
@@ -31,6 +31,12 @@ struct private_agent_plugin_t {
agent_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_agent_plugin_t *this)
+{
+ return "agent";
+}
+
METHOD(plugin_t, destroy, void,
private_agent_plugin_t *this)
{
@@ -49,6 +55,8 @@ plugin_t *agent_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index 14f25d015..be8ba72ee 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -223,13 +223,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -268,14 +264,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
index 784c07eaf..fc3649b36 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
@@ -160,6 +160,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_blowfish_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
index 03f46a63a..9dc8dfe7f 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
+++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c
@@ -19,11 +19,6 @@
#include <library.h>
#include "blowfish_crypter.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "blowfish";
-
->>>>>>> upstream/4.5.1
typedef struct private_blowfish_plugin_t private_blowfish_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_blowfish_plugin_t {
blowfish_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_blowfish_plugin_t *this)
+{
+ return "blowfish";
+}
+
METHOD(plugin_t, destroy, void,
private_blowfish_plugin_t *this)
{
@@ -55,16 +56,14 @@ plugin_t *blowfish_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH,
-=======
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this),
(crypter_constructor_t)blowfish_crypter_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index 504d1938a..b2bc4a51f 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/ccm/ccm_plugin.c b/src/libstrongswan/plugins/ccm/ccm_plugin.c
index 15c548e64..2865c2ae4 100644
--- a/src/libstrongswan/plugins/ccm/ccm_plugin.c
+++ b/src/libstrongswan/plugins/ccm/ccm_plugin.c
@@ -19,11 +19,6 @@
#include "ccm_aead.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "ccm";
-
->>>>>>> upstream/4.5.1
typedef struct private_ccm_plugin_t private_ccm_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_ccm_plugin_t {
ccm_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_ccm_plugin_t *this)
+{
+ return "ccm";
+}
+
METHOD(plugin_t, destroy, void,
private_ccm_plugin_t *this)
{
@@ -52,52 +53,40 @@ METHOD(plugin_t, destroy, void,
plugin_t *ccm_plugin_create()
{
private_ccm_plugin_t *this;
-<<<<<<< HEAD
-=======
crypter_t *crypter;
->>>>>>> upstream/4.5.1
INIT(this,
- .public.plugin.destroy = _destroy,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
+ .destroy = _destroy,
+ },
+ },
);
-<<<<<<< HEAD
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8,
- (aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12,
- (aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16,
- (aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8,
- (aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12,
- (aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16,
- (aead_constructor_t)ccm_aead_create);
-=======
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, get_name(this),
(aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, get_name(this),
(aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, get_name(this),
(aead_constructor_t)ccm_aead_create);
}
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 0);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, get_name(this),
(aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, get_name(this),
(aead_constructor_t)ccm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, get_name(this),
(aead_constructor_t)ccm_aead_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in
index 382bfef98..8be502a9c 100644
--- a/src/libstrongswan/plugins/constraints/Makefile.in
+++ b/src/libstrongswan/plugins/constraints/Makefile.in
@@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/constraints/constraints_plugin.c b/src/libstrongswan/plugins/constraints/constraints_plugin.c
index 1c3f0c835..502c83559 100644
--- a/src/libstrongswan/plugins/constraints/constraints_plugin.c
+++ b/src/libstrongswan/plugins/constraints/constraints_plugin.c
@@ -36,6 +36,12 @@ struct private_constraints_plugin_t {
constraints_validator_t *validator;
};
+METHOD(plugin_t, get_name, char*,
+ private_constraints_plugin_t *this)
+{
+ return "constraints";
+}
+
METHOD(plugin_t, destroy, void,
private_constraints_plugin_t *this)
{
@@ -54,6 +60,8 @@ plugin_t *constraints_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in
index ecee15d56..0db640829 100644
--- a/src/libstrongswan/plugins/ctr/Makefile.in
+++ b/src/libstrongswan/plugins/ctr/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/ctr/ctr_plugin.c b/src/libstrongswan/plugins/ctr/ctr_plugin.c
index dc6cba562..6850cacf0 100644
--- a/src/libstrongswan/plugins/ctr/ctr_plugin.c
+++ b/src/libstrongswan/plugins/ctr/ctr_plugin.c
@@ -19,11 +19,6 @@
#include "ctr_ipsec_crypter.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "ctr";
-
->>>>>>> upstream/4.5.1
typedef struct private_ctr_plugin_t private_ctr_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_ctr_plugin_t {
ctr_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_ctr_plugin_t *this)
+{
+ return "ctr";
+}
+
METHOD(plugin_t, destroy, void,
private_ctr_plugin_t *this)
{
@@ -52,40 +53,31 @@ METHOD(plugin_t, destroy, void,
plugin_t *ctr_plugin_create()
{
private_ctr_plugin_t *this;
-<<<<<<< HEAD
-=======
crypter_t *crypter;
->>>>>>> upstream/4.5.1
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR,
- (crypter_constructor_t)ctr_ipsec_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR,
- (crypter_constructor_t)ctr_ipsec_crypter_create);
-
-=======
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this),
(crypter_constructor_t)ctr_ipsec_crypter_create);
}
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this),
(crypter_constructor_t)ctr_ipsec_crypter_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index f2192399c..cdfb2b801 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c
index e58188098..7f8c0aec2 100644
--- a/src/libstrongswan/plugins/curl/curl_fetcher.c
+++ b/src/libstrongswan/plugins/curl/curl_fetcher.c
@@ -43,31 +43,49 @@ struct private_curl_fetcher_t {
* Optional HTTP headers
*/
struct curl_slist *headers;
+
+ /**
+ * Callback function
+ */
+ fetcher_callback_t cb;
};
/**
- * writes data into a dynamically resizeable chunk_t
+ * Data to pass to curl callback
+ */
+typedef struct {
+ fetcher_callback_t cb;
+ void *user;
+} cb_data_t;
+
+/**
+ * Curl callback function, invokes fetcher_callback_t function
*/
-static size_t append(void *ptr, size_t size, size_t nmemb, chunk_t *data)
+static size_t curl_cb(void *ptr, size_t size, size_t nmemb, cb_data_t *data)
{
size_t realsize = size * nmemb;
- data->ptr = (u_char*)realloc(data->ptr, data->len + realsize);
- if (data->ptr)
+ if (data->cb(data->user, chunk_create(ptr, realsize)))
{
- memcpy(&data->ptr[data->len], ptr, realsize);
- data->len += realsize;
+ return realsize;
}
- return realsize;
+ return 0;
}
METHOD(fetcher_t, fetch, status_t,
- private_curl_fetcher_t *this, char *uri, chunk_t *result)
+ private_curl_fetcher_t *this, char *uri, void *userdata)
{
char error[CURL_ERROR_SIZE];
status_t status;
+ cb_data_t data = {
+ .cb = this->cb,
+ .user = userdata,
+ };
- *result = chunk_empty;
+ if (this->cb == fetcher_default_callback)
+ {
+ *(chunk_t*)userdata = chunk_empty;
+ }
if (curl_easy_setopt(this->curl, CURLOPT_URL, uri) != CURLE_OK)
{ /* URL type not supported by curl */
@@ -77,8 +95,8 @@ METHOD(fetcher_t, fetch, status_t,
curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE);
curl_easy_setopt(this->curl, CURLOPT_NOSIGNAL, TRUE);
curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, DEFAULT_TIMEOUT);
- curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)append);
- curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void*)result);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)curl_cb);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, &data);
if (this->headers)
{
curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers);
@@ -104,10 +122,7 @@ METHOD(fetcher_t, fetch, status_t,
METHOD(fetcher_t, set_option, bool,
private_curl_fetcher_t *this, fetcher_option_t option, ...)
{
-<<<<<<< HEAD
-=======
bool supported = TRUE;
->>>>>>> upstream/4.5.1
va_list args;
va_start(args, option);
@@ -119,11 +134,7 @@ METHOD(fetcher_t, set_option, bool,
curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, (char*)data.ptr);
curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, data.len);
-<<<<<<< HEAD
- return TRUE;
-=======
break;
->>>>>>> upstream/4.5.1
}
case FETCH_REQUEST_TYPE:
{
@@ -132,44 +143,30 @@ METHOD(fetcher_t, set_option, bool,
snprintf(header, BUF_LEN, "Content-Type: %s", request_type);
this->headers = curl_slist_append(this->headers, header);
-<<<<<<< HEAD
- return TRUE;
-=======
break;
->>>>>>> upstream/4.5.1
}
case FETCH_REQUEST_HEADER:
{
char *header = va_arg(args, char*);
this->headers = curl_slist_append(this->headers, header);
-<<<<<<< HEAD
- return TRUE;
-=======
break;
->>>>>>> upstream/4.5.1
}
case FETCH_HTTP_VERSION_1_0:
{
curl_easy_setopt(this->curl, CURLOPT_HTTP_VERSION,
CURL_HTTP_VERSION_1_0);
-<<<<<<< HEAD
- return TRUE;
-=======
break;
->>>>>>> upstream/4.5.1
}
case FETCH_TIMEOUT:
{
curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT,
va_arg(args, u_int));
-<<<<<<< HEAD
- return TRUE;
+ break;
}
- default:
- return FALSE;
- }
-=======
+ case FETCH_CALLBACK:
+ {
+ this->cb = va_arg(args, fetcher_callback_t);
break;
}
default:
@@ -178,7 +175,6 @@ METHOD(fetcher_t, set_option, bool,
}
va_end(args);
return supported;
->>>>>>> upstream/4.5.1
}
METHOD(fetcher_t, destroy, void,
@@ -205,6 +201,7 @@ curl_fetcher_t *curl_fetcher_create()
},
},
.curl = curl_easy_init(),
+ .cb = fetcher_default_callback,
);
if (!this->curl)
diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c
index 41026f407..d0e532055 100644
--- a/src/libstrongswan/plugins/curl/curl_plugin.c
+++ b/src/libstrongswan/plugins/curl/curl_plugin.c
@@ -34,15 +34,14 @@ struct private_curl_plugin_t {
curl_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of curl_plugin_t.curltroy
- */
-static void destroy(private_curl_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_curl_plugin_t *this)
+{
+ return "curl";
+}
+
METHOD(plugin_t, destroy, void,
private_curl_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->fetcher->remove_fetcher(lib->fetcher,
(fetcher_constructor_t)curl_fetcher_create);
@@ -56,21 +55,17 @@ METHOD(plugin_t, destroy, void,
plugin_t *curl_plugin_create()
{
CURLcode res;
-<<<<<<< HEAD
- private_curl_plugin_t *this = malloc_thing(private_curl_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_curl_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
res = curl_global_init(CURL_GLOBAL_NOTHING);
if (res == CURLE_OK)
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index 9f49f45f4..d24ac40f8 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c
index 7d9fbe852..695e7e4c4 100644
--- a/src/libstrongswan/plugins/des/des_crypter.c
+++ b/src/libstrongswan/plugins/des/des_crypter.c
@@ -1552,6 +1552,7 @@ METHOD(crypter_t, set_key3, void,
METHOD(crypter_t, destroy, void,
private_des_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c
index 14c5420ea..78b73347d 100644
--- a/src/libstrongswan/plugins/des/des_plugin.c
+++ b/src/libstrongswan/plugins/des/des_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "des_crypter.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "des";
-
->>>>>>> upstream/4.5.1
typedef struct private_des_plugin_t private_des_plugin_t;
/**
@@ -36,6 +31,12 @@ struct private_des_plugin_t {
des_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_des_plugin_t *this)
+{
+ return "des";
+}
+
METHOD(plugin_t, destroy, void,
private_des_plugin_t *this)
{
@@ -54,24 +55,18 @@ plugin_t *des_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
- (crypter_constructor_t)des_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES,
- (crypter_constructor_t)des_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
-=======
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this),
(crypter_constructor_t)des_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this),
(crypter_constructor_t)des_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this),
(crypter_constructor_t)des_crypter_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index 262d64565..62c52498c 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -222,13 +222,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,14 +263,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
index 75743ae2e..4e08746f8 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
@@ -31,15 +31,14 @@ struct private_dnskey_plugin_t {
dnskey_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of dnskey_plugin_t.dnskeytroy
- */
-static void destroy(private_dnskey_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_dnskey_plugin_t *this)
+{
+ return "dnskey";
+}
+
METHOD(plugin_t, destroy, void,
private_dnskey_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)dnskey_public_key_load);
@@ -51,22 +50,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *dnskey_plugin_create()
{
-<<<<<<< HEAD
- private_dnskey_plugin_t *this = malloc_thing(private_dnskey_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
-=======
private_dnskey_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE,
(builder_function_t)dnskey_public_key_load);
lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, FALSE,
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 6bd31f0e1..e88a102b8 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -222,13 +222,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,14 +263,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index 27a3b9cc6..ee71f6efd 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -106,12 +106,8 @@ static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[])
* 0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78,
* 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16
*/
-<<<<<<< HEAD
-static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
-=======
METHOD(prf_t, get_bytes, void,
private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
->>>>>>> upstream/4.5.1
{
int i;
u_int8_t xval[this->b];
@@ -144,19 +140,6 @@ METHOD(prf_t, get_bytes, void,
/* 3.3 done already, mod q not used */
}
-<<<<<<< HEAD
-/**
- * Implementation of prf_t.get_block_size.
- */
-static size_t get_block_size(private_fips_prf_t *this)
-{
- return 2 * this->b;
-}
-/**
- * Implementation of prf_t.allocate_bytes.
- */
-static void allocate_bytes(private_fips_prf_t *this, chunk_t seed, chunk_t *chunk)
-=======
METHOD(prf_t, get_block_size, size_t,
private_fips_prf_t *this)
{
@@ -164,34 +147,19 @@ METHOD(prf_t, get_block_size, size_t,
}
METHOD(prf_t, allocate_bytes, void,
private_fips_prf_t *this, chunk_t seed, chunk_t *chunk)
->>>>>>> upstream/4.5.1
{
*chunk = chunk_alloc(get_block_size(this));
get_bytes(this, seed, chunk->ptr);
}
-<<<<<<< HEAD
-/**
- * Implementation of prf_t.get_key_size.
- */
-static size_t get_key_size(private_fips_prf_t *this)
-=======
METHOD(prf_t, get_key_size, size_t,
private_fips_prf_t *this)
->>>>>>> upstream/4.5.1
{
return this->b;
}
-<<<<<<< HEAD
-/**
- * Implementation of prf_t.set_key.
- */
-static void set_key(private_fips_prf_t *this, chunk_t key)
-=======
METHOD(prf_t, set_key, void,
private_fips_prf_t *this, chunk_t key)
->>>>>>> upstream/4.5.1
{
/* save key as "key mod 2^b" */
chunk_mod(this->b, key, this->key);
@@ -223,15 +191,8 @@ void g_sha1(private_fips_prf_t *this, chunk_t c, u_int8_t res[])
this->keyed_prf->get_bytes(this->keyed_prf, c, res);
}
-<<<<<<< HEAD
-/**
- * Implementation of prf_t.destroy.
- */
-static void destroy(private_fips_prf_t *this)
-=======
METHOD(prf_t, destroy, void,
private_fips_prf_t *this)
->>>>>>> upstream/4.5.1
{
this->keyed_prf->destroy(this->keyed_prf);
free(this->key);
@@ -243,16 +204,6 @@ METHOD(prf_t, destroy, void,
*/
fips_prf_t *fips_prf_create(pseudo_random_function_t algo)
{
-<<<<<<< HEAD
- private_fips_prf_t *this = malloc_thing(private_fips_prf_t);
-
- this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
- this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
- this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
- this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
- this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
- this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
-=======
private_fips_prf_t *this;
INIT(this,
@@ -267,7 +218,6 @@ fips_prf_t *fips_prf_create(pseudo_random_function_t algo)
},
},
);
->>>>>>> upstream/4.5.1
switch (algo)
{
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
index 202d6653a..7038da146 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "fips_prf.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "fips-prf";
-
->>>>>>> upstream/4.5.1
typedef struct private_fips_prf_plugin_t private_fips_prf_plugin_t;
/**
@@ -36,15 +31,14 @@ struct private_fips_prf_plugin_t {
fips_prf_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of fips_prf_plugin_t.destroy
- */
-static void destroy(private_fips_prf_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_fips_prf_plugin_t *this)
+{
+ return "fips-prf";
+}
+
METHOD(plugin_t, destroy, void,
private_fips_prf_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_prf(lib->crypto,
(prf_constructor_t)fips_prf_create);
@@ -56,20 +50,14 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *fips_prf_plugin_create()
{
-<<<<<<< HEAD
- private_fips_prf_plugin_t *this = malloc_thing(private_fips_prf_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160,
- (prf_constructor_t)fips_prf_create);
-=======
private_fips_prf_plugin_t *this;
prf_t *prf;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
@@ -79,10 +67,9 @@ plugin_t *fips_prf_plugin_create()
if (prf)
{
prf->destroy(prf);
- lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, get_name(this),
(prf_constructor_t)fips_prf_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index 7f5a59abd..202849eb6 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/gcm/gcm_plugin.c b/src/libstrongswan/plugins/gcm/gcm_plugin.c
index 984026778..4b46f0ee4 100644
--- a/src/libstrongswan/plugins/gcm/gcm_plugin.c
+++ b/src/libstrongswan/plugins/gcm/gcm_plugin.c
@@ -19,11 +19,6 @@
#include "gcm_aead.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "gcm";
-
->>>>>>> upstream/4.5.1
typedef struct private_gcm_plugin_t private_gcm_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_gcm_plugin_t {
gcm_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_gcm_plugin_t *this)
+{
+ return "gcm";
+}
+
METHOD(plugin_t, destroy, void,
private_gcm_plugin_t *this)
{
@@ -52,35 +53,29 @@ METHOD(plugin_t, destroy, void,
plugin_t *gcm_plugin_create()
{
private_gcm_plugin_t *this;
-<<<<<<< HEAD
-=======
crypter_t *crypter;
->>>>>>> upstream/4.5.1
INIT(this,
- .public.plugin.destroy = _destroy,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
+ .destroy = _destroy,
+ },
+ },
);
-<<<<<<< HEAD
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8,
- (aead_constructor_t)gcm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12,
- (aead_constructor_t)gcm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16,
- (aead_constructor_t)gcm_aead_create);
-=======
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, get_name(this),
(aead_constructor_t)gcm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, get_name(this),
(aead_constructor_t)gcm_aead_create);
- lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, plugin_name,
+ lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, get_name(this),
(aead_constructor_t)gcm_aead_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index bb4e29b3b..bedb918b9 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -223,13 +223,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -268,14 +264,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
index c709d497f..e26277b0b 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
@@ -29,11 +29,6 @@
#include <errno.h>
#include <gcrypt.h>
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "gcrypt";
-
->>>>>>> upstream/4.5.1
typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t;
/**
@@ -98,6 +93,12 @@ static struct gcry_thread_cbs thread_functions = {
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
};
+METHOD(plugin_t, get_name, char*,
+ private_gcrypt_plugin_t *this)
+{
+ return "gcrypt";
+}
+
METHOD(plugin_t, destroy, void,
private_gcrypt_plugin_t *this)
{
@@ -147,161 +148,87 @@ plugin_t *gcrypt_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
/* hashers */
-<<<<<<< HEAD
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD4,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
- (hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
- (hasher_constructor_t)gcrypt_hasher_create);
-
- /* crypters */
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAST,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR,
- (crypter_constructor_t)gcrypt_crypter_create);
-#ifdef HAVE_GCRY_CIPHER_CAMELLIA
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR,
- (crypter_constructor_t)gcrypt_crypter_create);
-#endif /* HAVE_GCRY_CIPHER_CAMELLIA */
- lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC,
- (crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC,
- (crypter_constructor_t)gcrypt_crypter_create);
-
- /* random numbers */
- lib->crypto->add_rng(lib->crypto, RNG_WEAK,
- (rng_constructor_t)gcrypt_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_STRONG,
- (rng_constructor_t)gcrypt_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_TRUE,
- (rng_constructor_t)gcrypt_rng_create);
-
- /* diffie hellman groups, using modp */
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
- (dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM,
-=======
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this),
(hasher_constructor_t)gcrypt_hasher_create);
/* crypters */
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
#ifdef HAVE_GCRY_CIPHER_CAMELLIA
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
#endif /* HAVE_GCRY_CIPHER_CAMELLIA */
- lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, get_name(this),
(crypter_constructor_t)gcrypt_crypter_create);
/* random numbers */
- lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this),
(rng_constructor_t)gcrypt_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this),
(rng_constructor_t)gcrypt_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this),
(rng_constructor_t)gcrypt_rng_create);
/* diffie hellman groups, using modp */
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this),
(dh_constructor_t)gcrypt_dh_create);
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this),
(dh_constructor_t)gcrypt_dh_create_custom);
/* RSA */
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index dde840936..18592ab4a 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c
index 798602e84..55ccd4a4f 100644
--- a/src/libstrongswan/plugins/gmp/gmp_plugin.c
+++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c
@@ -20,11 +20,6 @@
#include "gmp_rsa_private_key.h"
#include "gmp_rsa_public_key.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "gmp";
-
->>>>>>> upstream/4.5.1
typedef struct private_gmp_plugin_t private_gmp_plugin_t;
/**
@@ -38,6 +33,12 @@ struct private_gmp_plugin_t {
gmp_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_gmp_plugin_t *this)
+{
+ return "gmp";
+}
+
METHOD(plugin_t, destroy, void,
private_gmp_plugin_t *this)
{
@@ -64,62 +65,37 @@ plugin_t *gmp_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160,
- (dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
- (dh_constructor_t)gmp_diffie_hellman_create);
-
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM,
-=======
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this),
(dh_constructor_t)gmp_diffie_hellman_create_custom);
lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, FALSE,
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index e8355ab21..b9e2cd817 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c
index c7b2739df..397a1ea11 100644
--- a/src/libstrongswan/plugins/hmac/hmac.c
+++ b/src/libstrongswan/plugins/hmac/hmac.c
@@ -147,8 +147,8 @@ METHOD(hmac_t, destroy, void,
private_hmac_t *this)
{
this->h->destroy(this->h);
- free(this->opaded_key.ptr);
- free(this->ipaded_key.ptr);
+ chunk_clear(&this->opaded_key);
+ chunk_clear(&this->ipaded_key);
free(this);
}
diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c
index c15a29b1c..47d6d3cde 100644
--- a/src/libstrongswan/plugins/hmac/hmac_plugin.c
+++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c
@@ -19,11 +19,6 @@
#include "hmac_signer.h"
#include "hmac_prf.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "hmac";
-
->>>>>>> upstream/4.5.1
typedef struct private_hmac_plugin_t private_hmac_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_hmac_plugin_t {
hmac_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_hmac_plugin_t *this)
+{
+ return "hmac";
+}
+
METHOD(plugin_t, destroy, void,
private_hmac_plugin_t *this)
{
@@ -53,74 +54,40 @@ METHOD(plugin_t, destroy, void,
plugin_t *hmac_plugin_create()
{
private_hmac_plugin_t *this;
-<<<<<<< HEAD
-=======
hasher_t *hasher;
->>>>>>> upstream/4.5.1
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256,
- (prf_constructor_t)hmac_prf_create);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1,
- (prf_constructor_t)hmac_prf_create);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5,
- (prf_constructor_t)hmac_prf_create);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384,
- (prf_constructor_t)hmac_prf_create);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512,
- (prf_constructor_t)hmac_prf_create);
-
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384,
- (signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256,
- (signer_constructor_t)hmac_signer_create);
-=======
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher)
{
hasher->destroy(hasher);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, get_name(this),
(prf_constructor_t)hmac_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, get_name(this),
(signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, get_name(this),
(signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, get_name(this),
(signer_constructor_t)hmac_signer_create);
}
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA256);
if (hasher)
{
hasher->destroy(hasher);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, get_name(this),
(prf_constructor_t)hmac_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, get_name(this),
(signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, get_name(this),
(signer_constructor_t)hmac_signer_create);
}
@@ -128,34 +95,33 @@ plugin_t *hmac_plugin_create()
if (hasher)
{
hasher->destroy(hasher);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, get_name(this),
(prf_constructor_t)hmac_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, get_name(this),
(signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, get_name(this),
(signer_constructor_t)hmac_signer_create);
}
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA384);
if (hasher)
{
hasher->destroy(hasher);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, get_name(this),
(prf_constructor_t)hmac_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, get_name(this),
(signer_constructor_t)hmac_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, get_name(this),
(signer_constructor_t)hmac_signer_create);
}
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA512);
if (hasher)
{
hasher->destroy(hasher);
- lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, get_name(this),
(prf_constructor_t)hmac_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, get_name(this),
(signer_constructor_t)hmac_signer_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index 7dd7e92f0..b496ace28 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
index 57c367ca1..fc6114b0a 100644
--- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c
+++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c
@@ -100,13 +100,8 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response)
}
-<<<<<<< HEAD
-static status_t fetch(private_ldap_fetcher_t *this, char *url,
- chunk_t *result, va_list args)
-=======
METHOD(fetcher_t, fetch, status_t,
- private_ldap_fetcher_t *this, char *url, chunk_t *result)
->>>>>>> upstream/4.5.1
+ private_ldap_fetcher_t *this, char *url, void *userdata)
{
LDAP *ldap;
LDAPURLDesc *lurl;
@@ -115,6 +110,7 @@ METHOD(fetcher_t, fetch, status_t,
int ldap_version = LDAP_VERSION3;
struct timeval timeout;
status_t status = FAILED;
+ chunk_t *result = userdata;
if (!strneq(url, "ldap", 4))
{
@@ -171,15 +167,8 @@ METHOD(fetcher_t, fetch, status_t,
}
-<<<<<<< HEAD
-/**
- * Implementation of fetcher_t.set_option.
- */
-static bool set_option(private_ldap_fetcher_t *this, fetcher_option_t option, ...)
-=======
METHOD(fetcher_t, set_option, bool,
private_ldap_fetcher_t *this, fetcher_option_t option, ...)
