diff options
Diffstat (limited to 'src/libcharon/plugins/sql/sql_cred.c')
| -rw-r--r-- | src/libcharon/plugins/sql/sql_cred.c | 236 |
1 files changed, 236 insertions, 0 deletions
diff --git a/src/libcharon/plugins/sql/sql_cred.c b/src/libcharon/plugins/sql/sql_cred.c index 12f4ab045..a72450f27 100644 --- a/src/libcharon/plugins/sql/sql_cred.c +++ b/src/libcharon/plugins/sql/sql_cred.c @@ -1,4 +1,8 @@ /* +<<<<<<< HEAD +======= + * Copyright (C) 2010 Tobias Brunner +>>>>>>> upstream/4.5.1 * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -37,6 +41,10 @@ struct private_sql_cred_t { database_t *db; }; +<<<<<<< HEAD +======= + +>>>>>>> upstream/4.5.1 /** * enumerator over private keys */ @@ -49,11 +57,16 @@ typedef struct { private_key_t *current; } private_enumerator_t; +<<<<<<< HEAD /** * Implementation of private_enumerator_t.public.enumerate */ static bool private_enumerator_enumerate(private_enumerator_t *this, private_key_t **key) +======= +METHOD(enumerator_t, private_enumerator_enumerate, bool, + private_enumerator_t *this, private_key_t **key) +>>>>>>> upstream/4.5.1 { chunk_t blob; int type; @@ -62,7 +75,11 @@ static bool private_enumerator_enumerate(private_enumerator_t *this, while (this->inner->enumerate(this->inner, &type, &blob)) { this->current = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type, +<<<<<<< HEAD BUILD_BLOB_ASN1_DER, blob, +======= + BUILD_BLOB_PEM, blob, +>>>>>>> upstream/4.5.1 BUILD_END); if (this->current) { @@ -74,16 +91,22 @@ static bool private_enumerator_enumerate(private_enumerator_t *this, return FALSE; } +<<<<<<< HEAD /** * Implementation of private_enumerator_t.public.destroy */ static void private_enumerator_destroy(private_enumerator_t *this) +======= +METHOD(enumerator_t, private_enumerator_destroy, void, + private_enumerator_t *this) +>>>>>>> upstream/4.5.1 { DESTROY_IF(this->current); this->inner->destroy(this->inner); free(this); } +<<<<<<< HEAD /** * Implementation of credential_set_t.create_private_enumerator. */ @@ -97,6 +120,19 @@ static enumerator_t* create_private_enumerator(private_sql_cred_t *this, e->current = NULL; e->public.enumerate = (void*)private_enumerator_enumerate; e->public.destroy = (void*)private_enumerator_destroy; +======= +METHOD(credential_set_t, create_private_enumerator, enumerator_t*, + private_sql_cred_t *this, key_type_t type, identification_t *id) +{ + private_enumerator_t *e; + + INIT(e, + .public = { + .enumerate = (void*)_private_enumerator_enumerate, + .destroy = _private_enumerator_destroy, + }, + ); +>>>>>>> upstream/4.5.1 if (id && id->get_type(id) != ID_ANY) { e->inner = this->db->query(this->db, @@ -123,6 +159,10 @@ static enumerator_t* create_private_enumerator(private_sql_cred_t *this, return &e->public; } +<<<<<<< HEAD +======= + +>>>>>>> upstream/4.5.1 /** * enumerator over certificates */ @@ -135,11 +175,16 @@ typedef struct { certificate_t *current; } cert_enumerator_t; +<<<<<<< HEAD /** * Implementation of cert_enumerator_t.public.enumerate */ static bool cert_enumerator_enumerate(cert_enumerator_t *this, certificate_t **cert) +======= +METHOD(enumerator_t, cert_enumerator_enumerate, bool, + cert_enumerator_t *this, certificate_t **cert) +>>>>>>> upstream/4.5.1 { chunk_t blob; int type; @@ -148,7 +193,11 @@ static bool cert_enumerator_enumerate(cert_enumerator_t *this, while (this->inner->enumerate(this->inner, &type, &blob)) { this->current = lib->creds->create(lib->creds, CRED_CERTIFICATE, type, +<<<<<<< HEAD