diff options
Diffstat (limited to 'src/libstrongswan/plugins')
100 files changed, 759 insertions, 277 deletions
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index 9835cd5b9..c93f84ca7 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c index f13e33492..2a1fed944 100644 --- a/src/libstrongswan/plugins/aes/aes_crypter.c +++ b/src/libstrongswan/plugins/aes/aes_crypter.c @@ -1518,6 +1518,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_aes_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c index 1c060b6c8..d17355d1d 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.c +++ b/src/libstrongswan/plugins/aes/aes_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "aes_crypter.h" -static const char *plugin_name = "aes"; - typedef struct private_aes_plugin_t private_aes_plugin_t; /** @@ -33,6 +31,12 @@ struct private_aes_plugin_t { aes_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_aes_plugin_t *this) +{ + return "aes"; +} + METHOD(plugin_t, destroy, void, private_aes_plugin_t *this) { @@ -51,12 +55,14 @@ plugin_t *aes_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)aes_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in index aa8df979e..00b54b026 100644 --- a/src/libstrongswan/plugins/af_alg/Makefile.in +++ b/src/libstrongswan/plugins/af_alg/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c index 3416ad8d2..7b3c062aa 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c @@ -63,6 +63,7 @@ static struct { size_t iv_size; } algs[] = { {ENCR_DES, "cbc(des)", 8, 8, 8, 8, }, + {ENCR_DES_ECB, "ecb(des)", 8, 8, 8, 0, }, {ENCR_3DES, "cbc(des3_ede)", 8, 24, 24, 8, }, {ENCR_AES_CBC, "cbc(aes)", 16, 16, 16, 16, }, {ENCR_AES_CBC, "cbc(aes)", 16, 24, 24, 16, }, @@ -91,7 +92,7 @@ static struct { /** * See header. */ -void af_alg_crypter_probe() +void af_alg_crypter_probe(char *plugin) { encryption_algorithm_t prev = -1; af_alg_ops_t *ops; @@ -105,7 +106,7 @@ void af_alg_crypter_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_crypter(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_crypter(lib->crypto, algs[i].id, plugin, (crypter_constructor_t)af_alg_crypter_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h index 711d2fc35..ed7799cc8 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h @@ -48,7 +48,9 @@ af_alg_crypter_t *af_alg_crypter_create(encryption_algorithm_t algo, /** * Probe algorithms and register af_alg_crypter_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_crypter_probe(); +void af_alg_crypter_probe(char *plugin); #endif /** AF_ALG_CRYPTER_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c index 7c6297d44..11074c4bd 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c @@ -59,7 +59,7 @@ static struct { /** * See header. */ -void af_alg_hasher_probe() +void af_alg_hasher_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -70,7 +70,7 @@ void af_alg_hasher_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_hasher(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_hasher(lib->crypto, algs[i].id, plugin, (hasher_constructor_t)af_alg_hasher_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h index e0833e23a..f44ba2938 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h @@ -46,7 +46,9 @@ af_alg_hasher_t *af_alg_hasher_create(hash_algorithm_t algo); /** * Probe algorithms and register af_alg_hasher_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_hasher_probe(); +void af_alg_hasher_probe(char *plugin); #endif /** af_alg_HASHER_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c index 7bf1d90db..82a227d97 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c @@ -21,8 +21,6 @@ #include <debug.h> -const char *af_alg_plugin_name = "af-alg"; - typedef struct private_af_alg_ops_t private_af_alg_ops_t; /** diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.h b/src/libstrongswan/plugins/af_alg/af_alg_ops.h index b7d642c00..ad164029f 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.h @@ -33,8 +33,6 @@ #define SOL_ALG 279 #endif /* SOL_ALG */ -extern const char *af_alg_plugin_name; - typedef struct af_alg_ops_t af_alg_ops_t; /** diff --git a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c index 54e39f1a0..280ea4e98 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c @@ -35,6 +35,12 @@ struct private_af_alg_plugin_t { af_alg_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_af_alg_plugin_t *this) +{ + return "af-alg"; +} + METHOD(plugin_t, destroy, void, private_af_alg_plugin_t *this) { @@ -60,15 +66,17 @@ plugin_t *af_alg_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - af_alg_hasher_probe(); - af_alg_signer_probe(); - af_alg_prf_probe(); - af_alg_crypter_probe(); + af_alg_hasher_probe(get_name(this)); + af_alg_signer_probe(get_name(this)); + af_alg_prf_probe(get_name(this)); + af_alg_crypter_probe(get_name(this)); return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c index 575906bae..1c1174abb 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c @@ -70,7 +70,7 @@ static struct { /** * See header. */ -void af_alg_prf_probe() +void af_alg_prf_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -81,7 +81,7 @@ void af_alg_prf_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_prf(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_prf(lib->crypto, algs[i].id, plugin, (prf_constructor_t)af_alg_prf_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.h b/src/libstrongswan/plugins/af_alg/af_alg_prf.h index a3dea5649..d3275e7be 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_prf.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.h @@ -46,7 +46,9 @@ af_alg_prf_t *af_alg_prf_create(pseudo_random_function_t algo); /** * Probe algorithms and register af_alg_prf_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_prf_probe(); +void af_alg_prf_probe(char *plugin); #endif /** AF_ALG_PRF_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c index 3d6f907bf..34534a06b 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c @@ -71,7 +71,7 @@ static struct { /** * See header. */ -void af_alg_signer_probe() +void af_alg_signer_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -82,7 +82,7 @@ void af_alg_signer_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_signer(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_signer(lib->crypto, algs[i].id, plugin, (signer_constructor_t)af_alg_signer_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.h b/src/libstrongswan/plugins/af_alg/af_alg_signer.h index b1d90707f..21487a118 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_signer.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.h @@ -46,7 +46,9 @@ af_alg_signer_t *af_alg_signer_create(integrity_algorithm_t algo); /** * Probe algorithms and register af_alg_signer_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_signer_probe(); +void af_alg_signer_probe(char *plugin); #endif /** AF_ALG_SIGNER_H_ @}*/ diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index 1a3533f03..ce333660d 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c index bd3c1ac75..79c13b7c1 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.c +++ b/src/libstrongswan/plugins/agent/agent_plugin.c @@ -31,6 +31,12 @@ struct private_agent_plugin_t { agent_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_agent_plugin_t *this) +{ + return "agent"; +} + METHOD(plugin_t, destroy, void, private_agent_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *agent_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in index 251722f60..be8ba72ee 100644 --- a/src/libstrongswan/plugins/blowfish/Makefile.in +++ b/src/libstrongswan/plugins/blowfish/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c index 784c07eaf..fc3649b36 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c @@ -160,6 +160,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_blowfish_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c index 5232eca28..9dc8dfe7f 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c @@ -19,8 +19,6 @@ #include <library.h> #include "blowfish_crypter.h" -static const char *plugin_name = "blowfish"; - typedef struct private_blowfish_plugin_t private_blowfish_plugin_t; /** @@ -34,6 +32,12 @@ struct private_blowfish_plugin_t { blowfish_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_blowfish_plugin_t *this) +{ + return "blowfish"; +} + METHOD(plugin_t, destroy, void, private_blowfish_plugin_t *this) { @@ -52,12 +56,14 @@ plugin_t *blowfish_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)blowfish_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in index 371e5b2f4..b2bc4a51f 100644 --- a/src/libstrongswan/plugins/ccm/Makefile.in +++ b/src/libstrongswan/plugins/ccm/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ccm/ccm_plugin.c