->>>>>>> upstream/4.5.1
{
va_list args;
@@ -196,15 +185,8 @@ METHOD(fetcher_t, set_option, bool,
}
}
-<<<<<<< HEAD
-/**
- * Implements ldap_fetcher_t.destroy
- */
-static void destroy(private_ldap_fetcher_t *this)
-=======
METHOD(fetcher_t, destroy, void,
private_ldap_fetcher_t *this)
->>>>>>> upstream/4.5.1
{
free(this);
}
@@ -214,15 +196,6 @@ METHOD(fetcher_t, destroy, void,
*/
ldap_fetcher_t *ldap_fetcher_create()
{
-<<<<<<< HEAD
- private_ldap_fetcher_t *this = malloc_thing(private_ldap_fetcher_t);
-
- this->public.interface.fetch = (status_t(*)(fetcher_t*,char*,chunk_t*))fetch;
- this->public.interface.set_option = (bool(*)(fetcher_t*, fetcher_option_t option, ...))set_option;
- this->public.interface.destroy = (void (*)(fetcher_t*))destroy;
-
- this->timeout = DEFAULT_TIMEOUT;
-=======
private_ldap_fetcher_t *this;
INIT(this,
@@ -235,7 +208,6 @@ ldap_fetcher_t *ldap_fetcher_create()
},
.timeout = DEFAULT_TIMEOUT,
);
->>>>>>> upstream/4.5.1
return &this->public;
}
diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c
index 434a023ce..08d9748ce 100644
--- a/src/libstrongswan/plugins/ldap/ldap_plugin.c
+++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c
@@ -31,15 +31,14 @@ struct private_ldap_plugin_t {
ldap_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of ldap_plugin_t.destroy
- */
-static void destroy(private_ldap_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_ldap_plugin_t *this)
+{
+ return "ldap";
+}
+
METHOD(plugin_t, destroy, void,
private_ldap_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->fetcher->remove_fetcher(lib->fetcher,
(fetcher_constructor_t)ldap_fetcher_create);
@@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *ldap_plugin_create()
{
-<<<<<<< HEAD
- private_ldap_plugin_t *this = malloc_thing(private_ldap_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_ldap_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->fetcher->add_fetcher(lib->fetcher,
(fetcher_constructor_t)ldap_fetcher_create, "ldap://");
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index 4f69538a8..82781054b 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c
index cdb0fe914..371bba280 100644
--- a/src/libstrongswan/plugins/md4/md4_plugin.c
+++ b/src/libstrongswan/plugins/md4/md4_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "md4_hasher.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "md4";
-
->>>>>>> upstream/4.5.1
typedef struct private_md4_plugin_t private_md4_plugin_t;
/**
@@ -36,15 +31,14 @@ struct private_md4_plugin_t {
md4_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of md4_plugin_t.destroy
- */
-static void destroy(private_md4_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_md4_plugin_t *this)
+{
+ return "md4";
+}
+
METHOD(plugin_t, destroy, void,
private_md4_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_hasher(lib->crypto,
(hasher_constructor_t)md4_hasher_create);
@@ -56,25 +50,19 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *md4_plugin_create()
{
-<<<<<<< HEAD
- private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_hasher(lib->crypto, HASH_MD4,
-=======
private_md4_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this),
(hasher_constructor_t)md4_hasher_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index c0ffec7ad..0e3c37e7e 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c
index 015274ddf..c72284193 100644
--- a/src/libstrongswan/plugins/md5/md5_plugin.c
+++ b/src/libstrongswan/plugins/md5/md5_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "md5_hasher.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "md5";
-
->>>>>>> upstream/4.5.1
typedef struct private_md5_plugin_t private_md5_plugin_t;
/**
@@ -36,15 +31,14 @@ struct private_md5_plugin_t {
md5_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of md5_plugin_t.destroy
- */
-static void destroy(private_md5_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_md5_plugin_t *this)
+{
+ return "md5";
+}
+
METHOD(plugin_t, destroy, void,
private_md5_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_hasher(lib->crypto,
(hasher_constructor_t)md5_hasher_create);
@@ -56,25 +50,19 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *md5_plugin_create()
{
-<<<<<<< HEAD
- private_md5_plugin_t *this = malloc_thing(private_md5_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_hasher(lib->crypto, HASH_MD5,
-=======
private_md5_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this),
(hasher_constructor_t)md5_hasher_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 7a6c57dd1..32067d5b4 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c
index 0b9f8285d..5fbfa0f28 100644
--- a/src/libstrongswan/plugins/mysql/mysql_database.c
+++ b/src/libstrongswan/plugins/mysql/mysql_database.c
@@ -474,15 +474,8 @@ static bool mysql_enumerator_enumerate(mysql_enumerator_t *this, ...)
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.query.
- */
-static enumerator_t* query(private_mysql_database_t *this, char *sql, ...)
-=======
METHOD(database_t, query, enumerator_t*,
private_mysql_database_t *this, char *sql, ...)
->>>>>>> upstream/4.5.1
{
MYSQL_STMT *stmt;
va_list args;
@@ -568,15 +561,8 @@ METHOD(database_t, query, enumerator_t*,
return (enumerator_t*)enumerator;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.execute.
- */
-static int execute(private_mysql_database_t *this, int *rowid, char *sql, ...)
-=======
METHOD(database_t, execute, int,
private_mysql_database_t *this, int *rowid, char *sql, ...)
->>>>>>> upstream/4.5.1
{
MYSQL_STMT *stmt;
va_list args;
@@ -604,28 +590,14 @@ METHOD(database_t, execute, int,
return affected;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.get_driver
- */
-static db_driver_t get_driver(private_mysql_database_t *this)
-=======
METHOD(database_t, get_driver,db_driver_t,
private_mysql_database_t *this)
->>>>>>> upstream/4.5.1
{
return DB_MYSQL;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.destroy
- */
-static void destroy(private_mysql_database_t *this)
-=======
METHOD(database_t, destroy, void,
private_mysql_database_t *this)
->>>>>>> upstream/4.5.1
{
this->pool->destroy_function(this->pool, (void*)conn_destroy);
this->mutex->destroy(this->mutex);
@@ -697,14 +669,6 @@ mysql_database_t *mysql_database_create(char *uri)
return NULL;
}
-<<<<<<< HEAD
- this = malloc_thing(private_mysql_database_t);
-
- this->public.db.query = (enumerator_t* (*)(database_t *this, char *sql, ...))query;
- this->public.db.execute = (int (*)(database_t *this, int *rowid, char *sql, ...))execute;
- this->public.db.get_driver = (db_driver_t(*)(database_t*))get_driver;
- this->public.db.destroy = (void(*)(database_t*))destroy;
-=======
INIT(this,
.public = {
.db = {
@@ -715,7 +679,6 @@ mysql_database_t *mysql_database_create(char *uri)
},
},
);
->>>>>>> upstream/4.5.1
if (!parse_uri(this, uri))
{
diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c
index 738bbeddb..579df4d50 100644
--- a/src/libstrongswan/plugins/mysql/mysql_plugin.c
+++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c
@@ -32,15 +32,14 @@ struct private_mysql_plugin_t {
mysql_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of plugin_t.destroy
- */
-static void destroy(private_mysql_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_mysql_plugin_t *this)
+{
+ return "mysql";
+}
+
METHOD(plugin_t, destroy, void,
private_mysql_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->db->remove_database(lib->db,
(database_constructor_t)mysql_database_create);
@@ -61,18 +60,15 @@ plugin_t *mysql_plugin_create()
return NULL;
}
-<<<<<<< HEAD
- this = malloc_thing(private_mysql_plugin_t);
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->db->add_database(lib->db,
(database_constructor_t)mysql_database_create);
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index 4048bbd02..d1c8fce81 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -226,13 +226,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -253,6 +247,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -271,14 +267,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c
index 7708af958..58401faa5 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@@ -382,11 +382,8 @@ static private_openssl_crl_t *create_empty()
},
.get_serial = _get_serial,
.get_authKeyIdentifier = _get_authKeyIdentifier,
-<<<<<<< HEAD
-=======
.is_delta_crl = (void*)return_false,
.create_delta_crl_uri_enumerator = (void*)enumerator_create_empty,
->>>>>>> upstream/4.5.1
.create_enumerator = _create_enumerator,
},
},
@@ -463,9 +460,6 @@ static bool parse_extensions(private_openssl_crl_t *this)
ok = parse_crlNumber_ext(this, ext);
break;
default:
-<<<<<<< HEAD
- ok = TRUE;
-=======
ok = X509_EXTENSION_get_critical(ext) == 0 ||
!lib->settings->get_bool(lib->settings,
"libstrongswan.x509.enforce_critical", TRUE);
@@ -474,7 +468,6 @@ static bool parse_extensions(private_openssl_crl_t *this)
DBG1(DBG_LIB, "found unsupported critical X.509 "
"CRL extension");
}
->>>>>>> upstream/4.5.1
break;
}
if (!ok)
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index 2ed07ff0c..cd9a3bd4a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -152,7 +152,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_openssl_crypter_t *this)
{
- free(this->key.ptr);
+ chunk_clear(&this->key);
free(this);
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index 32fc2bccd..78ed2811a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -257,7 +257,7 @@ METHOD(diffie_hellman_t, destroy, void,
{
EC_POINT_clear_free(this->pub_key);
EC_KEY_free(this->key);
- chunk_free(&this->shared_secret);
+ chunk_clear(&this->shared_secret);
free(this);
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index cf48b4c15..96aa38bb6 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -41,11 +41,6 @@
#include "openssl_x509.h"
#include "openssl_crl.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "openssl";
-
->>>>>>> upstream/4.5.1
typedef struct private_openssl_plugin_t private_openssl_plugin_t;
/**
@@ -198,6 +193,12 @@ static void threading_cleanup()
mutex = NULL;
}
+METHOD(plugin_t, get_name, char*,
+ private_openssl_plugin_t *this)
+{
+ return "openssl";
+}
+
METHOD(plugin_t, destroy, void,
private_openssl_plugin_t *this)
{
@@ -253,6 +254,8 @@ plugin_t *openssl_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
@@ -277,167 +280,85 @@ plugin_t *openssl_plugin_create()
}
/* crypter */
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_RC5,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_IDEA,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAST,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
- (crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_NULL,
- (crypter_constructor_t)openssl_crypter_create);
-
- /* hasher */
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD2,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD4,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
- (hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
- (hasher_constructor_t)openssl_hasher_create);
-
- /* prf */
- lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1,
- (prf_constructor_t)openssl_sha1_prf_create);
-
- /* (ec) diffie hellman */
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
-#ifndef OPENSSL_NO_EC
- lib->crypto->add_dh(lib->crypto, ECP_256_BIT,
- (dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_384_BIT,
- (dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_521_BIT,
- (dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_224_BIT,
- (dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_192_BIT,
- (dh_constructor_t)openssl_ec_diffie_hellman_create);
-#endif /* OPENSSL_NO_EC */
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
- (dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM,
-=======
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_RC5, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_RC5, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
- lib->crypto->add_crypter(lib->crypto, ENCR_NULL, plugin_name,
+ lib->crypto->add_crypter(lib->crypto, ENCR_NULL, get_name(this),
(crypter_constructor_t)openssl_crypter_create);
/* hasher */
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this),
(hasher_constructor_t)openssl_hasher_create);
/* prf */
- lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this),
(prf_constructor_t)openssl_sha1_prf_create);
/* (ec) diffie hellman */
- lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
#ifndef OPENSSL_NO_EC
- lib->crypto->add_dh(lib->crypto, ECP_256_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, ECP_256_BIT, get_name(this),
(dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_384_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, ECP_384_BIT, get_name(this),
(dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_521_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, ECP_521_BIT, get_name(this),
(dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_224_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, ECP_224_BIT, get_name(this),
(dh_constructor_t)openssl_ec_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, ECP_192_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, ECP_192_BIT, get_name(this),
(dh_constructor_t)openssl_ec_diffie_hellman_create);
#endif /* OPENSSL_NO_EC */
- lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name,
+ lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
- lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this),
(dh_constructor_t)openssl_diffie_hellman_create);
/* rsa */
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 0b607c386..d1afd94cc 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -455,6 +455,7 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type,
return NULL;
}
+#ifndef OPENSSL_NO_ENGINE
/**
* Login to engine with a PIN specified for a keyid
*/
@@ -496,6 +497,7 @@ static bool login(ENGINE *engine, chunk_t keyid)
}
return success;
}
+#endif /* OPENSSL_NO_ENGINE */
/**
* See header.
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 7c7f2aa06..f7495b2ae 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -84,11 +84,7 @@ struct private_openssl_x509_t {
/**
* Pathlen constraint
*/
-<<<<<<< HEAD
- int pathlen;
-=======
u_char pathlen;
->>>>>>> upstream/4.5.1
/**
* certificate subject
@@ -141,11 +137,7 @@ struct private_openssl_x509_t {
linked_list_t *issuerAltNames;
/**
-<<<<<<< HEAD
- * List of CRL URIs
-=======
* List of CRL URIs, as x509_cdp_t
->>>>>>> upstream/4.5.1
*/
linked_list_t *crl_uris;
@@ -161,8 +153,6 @@ struct private_openssl_x509_t {
};
/**
-<<<<<<< HEAD
-=======
* Destroy a CRL URI struct
*/
static void crl_uri_destroy(x509_cdp_t *this)
@@ -173,7 +163,6 @@ static void crl_uri_destroy(x509_cdp_t *this)
}
/**
->>>>>>> upstream/4.5.1
* Convert a GeneralName to an identification_t.
*/
static identification_t *general_name2id(GENERAL_NAME *name)
@@ -261,12 +250,6 @@ METHOD(x509_t, get_authKeyIdentifier, chunk_t,
return chunk_empty;
}
-<<<<<<< HEAD
-METHOD(x509_t, get_pathLenConstraint, int,
- private_openssl_x509_t *this)
-{
- return this->pathlen;
-=======
METHOD(x509_t, get_constraint, u_int,
private_openssl_x509_t *this, x509_constraint_t type)
{
@@ -277,7 +260,6 @@ METHOD(x509_t, get_constraint, u_int,
default:
return X509_NO_CONSTRAINT;
}
->>>>>>> upstream/4.5.1
}
METHOD(x509_t, create_subjectAltName_enumerator, enumerator_t*,
@@ -298,16 +280,6 @@ METHOD(x509_t, create_ocsp_uri_enumerator, enumerator_t*,
return this->ocsp_uris->create_enumerator(this->ocsp_uris);
}
-<<<<<<< HEAD
-METHOD(x509_t, create_ipAddrBlock_enumerator, enumerator_t*,
- private_openssl_x509_t *this)
-{
- /* TODO */
- return enumerator_create_empty();
-}
-
-=======
->>>>>>> upstream/4.5.1
METHOD(certificate_t, get_type, certificate_type_t,
private_openssl_x509_t *this)
{
@@ -520,11 +492,7 @@ METHOD(certificate_t, destroy, void,
offsetof(identification_t, destroy));
this->issuerAltNames->destroy_offset(this->issuerAltNames,
offsetof(identification_t, destroy));
-<<<<<<< HEAD
- this->crl_uris->destroy_function(this->crl_uris, free);
-=======
this->crl_uris->destroy_function(this->crl_uris, (void*)crl_uri_destroy);
->>>>>>> upstream/4.5.1
this->ocsp_uris->destroy_function(this->ocsp_uris, free);
free(this);
}
@@ -558,13 +526,6 @@ static private_openssl_x509_t *create_empty()
.get_serial = _get_serial,
.get_subjectKeyIdentifier = _get_subjectKeyIdentifier,
.get_authKeyIdentifier = _get_authKeyIdentifier,
-<<<<<<< HEAD
- .get_pathLenConstraint = _get_pathLenConstraint,
- .create_subjectAltName_enumerator = _create_subjectAltName_enumerator,
- .create_crl_uri_enumerator = _create_crl_uri_enumerator,
- .create_ocsp_uri_enumerator = _create_ocsp_uri_enumerator,
- .create_ipAddrBlock_enumerator = _create_ipAddrBlock_enumerator,
-=======
.get_constraint = _get_constraint,
.create_subjectAltName_enumerator = _create_subjectAltName_enumerator,
.create_crl_uri_enumerator = _create_crl_uri_enumerator,
@@ -573,18 +534,13 @@ static private_openssl_x509_t *create_empty()
.create_name_constraint_enumerator = (void*)enumerator_create_empty,
.create_cert_policy_enumerator = (void*)enumerator_create_empty,
.create_policy_mapping_enumerator = (void*)enumerator_create_empty,
->>>>>>> upstream/4.5.1
},
},
.subjectAltNames = linked_list_create(),
.issuerAltNames = linked_list_create(),
.crl_uris = linked_list_create(),
.ocsp_uris = linked_list_create(),
-<<<<<<< HEAD
- .pathlen = X509_NO_PATH_LEN_CONSTRAINT,
-=======
.pathlen = X509_NO_CONSTRAINT,
->>>>>>> upstream/4.5.1
.ref = 1,
);
@@ -630,10 +586,7 @@ static bool parse_basicConstraints_ext(private_openssl_x509_t *this,
X509_EXTENSION *ext)
{
BASIC_CONSTRAINTS *constraints;
-<<<<<<< HEAD
-=======
long pathlen;
->>>>>>> upstream/4.5.1
constraints = (BASIC_CONSTRAINTS*)X509V3_EXT_d2i(ext);
if (constraints)
@@ -644,14 +597,10 @@ static bool parse_basicConstraints_ext(private_openssl_x509_t *this,
}
if (constraints->pathlen)
{
-<<<<<<< HEAD
- this->pathlen = ASN1_INTEGER_get(constraints->pathlen);
-=======
pathlen = ASN1_INTEGER_get(constraints->pathlen);
this->pathlen = (pathlen >= 0 && pathlen < 128) ?
pathlen : X509_NO_CONSTRAINT;
->>>>>>> upstream/4.5.1
}
BASIC_CONSTRAINTS_free(constraints);
return TRUE;
@@ -667,16 +616,10 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this,
{
CRL_DIST_POINTS *cdps;
DIST_POINT *cdp;
-<<<<<<< HEAD
- identification_t *id;
- char *uri;
- int i, j, point_num, name_num;
-=======
identification_t *id, *issuer;
x509_cdp_t *entry;
char *uri;
int i, j, k, point_num, name_num, issuer_num;
->>>>>>> upstream/4.5.1
cdps = X509V3_EXT_d2i(ext);
if (!cdps)
@@ -701,9 +644,6 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this,
{
if (asprintf(&uri, "%Y", id) > 0)
{
-<<<<<<< HEAD
- this->crl_uris->insert_first(this->crl_uris, uri);
-=======
if (cdp->CRLissuer)
{
issuer_num = sk_GENERAL_NAME_num(cdp->CRLissuer);
@@ -730,16 +670,12 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this,
);
this->crl_uris->insert_last(this->crl_uris, entry);
}
->>>>>>> upstream/4.5.1
}
id->destroy(id);
}
}
}
-<<<<<<< HEAD
-=======
->>>>>>> upstream/4.5.1
DIST_POINT_free(cdp);
}
}
@@ -872,9 +808,6 @@ static bool parse_extensions(private_openssl_x509_t *this)
ok = parse_crlDistributionPoints_ext(this, ext);
break;
default:
-<<<<<<< HEAD
- ok = TRUE;
-=======
ok = X509_EXTENSION_get_critical(ext) == 0 ||
!lib->settings->get_bool(lib->settings,
"libstrongswan.x509.enforce_critical", TRUE);
@@ -882,7 +815,6 @@ static bool parse_extensions(private_openssl_x509_t *this)
{
DBG1(DBG_LIB, "found unsupported critical X.509 extension");
}
->>>>>>> upstream/4.5.1
break;
}
if (!ok)
@@ -940,8 +872,6 @@ static bool parse_certificate(private_openssl_x509_t *this)
{
return FALSE;
}
-<<<<<<< HEAD
-=======
if (X509_get_version(this->x509) < 0 || X509_get_version(this->x509) > 2)
{
DBG1(DBG_LIB, "unsupported x509 version: %d",
@@ -949,7 +879,6 @@ static bool parse_certificate(private_openssl_x509_t *this)
return FALSE;
}
->>>>>>> upstream/4.5.1
this->subject = openssl_x509_name2id(X509_get_subject_name(this->x509));
this->issuer = openssl_x509_name2id(X509_get_issuer_name(this->x509));
@@ -993,11 +922,7 @@ static bool parse_certificate(private_openssl_x509_t *this)
if (!parse_extensions(this))
{
-<<<<<<< HEAD
- return TRUE;
-=======
return FALSE;
->>>>>>> upstream/4.5.1
}
parse_extKeyUsage(this);
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 24c7441d7..7bc342995 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -222,13 +222,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,14 +263,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
index 06c20292f..119de86aa 100644
--- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
+++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
@@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv,
*dst = chunk_alloc(src.len);
padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr,
src.len / AES_BLOCK_SIZE, iv_aligned);
+
+ memwipe(key_aligned, sizeof(key_aligned));
}
METHOD(crypter_t, decrypt, void,
@@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_padlock_aes_crypter_t *this)
{
- free(this->key.ptr);
+ chunk_clear(&this->key);
free(this);
}
diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c
index a78f2076b..9d4afd8e8 100644
--- a/src/libstrongswan/plugins/padlock/padlock_plugin.c
+++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c
@@ -23,11 +23,6 @@
#include <library.h>
#include <debug.h>
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "padlock";
-
->>>>>>> upstream/4.5.1
typedef struct private_padlock_plugin_t private_padlock_plugin_t;
typedef enum padlock_feature_t padlock_feature_t;
@@ -106,6 +101,12 @@ static padlock_feature_t get_padlock_features()
return 0;
}
+METHOD(plugin_t, get_name, char*,
+ private_padlock_plugin_t *this)
+{
+ return "padlock";
+}
+
METHOD(plugin_t, destroy, void,
private_padlock_plugin_t *this)
{
@@ -141,6 +142,8 @@ plugin_t *padlock_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
@@ -166,37 +169,21 @@ plugin_t *padlock_plugin_create()
if (this->features & PADLOCK_RNG_ENABLED)
{
-<<<<<<< HEAD
- lib->crypto->add_rng(lib->crypto, RNG_TRUE,
- (rng_constructor_t)padlock_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_STRONG,
- (rng_constructor_t)padlock_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_WEAK,
-=======
- lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this),
(rng_constructor_t)padlock_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this),
(rng_constructor_t)padlock_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this),
(rng_constructor_t)padlock_rng_create);
}
if (this->features & PADLOCK_ACE2_ENABLED)
{
-<<<<<<< HEAD
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
-=======
- lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this),
(crypter_constructor_t)padlock_aes_crypter_create);
}
if (this->features & PADLOCK_PHE_ENABLED)
{
-<<<<<<< HEAD
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
-=======
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this),
(hasher_constructor_t)padlock_sha1_hasher_create);
}
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index 5a2469145..92c7fa2fe 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c
index 2a69e4ea6..9c8237e4d 100644
--- a/src/libstrongswan/plugins/pem/pem_encoder.c
+++ b/src/libstrongswan/plugins/pem/pem_encoder.c
@@ -111,11 +111,7 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
}
/* compute and allocate maximum size of PEM object */
-<<<<<<< HEAD
- pem_chars = 4*(asn1.len + 2)/3;
-=======
pem_chars = 4 * ((asn1.len + 2) / 3);
->>>>>>> upstream/4.5.1
pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE;
*encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines);
pos = encoding->ptr;
diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c
index 0e6a4788c..c81605ae5 100644
--- a/src/libstrongswan/plugins/pem/pem_plugin.c
+++ b/src/libstrongswan/plugins/pem/pem_plugin.c
@@ -33,15 +33,14 @@ struct private_pem_plugin_t {
pem_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of pem_plugin_t.pemtroy
- */
-static void destroy(private_pem_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_pem_plugin_t *this)
+{
+ return "pem";
+}
+
METHOD(plugin_t, destroy, void,
private_pem_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)pem_private_key_load);
@@ -57,21 +56,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *pem_plugin_create()
{
-<<<<<<< HEAD
- private_pem_plugin_t *this = malloc_thing(private_pem_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_pem_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
/* register private key PEM decoding builders */
lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_ANY, FALSE,
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index 336e293be..6be915f29 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c
index 762eb061f..52e9d96b1 100644
--- a/src/libstrongswan/plugins/pgp/pgp_plugin.c
+++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c
@@ -33,15 +33,14 @@ struct private_pgp_plugin_t {
pgp_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of pgp_plugin_t.pgptroy
- */
-static void destroy(private_pgp_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_pgp_plugin_t *this)
+{
+ return "pgp";
+}
+
METHOD(plugin_t, destroy, void,
private_pgp_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)pgp_public_key_load);
@@ -61,22 +60,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *pgp_plugin_create()
{
-<<<<<<< HEAD
- private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
-=======
private_pgp_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE,
(builder_function_t)pgp_public_key_load);
lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, FALSE,
@@ -85,15 +79,8 @@ plugin_t *pgp_plugin_create()
(builder_function_t)pgp_private_key_load);
lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, FALSE,
(builder_function_t)pgp_private_key_load);
-<<<<<<< HEAD
-
- lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG, FALSE,
- (builder_function_t)pgp_cert_load);
-
-=======
lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG, FALSE,
(builder_function_t)pgp_cert_load);
->>>>>>> upstream/4.5.1
lib->encoding->add_encoder(lib->encoding, pgp_encoder_encode);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index 2169d022c..1ae880c3b 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
index 88c848899..a605fabc7 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
@@ -57,7 +57,7 @@ static public_key_t *parse_public_key(chunk_t blob)
int oid = asn1_parse_algorithmIdentifier(object,
parser->get_level(parser)+1, NULL);
- if (oid == OID_RSA_ENCRYPTION)
+ if (oid == OID_RSA_ENCRYPTION || oid == OID_RSAES_OAEP)
{
type = KEY_RSA;
}
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
index d91de0e7f..e0e24cab2 100644
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c
@@ -32,15 +32,14 @@ struct private_pkcs1_plugin_t {
pkcs1_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of pkcs1_plugin_t.pkcs1troy
- */
-static void destroy(private_pkcs1_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_pkcs1_plugin_t *this)
+{
+ return "pkcs1";
+}
+
METHOD(plugin_t, destroy, void,
private_pkcs1_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)pkcs1_public_key_load);
@@ -57,21 +56,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *pkcs1_plugin_create()
{
-<<<<<<< HEAD
- private_pkcs1_plugin_t *this = malloc_thing(private_pkcs1_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_pkcs1_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE,
(builder_function_t)pkcs1_public_key_load);
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index 8d6bad565..1a67f88cc 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -223,13 +223,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -268,14 +264,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
index 6783699e5..a81ec1147 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
@@ -55,16 +55,6 @@ struct private_pkcs11_creds_t {
* Find certificates, optionally trusted
*/
static void find_certificates(private_pkcs11_creds_t *this,
-<<<<<<< HEAD
- CK_SESSION_HANDLE session, CK_BBOOL trusted)
-{
- CK_OBJECT_CLASS class = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE type = CKC_X_509;
- CK_ATTRIBUTE tmpl[] = {
- {CKA_CLASS, &class, sizeof(class)},
- {CKA_CERTIFICATE_TYPE, &type, sizeof(type)},
- {CKA_TRUSTED, &trusted, sizeof(trusted)},
-=======
CK_SESSION_HANDLE session)
{
CK_OBJECT_CLASS class = CKO_CERTIFICATE;
@@ -73,16 +63,12 @@ static void find_certificates(private_pkcs11_creds_t *this,
CK_ATTRIBUTE tmpl[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_CERTIFICATE_TYPE, &type, sizeof(type)},
->>>>>>> upstream/4.5.1
};
CK_OBJECT_HANDLE object;
CK_ATTRIBUTE attr[] = {
{CKA_VALUE, NULL, 0},
{CKA_LABEL, NULL, 0},
-<<<<<<< HEAD
-=======
{CKA_TRUSTED, &trusted, sizeof(trusted)}
->>>>>>> upstream/4.5.1
};
enumerator_t *enumerator;
linked_list_t *raw;
@@ -90,13 +76,6 @@ static void find_certificates(private_pkcs11_creds_t *this,
struct {
chunk_t value;
chunk_t label;
-<<<<<<< HEAD
- } *entry;
-
- raw = linked_list_create();
- enumerator = this->lib->create_object_enumerator(this->lib,
- session, tmpl, countof(tmpl), attr, countof(attr));
-=======
bool trusted;
} *entry;
int count = countof(attr);
@@ -110,7 +89,6 @@ static void find_certificates(private_pkcs11_creds_t *this,
}
enumerator = this->lib->create_object_enumerator(this->lib,
session, tmpl, countof(tmpl), attr, count);
->>>>>>> upstream/4.5.1
while (enumerator->enumerate(enumerator, &object))
{
entry = malloc(sizeof(*entry));
@@ -118,10 +96,7 @@ static void find_certificates(private_pkcs11_creds_t *this,
chunk_create(attr[0].pValue, attr[0].ulValueLen));
entry->label = chunk_clone(
chunk_create(attr[1].pValue, attr[1].ulValueLen));
-<<<<<<< HEAD
-=======
entry->trusted = trusted;
->>>>>>> upstream/4.5.1
raw->insert_last(raw, entry);
}
enumerator->destroy(enumerator);
@@ -134,17 +109,10 @@ static void find_certificates(private_pkcs11_creds_t *this,
if (cert)
{
DBG1(DBG_CFG, " loaded %strusted cert '%.*s'",
-<<<<<<< HEAD
- trusted ? "" : "un", entry->label.len, entry->label.ptr);
- /* trusted certificates are also returned as untrusted */
- this->untrusted->insert_last(this->untrusted, cert);
- if (trusted)
-=======
entry->trusted ? "" : "un", entry->label.len, entry->label.ptr);
/* trusted certificates are also returned as untrusted */
this->untrusted->insert_last(this->untrusted, cert);
if (entry->trusted)
->>>>>>> upstream/4.5.1
{
this->trusted->insert_last(this->trusted, cert->get_ref(cert));
}
@@ -177,12 +145,7 @@ static bool load_certificates(private_pkcs11_creds_t *this)
return FALSE;
}
-<<<<<<< HEAD
- find_certificates(this, session, CK_TRUE);
- find_certificates(this, session, CK_FALSE);
-=======
find_certificates(this, session);
->>>>>>> upstream/4.5.1
this->lib->f->C_CloseSession(session);
return TRUE;
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
index 6d819da34..6f7926808 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
@@ -466,14 +466,11 @@ struct private_pkcs11_library_t {
* Name as passed to the constructor
*/
char *name;
-<<<<<<< HEAD
-=======
/**
* Supported feature set
*/
pkcs11_feature_t features;
->>>>>>> upstream/4.5.1
};
METHOD(pkcs11_library_t, get_name, char*,
@@ -482,15 +479,12 @@ METHOD(pkcs11_library_t, get_name, char*,
return this->name;
}
-<<<<<<< HEAD
-=======
METHOD(pkcs11_library_t, get_features, pkcs11_feature_t,
private_pkcs11_library_t *this)
{
return this->features;
}
->>>>>>> upstream/4.5.1
/**
* Object enumerator
*/
@@ -783,11 +777,6 @@ static CK_RV UnlockMutex(CK_VOID_PTR data)
}
/**
-<<<<<<< HEAD
- * Initialize a PKCS#11 library
- */
-static bool initialize(private_pkcs11_library_t *this, char *name, char *file)
-=======
* Check if the library has at least a given cryptoki version
*/
static bool has_version(CK_INFO *info, int major, int minor)
@@ -814,27 +803,19 @@ static void check_features(private_pkcs11_library_t *this, CK_INFO *info)
*/
static bool initialize(private_pkcs11_library_t *this, char *name, char *file,
bool os_locking)
->>>>>>> upstream/4.5.1
{
CK_C_GetFunctionList pC_GetFunctionList;
CK_INFO info;
CK_RV rv;
-<<<<<<< HEAD
- CK_C_INITIALIZE_ARGS args = {
-=======
static CK_C_INITIALIZE_ARGS args = {
->>>>>>> upstream/4.5.1
.CreateMutex = CreateMutex,
.DestroyMutex = DestroyMutex,
.LockMutex = LockMutex,
.UnlockMutex = UnlockMutex,
};
-<<<<<<< HEAD
-=======
static CK_C_INITIALIZE_ARGS args_os = {
.flags = CKF_OS_LOCKING_OK,
};
->>>>>>> upstream/4.5.1
pC_GetFunctionList = dlsym(this->handle, "C_GetFunctionList");
if (!pC_GetFunctionList)
@@ -849,16 +830,6 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file,
name, ck_rv_names, rv);
return FALSE;
}
-<<<<<<< HEAD
-
- rv = this->public.f->C_Initialize(&args);
- if (rv == CKR_CANT_LOCK)
- { /* try OS locking */
- memset(&args, 0, sizeof(args));
- args.flags = CKF_OS_LOCKING_OK;
- rv = this->public.f->C_Initialize(&args);
- }
-=======
if (os_locking)
{
rv = CKR_CANT_LOCK;
@@ -872,7 +843,6 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file,
os_locking = TRUE;
rv = this->public.f->C_Initialize(&args_os);
}
->>>>>>> upstream/4.5.1
if (rv != CKR_OK)
{
DBG1(DBG_CFG, "C_Initialize() error for '%s': %N",
@@ -898,40 +868,26 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file,
DBG1(DBG_CFG, " %s: %s v%d.%d",
info.manufacturerID, info.libraryDescription,
info.libraryVersion.major, info.libraryVersion.minor);
-<<<<<<< HEAD
- if (args.flags & CKF_OS_LOCKING_OK)
- {
- DBG1(DBG_CFG, " uses OS locking functions");
- }
-=======
if (os_locking)
{
DBG1(DBG_CFG, " uses OS locking functions");
}
check_features(this, &info);
->>>>>>> upstream/4.5.1
return TRUE;
}
/**
* See header
*/
-<<<<<<< HEAD
-pkcs11_library_t *pkcs11_library_create(char *name, char *file)
-=======
pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking)
->>>>>>> upstream/4.5.1
{
private_pkcs11_library_t *this;
INIT(this,
.public = {
.get_name = _get_name,
-<<<<<<< HEAD
-=======
.get_features = _get_features,
->>>>>>> upstream/4.5.1
.create_object_enumerator = _create_object_enumerator,
.create_mechanism_enumerator = _create_mechanism_enumerator,
.destroy = _destroy,
@@ -947,11 +903,7 @@ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking)
return NULL;
}
-<<<<<<< HEAD
- if (!initialize(this, name, file))
-=======
if (!initialize(this, name, file, os_locking))
->>>>>>> upstream/4.5.1
{
dlclose(this->handle);
free(this);
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
index 384258089..abe023448 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h
@@ -21,10 +21,7 @@
#ifndef PKCS11_LIBRARY_H_
#define PKCS11_LIBRARY_H_
-<<<<<<< HEAD
-=======
typedef enum pkcs11_feature_t pkcs11_feature_t;
->>>>>>> upstream/4.5.1
typedef struct pkcs11_library_t pkcs11_library_t;
#include "pkcs11.h"
@@ -33,8 +30,6 @@ typedef struct pkcs11_library_t pkcs11_library_t;
#include <utils/enumerator.h>
/**
-<<<<<<< HEAD
-=======
* Optional PKCS#11 features some libraries support, some not
*/
enum pkcs11_feature_t {
@@ -45,7 +40,6 @@ enum pkcs11_feature_t {
};
/**
->>>>>>> upstream/4.5.1
* A loaded and initialized PKCS#11 library.
