summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/pkcs11
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/pkcs11')
-rw-r--r--src/libstrongswan/plugins/pkcs11/Makefile.in2
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_creds.c38
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_library.c22
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_manager.c10
4 files changed, 45 insertions, 27 deletions
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index f4fffd3fa..ca7b5a8a9 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -360,6 +360,7 @@ docdir = @docdir@
dvidir = @dvidir@
exec_prefix = @exec_prefix@
fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
gtk_CFLAGS = @gtk_CFLAGS@
gtk_LIBS = @gtk_LIBS@
host = @host@
@@ -382,6 +383,7 @@ json_CFLAGS = @json_CFLAGS@
json_LIBS = @json_LIBS@
libdir = @libdir@
libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
libiptc_CFLAGS = @libiptc_CFLAGS@
libiptc_LIBS = @libiptc_LIBS@
linux_headers = @linux_headers@
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
index e65f3a06b..b1575540d 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c
@@ -153,30 +153,32 @@ static bool load_certificates(private_pkcs11_creds_t *this)
return TRUE;
}
-/**
- * filter function for certs enumerator
- */
-static bool certs_filter(identification_t *id,
- certificate_t **in, certificate_t **out)
+CALLBACK(certs_filter, bool,
+ identification_t *id, enumerator_t *orig, va_list args)
{
public_key_t *public;
- certificate_t *cert = *in;
+ certificate_t *cert, **out;
- if (id == NULL || cert->has_subject(cert, id))
- {
- *out = *in;
- return TRUE;
- }
- public = cert->get_public_key(cert);
- if (public)
+ VA_ARGS_VGET(args, out);
+
+ while (orig->enumerate(orig, &cert))
{
- if (public->has_fingerprint(public, id->get_encoding(id)))
+ if (id == NULL || cert->has_subject(cert, id))
{
- public->destroy(public);
- *out = *in;
+ *out = cert;
return TRUE;
}
- public->destroy(public);
+ public = cert->get_public_key(cert);
+ if (public)
+ {
+ if (public->has_fingerprint(public, id->get_encoding(id)))
+ {
+ public->destroy(public);
+ *out = cert;
+ return TRUE;
+ }
+ public->destroy(public);
+ }
}
return FALSE;
}
@@ -199,7 +201,7 @@ METHOD(credential_set_t, create_cert_enumerator, enumerator_t*,
{
inner = this->untrusted->create_enumerator(this->untrusted);
}
- return enumerator_create_filter(inner, (void*)certs_filter, id, NULL);
+ return enumerator_create_filter(inner, certs_filter, id, NULL);
}
METHOD(pkcs11_creds_t, get_library, pkcs11_library_t*,
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
index dc8a1f17a..89ae1969e 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c
@@ -719,12 +719,14 @@ static bool get_attributes(object_enumerator_t *this, CK_OBJECT_HANDLE object)
}
METHOD(enumerator_t, object_enumerate, bool,
- object_enumerator_t *this, CK_OBJECT_HANDLE *out)
+ object_enumerator_t *this, va_list args)
{
- CK_OBJECT_HANDLE object;
+ CK_OBJECT_HANDLE object, *out;
CK_ULONG found;
CK_RV rv;
+ VA_ARGS_VGET(args, out);
+
if (!this->object)
{
rv = this->lib->f->C_FindObjects(this->session, &object, 1, &found);
@@ -786,7 +788,8 @@ METHOD(pkcs11_library_t, create_object_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_object_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _object_enumerate,
.destroy = _object_destroy,
},
.session = session,
@@ -806,7 +809,8 @@ METHOD(pkcs11_library_t, create_object_attr_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_object_enumerate,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _object_enumerate,
.destroy = _object_destroy,
},
.session = session,
@@ -838,11 +842,14 @@ typedef struct {
} mechanism_enumerator_t;
METHOD(enumerator_t, enumerate_mech, bool,
- mechanism_enumerator_t *this, CK_MECHANISM_TYPE* type,
- CK_MECHANISM_INFO *info)
+ mechanism_enumerator_t *this, va_list args)
{
+ CK_MECHANISM_INFO *info;
+ CK_MECHANISM_TYPE *type;
CK_RV rv;
+ VA_ARGS_VGET(args, type, info);
+
if (this->current >= this->count)
{
return FALSE;
@@ -876,7 +883,8 @@ METHOD(pkcs11_library_t, create_mechanism_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_enumerate_mech,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _enumerate_mech,
.destroy = _destroy_mech,
},
.lib = &this->public,
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
index 96c4a180d..31bcb0d25 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
@@ -265,8 +265,13 @@ typedef struct {
} token_enumerator_t;
METHOD(enumerator_t, enumerate_token, bool,
- token_enumerator_t *this, pkcs11_library_t **out, CK_SLOT_ID *slot)
+ token_enumerator_t *this, va_list args)
{
+ pkcs11_library_t **out;
+ CK_SLOT_ID *slot;
+
+ VA_ARGS_VGET(args, out, slot);
+
if (this->current >= this->count)
{
free(this->slots);
@@ -301,7 +306,8 @@ METHOD(pkcs11_manager_t, create_token_enumerator, enumerator_t*,
INIT(enumerator,
.public = {
- .enumerate = (void*)_enumerate_token,
+ .enumerate = enumerator_enumerate_default,
+ .venumerate = _enumerate_token,
.destroy = _destroy_token,
},
.inner = this->libs->create_enumerator(this->libs),