BUILD_BLOB_ASN1_DER, blob, +======= + BUILD_BLOB_PEM, blob, +>>>>>>> upstream/4.5.1 BUILD_END); if (this->current) { @@ -160,16 +209,22 @@ static bool cert_enumerator_enumerate(cert_enumerator_t *this, return FALSE; } +<<<<<<< HEAD /** * Implementation of cert_enumerator_t.public.destroy */ static void cert_enumerator_destroy(cert_enumerator_t *this) +======= +METHOD(enumerator_t, cert_enumerator_destroy, void, + cert_enumerator_t *this) +>>>>>>> upstream/4.5.1 { DESTROY_IF(this->current); this->inner->destroy(this->inner); free(this); } +<<<<<<< HEAD /** * Implementation of credential_set_t.create_cert_enumerator. */ @@ -183,6 +238,20 @@ static enumerator_t* create_cert_enumerator(private_sql_cred_t *this, e->current = NULL; e->public.enumerate = (void*)cert_enumerator_enumerate; e->public.destroy = (void*)cert_enumerator_destroy; +======= +METHOD(credential_set_t, create_cert_enumerator, enumerator_t*, + private_sql_cred_t *this, certificate_type_t cert, key_type_t key, + identification_t *id, bool trusted) +{ + cert_enumerator_t *e; + + INIT(e, + .public = { + .enumerate = (void*)_cert_enumerator_enumerate, + .destroy = _cert_enumerator_destroy, + }, + ); +>>>>>>> upstream/4.5.1 if (id && id->get_type(id) != ID_ANY) { e->inner = this->db->query(this->db, @@ -213,6 +282,10 @@ static enumerator_t* create_cert_enumerator(private_sql_cred_t *this, return &e->public; } +<<<<<<< HEAD +======= + +>>>>>>> upstream/4.5.1 /** * enumerator over shared keys */ @@ -229,12 +302,18 @@ typedef struct { shared_key_t *current; } shared_enumerator_t; +<<<<<<< HEAD /** * Implementation of shared_enumerator_t.public.enumerate */ static bool shared_enumerator_enumerate(shared_enumerator_t *this, shared_key_t **shared, id_match_t *me, id_match_t *other) +======= +METHOD(enumerator_t, shared_enumerator_enumerate, bool, + shared_enumerator_t *this, shared_key_t **shared, + id_match_t *me, id_match_t *other) +>>>>>>> upstream/4.5.1 { chunk_t blob; int type; @@ -261,16 +340,22 @@ static bool shared_enumerator_enumerate(shared_enumerator_t *this, return FALSE; } +<<<<<<< HEAD /** * Implementation of shared_enumerator_t.public.destroy */ static void shared_enumerator_destroy(shared_enumerator_t *this) +======= +METHOD(enumerator_t, shared_enumerator_destroy, void, + shared_enumerator_t *this) +>>>>>>> upstream/4.5.1 { DESTROY_IF(this->current); this->inner->destroy(this->inner); free(this); } +<<<<<<< HEAD /** * Implementation of credential_set_t.create_shared_enumerator. */ @@ -286,6 +371,22 @@ static enumerator_t* create_shared_enumerator(private_sql_cred_t *this, e->current = NULL; e->public.enumerate = (void*)shared_enumerator_enumerate; e->public.destroy = (void*)shared_enumerator_destroy; +======= +METHOD(credential_set_t, create_shared_enumerator, enumerator_t*, + private_sql_cred_t *this, shared_key_type_t type, + identification_t *me, identification_t *other) +{ + shared_enumerator_t *e; + + INIT(e, + .public = { + .enumerate = (void*)_shared_enumerator_enumerate, + .destroy = _shared_enumerator_destroy, + }, + .me = me, + .other = other, + ); +>>>>>>> upstream/4.5.1 if (!me && !other) { e->inner = this->db->query(this->db, @@ -329,14 +430,123 @@ static enumerator_t* create_shared_enumerator(private_sql_cred_t *this, return &e->public; } +<<<<<<< HEAD /** * Implementation of credential_set_t.cache_cert. */ static void cache_cert(private_sql_cred_t *this, certificate_t *cert) +======= + +/** + * enumerator over CDPs + */ +typedef