*/
struct pkcs11_library_t {
@@ -63,8 +57,6 @@ struct pkcs11_library_t {
char* (*get_name)(pkcs11_library_t *this);
/**
-<<<<<<< HEAD
-=======
* Get the feature set supported by this library.
*
* @return ORed set of features supported
@@ -72,7 +64,6 @@ struct pkcs11_library_t {
pkcs11_feature_t (*get_features)(pkcs11_library_t *this);
/**
->>>>>>> upstream/4.5.1
* Create an enumerator over CK_OBJECT_HANDLE using a search template.
*
* An optional attribute array is automatically filled in with the
@@ -130,15 +121,9 @@ void pkcs11_library_trim(char *str, int len);
*
* @param name an arbitrary name, for debugging
* @param file pkcs11 library file to dlopen()
-<<<<<<< HEAD
- * @return library abstraction
- */
-pkcs11_library_t *pkcs11_library_create(char *name, char *file);
-=======
* @param os_lock enforce OS Locking for this library
* @return library abstraction
*/
pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_lock);
->>>>>>> upstream/4.5.1
#endif /** PKCS11_LIBRARY_H_ @}*/
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
index b7ca3538c..431cd6a2c 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
@@ -369,18 +369,14 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
"libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module);
if (!entry->path)
{
- DBG1(DBG_CFG, "PKCS11 module '%s' misses library path", module);
+ DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module);
free(entry);
continue;
}
-<<<<<<< HEAD
- entry->lib = pkcs11_library_create(module, entry->path);
-=======
entry->lib = pkcs11_library_create(module, entry->path,
lib->settings->get_bool(lib->settings,
"libstrongswan.plugins.pkcs11.modules.%s.os_locking",
FALSE, module));
->>>>>>> upstream/4.5.1
if (!entry->lib)
{
free(entry);
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
index b02873870..7b537cfa7 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
@@ -26,11 +26,6 @@
#include "pkcs11_public_key.h"
#include "pkcs11_hasher.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "pkcs11";
-
->>>>>>> upstream/4.5.1
typedef struct private_pkcs11_plugin_t private_pkcs11_plugin_t;
/**
@@ -106,6 +101,12 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11,
}
}
+METHOD(plugin_t, get_name, char*,
+ private_pkcs11_plugin_t *this)
+{
+ return "pkcs11";
+}
+
METHOD(plugin_t, destroy, void,
private_pkcs11_plugin_t *this)
{
@@ -139,6 +140,8 @@ plugin_t *pkcs11_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
@@ -151,31 +154,17 @@ plugin_t *pkcs11_plugin_create()
if (lib->settings->get_bool(lib->settings,
"libstrongswan.plugins.pkcs11.use_hasher", FALSE))
{
-<<<<<<< HEAD
- lib->crypto->add_hasher(lib->crypto, HASH_MD2,
- (hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5,
- (hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
- (hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
- (hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
- (hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
-=======
- lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this),
(hasher_constructor_t)pkcs11_hasher_create);
}
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
index 6d2c93c98..b4cc7a805 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
@@ -401,20 +401,6 @@ static bool find_key(private_pkcs11_private_key_t *this, chunk_t keyid)
};
CK_OBJECT_HANDLE object;
CK_KEY_TYPE type;
-<<<<<<< HEAD
- CK_BBOOL reauth;
- CK_ATTRIBUTE attr[] = {
- {CKA_KEY_TYPE, &type, sizeof(type)},
- {CKA_ALWAYS_AUTHENTICATE, &reauth, sizeof(reauth)},
- {CKA_MODULUS, NULL, 0},
- {CKA_PUBLIC_EXPONENT, NULL, 0},
- };
- enumerator_t *enumerator;
- chunk_t modulus, pubexp;
-
- enumerator = this->lib->create_object_enumerator(this->lib,
- this->session, tmpl, countof(tmpl), attr, countof(attr));
-=======
CK_BBOOL reauth = FALSE;
CK_ATTRIBUTE attr[] = {
{CKA_KEY_TYPE, &type, sizeof(type)},
@@ -433,28 +419,18 @@ static bool find_key(private_pkcs11_private_key_t *this, chunk_t keyid)
}
enumerator = this->lib->create_object_enumerator(this->lib,
this->session, tmpl, countof(tmpl), attr, count);
->>>>>>> upstream/4.5.1
if (enumerator->enumerate(enumerator, &object))
{
switch (type)
{
case CKK_RSA:
-<<<<<<< HEAD
- if (attr[2].ulValueLen == -1 || attr[3].ulValueLen == -1)
-=======
if (attr[1].ulValueLen == -1 || attr[2].ulValueLen == -1)
->>>>>>> upstream/4.5.1
{
DBG1(DBG_CFG, "reading modulus/exponent from PKCS#1 failed");
break;
}
-<<<<<<< HEAD
- modulus = chunk_create(attr[2].pValue, attr[2].ulValueLen);
- pubexp = chunk_create(attr[3].pValue, attr[3].ulValueLen);
-=======
modulus = chunk_create(attr[1].pValue, attr[1].ulValueLen);
pubexp = chunk_create(attr[2].pValue, attr[2].ulValueLen);
->>>>>>> upstream/4.5.1
this->pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
KEY_RSA, BUILD_RSA_MODULUS, modulus,
BUILD_RSA_PUB_EXP, pubexp, BUILD_END);
diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h
index 6d8a370fb..5c92fd1d8 100644
--- a/src/libstrongswan/plugins/plugin.h
+++ b/src/libstrongswan/plugins/plugin.h
@@ -21,6 +21,8 @@
#ifndef PLUGIN_H_
#define PLUGIN_H_
+#include <utils.h>
+
typedef struct plugin_t plugin_t;
/**
@@ -29,6 +31,20 @@ typedef struct plugin_t plugin_t;
struct plugin_t {
/**
+ * Get the name of the plugin.
+ *
+ * @return plugin name
+ */
+ char* (*get_name)(plugin_t *this);
+
+ /**
+ * Try to reload plugin configuration.
+ *
+ * @return TRUE if reloaded, FALSE if reloading not supporty by plugin
+ */
+ bool (*reload)(plugin_t *this);
+
+ /**
* Destroy a plugin instance.
*/
void (*destroy)(plugin_t *this);
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 4429d9436..b4d7bf7c7 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -43,24 +43,8 @@ struct private_plugin_loader_t {
* list of loaded plugins
*/
linked_list_t *plugins;
-
- /**
- * names of loaded plugins
- */
- linked_list_t *names;
};
-<<<<<<< HEAD
-#ifdef MONOLITHIC
-/**
- * load a single plugin in monolithic mode
- */
-static plugin_t* load_plugin(private_plugin_loader_t *this,
- char *path, char *name)
-{
- char create[128];
- plugin_t *plugin;
-=======
/**
* create a plugin
* returns: NOT_FOUND, if the constructor was not found
@@ -70,44 +54,17 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle,
char *name, bool integrity, plugin_t **plugin)
{
char create[128];
->>>>>>> upstream/4.5.1
plugin_constructor_t constructor;
if (snprintf(create, sizeof(create), "%s_plugin_create",
name) >= sizeof(create))
{
-<<<<<<< HEAD
- return NULL;
- }
- translate(create, "-", "_");
- constructor = dlsym(RTLD_DEFAULT, create);
- if (constructor == NULL)
- {
- DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name,
- create);
- return NULL;
- }
- plugin = constructor();
- if (plugin == NULL)
- {
- DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name,
- create);
- return NULL;
- }
- DBG2(DBG_LIB, "plugin '%s': loaded successfully", name);
-
- return plugin;
-}
-#else
-=======
return FAILED;
}
translate(create, "-", "_");
constructor = dlsym(handle, create);
if (constructor == NULL)
{
- DBG2(DBG_LIB, "plugin '%s': failed to load - %s not found", name,
- create);
return NOT_FOUND;
}
if (integrity && lib->integrity)
@@ -131,29 +88,12 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle,
return SUCCESS;
}
->>>>>>> upstream/4.5.1
/**
* load a single plugin
*/
static plugin_t* load_plugin(private_plugin_loader_t *this,
char *path, char *name)
{
-<<<<<<< HEAD
- char create[128];
- char file[PATH_MAX];
- void *handle;
- plugin_t *plugin;
- plugin_constructor_t constructor;
-
- if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path,
- name) >= sizeof(file) ||
- snprintf(create, sizeof(create), "%s_plugin_create",
- name) >= sizeof(create))
- {
- return NULL;
- }
- translate(create, "-", "_");
-=======
char file[PATH_MAX];
void *handle;
plugin_t *plugin;
@@ -174,7 +114,6 @@ static plugin_t* load_plugin(private_plugin_loader_t *this,
{
return NULL;
}
->>>>>>> upstream/4.5.1
if (lib->integrity)
{
if (!lib->integrity->check_file(lib->integrity, name, file))
@@ -190,42 +129,6 @@ static plugin_t* load_plugin(private_plugin_loader_t *this,
DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror());
return NULL;
}
-<<<<<<< HEAD
- constructor = dlsym(handle, create);
- if (constructor == NULL)
- {
- DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name,
- create);
- dlclose(handle);
- return NULL;
- }
- if (lib->integrity)
- {
- if (!lib->integrity->check_segment(lib->integrity, name, constructor))
- {
- DBG1(DBG_LIB, "plugin '%s': failed segment integrity test", name);
- dlclose(handle);
- return NULL;
- }
- DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests",
- name);
- }
- plugin = constructor();
- if (plugin == NULL)
- {
- DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name,
- create);
- dlclose(handle);
- return NULL;
- }
- DBG2(DBG_LIB, "plugin '%s': loaded successfully", name);
-
- /* we do not store or free dlopen() handles, leak_detective requires
- * the modules to keep loaded until leak report */
- return plugin;
-}
-#endif
-=======
if (create_plugin(this, handle, name, TRUE, &plugin) != SUCCESS)
{
dlclose(handle);
@@ -243,12 +146,12 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name)
{
enumerator_t *enumerator;
bool found = FALSE;
- char *current;
+ plugin_t *plugin;
- enumerator = this->names->create_enumerator(this->names);
- while (enumerator->enumerate(enumerator, &current))
+ enumerator = this->plugins->create_enumerator(this->plugins);
+ while (enumerator->enumerate(enumerator, &plugin))
{
- if (streq(name, current))
+ if (streq(plugin->get_name(plugin), name))
{
found = TRUE;
break;
@@ -257,29 +160,18 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name)
enumerator->destroy(enumerator);
return found;
}
->>>>>>> upstream/4.5.1
-/**
- * Implementation of plugin_loader_t.load_plugins.
- */
-static bool load(private_plugin_loader_t *this, char *path, char *list)
+METHOD(plugin_loader_t, load_plugins, bool,
+ private_plugin_loader_t *this, char *path, char *list)
{
enumerator_t *enumerator;
char *token;
bool critical_failed = FALSE;
-<<<<<<< HEAD
-#ifndef MONOLITHIC
-=======
->>>>>>> upstream/4.5.1
if (path == NULL)
{
path = PLUGINDIR;
}
-<<<<<<< HEAD
-#endif
-=======
->>>>>>> upstream/4.5.1
enumerator = enumerator_create_token(list, " ", " ");
while (!critical_failed && enumerator->enumerate(enumerator, &token))
@@ -295,19 +187,15 @@ static bool load(private_plugin_loader_t *this, char *path, char *list)
critical = TRUE;
token[len-1] = '\0';
}
-<<<<<<< HEAD
-=======
if (plugin_loaded(this, token))
{
free(token);
continue;
}
->>>>>>> upstream/4.5.1
plugin = load_plugin(this, path, token);
if (plugin)
{
this->plugins->insert_last(this->plugins, plugin);
- this->names->insert_last(this->names, token);
}
else
{
@@ -316,20 +204,17 @@ static bool load(private_plugin_loader_t *this, char *path, char *list)
critical_failed = TRUE;
DBG1(DBG_LIB, "loading critical plugin '%s' failed", token);
}
- free(token);
}
+ free(token);
}
enumerator->destroy(enumerator);
return !critical_failed;
}
-/**
- * Implementation of plugin_loader_t.unload
- */
-static void unload(private_plugin_loader_t *this)
+METHOD(plugin_loader_t, unload, void,
+ private_plugin_loader_t *this)
{
plugin_t *plugin;
- char *name;
/* unload plugins in reverse order */
while (this->plugins->remove_last(this->plugins,
@@ -337,27 +222,64 @@ static void unload(private_plugin_loader_t *this)
{
plugin->destroy(plugin);
}
- while (this->names->remove_last(this->names, (void**)&name) == SUCCESS)
- {
- free(name);
- }
}
-/**
- * Implementation of plugin_loader_t.create_plugin_enumerator
- */
-static enumerator_t* create_plugin_enumerator(private_plugin_loader_t *this)
+METHOD(plugin_loader_t, create_plugin_enumerator, enumerator_t*,
+ private_plugin_loader_t *this)
{
- return this->names->create_enumerator(this->names);
+ return this->plugins->create_enumerator(this->plugins);
}
/**
- * Implementation of plugin_loader_t.destroy
+ * Reload a plugin by name, NULL for all
*/
-static void destroy(private_plugin_loader_t *this)
+static u_int reload_by_name(private_plugin_loader_t *this, char *name)
+{
+ u_int reloaded = 0;
+ enumerator_t *enumerator;
+ plugin_t *plugin;
+
+ enumerator = create_plugin_enumerator(this);
+ while (enumerator->enumerate(enumerator, &plugin))
+ {
+ if (name == NULL || streq(name, plugin->get_name(plugin)))
+ {
+ if (plugin->reload(plugin))
+ {
+ DBG2(DBG_LIB, "reloaded configuration of '%s' plugin",
+ plugin->get_name(plugin));
+ reloaded++;
+ }
+ }
+ }
+ enumerator->destroy(enumerator);
+ return reloaded;
+}
+
+METHOD(plugin_loader_t, reload, u_int,
+ private_plugin_loader_t *this, char *list)
+{
+ u_int reloaded = 0;
+ enumerator_t *enumerator;
+ char *name;
+
+ if (list == NULL)
+ {
+ return reload_by_name(this, NULL);
+ }
+ enumerator = enumerator_create_token(list, " ", "");
+ while (enumerator->enumerate(enumerator, &name))
+ {
+ reloaded += reload_by_name(this, name);
+ }
+ enumerator->destroy(enumerator);
+ return reloaded;
+}
+
+METHOD(plugin_loader_t, destroy, void,
+ private_plugin_loader_t *this)
{
this->plugins->destroy_offset(this->plugins, offsetof(plugin_t, destroy));
- this->names->destroy_function(this->names, free);
free(this);
}
@@ -366,15 +288,18 @@ static void destroy(private_plugin_loader_t *this)
*/
plugin_loader_t *plugin_loader_create()
{
- private_plugin_loader_t *this = malloc_thing(private_plugin_loader_t);
-
- this->public.load = (bool(*)(plugin_loader_t*, char *path, char *prefix))load;
- this->public.unload = (void(*)(plugin_loader_t*))unload;
- this->public.create_plugin_enumerator = (enumerator_t*(*)(plugin_loader_t*))create_plugin_enumerator;
- this->public.destroy = (void(*)(plugin_loader_t*))destroy;
+ private_plugin_loader_t *this;
- this->plugins = linked_list_create();
- this->names = linked_list_create();
+ INIT(this,
+ .public = {
+ .load = _load_plugins,
+ .reload = _reload,
+ .unload = _unload,
+ .create_plugin_enumerator = _create_plugin_enumerator,
+ .destroy = _destroy,
+ },
+ .plugins = linked_list_create(),
+ );
return &this->public;
}
diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h
index f72c91c60..e03da4543 100644
--- a/src/libstrongswan/plugins/plugin_loader.h
+++ b/src/libstrongswan/plugins/plugin_loader.h
@@ -44,14 +44,22 @@ struct plugin_loader_t {
bool (*load)(plugin_loader_t *this, char *path, char *list);
/**
+ * Reload the configuration of one or multiple plugins.
+ *
+ * @param space separated plugin names to reload, NULL for all
+ * @return number of plugins that did support reloading
+ */
+ u_int (*reload)(plugin_loader_t *this, char *list);
+
+ /**
* Unload all loaded plugins.
*/
void (*unload)(plugin_loader_t *this);
/**
- * Create an enumerator over all loaded plugin names.
+ * Create an enumerator over all loaded plugins.
*
- * @return enumerator over char*
+ * @return enumerator over plugin_t*
*/
enumerator_t* (*create_plugin_enumerator)(plugin_loader_t *this);
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index bb2564238..97fba22fc 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
index 3546c9bf9..ae6607e5a 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
+++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c
@@ -31,15 +31,14 @@ struct private_pubkey_plugin_t {
pubkey_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of pubkey_plugin_t.pubkeytroy
- */
-static void destroy(private_pubkey_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_pubkey_plugin_t *this)
+{
+ return "pubkey";
+}
+
METHOD(plugin_t, destroy, void,
private_pubkey_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)pubkey_cert_wrap);
@@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *pubkey_plugin_create()
{
-<<<<<<< HEAD
- private_pubkey_plugin_t *this = malloc_thing(private_pubkey_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_pubkey_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_TRUSTED_PUBKEY, FALSE,
(builder_function_t)pubkey_cert_wrap);
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index fbdf35170..761d2c96e 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
index f70998334..00202a5a6 100644
--- a/src/libstrongswan/plugins/random/random_plugin.c
+++ b/src/libstrongswan/plugins/random/random_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "random_rng.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "random";
-
->>>>>>> upstream/4.5.1
typedef struct private_random_plugin_t private_random_plugin_t;
/**
@@ -36,15 +31,14 @@ struct private_random_plugin_t {
random_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of random_plugin_t.gmptroy
- */
-static void destroy(private_random_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_random_plugin_t *this)
+{
+ return "random";
+}
+
METHOD(plugin_t, destroy, void,
private_random_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_rng(lib->crypto,
(rng_constructor_t)random_rng_create);
@@ -56,29 +50,21 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *random_plugin_create()
{
-<<<<<<< HEAD
- private_random_plugin_t *this = malloc_thing(private_random_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_rng(lib->crypto, RNG_STRONG,
- (rng_constructor_t)random_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_TRUE,
-=======
private_random_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name,
+ lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this),
(rng_constructor_t)random_rng_create);
- lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this),
(rng_constructor_t)random_rng_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index e4247a3cc..1d99a63d5 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -55,16 +55,8 @@ struct private_random_rng_t {
char *file;
};
-<<<<<<< HEAD
-/**
- * Implementation of random_rng_t.get_bytes.
- */
-static void get_bytes(private_random_rng_t *this, size_t bytes,
- u_int8_t *buffer)
-=======
METHOD(rng_t, get_bytes, void,
private_random_rng_t *this, size_t bytes, u_int8_t *buffer)
->>>>>>> upstream/4.5.1
{
size_t done;
ssize_t got;
@@ -86,30 +78,15 @@ METHOD(rng_t, get_bytes, void,
}
}
-<<<<<<< HEAD
-/**
- * Implementation of random_rng_t.allocate_bytes.
- */
-static void allocate_bytes(private_random_rng_t *this, size_t bytes,
- chunk_t *chunk)
-=======
METHOD(rng_t, allocate_bytes, void,
private_random_rng_t *this, size_t bytes, chunk_t *chunk)
->>>>>>> upstream/4.5.1
{
*chunk = chunk_alloc(bytes);
get_bytes(this, chunk->len, chunk->ptr);
}
-<<<<<<< HEAD
-/**
- * Implementation of random_rng_t.destroy.
- */
-static void destroy(private_random_rng_t *this)
-=======
METHOD(rng_t, destroy, void,
private_random_rng_t *this)
->>>>>>> upstream/4.5.1
{
close(this->dev);
free(this);
@@ -120,14 +97,6 @@ METHOD(rng_t, destroy, void,
*/
random_rng_t *random_rng_create(rng_quality_t quality)
{
-<<<<<<< HEAD
- private_random_rng_t *this = malloc_thing(private_random_rng_t);
-
- /* public functions */
- this->public.rng.get_bytes = (void (*) (rng_t *, size_t, u_int8_t*)) get_bytes;
- this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes;
- this->public.rng.destroy = (void (*) (rng_t *))destroy;
-=======
private_random_rng_t *this;
INIT(this,
@@ -139,7 +108,6 @@ random_rng_t *random_rng_create(rng_quality_t quality)
},
},
);
->>>>>>> upstream/4.5.1
if (quality == RNG_TRUE)
{
diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in
index 19ec1e719..e8856b7d7 100644
--- a/src/libstrongswan/plugins/revocation/Makefile.in
+++ b/src/libstrongswan/plugins/revocation/Makefile.in
@@ -223,13 +223,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -268,14 +264,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/revocation/revocation_plugin.c b/src/libstrongswan/plugins/revocation/revocation_plugin.c
index 02393b907..fa04fb2a2 100644
--- a/src/libstrongswan/plugins/revocation/revocation_plugin.c
+++ b/src/libstrongswan/plugins/revocation/revocation_plugin.c
@@ -36,6 +36,12 @@ struct private_revocation_plugin_t {
revocation_validator_t *validator;
};
+METHOD(plugin_t, get_name, char*,
+ private_revocation_plugin_t *this)
+{
+ return "revocation";
+}
+
METHOD(plugin_t, destroy, void,
private_revocation_plugin_t *this)
{
@@ -54,6 +60,8 @@ plugin_t *revocation_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c
index dc8b849c7..def169275 100644
--- a/src/libstrongswan/plugins/revocation/revocation_validator.c
+++ b/src/libstrongswan/plugins/revocation/revocation_validator.c
@@ -93,20 +93,13 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject,
/**
* check the signature of an OCSP response
*/
-<<<<<<< HEAD
-static bool verify_ocsp(ocsp_response_t *response)
-=======
static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth)
->>>>>>> upstream/4.5.1
{
certificate_t *issuer, *subject;
identification_t *responder;
ocsp_response_wrapper_t *wrapper;
enumerator_t *enumerator;
-<<<<<<< HEAD
-=======
auth_cfg_t *current;
->>>>>>> upstream/4.5.1
bool verified = FALSE;
wrapper = ocsp_response_wrapper_create((ocsp_response_t*)response);
@@ -116,23 +109,16 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth)
responder = subject->get_issuer(subject);
enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
KEY_ANY, responder, FALSE);
-<<<<<<< HEAD
- while (enumerator->enumerate(enumerator, &issuer, NULL))
-=======
while (enumerator->enumerate(enumerator, &issuer, &current))
->>>>>>> upstream/4.5.1
{
if (lib->credmgr->issued_by(lib->credmgr, subject, issuer))
{
DBG1(DBG_CFG, " ocsp response correctly signed by \"%Y\"",
issuer->get_subject(issuer));
-<<<<<<< HEAD
-=======
if (auth)
{
auth->merge(auth, current, FALSE);
}
->>>>>>> upstream/4.5.1
verified = TRUE;
break;
}
@@ -148,12 +134,8 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth)
* Get the better of two OCSP responses, and check for usable OCSP info
*/
static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best,
-<<<<<<< HEAD
- x509_t *subject, x509_t *issuer, cert_validation_t *valid, bool cache)
-=======
x509_t *subject, x509_t *issuer, cert_validation_t *valid,
auth_cfg_t *auth, bool cache)
->>>>>>> upstream/4.5.1
{
ocsp_response_t *response;
time_t revocation, this_update, next_update, valid_until;
@@ -163,11 +145,7 @@ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best,
response = (ocsp_response_t*)cand;
/* check ocsp signature */
-<<<<<<< HEAD
- if (!verify_ocsp(response))
-=======
if (!verify_ocsp(response, auth))
->>>>>>> upstream/4.5.1
{
DBG1(DBG_CFG, "ocsp response verification failed");
cand->destroy(cand);
@@ -248,12 +226,8 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
while (enumerator->enumerate(enumerator, &current))
{
current->get_ref(current);
-<<<<<<< HEAD
- best = get_better_ocsp(current, best, subject, issuer, &valid, FALSE);
-=======
best = get_better_ocsp(current, best, subject, issuer,
&valid, auth, FALSE);
->>>>>>> upstream/4.5.1
if (best && valid != VALIDATION_STALE)
{
DBG1(DBG_CFG, " using cached ocsp response");
@@ -280,11 +254,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
if (current)
{
best = get_better_ocsp(current, best, subject, issuer,
-<<<<<<< HEAD
- &valid, TRUE);
-=======
&valid, auth, TRUE);
->>>>>>> upstream/4.5.1
if (best && valid != VALIDATION_STALE)
{
break;
@@ -306,11 +276,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
if (current)
{
best = get_better_ocsp(current, best, subject, issuer,
-<<<<<<< HEAD
- &valid, TRUE);
-=======
&valid, auth, TRUE);
->>>>>>> upstream/4.5.1
if (best && valid != VALIDATION_STALE)
{
break;
@@ -364,39 +330,25 @@ static certificate_t* fetch_crl(char *url)
/**
* check the signature of an CRL
*/
-<<<<<<< HEAD
-static bool verify_crl(certificate_t *crl)
-=======
static bool verify_crl(certificate_t *crl, auth_cfg_t *auth)
->>>>>>> upstream/4.5.1
{
certificate_t *issuer;
enumerator_t *enumerator;
bool verified = FALSE;
-<<<<<<< HEAD
-
- enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
- KEY_ANY, crl->get_issuer(crl), FALSE);
- while (enumerator->enumerate(enumerator, &issuer, NULL))
-=======
auth_cfg_t *current;
enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr,
KEY_ANY, crl->get_issuer(crl), FALSE);
while (enumerator->enumerate(enumerator, &issuer, &current))
->>>>>>> upstream/4.5.1
{
if (lib->credmgr->issued_by(lib->credmgr, crl, issuer))
{
DBG1(DBG_CFG, " crl correctly signed by \"%Y\"",
issuer->get_subject(issuer));
-<<<<<<< HEAD
-=======
if (auth)
{
auth->merge(auth, current, FALSE);
}
->>>>>>> upstream/4.5.1
verified = TRUE;
break;
}
@@ -410,23 +362,13 @@ static bool verify_crl(certificate_t *crl, auth_cfg_t *auth)
* Get the better of two CRLs, and check for usable CRL info
*/
static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
-<<<<<<< HEAD
- x509_t *subject, x509_t *issuer, cert_validation_t *valid, bool cache)
-=======
x509_t *subject, cert_validation_t *valid, auth_cfg_t *auth,
bool cache, crl_t *base)
->>>>>>> upstream/4.5.1
{
enumerator_t *enumerator;
time_t revocation, valid_until;
crl_reason_t reason;
chunk_t serial;
-<<<<<<< HEAD
- crl_t *crl;
-
- /* check CRL signature */
- if (!verify_crl(cand))
-=======
crl_t *crl = (crl_t*)cand;
if (base)
@@ -449,17 +391,12 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
/* check CRL signature */
if (!verify_crl(cand, auth))
->>>>>>> upstream/4.5.1
{
DBG1(DBG_CFG, "crl response verification failed");
cand->destroy(cand);
return best;
}
-<<<<<<< HEAD
- crl = (crl_t*)cand;
-=======
->>>>>>> upstream/4.5.1
enumerator = crl->create_enumerator(crl);
while (enumerator->enumerate(enumerator, &serial, &revocation, &reason))
{
@@ -504,81 +441,6 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best,
}
/**
-<<<<<<< HEAD
- * validate a x509 certificate using CRL
- */
-static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
- auth_cfg_t *auth)
-{
- cert_validation_t valid = VALIDATION_SKIPPED;
- identification_t *keyid = NULL;
- certificate_t *best = NULL;
- certificate_t *current;
- public_key_t *public;
- enumerator_t *enumerator;
- chunk_t chunk;
- char *uri = NULL;
-
- /* derive the authorityKeyIdentifier from the issuer's public key */
- current = &issuer->interface;
- public = current->get_public_key(current);
- if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
- {
- keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
-
- /* find a cached crl by authorityKeyIdentifier */
- enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
- CERT_X509_CRL, KEY_ANY, keyid, FALSE);
- while (enumerator->enumerate(enumerator, &current))
- {
- current->get_ref(current);
- best = get_better_crl(current, best, subject, issuer,
- &valid, FALSE);
- if (best && valid != VALIDATION_STALE)
- {
- DBG1(DBG_CFG, " using cached crl");
- break;
- }
- }
- enumerator->destroy(enumerator);
-
- /* fallback to fetching crls from credential sets cdps */
- if (valid != VALIDATION_GOOD && valid != VALIDATION_REVOKED)
- {
- enumerator = lib->credmgr->create_cdp_enumerator(lib->credmgr,
- CERT_X509_CRL, keyid);
- while (enumerator->enumerate(enumerator, &uri))
- {
- current = fetch_crl(uri);
- if (current)
- {
- best = get_better_crl(current, best, subject, issuer,
- &valid, TRUE);
- if (best && valid != VALIDATION_STALE)
- {
- break;
- }
- }
- }
- enumerator->destroy(enumerator);
- }
- keyid->destroy(keyid);
- }
- DESTROY_IF(public);
-
- /* fallback to fetching crls from cdps from subject's certificate */
- if (valid != VALIDATION_GOOD && valid != VALIDATION_REVOKED)
- {
- enumerator = subject->create_crl_uri_enumerator(subject);
-
- while (enumerator->enumerate(enumerator, &uri))
- {
- current = fetch_crl(uri);
- if (current)
- {
- best = get_better_crl(current, best, subject, issuer,
- &valid, TRUE);
-=======
* Find or fetch a certificate for a given crlIssuer
*/
static cert_validation_t find_crl(x509_t *subject, identification_t *issuer,
@@ -764,7 +626,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
}
best = get_better_crl(current, best, subject, &valid,
auth, TRUE, NULL);
->>>>>>> upstream/4.5.1
if (best && valid != VALIDATION_STALE)
{
break;
@@ -774,10 +635,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
enumerator->destroy(enumerator);
}
-<<<<<<< HEAD
- /* an uri was found, but no result. switch validation state to failed */
- if (valid == VALIDATION_SKIPPED && uri)
-=======
/* look for delta CRLs */
if (best && (valid == VALIDATION_GOOD || valid == VALIDATION_STALE))
{
@@ -786,7 +643,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
/* an uri was found, but no result. switch validation state to failed */
if (valid == VALIDATION_SKIPPED && uri_found)
->>>>>>> upstream/4.5.1
{
valid = VALIDATION_FAILED;
}
@@ -809,12 +665,8 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
METHOD(cert_validator_t, validate, bool,
private_revocation_validator_t *this, certificate_t *subject,
-<<<<<<< HEAD
- certificate_t *issuer, bool online, int pathlen, auth_cfg_t *auth)
-=======
certificate_t *issuer, bool online, u_int pathlen, bool anchor,
auth_cfg_t *auth)
->>>>>>> upstream/4.5.1
{
if (subject->get_type(subject) == CERT_X509 &&
issuer->get_type(issuer) == CERT_X509 &&
@@ -822,12 +674,8 @@ METHOD(cert_validator_t, validate, bool,
{
DBG1(DBG_CFG, "checking certificate status of \"%Y\"",
subject->get_subject(subject));
-<<<<<<< HEAD
- switch (check_ocsp((x509_t*)subject, (x509_t*)issuer, auth))
-=======
switch (check_ocsp((x509_t*)subject, (x509_t*)issuer,
pathlen ? NULL : auth))
->>>>>>> upstream/4.5.1
{
case VALIDATION_GOOD:
DBG1(DBG_CFG, "certificate status is good");
@@ -845,12 +693,8 @@ METHOD(cert_validator_t, validate, bool,
DBG1(DBG_CFG, "ocsp check failed, fallback to crl");
break;
}
-<<<<<<< HEAD
- switch (check_crl((x509_t*)subject, (x509_t*)issuer, auth))
-=======
switch (check_crl((x509_t*)subject, (x509_t*)issuer,
pathlen ? NULL : auth))
->>>>>>> upstream/4.5.1
{
case VALIDATION_GOOD:
DBG1(DBG_CFG, "certificate status is good");
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index 95e4e403d..b4b275648 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c
index fcb75dfa2..a9b84e790 100644
--- a/src/libstrongswan/plugins/sha1/sha1_plugin.c
+++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c
@@ -19,11 +19,6 @@
#include "sha1_hasher.h"
#include "sha1_prf.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "sha1";
-
->>>>>>> upstream/4.5.1
typedef struct private_sha1_plugin_t private_sha1_plugin_t;
/**
@@ -37,15 +32,14 @@ struct private_sha1_plugin_t {
sha1_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of sha1_plugin_t.destroy
- */
-static void destroy(private_sha1_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_sha1_plugin_t *this)
+{
+ return "sha1";
+}
+
METHOD(plugin_t, destroy, void,
private_sha1_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_hasher(lib->crypto,
(hasher_constructor_t)sha1_hasher_create);
@@ -59,29 +53,21 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *sha1_plugin_create()
{
-<<<<<<< HEAD
- private_sha1_plugin_t *this = malloc_thing(private_sha1_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
- (hasher_constructor_t)sha1_hasher_create);
- lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1,
-=======
private_sha1_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this),
(hasher_constructor_t)sha1_hasher_create);
- lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this),
(prf_constructor_t)sha1_prf_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index 0dc56ac37..bdc235555 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -219,13 +219,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,14 +260,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c
index b47f07b8d..4ec03a268 100644
--- a/src/libstrongswan/plugins/sha2/sha2_plugin.c
+++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c
@@ -18,11 +18,6 @@
#include <library.h>
#include "sha2_hasher.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "sha2";
-
->>>>>>> upstream/4.5.1
typedef struct private_sha2_plugin_t private_sha2_plugin_t;
/**
@@ -36,15 +31,14 @@ struct private_sha2_plugin_t {
sha2_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of sha2_plugin_t.destroy
- */
-static void destroy(private_sha2_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_sha2_plugin_t *this)
+{
+ return "sha2";
+}
+
METHOD(plugin_t, destroy, void,
private_sha2_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->crypto->remove_hasher(lib->crypto,
(hasher_constructor_t)sha2_hasher_create);
@@ -56,37 +50,25 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *sha2_plugin_create()
{
-<<<<<<< HEAD
- private_sha2_plugin_t *this = malloc_thing(private_sha2_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
- (hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
- (hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
- (hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
-=======
private_sha2_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this),
(hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this),
(hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name,
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this),
(hasher_constructor_t)sha2_hasher_create);
- lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name,
->>>>>>> upstream/4.5.1
+ lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this),
(hasher_constructor_t)sha2_hasher_create);
return &this->public.plugin;
diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in
index 35d175f95..ec370d38c 100644
--- a/src/libstrongswan/plugins/soup/Makefile.in
+++ b/src/libstrongswan/plugins/soup/Makefile.in
@@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/soup/soup_fetcher.c b/src/libstrongswan/plugins/soup/soup_fetcher.c
index fd97631bd..3e5786b12 100644
--- a/src/libstrongswan/plugins/soup/soup_fetcher.c
+++ b/src/libstrongswan/plugins/soup/soup_fetcher.c
@@ -58,44 +58,77 @@ struct private_soup_fetcher_t {
* HTTP request version
*/
SoupHTTPVersion version;
+
+ /**
+ * Fetcher callback function
+ */
+ fetcher_callback_t cb;
};
+/**
+ * Data to pass to soup callback
+ */
+typedef struct {
+ fetcher_callback_t cb;
+ void *user;
+ SoupSession *session;
+} cb_data_t;
+
+/**
+ * Soup callback invoking our callback
+ */
+static void soup_cb(SoupMessage *message, SoupBuffer *chunk, cb_data_t *data)
+{
+ if (!data->cb(data->user, chunk_create((u_char*)chunk->data, chunk->length)))
+ {
+ soup_session_cancel_message(data->session, message,
+ SOUP_STATUS_CANCELLED);
+ }
+}
+
METHOD(fetcher_t, fetch, status_t,
- private_soup_fetcher_t *this, char *uri, chunk_t *result)
+ private_soup_fetcher_t *this, char *uri, void *userdata)
{
- SoupSession *session;
SoupMessage *message;
status_t status = FAILED;
+ cb_data_t data = {
+ .cb = this->cb,
+ .user = userdata,
+ };
message = soup_message_new(this->method, uri);
if (!message)
{
return NOT_SUPPORTED;
}
+ if (this->cb == fetcher_default_callback)
+ {
+ *(chunk_t*)userdata = chunk_empty;
+ }
if (this->type)
{
soup_message_set_request(message, this->type, SOUP_MEMORY_STATIC,
this->data.ptr, this->data.len);
}
soup_message_set_http_version(message, this->version);
- session = soup_session_sync_new();
- g_object_set(G_OBJECT(session),
+ soup_message_body_set_accumulate(message->response_body, FALSE);
+ g_signal_connect(message, "got-chunk", G_CALLBACK(soup_cb), &data);
+ data.session = soup_session_sync_new();
+ g_object_set(G_OBJECT(data.session),
SOUP_SESSION_TIMEOUT, (guint)this->timeout, NULL);
DBG2(DBG_LIB, "sending http request to '%s'...", uri);
- soup_session_send_message(session, message);
+ soup_session_send_message(data.session, message);
if (SOUP_STATUS_IS_SUCCESSFUL(message->status_code))
{
- *result = chunk_clone(chunk_create((u_char*)message->response_body->data,
- message->response_body->length));
status = SUCCESS;
}
else
{
- DBG1(DBG_LIB, "HTTP request failed, code %d", message->status_code);
+ DBG1(DBG_LIB, "HTTP request failed: %s", message->reason_phrase);
}
g_object_unref(G_OBJECT(message));
- g_object_unref(G_OBJECT(session));
+ g_object_unref(G_OBJECT(data.session));
return status;
}
@@ -121,6 +154,9 @@ METHOD(fetcher_t, set_option, bool,
case FETCH_TIMEOUT:
this->timeout = va_arg(args, u_int);
break;
+ case FETCH_CALLBACK:
+ this->cb = va_arg(args, fetcher_callback_t);
+ break;
default:
supported = FALSE;
break;
@@ -153,6 +189,7 @@ soup_fetcher_t *soup_fetcher_create()
.method = SOUP_METHOD_GET,
.version = SOUP_HTTP_1_1,
.timeout = DEFAULT_TIMEOUT,
+ .cb = fetcher_default_callback,
);
return &this->public;
diff --git a/src/libstrongswan/plugins/soup/soup_plugin.c b/src/libstrongswan/plugins/soup/soup_plugin.c
index 970e32472..22c8762e0 100644
--- a/src/libstrongswan/plugins/soup/soup_plugin.c
+++ b/src/libstrongswan/plugins/soup/soup_plugin.c
@@ -34,6 +34,12 @@ struct private_soup_plugin_t {
soup_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_soup_plugin_t *this)
+{
+ return "soup";
+}
+
METHOD(plugin_t, destroy, void,
private_soup_plugin_t *this)
{
@@ -58,6 +64,8 @@ plugin_t *soup_plugin_create()
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index bf952acc5..e2ec799a9 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -222,13 +222,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -267,14 +263,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c
index e1c51f098..f9e06199e 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_database.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c
@@ -213,15 +213,8 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...)
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.query.
- */
-static enumerator_t* query(private_sqlite_database_t *this, char *sql, ...)
-=======
METHOD(database_t, query, enumerator_t*,
private_sqlite_database_t *this, char *sql, ...)
->>>>>>> upstream/4.5.1
{
sqlite3_stmt *stmt;
va_list args;
@@ -253,15 +246,8 @@ METHOD(database_t, query, enumerator_t*,
return (enumerator_t*)enumerator;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.execute.
- */
-static int execute(private_sqlite_database_t *this, int *rowid, char *sql, ...)
-=======
METHOD(database_t, execute, int,
private_sqlite_database_t *this, int *rowid, char *sql, ...)