struct { + /** implements enumerator_t */ + enumerator_t public; + /** inner SQL enumerator */ + enumerator_t *inner; + /** currently enumerated string */ + char *current; +} cdp_enumerator_t; + +/** + * types of CDPs + */ +typedef enum { + /** any available CDP */ + CDP_TYPE_ANY = 0, + /** CRL */ + CDP_TYPE_CRL, + /** OCSP Responder */ + CDP_TYPE_OCSP, +} cdp_type_t; + +METHOD(enumerator_t, cdp_enumerator_enumerate, bool, + cdp_enumerator_t *this, char **uri) +{ + char *text; + + free(this->current); + while (this->inner->enumerate(this->inner, &text)) + { + *uri = this->current = strdup(text); + return TRUE; + } + this->current = NULL; + return FALSE; +} + +METHOD(enumerator_t, cdp_enumerator_destroy, void, + cdp_enumerator_t *this) +{ + free(this->current); + this->inner->destroy(this->inner); + free(this); +} + +METHOD(credential_set_t, create_cdp_enumerator, enumerator_t*, + private_sql_cred_t *this, certificate_type_t type, identification_t *id) +{ + cdp_enumerator_t *e; + cdp_type_t cdp_type; + + switch (type) + { /* we serve CRLs and OCSP responders */ + case CERT_X509_CRL: + cdp_type = CDP_TYPE_CRL; + break; + case CERT_X509_OCSP_RESPONSE: + cdp_type = CDP_TYPE_OCSP; + break; + case CERT_ANY: + cdp_type = CDP_TYPE_ANY; + break; + default: + return NULL; + } + INIT(e, + .public = { + .enumerate = (void*)_cdp_enumerator_enumerate, + .destroy = _cdp_enumerator_destroy, + }, + ); + if (id && id->get_type(id) != ID_ANY) + { + e->inner = this->db->query(this->db, + "SELECT dp.uri FROM certificate_distribution_points AS dp " + "JOIN certificate_authorities AS ca ON ca.id = dp.ca " + "JOIN certificates AS c ON c.id = ca.certificate " + "JOIN certificate_identity AS ci ON c.id = ci.certificate " + "JOIN identities AS i ON ci.identity = i.id " + "WHERE i.type = ? AND i.data = ? AND (? OR dp.type = ?)", + DB_INT, id->get_type(id), DB_BLOB, id->get_encoding(id), + DB_INT, cdp_type == CDP_TYPE_ANY, DB_INT, cdp_type, + DB_TEXT); + } + else + { + e->inner = this->db->query(this->db, + "SELECT dp.uri FROM certificate_distribution_points AS dp " + "WHERE (? OR dp.type = ?)", + DB_INT, cdp_type == CDP_TYPE_ANY, DB_INT, cdp_type, + DB_TEXT); + } + if (!e->inner) + { + free(e); + return NULL; + } + return &e->public; +} + +METHOD(credential_set_t, cache_cert, void, + private_sql_cred_t *this, certificate_t *cert) +>>>>>>> upstream/4.5.1 { /* TODO: implement CRL caching to database */ } +<<<<<<< HEAD /** * Implementation of sql_cred_t.destroy. */ @@ -344,11 +554,20 @@ static void destroy(private_sql_cred_t *this) { free(this); } +======= +METHOD(sql_cred_t, destroy, void, + private_sql_cred_t *this) +{ + free(this); +} + +>>>>>>> upstream/4.5.1 /** * Described in header. */ sql_cred_t *sql_cred_create(database_t *db) { +<<<<<<< HEAD private_sql_cred_t *this = malloc_thing(private_sql_cred_t); this->public.set.create_private_enumerator = (void*)create_private_enumerator; @@ -359,6 +578,23 @@ sql_cred_t *sql_cred_create(database_t *db) this->public.destroy = (void(*)(sql_cred_t*))destroy; this->db = db; +======= + private_sql_cred_t *this; + + INIT(this, + .public = { + .set = { + .create_private_enumerator = _create_private_enumerator, + .create_cert_enumerator = _create_cert_enumerator, + .create_shared_enumerator = _create_shared_enumerator, + .create_cdp_enumerator = _create_cdp_enumerator, + .cache_cert = _cache_cert, + }, + .destroy = _destroy, + }, + .db = db, + ); +>>>>>>> upstream/4.5.1 return &this->public; } |