->>>>>>> upstream/4.5.1
{
sqlite3_stmt *stmt;
int affected = -1;
@@ -293,15 +279,8 @@ METHOD(database_t, execute, int,
return affected;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.get_driver
- */
-static db_driver_t get_driver(private_sqlite_database_t *this)
-=======
METHOD(database_t, get_driver, db_driver_t,
private_sqlite_database_t *this)
->>>>>>> upstream/4.5.1
{
return DB_SQLITE;
}
@@ -317,15 +296,8 @@ static int busy_handler(private_sqlite_database_t *this, int count)
return 1;
}
-<<<<<<< HEAD
-/**
- * Implementation of database_t.destroy
- */
-static void destroy(private_sqlite_database_t *this)
-=======
METHOD(database_t, destroy, void,
private_sqlite_database_t *this)
->>>>>>> upstream/4.5.1
{
sqlite3_close(this->db);
this->mutex->destroy(this->mutex);
@@ -349,16 +321,6 @@ sqlite_database_t *sqlite_database_create(char *uri)
}
file = uri + 9;
-<<<<<<< HEAD
- this = malloc_thing(private_sqlite_database_t);
-
- this->public.db.query = (enumerator_t* (*)(database_t *this, char *sql, ...))query;
- this->public.db.execute = (int (*)(database_t *this, int *rowid, char *sql, ...))execute;
- this->public.db.get_driver = (db_driver_t(*)(database_t*))get_driver;
- this->public.db.destroy = (void(*)(database_t*))destroy;
-
- this->mutex = mutex_create(MUTEX_TYPE_RECURSIVE);
-=======
INIT(this,
.public = {
.db = {
@@ -370,17 +332,12 @@ sqlite_database_t *sqlite_database_create(char *uri)
},
.mutex = mutex_create(MUTEX_TYPE_RECURSIVE),
);
->>>>>>> upstream/4.5.1
if (sqlite3_open(file, &this->db) != SQLITE_OK)
{
DBG1(DBG_LIB, "opening SQLite database '%s' failed: %s",
file, sqlite3_errmsg(this->db));
-<<<<<<< HEAD
- destroy(this);
-=======
_destroy(this);
->>>>>>> upstream/4.5.1
return NULL;
}
diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
index e0bdf0634..d8c6a560c 100644
--- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
+++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c
@@ -31,15 +31,14 @@ struct private_sqlite_plugin_t {
sqlite_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of plugin_t.destroy
- */
-static void destroy(private_sqlite_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_sqlite_plugin_t *this)
+{
+ return "sqlite";
+}
+
METHOD(plugin_t, destroy, void,
private_sqlite_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->db->remove_database(lib->db,
(database_constructor_t)sqlite_database_create);
@@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *sqlite_plugin_create()
{
-<<<<<<< HEAD
- private_sqlite_plugin_t *this = malloc_thing(private_sqlite_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_sqlite_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->db->add_database(lib->db,
(database_constructor_t)sqlite_database_create);
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index 651fb8a9f..70cdfd600 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -227,13 +227,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -254,6 +248,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -272,14 +268,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c
index 80b5f1010..b4bf1fe6a 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c
@@ -25,7 +25,6 @@
crypter_test_vector_t des_ecb1 = {
.alg = ENCR_DES_ECB, .key_size = 8, .len = 8,
.key = "\x00\x01\x02\x03\x04\x05\x06\x07",
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
.plain = "\x41\xAD\x06\x85\x48\x80\x9D\x02",
.cipher = "\x00\x11\x22\x33\x44\x55\x66\x77"
};
@@ -36,7 +35,6 @@ crypter_test_vector_t des_ecb1 = {
crypter_test_vector_t des_ecb2 = {
.alg = ENCR_DES_ECB, .key_size = 8, .len = 8,
.key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00",
- .iv = "\x00\x00\x00\x00\x00\x00\x00\x00",
.plain = "\xB1\x0F\x84\x30\x97\xA0\xF9\x32",
.cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84"
};
diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
index c021ef67b..4a8743289 100644
--- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
+++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c
@@ -104,15 +104,14 @@ struct private_test_vectors_plugin_t {
test_vectors_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of test_vectors_plugin_t.test_vectorstroy
- */
-static void destroy(private_test_vectors_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_test_vectors_plugin_t *this)
+{
+ return "test-vectors";
+}
+
METHOD(plugin_t, destroy, void,
private_test_vectors_plugin_t *this)
->>>>>>> upstream/4.5.1
{
free(this);
}
@@ -122,23 +121,18 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *test_vectors_plugin_create()
{
-<<<<<<< HEAD
- private_test_vectors_plugin_t *this = malloc_thing(private_test_vectors_plugin_t);
- int i;
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_test_vectors_plugin_t *this;
int i;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
for (i = 0; i < countof(crypter); i++)
{
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 785d6441c..58cdf2c7c 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -221,13 +221,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -266,14 +262,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 0eabc8010..8b228a2b6 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -117,11 +117,7 @@ struct private_x509_cert_t {
linked_list_t *subjectAltNames;
/**
-<<<<<<< HEAD
- * List of crlDistributionPoints as allocated char*
-=======
* List of crlDistributionPoints as x509_cdp_t*
->>>>>>> upstream/4.5.1
*/
linked_list_t *crl_uris;
@@ -136,8 +132,6 @@ struct private_x509_cert_t {
linked_list_t *ipAddrBlocks;
/**
-<<<<<<< HEAD
-=======
* List of permitted name constraints
*/
linked_list_t *permitted_names;
@@ -158,7 +152,6 @@ struct private_x509_cert_t {
linked_list_t *policy_mappings;
/**
->>>>>>> upstream/4.5.1
* certificate's embedded public key
*/
public_key_t *public_key;
@@ -181,9 +174,6 @@ struct private_x509_cert_t {
/**
* Path Length Constraint
*/
-<<<<<<< HEAD
- int pathLenConstraint;
-=======
u_char pathLenConstraint;
/**
@@ -200,7 +190,6 @@ struct private_x509_cert_t {
* inhibitAnyPolicy Constraint
*/
u_char inhibit_any;
->>>>>>> upstream/4.5.1
/**
* x509 constraints and other flags
@@ -233,8 +222,6 @@ static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
);
/**
-<<<<<<< HEAD
-=======
* Destroy a CertificateDistributionPoint
*/
static void crl_uri_destroy(x509_cdp_t *this)
@@ -282,7 +269,6 @@ static u_int parse_constraint(chunk_t object)
}
/**
->>>>>>> upstream/4.5.1
* ASN.1 definition of a basicConstraints extension
*/
static const asn1Object_t basicConstraintsObjects[] = {
@@ -324,19 +310,7 @@ static void parse_basicConstraints(chunk_t blob, int level0,
case BASIC_CONSTRAINTS_PATH_LEN:
if (isCA)
{
-<<<<<<< HEAD
- if (object.len == 0)
- {
- this->pathLenConstraint = 0;
- }
- else if (object.len == 1)
- {
- this->pathLenConstraint = *object.ptr;
- }
- /* we ignore path length constraints > 127 */
-=======
this->pathLenConstraint = parse_constraint(object);
->>>>>>> upstream/4.5.1
}
break;
default:
@@ -674,11 +648,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0,
}
break;
default:
-<<<<<<< HEAD
- /* unkown accessMethod, ignoring */
-=======
/* unknown accessMethod, ignoring */
->>>>>>> upstream/4.5.1
break;
}
break;
@@ -693,8 +663,6 @@ end:
}
/**
-<<<<<<< HEAD
-=======
* Extract KeyUsage flags
*/
static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this)
@@ -749,7 +717,6 @@ static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this)
}
/**
->>>>>>> upstream/4.5.1
* ASN.1 definition of a extendedKeyUsage extension
*/
static const asn1Object_t extendedKeyUsageObjects[] = {
@@ -761,11 +728,7 @@ static const asn1Object_t extendedKeyUsageObjects[] = {
#define EXT_KEY_USAGE_PURPOSE_ID 1
/**
-<<<<<<< HEAD
- * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
-=======
* Extracts extendedKeyUsage OIDs
->>>>>>> upstream/4.5.1
*/
static void parse_extendedKeyUsage(chunk_t blob, int level0,
private_x509_cert_t *this)
@@ -814,18 +777,11 @@ static const asn1Object_t crlDistributionPointsObjects[] = {
{ 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
{ 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
{ 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
-<<<<<<< HEAD
- { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
-=======
{ 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_OBJ }, /* 10 */
->>>>>>> upstream/4.5.1
{ 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
{ 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
{ 0, "exit", ASN1_EOC, ASN1_EXIT }
};
-<<<<<<< HEAD
-#define CRL_DIST_POINTS_FULLNAME 3
-=======
#define CRL_DIST_POINTS 1
#define CRL_DIST_POINTS_FULLNAME 3
#define CRL_DIST_POINTS_ISSUER 10
@@ -874,21 +830,10 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris,
id->destroy(id);
}
}
->>>>>>> upstream/4.5.1
/**
* Extracts one or several crlDistributionPoints into a list
*/
-<<<<<<< HEAD
-static void parse_crlDistributionPoints(chunk_t blob, int level0,
- private_x509_cert_t *this)
-{
- asn1_parser_t *parser;
- chunk_t object;
- int objectID;
- linked_list_t *list = linked_list_create();
-
-=======
void x509_parse_crlDistributionPoints(chunk_t blob, int level0,
linked_list_t *list)
{
@@ -899,36 +844,11 @@ void x509_parse_crlDistributionPoints(chunk_t blob, int level0,
uris = linked_list_create();
issuers = linked_list_create();
->>>>>>> upstream/4.5.1
parser = asn1_parser_create(crlDistributionPointsObjects, blob);
parser->set_top_level(parser, level0);
while (parser->iterate(parser, &objectID, &object))
{
-<<<<<<< HEAD
- if (objectID == CRL_DIST_POINTS_FULLNAME)
- {
- identification_t *id;
-
- /* append extracted generalNames to existing chained list */
- x509_parse_generalNames(object, parser->get_level(parser)+1,
- TRUE, list);
-
- while (list->remove_last(list, (void**)&id) == SUCCESS)
- {
- char *uri;
-
- if (asprintf(&uri, "%Y", id) > 0)
- {
- this->crl_uris->insert_last(this->crl_uris, uri);
- }
- id->destroy(id);
- }
- }
- }
- parser->destroy(parser);
- list->destroy(list);
-=======
switch (objectID)
{
case CRL_DIST_POINTS:
@@ -1017,15 +937,15 @@ static const asn1Object_t certificatePoliciesObject[] = {
{ 0, "certificatePolicies", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
{ 1, "policyInformation", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
{ 2, "policyId", ASN1_OID, ASN1_BODY }, /* 2 */
- { 2, "qualifier", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 3 */
+ { 2, "qualifiers", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 3 */
{ 3, "qualifierInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 4 */
{ 4, "qualifierId", ASN1_OID, ASN1_BODY }, /* 5 */
{ 4, "cPSuri", ASN1_IA5STRING, ASN1_OPT|ASN1_BODY }, /* 6 */
{ 4, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
- { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */
+ { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 8 */
{ 5, "explicitText", ASN1_EOC, ASN1_RAW }, /* 9 */
{ 4, "end choice", ASN1_EOC, ASN1_END }, /* 10 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */
+ { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */
{ 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
{ 0, "exit", ASN1_EOC, ASN1_EXIT }
};
@@ -1179,7 +1099,6 @@ static void parse_policyConstraints(chunk_t blob, int level0,
}
}
parser->destroy(parser);
->>>>>>> upstream/4.5.1
}
/**
@@ -1198,7 +1117,7 @@ static const asn1Object_t ipAddrBlocksObjects[] = {
{ 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */
{ 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */
{ 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
- { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */
+ { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */
{ 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
{ 0, "exit", ASN1_EOC, ASN1_EXIT }
};
@@ -1374,14 +1293,6 @@ static const asn1Object_t certObjects[] = {
#define X509_OBJ_SIGNATURE 25
/**
-<<<<<<< HEAD
- * forward declaration
- */
-static bool issued_by(private_x509_cert_t *this, certificate_t *issuer);
-
-/**
-=======
->>>>>>> upstream/4.5.1
* Parses an X.509v3 certificate
*/
static bool parse_certificate(private_x509_cert_t *this)
@@ -1481,12 +1392,8 @@ static bool parse_certificate(private_x509_cert_t *this)
parse_basicConstraints(object, level, this);
break;
case OID_CRL_DISTRIBUTION_POINTS:
-<<<<<<< HEAD
- parse_crlDistributionPoints(object, level, this);
-=======
x509_parse_crlDistributionPoints(object, level,
this->crl_uris);
->>>>>>> upstream/4.5.1
break;
case OID_AUTHORITY_KEY_ID:
this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
@@ -1496,11 +1403,7 @@ static bool parse_certificate(private_x509_cert_t *this)
parse_authorityInfoAccess(object, level, this);
break;
case OID_KEY_USAGE:
-<<<<<<< HEAD
- /* TODO parse the flags */
-=======
parse_keyUsage(object, this);
->>>>>>> upstream/4.5.1
break;
case OID_EXTENDED_KEY_USAGE:
parse_extendedKeyUsage(object, level, this);
@@ -1508,8 +1411,6 @@ static bool parse_certificate(private_x509_cert_t *this)
case OID_IP_ADDR_BLOCKS:
parse_ipAddrBlocks(object, level, this);
break;
-<<<<<<< HEAD
-=======
case OID_NAME_CONSTRAINTS:
parse_nameConstraints(object, level, this);
break;
@@ -1530,7 +1431,6 @@ static bool parse_certificate(private_x509_cert_t *this)
}
this->inhibit_any = parse_constraint(object);
break;
->>>>>>> upstream/4.5.1
case OID_NS_REVOCATION_URL:
case OID_NS_CA_REVOCATION_URL:
case OID_NS_CA_POLICY_URL:
@@ -1543,15 +1443,9 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
default:
if (critical && lib->settings->get_bool(lib->settings,
-<<<<<<< HEAD
- "libstrongswan.plugins.x509.enforce_critical", FALSE))
- {
- DBG1(DBG_LIB, "critical %s extension not supported",
-=======
"libstrongswan.x509.enforce_critical", TRUE))
{
DBG1(DBG_LIB, "critical '%s' extension not supported",
->>>>>>> upstream/4.5.1
(extn_oid == OID_UNKNOWN) ? "unknown" :
(char*)oid_names[extn_oid].name);
goto end;
@@ -1584,13 +1478,9 @@ end:
hasher_t *hasher;
/* check if the certificate is self-signed */
-<<<<<<< HEAD
- if (issued_by(this, &this->public.interface.interface))
-=======
if (this->public.interface.interface.issued_by(
&this->public.interface.interface,
&this->public.interface.interface))
->>>>>>> upstream/4.5.1
{
this->flags |= X509_SELF_SIGNED;
}
@@ -1607,54 +1497,26 @@ end:
return success;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_type
- */
-static certificate_type_t get_type(private_x509_cert_t *this)
-=======
METHOD(certificate_t, get_type, certificate_type_t,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return CERT_X509;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_subject
- */
-static identification_t* get_subject(private_x509_cert_t *this)
-=======
METHOD(certificate_t, get_subject, identification_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->subject;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_issuer
- */
-static identification_t* get_issuer(private_x509_cert_t *this)
-=======
METHOD(certificate_t, get_issuer, identification_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->issuer;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.has_subject.
- */
-static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
-=======
METHOD(certificate_t, has_subject, id_match_t,
private_x509_cert_t *this, identification_t *subject)
->>>>>>> upstream/4.5.1
{
identification_t *current;
enumerator_t *enumerator;
@@ -1695,29 +1557,15 @@ METHOD(certificate_t, has_subject, id_match_t,
return best;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.has_issuer.
- */
-static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
-=======
METHOD(certificate_t, has_issuer, id_match_t,
private_x509_cert_t *this, identification_t *issuer)
->>>>>>> upstream/4.5.1
{
/* issuerAltNames currently not supported */
return this->issuer->matches(this->issuer, issuer);
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.issued_by.
- */
-static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
-=======
METHOD(certificate_t, issued_by, bool,
private_x509_cert_t *this, certificate_t *issuer)
->>>>>>> upstream/4.5.1
{
public_key_t *key;
signature_scheme_t scheme;
@@ -1764,44 +1612,13 @@ METHOD(certificate_t, issued_by, bool,
return valid;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_public_key
- */
-static public_key_t* get_public_key(private_x509_cert_t *this)
-=======
METHOD(certificate_t, get_public_key, public_key_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
this->public_key->get_ref(this->public_key);
return this->public_key;
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_ref
- */
-static private_x509_cert_t* get_ref(private_x509_cert_t *this)
-{
- ref_get(&this->ref);
- return this;
-}
-
-/**
- * Implementation of x509_cert_t.get_flags.
- */
-static x509_flag_t get_flags(private_x509_cert_t *this)
-{
- return this->flags;
-}
-
-/**
- * Implementation of x509_cert_t.get_validity.
- */
-static bool get_validity(private_x509_cert_t *this, time_t *when,
- time_t *not_before, time_t *not_after)
-=======
METHOD(certificate_t, get_ref, certificate_t*,
private_x509_cert_t *this)
{
@@ -1812,7 +1629,6 @@ METHOD(certificate_t, get_ref, certificate_t*,
METHOD(certificate_t, get_validity, bool,
private_x509_cert_t *this, time_t *when, time_t *not_before,
time_t *not_after)
->>>>>>> upstream/4.5.1
{
time_t t = when ? *when : time(NULL);
@@ -1827,16 +1643,8 @@ METHOD(certificate_t, get_validity, bool,
return (t >= this->notBefore && t <= this->notAfter);
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.get_encoding.
- */
-static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type,
- chunk_t *encoding)
-=======
METHOD(certificate_t, get_encoding, bool,
private_x509_cert_t *this, cred_encoding_type_t type, chunk_t *encoding)
->>>>>>> upstream/4.5.1
{
if (type == CERT_ASN1_DER)
{
@@ -1847,15 +1655,8 @@ METHOD(certificate_t, get_encoding, bool,
CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END);
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.equals.
- */
-static bool equals(private_x509_cert_t *this, certificate_t *other)
-=======
METHOD(certificate_t, equals, bool,
private_x509_cert_t *this, certificate_t *other)
->>>>>>> upstream/4.5.1
{
chunk_t encoding;
bool equal;
@@ -1881,12 +1682,6 @@ METHOD(certificate_t, equals, bool,
return equal;
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_t.get_serial.
- */
-static chunk_t get_serial(private_x509_cert_t *this)
-=======
METHOD(x509_t, get_flags, x509_flag_t,
private_x509_cert_t *this)
{
@@ -1895,20 +1690,12 @@ METHOD(x509_t, get_flags, x509_flag_t,
METHOD(x509_t, get_serial, chunk_t,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->serialNumber;
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_t.get_subjectKeyIdentifier.
- */
-static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
-=======
METHOD(x509_t, get_subjectKeyIdentifier, chunk_t,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
if (this->subjectKeyIdentifier.ptr)
{
@@ -1930,33 +1717,12 @@ METHOD(x509_t, get_subjectKeyIdentifier, chunk_t,
}
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_t.get_authKeyIdentifier.
- */
-static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
-=======
METHOD(x509_t, get_authKeyIdentifier, chunk_t,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->authKeyIdentifier;
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_t.get_pathLenConstraint.
- */
-static int get_pathLenConstraint(private_x509_cert_t *this)
-{
- return this->pathLenConstraint;
-}
-
-/**
- * Implementation of x509_cert_t.create_subjectAltName_enumerator.
- */
-static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
-=======
METHOD(x509_t, get_constraint, u_int,
private_x509_cert_t *this, x509_constraint_t type)
{
@@ -1977,56 +1743,28 @@ METHOD(x509_t, get_constraint, u_int,
METHOD(x509_t, create_subjectAltName_enumerator, enumerator_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->subjectAltNames->create_enumerator(this->subjectAltNames);
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
- */
-static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
-=======
METHOD(x509_t, create_ocsp_uri_enumerator, enumerator_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->ocsp_uris->create_enumerator(this->ocsp_uris);
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_cert_t.create_crl_uri_enumerator.
- */
-static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
-=======
METHOD(x509_t, create_crl_uri_enumerator, enumerator_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->crl_uris->create_enumerator(this->crl_uris);
}
-<<<<<<< HEAD
-/**
- * Implementation of x509_cert_t.create_ipAddrBlock_enumerator.
- */
-static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this)
-=======
METHOD(x509_t, create_ipAddrBlock_enumerator, enumerator_t*,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks);
}
-<<<<<<< HEAD
-/**
- * Implementation of certificate_t.destroy.
- */
-static void destroy(private_x509_cert_t *this)
-=======
METHOD(x509_t, create_name_constraint_enumerator, enumerator_t*,
private_x509_cert_t *this, bool perm)
{
@@ -2051,17 +1789,11 @@ METHOD(x509_t, create_policy_mapping_enumerator, enumerator_t*,
METHOD(certificate_t, destroy, void,
private_x509_cert_t *this)
->>>>>>> upstream/4.5.1
{
if (ref_put(&this->ref))
{
this->subjectAltNames->destroy_offset(this->subjectAltNames,
offsetof(identification_t, destroy));
-<<<<<<< HEAD
- this->crl_uris->destroy_function(this->crl_uris, free);
- this->ocsp_uris->destroy_function(this->ocsp_uris, free);
- this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy));
-=======
this->crl_uris->destroy_function(this->crl_uris, (void*)crl_uri_destroy);
this->ocsp_uris->destroy_function(this->ocsp_uris, free);
this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks,
@@ -2074,7 +1806,6 @@ METHOD(certificate_t, destroy, void,
(void*)cert_policy_destroy);
this->policy_mappings->destroy_function(this->policy_mappings,
(void*)policy_mapping_destroy);
->>>>>>> upstream/4.5.1
DESTROY_IF(this->issuer);
DESTROY_IF(this->subject);
DESTROY_IF(this->public_key);
@@ -2096,56 +1827,6 @@ METHOD(certificate_t, destroy, void,
*/
static private_x509_cert_t* create_empty(void)
{
-<<<<<<< HEAD
- private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
-
- this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
- this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
- this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
- this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
- this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
- this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
- this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
- this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
- this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
- this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
- this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
- this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
- this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
- this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
- this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
- this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
- this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
- this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
- this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
- this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator;
-
- this->encoding = chunk_empty;
- this->encoding_hash = chunk_empty;
- this->tbsCertificate = chunk_empty;
- this->version = 1;
- this->serialNumber = chunk_empty;
- this->notBefore = 0;
- this->notAfter = 0;
- this->public_key = NULL;
- this->subject = NULL;
- this->issuer = NULL;
- this->subjectAltNames = linked_list_create();
- this->crl_uris = linked_list_create();
- this->ocsp_uris = linked_list_create();
- this->ipAddrBlocks = linked_list_create();
- this->subjectKeyIdentifier = chunk_empty;
- this->authKeyIdentifier = chunk_empty;
- this->authKeySerialNumber = chunk_empty;
- this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
- this->algorithm = 0;
- this->signature = chunk_empty;
- this->flags = 0;
- this->ref = 1;
- this->parsed = FALSE;
-
-=======
private_x509_cert_t *this;
INIT(this,
@@ -2194,13 +1875,10 @@ static private_x509_cert_t* create_empty(void)
.inhibit_any = X509_NO_CONSTRAINT,
.ref = 1,
);
->>>>>>> upstream/4.5.1
return this;
}
/**
-<<<<<<< HEAD
-=======
* Build a generalName from an id
*/
chunk_t build_generalName(identification_t *id)
@@ -2231,16 +1909,11 @@ chunk_t build_generalName(identification_t *id)
}
/**
->>>>>>> upstream/4.5.1
* Encode a linked list of subjectAltNames
*/
chunk_t x509_build_subjectAltNames(linked_list_t *list)
{
-<<<<<<< HEAD
- chunk_t subjectAltNames = chunk_empty;
-=======
chunk_t subjectAltNames = chunk_empty, name;
->>>>>>> upstream/4.5.1
enumerator_t *enumerator;
identification_t *id;
@@ -2252,33 +1925,7 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list)
enumerator = list->create_enumerator(list);
while (enumerator->enumerate(enumerator, &id))
{
-<<<<<<< HEAD
- int context;
- chunk_t name;
-
- switch (id->get_type(id))
- {
- case ID_RFC822_ADDR:
- context = ASN1_CONTEXT_S_1;
- break;
- case ID_FQDN:
- context = ASN1_CONTEXT_S_2;
- break;
- case ID_IPV4_ADDR:
- case ID_IPV6_ADDR:
- context = ASN1_CONTEXT_S_7;
- break;
- default:
- DBG1(DBG_LIB, "encoding %N as subjectAltName not supported",
- id_type_names, id->get_type(id));
- enumerator->destroy(enumerator);
- free(subjectAltNames.ptr);
- return chunk_empty;
- }
- name = asn1_wrap(context, "c", id->get_encoding(id));
-=======
name = build_generalName(id);
->>>>>>> upstream/4.5.1
subjectAltNames = chunk_cat("mm", subjectAltNames, name);
}
enumerator->destroy(enumerator);
@@ -2292,8 +1939,6 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list)
}
/**
-<<<<<<< HEAD
-=======
* Encode CRL distribution points extension from a x509_cdp_t list
*/
chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn)
@@ -2335,7 +1980,6 @@ chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn)
}
/**
->>>>>>> upstream/4.5.1
* Generate and sign a new certificate
*/
static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
@@ -2343,14 +1987,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
{
chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
-<<<<<<< HEAD
- chunk_t ocspSigning = chunk_empty;
- chunk_t basicConstraints = chunk_empty;
- chunk_t keyUsage = chunk_empty;
- chunk_t subjectAltNames = chunk_empty;
- chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
- chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
-=======
chunk_t ocspSigning = chunk_empty, certPolicies = chunk_empty;
chunk_t basicConstraints = chunk_empty, nameConstraints = chunk_empty;
chunk_t keyUsage = chunk_empty, keyUsageBits = chunk_empty;
@@ -2358,7 +1994,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
chunk_t policyConstraints = chunk_empty, inhibitAnyPolicy = chunk_empty;
->>>>>>> upstream/4.5.1
identification_t *issuer, *subject;
chunk_t key_info;
signature_scheme_t scheme;
@@ -2412,34 +2047,8 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
/* encode subjectAltNames */
subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames);
-<<<<<<< HEAD
- /* encode CRL distribution points extension */
- enumerator = cert->crl_uris->create_enumerator(cert->crl_uris);
- while (enumerator->enumerate(enumerator, &uri))
- {
- chunk_t distributionPoint;
-
- distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m",
- asn1_wrap(ASN1_CONTEXT_C_0, "m",
- asn1_wrap(ASN1_CONTEXT_C_0, "m",
- asn1_wrap(ASN1_CONTEXT_S_6, "c",
- chunk_create(uri, strlen(uri))))));
-
- crlDistributionPoints = chunk_cat("mm", crlDistributionPoints,
- distributionPoint);
- }
- enumerator->destroy(enumerator);
- if (crlDistributionPoints.ptr)
- {
- crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS),
- asn1_wrap(ASN1_OCTET_STRING, "m",
- asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints)));
- }
-=======
crlDistributionPoints = x509_build_crlDistributionPoints(cert->crl_uris,
OID_CRL_DISTRIBUTION_POINTS);
->>>>>>> upstream/4.5.1
/* encode OCSP URIs in authorityInfoAccess extension */
enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris);
@@ -2468,18 +2077,10 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
{
chunk_t pathLenConstraint = chunk_empty;
-<<<<<<< HEAD
- if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
- {
- char pathlen = (char)cert->pathLenConstraint;
-
- pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen));
-=======
if (cert->pathLenConstraint != X509_NO_CONSTRAINT)
{
pathLenConstraint = asn1_integer("c",
chunk_from_thing(cert->pathLenConstraint));
->>>>>>> upstream/4.5.1
}
basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
@@ -2490,15 +2091,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
asn1_wrap(ASN1_BOOLEAN, "c",
chunk_from_chars(0xFF)),
pathLenConstraint)));
-<<<<<<< HEAD
- keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm",
- asn1_build_known_oid(OID_KEY_USAGE),
- asn1_wrap(ASN1_BOOLEAN, "c",
- chunk_from_chars(0xFF)),
- asn1_wrap(ASN1_OCTET_STRING, "m",
- asn1_wrap(ASN1_BIT_STRING, "c",
- chunk_from_chars(0x01, 0x06))));
-=======
/* set CertificateSign and implicitly CRLsign */
keyUsageBits = chunk_from_chars(0x01, 0x06);
}
@@ -2513,7 +2105,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
asn1_wrap(ASN1_BOOLEAN, "c", chunk_from_chars(0xFF)),
asn1_wrap(ASN1_OCTET_STRING, "m",
asn1_wrap(ASN1_BIT_STRING, "c", keyUsageBits)));
->>>>>>> upstream/4.5.1
}
/* add serverAuth extendedKeyUsage flag */
@@ -2542,11 +2133,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
}
/* add subjectKeyIdentifier to CA and OCSP signer certificates */
-<<<<<<< HEAD
- if (cert->flags & (X509_CA | X509_OCSP_SIGNER))
-=======
if (cert->flags & (X509_CA | X509_OCSP_SIGNER | X509_CRL_SIGN))
->>>>>>> upstream/4.5.1
{
chunk_t keyid;
@@ -2574,17 +2161,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid))));
}
}
-<<<<<<< HEAD
- if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
- crlDistributionPoints.ptr)
- {
- extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
- asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm",
- basicConstraints, keyUsage, subjectKeyIdentifier,
- authKeyIdentifier, subjectAltNames,
- extendedKeyUsage, crlDistributionPoints,
- authorityInfoAccess));
-=======
if (cert->permitted_names->get_count(cert->permitted_names) ||
cert->excluded_names->get_count(cert->excluded_names))
@@ -2732,7 +2308,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
extendedKeyUsage, crlDistributionPoints,
authorityInfoAccess, nameConstraints, certPolicies,
policyMappings, policyConstraints, inhibitAnyPolicy));
->>>>>>> upstream/4.5.1
}
cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm",
@@ -2815,10 +2390,7 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
certificate_t *sign_cert = NULL;
private_key_t *sign_key = NULL;
hash_algorithm_t digest_alg = HASH_SHA1;
-<<<<<<< HEAD
-=======
u_int constraint;
->>>>>>> upstream/4.5.1
cert = create_empty();
while (TRUE)
@@ -2862,15 +2434,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
{
enumerator_t *enumerator;
linked_list_t *list;
-<<<<<<< HEAD
- char *uri;
-
- list = va_arg(args, linked_list_t*);
- enumerator = list->create_enumerator(list);
- while (enumerator->enumerate(enumerator, &uri))
- {
- cert->crl_uris->insert_last(cert->crl_uris, strdup(uri));
-=======
x509_cdp_t *in, *cdp;
list = va_arg(args, linked_list_t*);
@@ -2882,7 +2445,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
.issuer = in->issuer ? in->issuer->clone(in->issuer) : NULL,
);
cert->crl_uris->insert_last(cert->crl_uris, cdp);
->>>>>>> upstream/4.5.1
}
enumerator->destroy(enumerator);
continue;
@@ -2903,13 +2465,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
continue;
}
case BUILD_PATHLEN:
-<<<<<<< HEAD
- cert->pathLenConstraint = va_arg(args, int);
- if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
- {
- cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
- }
-=======
constraint = va_arg(args, u_int);
cert->pathLenConstraint = (constraint < 128) ?
constraint : X509_NO_CONSTRAINT;
@@ -3000,7 +2555,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
constraint = va_arg(args, u_int);
cert->inhibit_any = (constraint < 128) ?
constraint : X509_NO_CONSTRAINT;
->>>>>>> upstream/4.5.1
continue;
case BUILD_NOT_BEFORE_TIME:
cert->notBefore = va_arg(args, time_t);
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 3e62681f5..758505ab5 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -100,14 +100,11 @@ struct private_x509_crl_t {
linked_list_t *revoked;
/**
-<<<<<<< HEAD
-=======
* List of Freshest CRL distribution points
*/
linked_list_t *crl_uris;
/**
->>>>>>> upstream/4.5.1
* Authority Key Identifier
*/
chunk_t authKeyIdentifier;
@@ -118,14 +115,11 @@ struct private_x509_crl_t {
chunk_t authKeySerialNumber;
/**
-<<<<<<< HEAD
-=======
* Number of BaseCRL, if a delta CRL
*/
chunk_t baseCrlNumber;
/**
->>>>>>> upstream/4.5.1
* Signature algorithm
*/
int algorithm;
@@ -149,11 +143,6 @@ struct private_x509_crl_t {
/**
* from x509_cert
*/
-<<<<<<< HEAD
-extern chunk_t x509_parse_authorityKeyIdentifier(
- chunk_t blob, int level0,
- chunk_t *authKeySerialNumber);
-=======
extern chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
chunk_t *authKeySerialNumber);
@@ -167,7 +156,6 @@ extern void x509_parse_crlDistributionPoints(chunk_t blob, int level0,
* from x509_cert
*/
extern chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn);
->>>>>>> upstream/4.5.1
/**
* ASN.1 definition of an X.509 certificate revocation list
@@ -238,11 +226,7 @@ static bool parse(private_x509_crl_t *this)
int objectID;
int sig_alg = OID_UNKNOWN;
bool success = FALSE;
-<<<<<<< HEAD
- bool critical;
-=======
bool critical = FALSE;
->>>>>>> upstream/4.5.1
revoked_t *revoked = NULL;
parser = asn1_parser_create(crlObjects, this->encoding);
@@ -294,28 +278,6 @@ static bool parse(private_x509_crl_t *this)
break;
case CRL_OBJ_CRL_ENTRY_EXTN_VALUE:
case CRL_OBJ_EXTN_VALUE:
-<<<<<<< HEAD
- {
- int extn_oid = asn1_known_oid(extnID);
-
- if (revoked && extn_oid == OID_CRL_REASON_CODE)
- {
- if (*object.ptr == ASN1_ENUMERATED &&
- asn1_length(&object) == 1)
- {
- revoked->reason = *object.ptr;
- }
- DBG2(DBG_LIB, " '%N'", crl_reason_names,
- revoked->reason);
- }
- else if (extn_oid == OID_AUTHORITY_KEY_ID)
- {
- this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
- level, &this->authKeySerialNumber);
- }
- else if (extn_oid == OID_CRL_NUMBER)
- {
-=======
{
int extn_oid = asn1_known_oid(extnID);
@@ -339,18 +301,12 @@ static bool parse(private_x509_crl_t *this)
object, level, &this->authKeySerialNumber);
break;
case OID_CRL_NUMBER:
->>>>>>> upstream/4.5.1
if (!asn1_parse_simple_object(&object, ASN1_INTEGER,
level, "crlNumber"))
{
goto end;
}
this->crlNumber = object;
-<<<<<<< HEAD
- }
- }
- break;
-=======
break;
case OID_FRESHEST_CRL:
x509_parse_crlDistributionPoints(object, level,
@@ -377,7 +333,6 @@ static bool parse(private_x509_crl_t *this)
}
break;
}
->>>>>>> upstream/4.5.1
case CRL_OBJ_ALGORITHM:
{
this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
@@ -435,8 +390,6 @@ METHOD(crl_t, get_authKeyIdentifier, chunk_t,
return this->authKeyIdentifier;
}
-<<<<<<< HEAD
-=======
METHOD(crl_t, is_delta_crl, bool,
private_x509_crl_t *this, chunk_t *base_crl)
{
@@ -457,7 +410,6 @@ METHOD(crl_t, create_delta_crl_uri_enumerator, enumerator_t*,
return this->crl_uris->create_enumerator(this->crl_uris);
}
->>>>>>> upstream/4.5.1
METHOD(crl_t, create_enumerator, enumerator_t*,
private_x509_crl_t *this)
{
@@ -502,11 +454,7 @@ METHOD(certificate_t, issued_by, bool,
{
return FALSE;
}
-<<<<<<< HEAD
- if (!(x509->get_flags(x509) & X509_CA))
-=======
if (!(x509->get_flags(x509) & (X509_CA | X509_CRL_SIGN)))
->>>>>>> upstream/4.5.1
{
return FALSE;
}
@@ -619,8 +567,6 @@ static void revoked_destroy(revoked_t *revoked)
free(revoked);
}
-<<<<<<< HEAD
-=======
/**
* Destroy a CDP entry
*/
@@ -631,27 +577,20 @@ static void cdp_destroy(x509_cdp_t *this)
free(this);
}
->>>>>>> upstream/4.5.1
METHOD(certificate_t, destroy, void,
private_x509_crl_t *this)
{
if (ref_put(&this->ref))
{
this->revoked->destroy_function(this->revoked, (void*)revoked_destroy);
-<<<<<<< HEAD
-=======
this->crl_uris->destroy_function(this->crl_uris, (void*)cdp_destroy);
->>>>>>> upstream/4.5.1
DESTROY_IF(this->issuer);
free(this->authKeyIdentifier.ptr);
free(this->encoding.ptr);
if (this->generated)
{
free(this->crlNumber.ptr);
-<<<<<<< HEAD
-=======
free(this->baseCrlNumber.ptr);
->>>>>>> upstream/4.5.1
free(this->signature.ptr);
free(this->tbsCertList.ptr);
}
@@ -685,19 +624,13 @@ static private_x509_crl_t* create_empty(void)
},
.get_serial = _get_serial,
.get_authKeyIdentifier = _get_authKeyIdentifier,
-<<<<<<< HEAD
-=======
.is_delta_crl = _is_delta_crl,
.create_delta_crl_uri_enumerator = _create_delta_crl_uri_enumerator,
->>>>>>> upstream/4.5.1
.create_enumerator = _create_enumerator,
},
},
.revoked = linked_list_create(),
-<<<<<<< HEAD
-=======
.crl_uris = linked_list_create(),
->>>>>>> upstream/4.5.1
.ref = 1,
);
return this;
@@ -766,10 +699,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
private_key_t *key, hash_algorithm_t digest_alg)
{
chunk_t extensions = chunk_empty, certList = chunk_empty, serial;
-<<<<<<< HEAD
-=======
chunk_t crlDistributionPoints = chunk_empty, baseCrlNumber = chunk_empty;
->>>>>>> upstream/4.5.1
enumerator_t *enumerator;
crl_reason_t reason;
time_t date;
@@ -777,11 +707,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
x509 = (x509_t*)cert;
-<<<<<<< HEAD
- this->issuer = cert->get_issuer(cert);
-=======
this->issuer = cert->get_subject(cert);
->>>>>>> upstream/4.5.1
this->issuer = this->issuer->clone(this->issuer);
this->authKeyIdentifier = chunk_clone(x509->get_subjectKeyIdentifier(x509));
@@ -816,10 +742,6 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
}
enumerator->destroy(enumerator);
-<<<<<<< HEAD
- extensions = asn1_wrap(ASN1_CONTEXT_C_0, "m",
- asn1_wrap(ASN1_SEQUENCE, "mm",
-=======
crlDistributionPoints = x509_build_crlDistributionPoints(this->crl_uris,
OID_FRESHEST_CRL);
@@ -835,7 +757,6 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
extensions = asn1_wrap(ASN1_CONTEXT_C_0, "m",
asn1_wrap(ASN1_SEQUENCE, "mmmm",
->>>>>>> upstream/4.5.1
asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
asn1_wrap(ASN1_OCTET_STRING, "m",
@@ -845,14 +766,8 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_CRL_NUMBER),
asn1_wrap(ASN1_OCTET_STRING, "m",
-<<<<<<< HEAD
- asn1_integer("c", this->crlNumber))
- )
- ));
-=======
asn1_integer("c", this->crlNumber))),
crlDistributionPoints, baseCrlNumber));
->>>>>>> upstream/4.5.1
this->tbsCertList = asn1_wrap(ASN1_SEQUENCE, "cmcmmmm",
ASN1_INTEGER_1,
@@ -915,8 +830,6 @@ x509_crl_t *x509_crl_gen(certificate_type_t type, va_list args)
case BUILD_REVOKED_ENUMERATOR:
read_revoked(crl, va_arg(args, enumerator_t*));
continue;
-<<<<<<< HEAD
-=======
case BUILD_BASE_CRL:
crl->baseCrlNumber = va_arg(args, chunk_t);
crl->baseCrlNumber = chunk_clone(crl->baseCrlNumber);
@@ -940,7 +853,6 @@ x509_crl_t *x509_crl_gen(certificate_type_t type, va_list args)
enumerator->destroy(enumerator);
continue;
}
->>>>>>> upstream/4.5.1
case BUILD_END:
break;
default:
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index 829f47f81..4cbe3f718 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -453,7 +453,7 @@ static const asn1Object_t basicResponseObjects[] = {
{ 5, "critical", ASN1_BOOLEAN, ASN1_BODY |
ASN1_DEF }, /* 16 */
{ 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */
- { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
+ { 3, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
{ 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
{ 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */
{ 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */
diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c
index a3c071f12..bfeb74b0e 100644
--- a/src/libstrongswan/plugins/x509/x509_plugin.c
+++ b/src/libstrongswan/plugins/x509/x509_plugin.c
@@ -36,15 +36,14 @@ struct private_x509_plugin_t {
x509_plugin_t public;
};
-<<<<<<< HEAD
-/**
- * Implementation of x509_plugin_t.x509troy
- */
-static void destroy(private_x509_plugin_t *this)
-=======
+METHOD(plugin_t, get_name, char*,
+ private_x509_plugin_t *this)
+{
+ return "x509";
+}
+
METHOD(plugin_t, destroy, void,
private_x509_plugin_t *this)
->>>>>>> upstream/4.5.1
{
lib->creds->remove_builder(lib->creds,
(builder_function_t)x509_cert_gen);
@@ -74,21 +73,17 @@ METHOD(plugin_t, destroy, void,
*/
plugin_t *x509_plugin_create()
{
-<<<<<<< HEAD
- private_x509_plugin_t *this = malloc_thing(private_x509_plugin_t);
-
- this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
-=======
private_x509_plugin_t *this;
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
->>>>>>> upstream/4.5.1
lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_X509, FALSE,
(builder_function_t)x509_cert_gen);
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 22b3c9543..35f868de4 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -220,13 +220,7 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
-<<<<<<< HEAD
-ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
-ipsecuid = @ipsecuid@
-=======
-ipsecgroup = @ipsecgroup@
->>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@
oldincludedir = @oldincludedir@
openac_plugins = @openac_plugins@
p_plugins = @p_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
pki_plugins = @pki_plugins@
@@ -265,14 +261,12 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
-<<<<<<< HEAD
-=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
->>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c
index be18d92b8..8ddde962c 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc.c
@@ -236,13 +236,17 @@ METHOD(xcbc_t, set_key, void,
memset(k1.ptr, 0x01, this->b);
this->k1->encrypt(this->k1, k1, iv, NULL);
this->k1->set_key(this->k1, k1);
+
+ memwipe(k1.ptr, k1.len);
}
METHOD(xcbc_t, destroy, void,
private_xcbc_t *this)
{
this->k1->destroy(this->k1);
+ memwipe(this->k2, this->b);
free(this->k2);
+ memwipe(this->k3, this->b);
free(this->k3);
free(this->e);
free(this->remaining);
diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
index 19d5a03fe..0fcb093c8 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c
@@ -19,11 +19,6 @@
#include "xcbc_signer.h"
#include "xcbc_prf.h"
-<<<<<<< HEAD
-=======
-static const char *plugin_name = "xcbc";
-
->>>>>>> upstream/4.5.1
typedef struct private_xcbc_plugin_t private_xcbc_plugin_t;
/**
@@ -37,6 +32,12 @@ struct private_xcbc_plugin_t {
xcbc_plugin_t public;
};
+METHOD(plugin_t, get_name, char*,
+ private_xcbc_plugin_t *this)
+{
+ return "xcbc";
+}
+
METHOD(plugin_t, destroy, void,
private_xcbc_plugin_t *this)
{
@@ -53,49 +54,36 @@ METHOD(plugin_t, destroy, void,
plugin_t *xcbc_plugin_create()
{
private_xcbc_plugin_t *this;
-<<<<<<< HEAD
-=======
crypter_t *crypter;
->>>>>>> upstream/4.5.1
INIT(this,
.public = {
.plugin = {
+ .get_name = _get_name,
+ .reload = (void*)return_false,
.destroy = _destroy,
},
},
);
-<<<<<<< HEAD
- lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC,
- (prf_constructor_t)xcbc_prf_create);
- lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC,
- (prf_constructor_t)xcbc_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96,
- (signer_constructor_t)xcbc_signer_create);
- lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96,
- (signer_constructor_t)xcbc_signer_create);
-
-=======
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, get_name(this),
(prf_constructor_t)xcbc_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, get_name(this),
(signer_constructor_t)xcbc_signer_create);
}
crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16);
if (crypter)
{
crypter->destroy(crypter);
- lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, plugin_name,
+ lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, get_name(this),
(prf_constructor_t)xcbc_prf_create);
- lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, plugin_name,
+ lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, get_name(this),
(signer_constructor_t)xcbc_signer_create);
}
->>>>>>> upstream/4.5.1
return &this->public.plugin;
}
diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/printf_hook.c
index 1f57ffcce..7e7045d69 100644
--- a/src/libstrongswan/printf_hook.c
+++ b/src/libstrongswan/printf_hook.c
@@ -377,15 +377,8 @@ int vstr_wrapper_vasprintf(char **str, const char *format, va_list args)
}
#endif
-<<<<<<< HEAD
-/**
- * Implementation of printf_hook_t.add_handler.
- */
-static void add_handler(private_printf_hook_t *this, char spec,
-=======
METHOD(printf_hook_t, add_handler, void,
private_printf_hook_t *this, char spec,
->>>>>>> upstream/4.5.1
printf_hook_function_t hook, ...)
{
int i = -1;
@@ -444,15 +437,8 @@ METHOD(printf_hook_t, add_handler, void,
}
}
-<<<<<<< HEAD
-/**
- * Implementation of printf_hook_t.destroy
- */
-static void destroy(private_printf_hook_t *this)
-=======
METHOD(printf_hook_t, destroy, void,
private_printf_hook_t *this)
->>>>>>> upstream/4.5.1
{
int i;
#ifdef USE_VSTR
@@ -487,12 +473,6 @@ METHOD(printf_hook_t, destroy, void,
*/
printf_hook_t *printf_hook_create()
{
-<<<<<<< HEAD
- private_printf_hook_t *this = malloc_thing(private_printf_hook_t);
-
- this->public.add_handler = (void(*)(printf_hook_t*, char, printf_hook_function_t, ...))add_handler;
- this->public.destroy = (void(*)(printf_hook_t*))destroy;
-=======
private_printf_hook_t *this;
INIT(this,
@@ -501,7 +481,6 @@ printf_hook_t *printf_hook_create()
.destroy = _destroy,
},
);
->>>>>>> upstream/4.5.1
memset(printf_hooks, 0, sizeof(printf_hooks));
diff --git a/src/libstrongswan/processing/jobs/callback_job.c b/src/libstrongswan/processing/jobs/callback_job.c
index 556cbd907..0043a9cdb 100644
--- a/src/libstrongswan/processing/jobs/callback_job.c
+++ b/src/libstrongswan/processing/jobs/callback_job.c
@@ -1,6 +1,7 @@
/*
* Copyright (C) 2009 Tobias Brunner
- * Copyright (C) 2007 Martin Willi
+ * Copyright (C) 2007-2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -29,6 +30,7 @@ typedef struct private_callback_job_t private_callback_job_t;
* Private data of an callback_job_t Object.
*/
struct private_callback_job_t {
+
/**
* Public callback_job_t interface.
*/
@@ -111,10 +113,8 @@ static void unregister(private_callback_job_t *this)
}
}
-/**
- * Implements job_t.destroy.
- */
-static void destroy(private_callback_job_t *this)
+METHOD(job_t, destroy, void,
+ private_callback_job_t *this)
{
this->mutex->lock(this->mutex);
unregister(this);
@@ -133,10 +133,8 @@ static void destroy(private_callback_job_t *this)
free(this);
}
-/**
- * Implementation of callback_job_t.cancel.
- */
-static void cancel(private_callback_job_t *this)
+METHOD(callback_job_t, cancel, void,
+ private_callback_job_t *this)
{
callback_job_t *child;
sem_t *terminated = NULL;
@@ -177,10 +175,8 @@ static void cancel(private_callback_job_t *this)
}
}
-/**
- * Implementation of job_t.execute.
- */
-static void execute(private_callback_job_t *this)
+METHOD(job_t, execute, void,
+ private_callback_job_t *this)
{
bool cleanup = FALSE, requeue = FALSE;
@@ -226,8 +222,7 @@ static void execute(private_callback_job_t *this)
thread_cancellation_point();
if (requeue)
{
- lib->processor->queue_job(lib->processor,
- &this->public.job_interface);
+ lib->processor->queue_job(lib->processor, &this->public.job);
}
thread_cleanup_pop(cleanup);
}
@@ -239,24 +234,24 @@ callback_job_t *callback_job_create(callback_job_cb_t cb, void *data,
callback_job_cleanup_t cleanup,
callback_job_t *parent)
{
- private_callback_job_t *this = malloc_thing(private_callback_job_t);
-
- /* interface functions */
- this->public.job_interface.execute = (void (*) (job_t *)) execute;
- this->public.job_interface.destroy = (void (*) (job_t *)) destroy;
- this->public.cancel = (void(*)(callback_job_t*))cancel;
+ private_callback_job_t *this;
- /* private variables */
- this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
- this->callback = cb;
- this->data = data;
- this->cleanup = cleanup;
- this->thread = 0;
- this->children = linked_list_create();
- this->parent = (private_callback_job_t*)parent;
- this->cancelled = FALSE;
- this->destroyable = condvar_create(CONDVAR_TYPE_DEFAULT);
- this->terminated = NULL;
+ INIT(this,
+ .public = {
+ .job = {
+ .execute = _execute,
+ .destroy = _destroy,
+ },
+ .cancel = _cancel,
+ },
+ .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .callback = cb,
+ .data = data,
+ .cleanup = cleanup,
+ .children = linked_list_create(),
+ .parent = (private_callback_job_t*)parent,
+ .destroyable = condvar_create(CONDVAR_TYPE_DEFAULT),
+ );
/* register us at parent */
if (parent)
diff --git a/src/libstrongswan/processing/jobs/callback_job.h b/src/libstrongswan/processing/jobs/callback_job.h
index 62da1edd1..1eb5664d3 100644
--- a/src/libstrongswan/processing/jobs/callback_job.h
+++ b/src/libstrongswan/processing/jobs/callback_job.h
@@ -1,5 +1,6 @@
/*
- * Copyright (C) 2007 Martin Willi
+ * Copyright (C) 2007-2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -30,7 +31,7 @@ typedef struct callback_job_t callback_job_t;
typedef enum job_requeue_t job_requeue_t;
/**
- * Job requeueing policy
+ * Job requeueing policy.
*
* The job requeueing policy defines how a job is handled when the callback
* function returns.
@@ -84,15 +85,19 @@ typedef void (*callback_job_cleanup_t)(void *data);
* of asynchronous methods, without to manage threads.
*/
struct callback_job_t {
+
/**
* The job_t interface.
*/
- job_t job_interface;
+ job_t job;
/**
- * Cancel the job's thread and wait for its termination. This only works
- * reliably for jobs that always use JOB_REQUEUE_FAIR or JOB_REQUEUE_DIRECT,
- * otherwise the job may already be destroyed when cancel is called. */
+ * Cancel the job's thread and wait for its termination.
+ *
+ * This only works reliably for jobs that always use JOB_REQUEUE_FAIR or
+ * JOB_REQUEUE_DIRECT, otherwise the job may already be destroyed when
+ * cancel is called.
+ */
void (*cancel)(callback_job_t *this);
};
diff --git a/src/libstrongswan/processing/processor.c b/src/libstrongswan/processing/processor.c
index 6c0d9aa84..de556f86b 100644
--- a/src/libstrongswan/processing/processor.c
+++ b/src/libstrongswan/processing/processor.c
@@ -1,5 +1,6 @@
/*
- * Copyright (C) 2005-2007 Martin Willi
+ * Copyright (C) 2005-2011 Martin Willi
+ * Copyright (C) 2011 revosec AG
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
*
@@ -136,50 +137,46 @@ static void process_jobs(private_processor_t *this)
thread_cleanup_pop(FALSE);
this->mutex->lock(this->mutex);
}
+ this->total_threads--;
+ this->thread_terminated->signal(this->thread_terminated);
this->mutex->unlock(this->mutex);
- restart(this);
}
-/**
- * Implementation of processor_t.get_total_threads.
- */
-static u_int get_total_threads(private_processor_t *this)
+METHOD(processor_t, get_total_threads, u_int,
+ private_processor_t *this)
{
u_int count;
+
this->mutex->lock(this->mutex);
count = this->total_threads;
this->mutex->unlock(this->mutex);
return count;
}
-/**
- * Implementation of processor_t.get_idle_threads.
- */
-static u_int get_idle_threads(private_processor_t *this)
+METHOD(processor_t, get_idle_threads, u_int,
+ private_processor_t *this)
{
u_int count;
+
this->mutex->lock(this->mutex);
count = this->idle_threads;
this->mutex->unlock(this->mutex);
return count;
}
-/**
- * implements processor_t.get_job_load
- */
-static u_int get_job_load(private_processor_t *this)
+METHOD(processor_t, get_job_load, u_int,
+ private_processor_t *this)
{
u_int load;
+
this->mutex->lock(this->mutex);
load = this->list->get_count(this->list);
this->mutex->unlock(this->mutex);
return load;
}
-/**
- * implements function processor_t.queue_job
- */
-static void queue_job(private_processor_t *this, job_t *job)
+METHOD(processor_t, queue_job, void,
+ private_processor_t *this, job_t *job)
{
this->mutex->lock(this->mutex);
this->list->insert_last(this->list, job);
@@ -187,10 +184,8 @@ static void queue_job(private_processor_t *this, job_t *job)
this->mutex->unlock(this->mutex);
}
-/**
- * Implementation of processor_t.set_threads.
- */
-static void set_threads(private_processor_t *this, u_int count)
+METHOD(processor_t, set_threads, void,
+ private_processor_t *this, u_int count)
{
this->mutex->lock(this->mutex);
if (count > this->total_threads)
@@ -218,12 +213,11 @@ static void set_threads(private_processor_t *this, u_int count)
this->mutex->unlock(this->mutex);
}
-/**
- * Implementation of processor_t.destroy.
- */
-static void destroy(private_processor_t *this)
+METHOD(processor_t, destroy, void,
+ private_processor_t *this)
{
thread_t *current;
+
set_threads(this, 0);
this->mutex->lock(this->mutex);
while (this->total_threads > 0)
@@ -248,29 +242,25 @@ static void destroy(private_processor_t *this)
/*
* Described in header.
*/
-<<<<<<< HEAD
-processor_t *processor_create(size_t pool_size)
-=======
processor_t *processor_create()
->>>>>>> upstream/4.5.1
{
- private_processor_t *this = malloc_thing(private_processor_t);
-
- this->public.get_total_threads = (u_int(*)(processor_t*))get_total_threads;
- this->public.get_idle_threads = (u_int(*)(processor_t*))get_idle_threads;
- this->public.get_job_load = (u_int(*)(processor_t*))get_job_load;
- this->public.queue_job = (void(*)(processor_t*, job_t*))queue_job;
- this->public.set_threads = (void(*)(processor_t*, u_int))set_threads;
- this->public.destroy = (void(*)(processor_t*))destroy;
-
- this->list = linked_list_create();
- this->threads = linked_list_create();
- this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
- this->job_added = condvar_create(CONDVAR_TYPE_DEFAULT);
- this->thread_terminated = condvar_create(CONDVAR_TYPE_DEFAULT);
- this->total_threads = 0;
- this->desired_threads = 0;
- this->idle_threads = 0;
+ private_processor_t *this;
+
+ INIT(this,
+ .public = {
+ .get_total_threads = _get_total_threads,
+ .get_idle_threads = _get_idle_threads,
+ .get_job_load = _get_job_load,
+ .queue_job = _queue_job,
+ .set_threads = _set_threads,
+ .destroy = _destroy,
+ },
+ .list = linked_list_create(),
+ .threads = linked_list_create(),
+ .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .job_added = condvar_create(CONDVAR_TYPE_DEFAULT),
+ .thread_terminated = condvar_create(CONDVAR_TYPE_DEFAULT),
+ );
return &this->public;
}
diff --git a/src/libstrongswan/processing/scheduler.c b/src/libstrongswan/processing/scheduler.c
index e23f04598..7d9bcd70f 100644
--- a/src/libstrongswan/processing/scheduler.c
+++ b/src/libstrongswan/processing/scheduler.c
@@ -232,10 +232,8 @@ static job_requeue_t schedule(private_scheduler_t * this)
return JOB_REQUEUE_DIRECT;
}
-/**
- * Implements scheduler_t.get_job_load
- */
-static u_int get_job_load(private_scheduler_t *this)
+METHOD(scheduler_t, get_job_load, u_int,
+ private_scheduler_t *this)
{
int count;
this->mutex->lock(this->mutex);
@@ -244,10 +242,8 @@ static u_int get_job_load(private_scheduler_t *this)
return count;
}
-/**
- * Implements scheduler_t.schedule_job_tv.
- */
-static void schedule_job_tv(private_scheduler_t *this, job_t *job, timeval_t tv)
+METHOD(scheduler_t, schedule_job_tv, void,
+ private_scheduler_t *this, job_t *job, timeval_t tv)
{
event_t *event;
u_int position;
@@ -283,10 +279,8 @@ static void schedule_job_tv(private_scheduler_t *this, job_t *job, timeval_t tv)
this->mutex->unlock(this->mutex);
}
-/**
- * Implements scheduler_t.schedule_job.
- */
-static void schedule_job(private_scheduler_t *this, job_t *job, u_int32_t s)
+METHOD(scheduler_t, schedule_job, void,
+ private_scheduler_t *this, job_t *job, u_int32_t s)
{
timeval_t tv;
@@ -296,10 +290,8 @@ static void schedule_job(private_scheduler_t *this, job_t *job, u_int32_t s)
schedule_job_tv(this, job, tv);
}
-/**
- * Implements scheduler_t.schedule_job_ms.
- */
-static void schedule_job_ms(private_scheduler_t *this, job_t *job, u_int32_t ms)
+METHOD(scheduler_t, schedule_job_ms, void,
+ private_scheduler_t *this, job_t *job, u_int32_t ms)
{
timeval_t tv, add;
@@ -312,10 +304,8 @@ static void schedule_job_ms(private_scheduler_t *this, job_t *job, u_int32_t ms)
schedule_job_tv(this, job, tv);
}
-/**
- * Implementation of scheduler_t.destroy.
- */
-static void destroy(private_scheduler_t *this)
+METHOD(scheduler_t, destroy, void,
+ private_scheduler_t *this)
{
event_t *event;
this->job->cancel(this->job);
@@ -334,22 +324,23 @@ static void destroy(private_scheduler_t *this)
*/
scheduler_t * scheduler_create()
{
- private_scheduler_t *this = malloc_thing(private_scheduler_t);
-
- this->public.get_job_load = (u_int (*) (scheduler_t *this)) get_job_load;
- this->public.schedule_job = (void (*) (scheduler_t *this, job_t *job, u_int32_t s)) schedule_job;
- this->public.schedule_job_ms = (void (*) (scheduler_t *this, job_t *job, u_int32_t ms)) schedule_job_ms;
- this->public.schedule_job_tv = (void (*) (scheduler_t *this, job_t *job, timeval_t tv)) schedule_job_tv;
- this->public.destroy = (void(*)(scheduler_t*)) destroy;
+ private_scheduler_t *this;
+
+ INIT(this,
+ .public = {
+ .get_job_load = _get_job_load,
+ .schedule_job = _schedule_job,
+ .schedule_job_ms = _schedule_job_ms,
+ .schedule_job_tv = _schedule_job_tv,
+ .destroy = _destroy,
+ },
+ .heap_size = HEAP_SIZE_DEFAULT,
+ .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .condvar = condvar_create(CONDVAR_TYPE_DEFAULT),
+ );
- /* Note: the root of the heap is at index 1 */
- this->event_count = 0;
- this->heap_size = HEAP_SIZE_DEFAULT;
this->heap = (event_t**)calloc(this->heap_size + 1, sizeof(event_t*));
- this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
- this->condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
-
this->job = callback_job_create((callback_job_cb_t)schedule, this, NULL, NULL);
lib->processor->queue_job(lib->processor, (job_t*)this->job);
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index f675f51f1..32da194ef 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -393,23 +393,15 @@ static bool equals(private_traffic_selector_t *this, private_traffic_selector_t
switch (this->type)
{
case TS_IPV4_ADDR_RANGE:
-<<<<<<< HEAD
- if (memeq(this->from4, other->from4, sizeof(this->from4)))
-=======
if (memeq(this->from4, other->from4, sizeof(this->from4)) &&
memeq(this->to4, other->to4, sizeof(this->to4)))
->>>>>>> upstream/4.5.1
{
return TRUE;
}
break;
case TS_IPV6_ADDR_RANGE:
-<<<<<<< HEAD
- if (memeq(this->from6, other->from6, sizeof(this->from6)))
-=======
if (memeq(this->from6, other->from6, sizeof(this->from6)) &&
memeq(this->to6, other->to6, sizeof(this->to6)))
->>>>>>> upstream/4.5.1
{
return TRUE;
}
diff --git a/src/libstrongswan/settings.c b/src/libstrongswan/settings.c
index c16c6a1f1..8a2248b46 100644
--- a/src/libstrongswan/settings.c
+++ b/src/libstrongswan/settings.c
@@ -1,8 +1,5 @@
/*
-<<<<<<< HEAD
-=======
* Copyright (C) 2010 Tobias Brunner
->>>>>>> upstream/4.5.1
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -22,24 +19,23 @@
#include <stdarg.h>
#include <stdio.h>
#include <errno.h>
-<<<<<<< HEAD
-=======
#include <limits.h>
-#include <glob.h>
#include <libgen.h>
->>>>>>> upstream/4.5.1
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+#ifdef HAVE_GLOB_H
+#include <glob.h>
+#endif /* HAVE_GLOB_H */
#include "settings.h"
#include "debug.h"
#include "utils/linked_list.h"
-<<<<<<< HEAD
-
-=======
#include "threading/rwlock.h"
#define MAX_INCLUSION_LEVEL 10
->>>>>>> upstream/4.5.1
typedef struct private_settings_t private_settings_t;
typedef struct section_t section_t;
@@ -61,11 +57,6 @@ struct private_settings_t {
section_t *top;
/**
-<<<<<<< HEAD
- * allocated file text
- */
- char *text;
-=======
* contents of loaded files and in-memory settings (char*)
*/
linked_list_t *contents;
@@ -74,7 +65,6 @@ struct private_settings_t {
* lock to safely access the settings
*/
rwlock_t *lock;
->>>>>>> upstream/4.5.1
};
/**
@@ -115,8 +105,6 @@ struct kv_t {
};
/**
-<<<<<<< HEAD
-=======
* create a key/value pair
*/
static kv_t *kv_create(char *key, char *value)
@@ -164,6 +152,17 @@ static void section_destroy(section_t *this)
}
/**
+ * Purge contents of a section
+ */
+static void section_purge(section_t *this)
+{
+ this->kv->destroy_function(this->kv, (void*)kv_destroy);
+ this->kv = linked_list_create();
+ this->sections->destroy_function(this->sections, (void*)section_destroy);
+ this->sections = linked_list_create();
+}
+
+/**
* callback to find a section by name
*/
static bool section_find(section_t *this, char *name)
@@ -180,7 +179,6 @@ static bool kv_find(kv_t *this, char *key)
}
/**
->>>>>>> upstream/4.5.1
* Print a format key, but consume already processed arguments
*/
static bool print_key(char *buf, int len, char *start, char *key, va_list args)
@@ -229,16 +227,6 @@ static bool print_key(char *buf, int len, char *start, char *key, va_list args)
}
/**
-<<<<<<< HEAD
- * find a section by a given key, using buffered key, reusable buffer
- */
-static section_t *find_section_buffered(section_t *section,
- char *start, char *key, va_list args, char *buf, int len)
-{
- char *pos;
- enumerator_t *enumerator;
- section_t *current, *found = NULL;
-=======
* Find a section by a given key, using buffered key, reusable buffer.
* If "ensure" is TRUE, the sections are created if they don't exist.
*/
@@ -248,7 +236,6 @@ static section_t *find_section_buffered(section_t *section,
{
char *pos;
section_t *found = NULL;
->>>>>>> upstream/4.5.1
if (section == NULL)
{
@@ -264,21 +251,6 @@ static section_t *find_section_buffered(section_t *section,
{
return NULL;
}
-<<<<<<< HEAD
- enumerator = section->sections->create_enumerator(section->sections);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (streq(current->name, buf))
- {
- found = current;
- break;
- }
- }
- enumerator->destroy(enumerator);
- if (found && pos)
- {
- return find_section_buffered(found, start, pos, args, buf, len);
-=======
if (section->sections->find_first(section->sections,
(linked_list_match_t)section_find,
(void**)&found, buf) != SUCCESS)
@@ -292,19 +264,11 @@ static section_t *find_section_buffered(section_t *section,
if (found && pos)
{
return find_section_buffered(found, start, pos, args, buf, len, ensure);
->>>>>>> upstream/4.5.1
}
return found;
}
/**
-<<<<<<< HEAD
- * find a section by a given key
- */
-static section_t *find_section(section_t *section, char *key, va_list args)
-{
- char buf[128], keybuf[512];
-=======
* Find a section by a given key (thread-safe).
*/
static section_t *find_section(private_settings_t *this, section_t *section,
@@ -312,27 +276,11 @@ static section_t *find_section(private_settings_t *this, section_t *section,
{
char buf[128], keybuf[512];
section_t *found;
->>>>>>> upstream/4.5.1
if (snprintf(keybuf, sizeof(keybuf), "%s", key) >= sizeof(keybuf))
{
return NULL;
}
-<<<<<<< HEAD
- return find_section_buffered(section, keybuf, keybuf, args, buf, sizeof(buf));
-}
-
-/**
- * Find the string value for a key, using buffered key, reusable buffer
- */
-static char *find_value_buffered(section_t *section,
- char *start, char *key, va_list args, char *buf, int len)
-{
- char *pos, *value = NULL;
- enumerator_t *enumerator;
- kv_t *kv;
- section_t *current, *found = NULL;
-=======
this->lock->read_lock(this->lock);
found = find_section_buffered(section, keybuf, keybuf, args, buf,
sizeof(buf), FALSE);
@@ -372,7 +320,6 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
char *pos;
kv_t *kv = NULL;
section_t *found = NULL;
->>>>>>> upstream/4.5.1
if (section == NULL)
{
@@ -389,22 +336,6 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
{
return NULL;
}
-<<<<<<< HEAD
- enumerator = section->sections->create_enumerator(section->sections);
- while (enumerator->enumerate(enumerator, &current))
- {
- if (streq(current->name, buf))
- {
- found = current;
- break;
- }
- }
- enumerator->destroy(enumerator);
- if (found)
- {
- return find_value_buffered(found, start, pos, args, buf, len);
- }
-=======
if (section->sections->find_first(section->sections,
(linked_list_match_t)section_find,
(void**)&found, buf) != SUCCESS)
@@ -418,7 +349,6 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
}
return find_value_buffered(found, start, pos, args, buf, len,
ensure);
->>>>>>> upstream/4.5.1
}
else
{
@@ -426,28 +356,6 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
{
return NULL;
}
-<<<<<<< HEAD
- enumerator = section->kv->create_enumerator(section->kv);
- while (enumerator->enumerate(enumerator, &kv))
- {
- if (streq(kv->key, buf))
- {
- value = kv->value;
- break;
- }
- }
- enumerator->destroy(enumerator);
- }
- return value;
-}
-
-/**
- * Find the string value for a key
- */
-static char *find_value(section_t *section, char *key, va_list args)
-{
- char buf[128], keybuf[512];
-=======
if (section->kv->find_first(section->kv, (linked_list_match_t)kv_find,
(void**)&kv, buf) != SUCCESS)
{
@@ -469,21 +377,11 @@ static char *find_value(private_settings_t *this, section_t *section,
{
char buf[128], keybuf[512], *value = NULL;
kv_t *kv;
->>>>>>> upstream/4.5.1
if (snprintf(keybuf, sizeof(keybuf), "%s", key) >= sizeof(keybuf))
{
return NULL;
}
-<<<<<<< HEAD
- return find_value_buffered(section, keybuf, keybuf, args, buf, sizeof(buf));
-}
-
-/**
- * Implementation of settings_t.get.
- */
-static char* get_str(private_settings_t *this, char *key, char *def, ...)
-=======
this->lock->read_lock(this->lock);
kv = find_value_buffered(section, keybuf, keybuf, args, buf, sizeof(buf),
FALSE);
@@ -532,17 +430,12 @@ static void set_value(private_settings_t *this, section_t *section,
METHOD(settings_t, get_str, char*,
private_settings_t *this, char *key, char *def, ...)
->>>>>>> upstream/4.5.1
{
char *value;
va_list args;
va_start(args, def);
-<<<<<<< HEAD
- value = find_value(this->top, key, args);
-=======
value = find_value(this, this->top, key, args);
->>>>>>> upstream/4.5.1
va_end(args);
if (value)
{
@@ -552,31 +445,6 @@ METHOD(settings_t, get_str, char*,
}
/**
-<<<<<<< HEAD
- * Implementation of settings_t.get_bool.
- */
-static bool get_bool(private_settings_t *this, char *key, bool def, ...)
-{
- char *value;
- va_list args;
-
- va_start(args, def);
- value = find_value(this->top, key, args);
- va_end(args);
- if (value)
- {
- if (strcaseeq(value, "true") ||
- strcaseeq(value, "enabled") ||
- strcaseeq(value, "yes") ||
- strcaseeq(value, "1"))
- {
- return TRUE;
- }
- else if (strcaseeq(value, "false") ||
- strcaseeq(value, "disabled") ||
- strcaseeq(value, "no") ||
- strcaseeq(value, "0"))
-=======
* Described in header
*/
inline bool settings_value_as_bool(char *value, bool def)
@@ -594,7 +462,6 @@ inline bool settings_value_as_bool(char *value, bool def)
strcaseeq(value, "no") ||
strcaseeq(value, "false") ||
strcaseeq(value, "disabled"))
->>>>>>> upstream/4.5.1
{
return FALSE;
}
@@ -602,20 +469,6 @@ inline bool settings_value_as_bool(char *value, bool def)
return def;
}
-<<<<<<< HEAD
-/**
- * Implementation of settings_t.get_int.
- */
-static int get_int(private_settings_t *this, char *key, int def, ...)
-{
- char *value;
- int intval;
- va_list args;
-
- va_start(args, def);
- value = find_value(this->top, key, args);
- va_end(args);
-=======
METHOD(settings_t, get_bool, bool,
private_settings_t *this, char *key, bool def, ...)
{
@@ -634,7 +487,6 @@ METHOD(settings_t, get_bool, bool,
inline int settings_value_as_int(char *value, int def)
{
int intval;
->>>>>>> upstream/4.5.1
if (value)
{
errno = 0;
@@ -647,20 +499,6 @@ inline int settings_value_as_int(char *value, int def)
return def;
}
-<<<<<<< HEAD
-/**
- * Implementation of settings_t.get_double.
- */
-static double get_double(private_settings_t *this, char *key, double def, ...)
-{
- char *value;
- double dval;
- va_list args;
-
- va_start(args, def);
- value = find_value(this->top, key, args);
- va_end(args);
-=======
METHOD(settings_t, get_int, int,
private_settings_t *this, char *key, int def, ...)
{
@@ -679,7 +517,6 @@ METHOD(settings_t, get_int, int,
inline double settings_value_as_double(char *value, double def)
{
double dval;
->>>>>>> upstream/4.5.1
if (value)
{
errno = 0;
@@ -692,20 +529,6 @@ inline double settings_value_as_double(char *value, double def)
return def;
}
-<<<<<<< HEAD
-/**
- * Implementation of settings_t.get_time.
- */
-static u_int32_t get_time(private_settings_t *this, char *key, u_int32_t def, ...)
-{
- char *value, *endptr;
- u_int32_t timeval;
- va_list args;
-
- va_start(args, def);
- value = find_value(this->top, key, args);
- va_end(args);
-=======
METHOD(settings_t, get_double, double,
private_settings_t *this, char *key, double def, ...)
{
@@ -725,7 +548,6 @@ inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
{
char *endptr;
u_int32_t timeval;
->>>>>>> upstream/4.5.1
if (value)
{
errno = 0;
@@ -744,11 +566,7 @@ inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
timeval *= 60;
break;
case 's': /* time in seconds */
-<<<<<<< HEAD
- default:
-=======
default:
->>>>>>> upstream/4.5.1
break;
}
return timeval;
@@ -757,8 +575,6 @@ inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
return def;
}
-<<<<<<< HEAD
-=======
METHOD(settings_t, get_time, u_int32_t,
private_settings_t *this, char *key, u_int32_t def, ...)
{
@@ -828,7 +644,6 @@ METHOD(settings_t, set_time, void,
va_end(args);
}
->>>>>>> upstream/4.5.1
/**
* Enumerate section names, not sections
*/
@@ -838,42 +653,24 @@ static bool section_filter(void *null, section_t **in, char **out)
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of settings_t.create_section_enumerator
- */
-static enumerator_t* create_section_enumerator(private_settings_t *this,
- char *key, ...)
-=======
METHOD(settings_t, create_section_enumerator, enumerator_t*,
private_settings_t *this, char *key, ...)
->>>>>>> upstream/4.5.1
{
section_t *section;
va_list args;
va_start(args, key);
-<<<<<<< HEAD
- section = find_section(this->top, key, args);
-=======
section = find_section(this, this->top, key, args);
->>>>>>> upstream/4.5.1
va_end(args);
if (!section)
{
return enumerator_create_empty();
}
-<<<<<<< HEAD
- return enumerator_create_filter(
- section->sections->create_enumerator(section->sections),
- (void*)section_filter, NULL, NULL);
-=======
this->lock->read_lock(this->lock);
return enumerator_create_filter(
section->sections->create_enumerator(section->sections),
(void*)section_filter, this->lock, (void*)this->lock->unlock);
->>>>>>> upstream/4.5.1
}
/**
@@ -887,53 +684,24 @@ static bool kv_filter(void *null, kv_t **in, char **key,
return TRUE;
}
-<<<<<<< HEAD
-/**
- * Implementation of settings_t.create_key_value_enumerator
- */
-static enumerator_t* create_key_value_enumerator(private_settings_t *this,
- char *key, ...)
-=======
METHOD(settings_t, create_key_value_enumerator, enumerator_t*,
private_settings_t *this, char *key, ...)
->>>>>>> upstream/4.5.1
{
section_t *section;
va_list args;
va_start(args, key);
-<<<<<<< HEAD
- section = find_section(this->top, key, args);
-=======
section = find_section(this, this->top, key, args);
->>>>>>> upstream/4.5.1
va_end(args);
if (!section)
{
return enumerator_create_empty();
}
-<<<<<<< HEAD
- return enumerator_create_filter(
- section->kv->create_enumerator(section->kv),
- (void*)kv_filter, NULL, NULL);
-}
-
-/**
- * destroy a section
- */
-static void section_destroy(section_t *this)
-{
- this->kv->destroy_function(this->kv, free);
- this->sections->destroy_function(this->sections, (void*)section_destroy);
-
- free(this);
-=======
this->lock->read_lock(this->lock);
return enumerator_create_filter(
section->kv->create_enumerator(section->kv),
(void*)kv_filter, this->lock, (void*)this->lock->unlock);
->>>>>>> upstream/4.5.1
}
/**
@@ -1011,26 +779,6 @@ static char parse(char **text, char *skip, char *term, char *br, char **token)
}
/**
-<<<<<<< HEAD
- * Parse a section
- */
-static section_t* parse_section(char **text, char *name)
-{
- section_t *sub, *section;
- bool finished = FALSE;
- char *key, *value, *inner;
-
- static int lev = 0;
- lev++;
-
- section = malloc_thing(section_t);
- section->name = name;
- section->sections = linked_list_create();
- section->kv = linked_list_create();
-
- while (!finished)
- {
-=======
* Check if "text" starts with "pattern".
* Characters in "skip" are skipped first. If found, TRUE is returned and "text"
* is modified to point to the character right after "pattern".
@@ -1101,20 +849,11 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
}
continue;
}
->>>>>>> upstream/4.5.1
switch (parse(text, "\t\n ", "{=#", NULL, &key))
{
case '{':
if (parse(text, "\t ", "}", "{", &inner))
{
-<<<<<<< HEAD
- sub = parse_section(&inner, key);
- if (sub)
- {
- section->sections->insert_last(section->sections, sub);
- continue;
- }
-=======
section_t *sub;
if (!strlen(key))
{
@@ -1144,19 +883,12 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
}
DBG1(DBG_LIB, "parsing subsection '%s' failed", key);
break;
->>>>>>> upstream/4.5.1
}
DBG1(DBG_LIB, "matching '}' not found near %s", *text);
break;
case '=':
if (parse(text, "\t ", "\n", NULL, &value))
{
-<<<<<<< HEAD
- kv_t *kv = malloc_thing(kv_t);
- kv->key = key;
- kv->value = value;
- section->kv->insert_last(section->kv, kv);
-=======
kv_t *kv;
if (!strlen(key))
{
@@ -1175,7 +907,6 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
{ /* replace with the most recently read value */
kv->value = value;
}
->>>>>>> upstream/4.5.1
continue;
}
DBG1(DBG_LIB, "parsing value failed near %s", *text);
@@ -1187,80 +918,6 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
finished = TRUE;
continue;
}
-<<<<<<< HEAD
- section_destroy(section);
- return NULL;
- }
- return section;
-}
-
-/**
- * Implementation of settings_t.destroy
- */
-static void destroy(private_settings_t *this)
-{
- if (this->top)
- {
- section_destroy(this->top);
- }
- free(this->text);
- free(this);
-}
-
-/*
- * see header file
- */
-settings_t *settings_create(char *file)
-{
- private_settings_t *this;
- char *pos;
- FILE *fd;
- int len;
-
- this = malloc_thing(private_settings_t);
- this->public.get_str = (char*(*)(settings_t*, char *key, char* def, ...))get_str;
- this->public.get_int = (int(*)(settings_t*, char *key, int def, ...))get_int;
- this->public.get_double = (double(*)(settings_t*, char *key, double def, ...))get_double;
- this->public.get_time = (u_int32_t(*)(settings_t*, char *key, u_int32_t def, ...))get_time;
- this->public.get_bool = (bool(*)(settings_t*, char *key, bool def, ...))get_bool;
- this->public.create_section_enumerator = (enumerator_t*(*)(settings_t*,char *section, ...))create_section_enumerator;
- this->public.create_key_value_enumerator = (enumerator_t*(*)(settings_t*, char *key, ...))create_key_value_enumerator;
- this->public.destroy = (void(*)(settings_t*))destroy;
-
- this->top = NULL;
- this->text = NULL;
-
- if (file == NULL)
- {
- file = STRONGSWAN_CONF;
- }
- fd = fopen(file, "r");
- if (fd == NULL)
- {
- DBG1(DBG_LIB, "'%s' does not exist or is not readable", file);
- return &this->public;
- }
- fseek(fd, 0, SEEK_END);
- len = ftell(fd);
- rewind(fd);
- this->text = malloc(len + 1);
- this->text[len] = '\0';
- if (fread(this->text, 1, len, fd) != len)
- {
- free(this->text);
- this->text = NULL;
- return &this->public;
- }
- fclose(fd);
-
- pos = this->text;
- this->top = parse_section(&pos, NULL);
- if (this->top == NULL)
- {
- free(this->text);
- this->text = NULL;
- }
-=======
return FALSE;
}
return TRUE;
@@ -1274,14 +931,30 @@ static bool parse_file(linked_list_t *contents, char *file, int level,
{
bool success;
char *text, *pos;
+ struct stat st;
FILE *fd;
int len;
DBG2(DBG_LIB, "loading config file '%s'", file);
+ if (stat(file, &st) == -1)
+ {
+ if (errno == ENOENT)
+ {
+ DBG2(DBG_LIB, "'%s' does not exist, ignored", file);
+ return TRUE;
+ }
+ DBG1(DBG_LIB, "failed to stat '%s': %s", file, strerror(errno));
+ return FALSE;
+ }
+ else if (!S_ISREG(st.st_mode))
+ {
+ DBG1(DBG_LIB, "'%s' is not a regular file", file);
+ return FALSE;
+ }
fd = fopen(file, "r");
if (fd == NULL)
{
- DBG1(DBG_LIB, "'%s' does not exist or is not readable", file);
+ DBG1(DBG_LIB, "'%s' is not readable", file);
return FALSE;
}
fseek(fd, 0, SEEK_END);
@@ -1310,16 +983,15 @@ static bool parse_file(linked_list_t *contents, char *file, int level,
}
/**
- * Load the files matching "pattern", which is resolved with glob(3).
+ * Load the files matching "pattern", which is resolved with glob(3), if
+ * available.
* If the pattern is relative, the directory of "file" is used as base.
*/
static bool parse_files(linked_list_t *contents, char *file, int level,
char *pattern, section_t *section)
{
bool success = TRUE;
- int status;
- glob_t buf;
- char **expanded, pat[PATH_MAX];
+ char pat[PATH_MAX];
if (level > MAX_INCLUSION_LEVEL)
{
@@ -1354,28 +1026,39 @@ static bool parse_files(linked_list_t *contents, char *file, int level,
}
free(dir);
}
- status = glob(pat, GLOB_ERR, NULL, &buf);
- if (status == GLOB_NOMATCH)
- {
- DBG2(DBG_LIB, "no files found matching '%s', ignored", pat);
- }
- else if (status != 0)
- {
- DBG1(DBG_LIB, "expanding file pattern '%s' failed", pat);
- success = FALSE;
- }
- else
+#ifdef HAVE_GLOB_H
{
- for (expanded = buf.gl_pathv; *expanded != NULL; expanded++)
+ int status;
+ glob_t buf;
+
+ status = glob(pat, GLOB_ERR, NULL, &buf);
+ if (status == GLOB_NOMATCH)
+ {
+ DBG2(DBG_LIB, "no files found matching '%s', ignored", pat);
+ }
+ else if (status != 0)
+ {
+ DBG1(DBG_LIB, "expanding file pattern '%s' failed", pat);
+ success = FALSE;
+ }
+ else
{
- success &= parse_file(contents, *expanded, level + 1, section);
- if (!success)
+ char **expanded;
+ for (expanded = buf.gl_pathv; *expanded != NULL; expanded++)
{
- break;
+ success &= parse_file(contents, *expanded, level + 1, section);
+ if (!success)
+ {
+ break;
+ }
}
}
+ globfree(&buf);
}
- globfree(&buf);
+#else /* HAVE_GLOB_H */
+ /* if glob(3) is not available, try to load pattern directly */
+ success = parse_file(contents, pat, level + 1, section);
+#endif /* HAVE_GLOB_H */
return success;
}
@@ -1430,12 +1113,17 @@ static void section_extend(section_t *base, section_t *extension)
* All files (even included ones) have to be loaded successfully.
*/
static bool load_files_internal(private_settings_t *this, section_t *parent,
- char *pattern)
+ char *pattern, bool merge)
{
char *text;
linked_list_t *contents = linked_list_create();
section_t *section = section_create(NULL);
+ if (pattern == NULL)
+ {
+ pattern = STRONGSWAN_CONF;
+ }
+
if (!parse_files(contents, NULL, 0, pattern, section))
{
contents->destroy_function(contents, (void*)free);
@@ -1444,6 +1132,10 @@ static bool load_files_internal(private_settings_t *this, section_t *parent,
}
this->lock->write_lock(this->lock);
+ if (!merge)
+ {
+ section_purge(parent);
+ }
/* extend parent section */
section_extend(parent, section);
/* move contents of loaded files to main store */
@@ -1459,13 +1151,13 @@ static bool load_files_internal(private_settings_t *this, section_t *parent,
}
METHOD(settings_t, load_files, bool,
- private_settings_t *this, char *pattern)
+ private_settings_t *this, char *pattern, bool merge)
{
- return load_files_internal(this, this->top, pattern);
+ return load_files_internal(this, this->top, pattern, merge);
}
METHOD(settings_t, load_files_section, bool,
- private_settings_t *this, char *pattern, char *key, ...)
+ private_settings_t *this, char *pattern, bool merge, char *key, ...)
{
section_t *section;
va_list args;
@@ -1478,7 +1170,7 @@ METHOD(settings_t, load_files_section, bool,
{
return FALSE;
}
- return load_files_internal(this, section, pattern);
+ return load_files_internal(this, section, pattern, merge);
}
METHOD(settings_t, destroy, void,
@@ -1520,14 +1212,8 @@ settings_t *settings_create(char *file)
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
);
- if (file == NULL)
- {
- file = STRONGSWAN_CONF;
- }
-
- load_files(this, file);
+ load_files(this, file, FALSE);
->>>>>>> upstream/4.5.1
return &this->public;
}
diff --git a/src/libstrongswan/settings.h b/src/libstrongswan/settings.h
index 9da217630..9ccd02327 100644
--- a/src/libstrongswan/settings.h
+++ b/src/libstrongswan/settings.h
@@ -1,8 +1,5 @@
/*
-<<<<<<< HEAD
-=======
* Copyright (C) 2010 Tobias Brunner
->>>>>>> upstream/4.5.1
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -31,16 +28,6 @@ typedef struct settings_t settings_t;
#include "utils/enumerator.h"
/**
-<<<<<<< HEAD
- * Generic configuration options read from a config file.
- *
- * The syntax is quite simple:
- *
- * settings := (section|keyvalue)*
- * section := name { settings }
- * keyvalue := key = value\n
- *
-=======
* Convert a string value returned by a key/value enumerator to a boolean.
*
* @see settings_t.create_key_value_enumerator()
@@ -89,7 +76,6 @@ u_int32_t settings_value_as_time(char *value, u_int32_t def);
* section := name { settings }
* keyvalue := key = value\n
* @endcode
->>>>>>> upstream/4.5.1
* E.g.:
* @code
a = b
@@ -109,8 +95,6 @@ u_int32_t settings_value_as_time(char *value, u_int32_t def);
*
* Currently only a limited set of printf format specifiers are supported
* (namely %s, %d and %N, see implementation for details).
-<<<<<<< HEAD
-=======
*
* \section includes Including other files
* Other files can be included, using the include statement e.g.
@@ -156,7 +140,6 @@ u_int32_t settings_value_as_time(char *value, u_int32_t def);
section-two {
}
@endcode
->>>>>>> upstream/4.5.1
*/
struct settings_t {
@@ -211,8 +194,6 @@ struct settings_t {
u_int32_t (*get_time)(settings_t *this, char *key, u_int32_t def, ...);
/**
-<<<<<<< HEAD
-=======
* Set a string value.
*
* @param key key including sections, printf style format
@@ -258,7 +239,6 @@ struct settings_t {
void (*set_time)(settings_t *this, char *key, u_int32_t value, ...);
/**
->>>>>>> upstream/4.5.1
* Create an enumerator over subsection names of a section.
*
* @param section section including parents, printf style format
@@ -272,37 +252,34 @@ struct settings_t {
* Create an enumerator over key/value pairs in a section.
*
* @param section section name to list key/value pairs of, printf style
-<<<<<<< HEAD
- * @param ... argmuent list for section
-=======
* @param ... argument list for section
->>>>>>> upstream/4.5.1
* @return enumerator over (char *key, char *value)
*/
enumerator_t* (*create_key_value_enumerator)(settings_t *this,
char *section, ...);
/**
-<<<<<<< HEAD
-=======
* Load settings from the files matching the given pattern.
*
- * Existing sections are extended, existing values replaced, by those found
- * in the loaded files.
+ * If merge is TRUE, existing sections are extended, existing values
+ * replaced, by those found in the loaded files. If it is FALSE, existing
+ * sections are purged before reading the new config.
*
* @note If any of the files matching the pattern fails to load, no settings
* are added at all. So, it's all or nothing.
*
* @param pattern file pattern
+ * @param merge TRUE to merge config with existing values
* @return TRUE, if settings were loaded successfully
*/
- bool (*load_files)(settings_t *this, char *pattern);
+ bool (*load_files)(settings_t *this, char *pattern, bool merge);
/**
* Load settings from the files matching the given pattern.
*
- * Existing sections are extended, existing values replaced, by those found
- * in the loaded files.
+ * If merge is TRUE, existing sections are extended, existing values
+ * replaced, by those found in the loaded files. If it is FALSE, existing
+ * sections are purged before reading the new config.
*
* All settings are loaded relative to the given section. The section is
* created, if it does not yet exist.
@@ -311,15 +288,15 @@ struct settings_t {
* are added at all. So, it's all or nothing.
*
* @param pattern file pattern
+ * @param merge TRUE to merge config with existing values
* @param section section name of parent section, printf style
* @param ... argument list for section
* @return TRUE, if settings were loaded successfully
*/
- bool (*load_files_section)(settings_t *this, char *pattern,
+ bool (*load_files_section)(settings_t *this, char *pattern, bool merge,
char *section, ...);
/**
->>>>>>> upstream/4.5.1
* Destroy a settings instance.
*/
void (*destroy)(settings_t *this);
diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c
index 3751bb749..fcc0019d8 100644
--- a/src/libstrongswan/threading/thread.c
+++ b/src/libstrongswan/threading/thread.c
@@ -205,6 +205,7 @@ static void *join(private_thread_t *this)
{
pthread_t thread_id;
void *val;
+
this->mutex->lock(this->mutex);
if (pthread_equal(this->thread_id, pthread_self()))
{
@@ -231,6 +232,7 @@ static void *join(private_thread_t *this)
this->mutex->unlock(this->mutex);
}
pthread_join(thread_id, &val);
+
return val;
}
@@ -240,6 +242,7 @@ static void *join(private_thread_t *this)
static private_thread_t *thread_create_internal()
{
private_thread_t *this = malloc_thing(private_thread_t);
+
this->public.cancel = (void(*)(thread_t*))cancel;
this->public.kill = (void(*)(thread_t*,int))_kill;
this->public.detach = (void(*)(thread_t*))detach;
@@ -281,11 +284,13 @@ static void thread_cleanup(private_thread_t *this)
static void *thread_main(private_thread_t *this)
{
void *res;
+
sem_wait(&this->created);
current_thread->set(current_thread, this);
pthread_cleanup_push((thread_cleanup_t)thread_cleanup, this);
res = this->main(this->arg);
pthread_cleanup_pop(TRUE);
+
return res;
}
@@ -295,6 +300,7 @@ static void *thread_main(private_thread_t *this)
thread_t *thread_create(thread_main_t main, void *arg)
{
private_thread_t *this = thread_create_internal();
+
this->main = main;
this->arg = arg;
if (pthread_create(&this->thread_id, NULL, (void*)thread_main, this) != 0)
@@ -308,6 +314,7 @@ thread_t *thread_create(thread_main_t main, void *arg)
this->id = next_id++;
id_mutex->unlock(id_mutex);
sem_post(&this->created);
+
return &this->public;
}
@@ -325,7 +332,8 @@ thread_t *thread_current()
u_int thread_current_id()
{
private_thread_t *this = (private_thread_t*)thread_current();
- return this->id;
+
+ return this ? this->id : 0;
}
/**
@@ -335,6 +343,7 @@ void thread_cleanup_push(thread_cleanup_t cleanup, void *arg)
{
private_thread_t *this = (private_thread_t*)thread_current();
cleanup_handler_t *handler;
+
this->mutex->lock(this->mutex);
handler = malloc_thing(cleanup_handler_t);
handler->cleanup = cleanup;
@@ -350,6 +359,7 @@ void thread_cleanup_pop(bool execute)
{
private_thread_t *this = (private_thread_t*)thread_current();
cleanup_handler_t *handler;
+
this->mutex->lock(this->mutex);
if (this->cleanup_handlers->remove_last(this->cleanup_handlers,
(void**)&handler) != SUCCESS)
@@ -374,14 +384,18 @@ bool thread_cancelability(bool enable)
{
#ifdef HAVE_PTHREAD_CANCEL
int old;
+
pthread_setcancelstate(enable ? PTHREAD_CANCEL_ENABLE
: PTHREAD_CANCEL_DISABLE, &old);
+
return old == PTHREAD_CANCEL_ENABLE;
#else
sigset_t new, old;
+
sigemptyset(&new);
sigaddset(&new, SIG_CANCEL);
pthread_sigmask(enable ? SIG_UNBLOCK : SIG_BLOCK, &new, &old);
+
return sigismember(&old, SIG_CANCEL) == 0;
#endif /* HAVE_PTHREAD_CANCEL */
}
@@ -392,6 +406,7 @@ bool thread_cancelability(bool enable)
void thread_cancellation_point()
{
bool old = thread_cancelability(TRUE);
+
#ifdef HAVE_PTHREAD_CANCEL
pthread_testcancel();
#endif /* HAVE_PTHREAD_CANCEL */
@@ -412,6 +427,7 @@ void thread_exit(void *val)
void threads_init()
{
private_thread_t *main_thread = thread_create_internal();
+
main_thread->id = 0;
main_thread->thread_id = pthread_self();
current_thread = thread_value_create(NULL);
@@ -434,6 +450,7 @@ void threads_init()
void threads_deinit()
{
private_thread_t *main_thread = (private_thread_t*)thread_current();
+
main_thread->mutex->lock(main_thread->mutex);
thread_destroy(main_thread);
current_thread->destroy(current_thread);
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c
index 357858c9e..6ffb62aaf 100644
--- a/src/libstrongswan/utils.c
+++ b/src/libstrongswan/utils.c
@@ -102,6 +102,14 @@ void memxor(u_int8_t dst[], u_int8_t src[], size_t n)
/**
* Described in header.
*/
+void memwipe_noinline(void *ptr, size_t n)
+{
+ memwipe_inline(ptr, n);
+}
+
+/**
+ * Described in header.
+ */
void *memstr(const void *haystack, const char *needle, size_t n)
{
unsigned const char *pos = haystack;
@@ -247,8 +255,6 @@ bool return_false()
}
/**
-<<<<<<< HEAD
-=======
* returns FAILED
*/
status_t return_failed()
@@ -257,7 +263,6 @@ status_t return_failed()
}
/**
->>>>>>> upstream/4.5.1
* nop operation
*/
void nop()
@@ -290,7 +295,7 @@ bool ref_put(refcount_t *ref)
bool more_refs;
pthread_mutex_lock(&ref_mutex);
- more_refs = --(*ref);
+ more_refs = --(*ref) > 0;
pthread_mutex_unlock(&ref_mutex);
return !more_refs;
}
diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h
index e07af53aa..a334954ae 100644
--- a/src/libstrongswan/utils.h
+++ b/src/libstrongswan/utils.h
@@ -57,11 +57,7 @@
#define streq(x,y) (strcmp(x, y) == 0)
/**
-<<<<<<< HEAD
- * Macro compares two strings for equality
-=======
* Macro compares two strings for equality, length limited
->>>>>>> upstream/4.5.1
*/
#define strneq(x,y,len) (strncmp(x, y, len) == 0)
@@ -71,8 +67,6 @@
#define strcaseeq(x,y) (strcasecmp(x, y) == 0)
/**
-<<<<<<< HEAD
-=======
* Macro compares two strings for equality ignoring case, length limited
*/
#define strncaseeq(x,y,len) (strncasecmp(x, y, len) == 0)
@@ -83,7 +77,6 @@
#define strdupnull(x) ({ char *_x = x; _x ? strdup(_x) : NULL; })
/**
->>>>>>> upstream/4.5.1
* Macro compares two binary blobs for equality
*/
#define memeq(x,y,len) (memcmp(x, y, len) == 0)
@@ -344,6 +337,51 @@ void *clalloc(void *pointer, size_t size);
void memxor(u_int8_t dest[], u_int8_t src[], size_t n);
/**
+ * Safely overwrite n bytes of memory at ptr with zero, non-inlining variant.
+ */
+void memwipe_noinline(void *ptr, size_t n);
+
+/**
+ * Safely overwrite n bytes of memory at ptr with zero, inlining variant.
+ */
+static inline void memwipe_inline(void *ptr, size_t n)
+{
+ volatile char *c = (volatile char*)ptr;
+ int m, i;
+
+ /* byte wise until long aligned */
+ for (i = 0; (uintptr_t)&c % sizeof(long) && i < n; i++)
+ {
+ c[i] = 0;
+ }
+ /* word wize */
+ for (m = n - sizeof(long); i <= m; i += sizeof(long))
+ {
+ *(volatile long*)&c[i] = 0;
+ }
+ /* byte wise of the rest */
+ for (; i < n; i++)
+ {
+ c[i] = 0;
+ }
+}
+
+/**
+ * Safely overwrite n bytes of memory at ptr with zero, auto-inlining variant.
+ */
+static inline void memwipe(void *ptr, size_t n)
+{
+ if (__builtin_constant_p(n))
+ {
+ memwipe_inline(ptr, n);
+ }
+ else
+ {
+ memwipe_noinline(ptr, n);
+ }
+}
+
+/**
* A variant of strstr with the characteristics of memchr, where haystack is not
* a null-terminated string but simply a memory area of length n.
*/
@@ -399,14 +437,11 @@ bool return_true();
bool return_false();
/**
-<<<<<<< HEAD
-=======
* returns FAILED
*/
status_t return_failed();
/**
->>>>>>> upstream/4.5.1
* Write a 16-bit host order value in network order to an unaligned address.
*
* @param host host order 16-bit value
diff --git a/src/libstrongswan/utils/backtrace.c b/src/libstrongswan/utils/backtrace.c
index 5f1318b9a..5744439f8 100644
--- a/src/libstrongswan/utils/backtrace.c
+++ b/src/libstrongswan/utils/backtrace.c
@@ -80,7 +80,7 @@ static void log_(private_backtrace_t *this, FILE *file, bool detailed)
}
if (info.dli_sname)
{
- fprintf(file, " \e[33m%s\e[0m @ %p (\e[31m%s\e[0m+0x%x) [%p]\n",
+ fprintf(file, " \e[33m%s\e[0m @ %p (\e[31m%s\e[0m+0x%tx) [%p]\n",
info.dli_fname, info.dli_fbase, info.dli_sname,
this->frames[i] - info.dli_saddr, this->frames[i]);
}
@@ -132,18 +132,11 @@ static void log_(private_backtrace_t *this, FILE *file, bool detailed)
/**
* Implementation of backtrace_t.contains_function
*/
-<<<<<<< HEAD
-static bool contains_function(private_backtrace_t *this, char *function)
-{
-#ifdef HAVE_DLADDR
- int i;
-=======
static bool contains_function(private_backtrace_t *this,
char *function[], int count)
{
#ifdef HAVE_DLADDR
int i, j;
->>>>>>> upstream/4.5.1
for (i = 0; i< this->frame_count; i++)
{
@@ -151,18 +144,12 @@ static bool contains_function(private_backtrace_t *this,
if (dladdr(this->frames[i], &info) && info.dli_sname)
{
-<<<<<<< HEAD
- if (streq(info.dli_sname, function))
- {
- return TRUE;
-=======
for (j = 0; j < count; j++)
{
if (streq(info.dli_sname, function[j]))
{
return TRUE;
}
->>>>>>> upstream/4.5.1
}
}
}
@@ -196,11 +183,7 @@ backtrace_t *backtrace_create(int skip)
this->frame_count = frame_count;
this->public.log = (void(*)(backtrace_t*,FILE*,bool))log_;
-<<<<<<< HEAD
- this->public.contains_function = (bool(*)(backtrace_t*, char *function))contains_function;
-=======
this->public.contains_function = (bool(*)(backtrace_t*, char *function[], int count))contains_function;
->>>>>>> upstream/4.5.1
this->public.destroy = (void(*)(backtrace_t*))destroy;
return &this->public;
diff --git a/src/libstrongswan/utils/backtrace.h b/src/libstrongswan/utils/backtrace.h
index 712122afb..e8ccfc1bd 100644
--- a/src/libstrongswan/utils/backtrace.h
+++ b/src/libstrongswan/utils/backtrace.h
@@ -41,14 +41,6 @@ struct backtrace_t {
void (*log)(backtrace_t *this, FILE *file, bool detailed);
/**
-<<<<<<< HEAD
- * Check if the backtrace contains a frame in a specific function.
- *
- * @param function name
- * @return TRUE if function is in the stack
- */
- bool (*contains_function)(backtrace_t *this, char *function);
-=======
* Check if the backtrace contains a frame having a function in a list.
*
* @param function name array
@@ -56,7 +48,6 @@ struct backtrace_t {
* @return TRUE if one of the functions is in the stack
*/
bool (*contains_function)(backtrace_t *this, char *function[], int count);
->>>>>>> upstream/4.5.1
/**
* Destroy a backtrace instance.
diff --git a/src/libstrongswan/utils/hashtable.c b/src/libstrongswan/utils/hashtable.c
index 9a0f92b3c..49b0bb68c 100644
--- a/src/libstrongswan/utils/hashtable.c
+++ b/src/libstrongswan/utils/hashtable.c
@@ -186,11 +186,7 @@ static void rehash(private_hashtable_t *this)
linked_list_t **old_table;
u_int row, old_capacity;
-<<<<<<< HEAD
- if (this->capacity < MAX_CAPACITY)
-=======
if (this->capacity >= MAX_CAPACITY)
->>>>>>> upstream/4.5.1
{
return;
}
@@ -253,10 +249,7 @@ METHOD(hashtable_t, put, void*,
{
old_value = pair->value;
pair->value = value;
-<<<<<<< HEAD
-=======
pair->key = key;
->>>>>>> upstream/4.5.1
break;
}
}
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
index 1fba6a587..615d85c95 100644
--- a/src/libstrongswan/utils/host.c
+++ b/src/libstrongswan/utils/host.c
@@ -476,13 +476,10 @@ host_t *host_create_from_dns(char *string, int af, u_int16_t port)
{
return host_create_any_port(af ? af : AF_INET6, port);
}
-<<<<<<< HEAD
-=======
if (af == AF_INET && strchr(string, ':'))
{ /* do not try to convert v6 addresses for v4 family */
return NULL;
}
->>>>>>> upstream/4.5.1
memset(&hints, 0, sizeof(hints));
hints.ai_family = af;
@@ -571,8 +568,6 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port)
/*
* Described in header.
*/
-<<<<<<< HEAD
-=======
host_t *host_create_from_subnet(char *string, int *bits)
{
char *pos, buf[64];
@@ -608,7 +603,6 @@ host_t *host_create_from_subnet(char *string, int *bits)
/*
* Described in header.
*/
->>>>>>> upstream/4.5.1
host_t *host_create_any(int family)
{
private_host_t *this = host_create_empty();
@@ -631,5 +625,6 @@ host_t *host_create_any(int family)
default:
break;
}
+ free(this);
return NULL;
}
diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/utils/host.h
index b9cd81148..0a1be6e47 100644
--- a/src/libstrongswan/utils/host.h
+++ b/src/libstrongswan/utils/host.h
@@ -190,8 +190,6 @@ host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port);
host_t *host_create_from_sockaddr(sockaddr_t *sockaddr);
/**
-<<<<<<< HEAD
-=======
* Create a host from a CIDR subnet definition (1.2.3.0/24), return bits.
*
* @param string string to parse
@@ -201,7 +199,6 @@ host_t *host_create_from_sockaddr(sockaddr_t *sockaddr);
host_t *host_create_from_subnet(char *string, int *bits);
/**
->>>>>>> upstream/4.5.1
* Create a host without an address, a "any" host.
*
* @param family family of the any host
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index facf9f6de..252cfa28e 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -64,32 +64,34 @@ typedef struct {
} x501rdn_t;
static const x501rdn_t x501rdns[] = {
- {"ND", OID_NAME_DISTINGUISHER, ASN1_PRINTABLESTRING},
- {"UID", OID_PILOT_USERID, ASN1_PRINTABLESTRING},
- {"DC", OID_PILOT_DOMAIN_COMPONENT, ASN1_PRINTABLESTRING},
- {"CN", OID_COMMON_NAME, ASN1_PRINTABLESTRING},
- {"S", OID_SURNAME, ASN1_PRINTABLESTRING},
- {"SN", OID_SERIAL_NUMBER, ASN1_PRINTABLESTRING},
- {"serialNumber", OID_SERIAL_NUMBER, ASN1_PRINTABLESTRING},
- {"C", OID_COUNTRY, ASN1_PRINTABLESTRING},
- {"L", OID_LOCALITY, ASN1_PRINTABLESTRING},
- {"ST", OID_STATE_OR_PROVINCE, ASN1_PRINTABLESTRING},
- {"O", OID_ORGANIZATION, ASN1_PRINTABLESTRING},
- {"OU", OID_ORGANIZATION_UNIT, ASN1_PRINTABLESTRING},
- {"T", OID_TITLE, ASN1_PRINTABLESTRING},
- {"D", OID_DESCRIPTION, ASN1_PRINTABLESTRING},
- {"N", OID_NAME, ASN1_PRINTABLESTRING},
- {"G", OID_GIVEN_NAME, ASN1_PRINTABLESTRING},
- {"I", OID_INITIALS, ASN1_PRINTABLESTRING},
- {"ID", OID_UNIQUE_IDENTIFIER, ASN1_PRINTABLESTRING},
- {"EN", OID_EMPLOYEE_NUMBER, ASN1_PRINTABLESTRING},
- {"employeeNumber", OID_EMPLOYEE_NUMBER, ASN1_PRINTABLESTRING},
- {"E", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
- {"Email", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
- {"emailAddress", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
- {"UN", OID_UNSTRUCTURED_NAME, ASN1_IA5STRING},
- {"unstructuredName",OID_UNSTRUCTURED_NAME, ASN1_IA5STRING},
- {"TCGID", OID_TCGID, ASN1_PRINTABLESTRING}
+ {"ND", OID_NAME_DISTINGUISHER, ASN1_PRINTABLESTRING},
+ {"UID", OID_PILOT_USERID, ASN1_PRINTABLESTRING},
+ {"DC", OID_PILOT_DOMAIN_COMPONENT, ASN1_PRINTABLESTRING},
+ {"CN", OID_COMMON_NAME, ASN1_PRINTABLESTRING},
+ {"S", OID_SURNAME, ASN1_PRINTABLESTRING},
+ {"SN", OID_SERIAL_NUMBER, ASN1_PRINTABLESTRING},
+ {"serialNumber", OID_SERIAL_NUMBER, ASN1_PRINTABLESTRING},
+ {"C", OID_COUNTRY, ASN1_PRINTABLESTRING},
+ {"L", OID_LOCALITY, ASN1_PRINTABLESTRING},
+ {"ST", OID_STATE_OR_PROVINCE, ASN1_PRINTABLESTRING},
+ {"O", OID_ORGANIZATION, ASN1_PRINTABLESTRING},
+ {"OU", OID_ORGANIZATION_UNIT, ASN1_PRINTABLESTRING},
+ {"T", OID_TITLE, ASN1_PRINTABLESTRING},
+ {"D", OID_DESCRIPTION, ASN1_PRINTABLESTRING},
+ {"N", OID_NAME, ASN1_PRINTABLESTRING},
+ {"G", OID_GIVEN_NAME, ASN1_PRINTABLESTRING},
+ {"I", OID_INITIALS, ASN1_PRINTABLESTRING},
+ {"ID", OID_UNIQUE_IDENTIFIER, ASN1_PRINTABLESTRING},
+ {"EN", OID_EMPLOYEE_NUMBER, ASN1_PRINTABLESTRING},
+ {"employeeNumber", OID_EMPLOYEE_NUMBER, ASN1_PRINTABLESTRING},
+ {"E", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
+ {"Email", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
+ {"emailAddress", OID_EMAIL_ADDRESS, ASN1_IA5STRING},
+ {"UN", OID_UNSTRUCTURED_NAME, ASN1_IA5STRING},
+ {"unstructuredName", OID_UNSTRUCTURED_NAME, ASN1_IA5STRING},
+ {"UA", OID_UNSTRUCTURED_ADDRESS, ASN1_PRINTABLESTRING},
+ {"unstructuredAddress", OID_UNSTRUCTURED_ADDRESS, ASN1_PRINTABLESTRING},
+ {"TCGID", OID_TCGID, ASN1_PRINTABLESTRING}
};
/**
@@ -281,20 +283,13 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
chunk_t oid_data, data, printable;
u_char type;
int oid, written;
-<<<<<<< HEAD
- bool finished = FALSE;
-=======
bool finished = FALSE, empty = TRUE;
->>>>>>> upstream/4.5.1
e = create_rdn_enumerator(dn);
while (e->enumerate(e, &oid_data, &type, &data))
{
-<<<<<<< HEAD
-=======
empty = FALSE;
->>>>>>> upstream/4.5.1
oid = asn1_known_oid(oid_data);
if (oid == OID_UNKNOWN)
@@ -338,15 +333,11 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
break;
}
}
-<<<<<<< HEAD
- if (!finished)
-=======
if (empty)
{
snprintf(buf, len, "");
}
else if (!finished)
->>>>>>> upstream/4.5.1
{
snprintf(buf, len, "(invalid ID_DER_ASN1_DN)");
}
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index ef2ea8e14..39505d3f3 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -165,6 +165,7 @@ char *whitelist[] = {
"__gmtime_r",
"localtime_r",
"tzset",
+ "time_printf_hook",
"inet_ntoa",
"strerror",
"getprotobyname",
@@ -190,6 +191,7 @@ char *whitelist[] = {
"dlopen",
"dlerror",
"dlclose",
+ "dlsym",
/* mysql functions */
"mysql_init_character_set",
"init_client_errs",
@@ -218,27 +220,6 @@ char *whitelist[] = {
"gcry_create_nonce",
/* NSPR */
"PR_CallOnce",
-<<<<<<< HEAD
-};
-
-/**
- * check if a stack frame contains functions listed above
- */
-static bool is_whitelisted(backtrace_t *backtrace)
-{
- int i;
- for (i = 0; i < sizeof(whitelist)/sizeof(char*); i++)
- {
- if (backtrace->contains_function(backtrace, whitelist[i]))
- {
- return TRUE;
- }
- }
- return FALSE;
-}
-
-/**
-=======
/* libapr */
"apr_pool_create_ex",
/* glib */
@@ -256,7 +237,6 @@ static bool is_whitelisted(backtrace_t *backtrace)
};
/**
->>>>>>> upstream/4.5.1
* Report leaks at library destruction
*/
static void report(private_leak_detective_t *this, bool detailed)
@@ -268,12 +248,8 @@ static void report(private_leak_detective_t *this, bool detailed)
for (hdr = first_header.next; hdr != NULL; hdr = hdr->next)
{
-<<<<<<< HEAD
- if (is_whitelisted(hdr->backtrace))
-=======
if (hdr->backtrace->contains_function(hdr->backtrace,
whitelist, countof(whitelist)))
->>>>>>> upstream/4.5.1
{
whitelisted++;
}
diff --git a/src/libstrongswan/utils/linked_list.c b/src/libstrongswan/utils/linked_list.c
index 4aa8ea6ca..9b37359dc 100644
--- a/src/libstrongswan/utils/linked_list.c
+++ b/src/libstrongswan/utils/linked_list.c
@@ -289,6 +289,7 @@ static void insert_before(private_iterator_t * iterator, void *item)
if (iterator->current == NULL)
{
iterator->list->public.insert_first(&(iterator->list->public), item);
+ return;
}
element_t *element = element_create(item);
diff --git a/src/libstrongswan/utils/optionsfrom.c b/src/libstrongswan/utils/optionsfrom.c
index fe3d37966..e51780290 100644
--- a/src/libstrongswan/utils/optionsfrom.c
+++ b/src/libstrongswan/utils/optionsfrom.c
@@ -61,16 +61,8 @@ struct private_options_t {
char *buffers[MAX_USES];
};
-<<<<<<< HEAD
-/**
- * Defined in header
- */
-bool from(private_options_t *this, char *filename, int *argcp, char **argvp[],
- int optind)
-=======
METHOD(options_t, from, bool,
private_options_t *this, char *filename, int *argcp, char **argvp[], int optind)
->>>>>>> upstream/4.5.1
{
int newargc;
int next; /* place for next argument */
@@ -187,15 +179,8 @@ METHOD(options_t, from, bool,
return good;
}
-<<<<<<< HEAD
-/**
- * Defined in header
- */
-void destroy(private_options_t *this)
-=======
METHOD(options_t, destroy, void,
private_options_t *this)
->>>>>>> upstream/4.5.1
{
while (this->nuses >= 0)
{
@@ -210,19 +195,6 @@ METHOD(options_t, destroy, void,
*/
options_t *options_create(void)
{
-<<<<<<< HEAD
- private_options_t *this = malloc_thing(private_options_t);
-
- /* initialize */
- this->newargv = NULL;
- this->room = 0;
- this->nuses = -1;
- memset(this->buffers, '\0', MAX_USES);
-
- /* public functions */
- this->public.from = (bool (*) (options_t*,char*,int*,char***,int))from;
- this->public.destroy = (void (*) (options_t*))destroy;
-=======
private_options_t *this;
INIT(this,
@@ -233,7 +205,6 @@ options_t *options_create(void)
},
.nuses = -1,
);
->>>>>>> upstream/4.5.1
return &this->public;
}