b/src/libstrongswan/plugins/ccm/ccm_plugin.c index a4c89b548..2865c2ae4 100644 --- a/src/libstrongswan/plugins/ccm/ccm_plugin.c +++ b/src/libstrongswan/plugins/ccm/ccm_plugin.c @@ -19,8 +19,6 @@ #include "ccm_aead.h" -static const char *plugin_name = "ccm"; - typedef struct private_ccm_plugin_t private_ccm_plugin_t; /** @@ -34,6 +32,12 @@ struct private_ccm_plugin_t { ccm_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_ccm_plugin_t *this) +{ + return "ccm"; +} + METHOD(plugin_t, destroy, void, private_ccm_plugin_t *this) { @@ -52,29 +56,35 @@ plugin_t *ccm_plugin_create() crypter_t *crypter; INIT(this, - .public.plugin.destroy = _destroy, + .public = { + .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, + .destroy = _destroy, + }, + }, ); crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, get_name(this), (aead_constructor_t)ccm_aead_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, get_name(this), (aead_constructor_t)ccm_aead_create); } diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in index 382bfef98..8be502a9c 100644 --- a/src/libstrongswan/plugins/constraints/Makefile.in +++ b/src/libstrongswan/plugins/constraints/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/constraints/constraints_plugin.c b/src/libstrongswan/plugins/constraints/constraints_plugin.c index 1c3f0c835..502c83559 100644 --- a/src/libstrongswan/plugins/constraints/constraints_plugin.c +++ b/src/libstrongswan/plugins/constraints/constraints_plugin.c @@ -36,6 +36,12 @@ struct private_constraints_plugin_t { constraints_validator_t *validator; }; +METHOD(plugin_t, get_name, char*, + private_constraints_plugin_t *this) +{ + return "constraints"; +} + METHOD(plugin_t, destroy, void, private_constraints_plugin_t *this) { @@ -54,6 +60,8 @@ plugin_t *constraints_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in index 2f6be07e2..0db640829 100644 --- a/src/libstrongswan/plugins/ctr/Makefile.in +++ b/src/libstrongswan/plugins/ctr/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ctr/ctr_plugin.c b/src/libstrongswan/plugins/ctr/ctr_plugin.c index 9f1bf957f..6850cacf0 100644 --- a/src/libstrongswan/plugins/ctr/ctr_plugin.c +++ b/src/libstrongswan/plugins/ctr/ctr_plugin.c @@ -19,8 +19,6 @@ #include "ctr_ipsec_crypter.h" -static const char *plugin_name = "ctr"; - typedef struct private_ctr_plugin_t private_ctr_plugin_t; /** @@ -34,6 +32,12 @@ struct private_ctr_plugin_t { ctr_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_ctr_plugin_t *this) +{ + return "ctr"; +} + METHOD(plugin_t, destroy, void, private_ctr_plugin_t *this) { @@ -54,6 +58,8 @@ plugin_t *ctr_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -63,14 +69,14 @@ plugin_t *ctr_plugin_create() if (crypter) { crypter->destroy(crypter); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this), (crypter_constructor_t)ctr_ipsec_crypter_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this), (crypter_constructor_t)ctr_ipsec_crypter_create); } return &this->public.plugin; diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index e61c73041..cdfb2b801 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index 82e24e810..7f8c0aec2 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -43,31 +43,49 @@ struct private_curl_fetcher_t { * Optional HTTP headers */ struct curl_slist *headers; + + /** + * Callback function + */ + fetcher_callback_t cb; }; /** - * writes data into a dynamically resizeable chunk_t + * Data to pass to curl callback + */ +typedef struct { + fetcher_callback_t cb; + void *user; +} cb_data_t; + +/** + * Curl callback function, invokes fetcher_callback_t function */ -static size_t append(void *ptr, size_t size, size_t nmemb, chunk_t *data) +static size_t curl_cb(void *ptr, size_t size, size_t nmemb, cb_data_t *data) { size_t realsize = size * nmemb; - data->ptr = (u_char*)realloc(data->ptr, data->len + realsize); - if (data->ptr) + if (data->cb(data->user, chunk_create(ptr, realsize))) { - memcpy(&data->ptr[data->len], ptr, realsize); - data->len += realsize; + return realsize; } - return realsize; + return 0; } METHOD(fetcher_t, fetch, status_t, - private_curl_fetcher_t *this, char *uri, chunk_t *result) + private_curl_fetcher_t *this, char *uri, void *userdata) { char error[CURL_ERROR_SIZE]; status_t status; + cb_data_t data = { + .cb = this->cb, + .user = userdata, + }; - *result = chunk_empty; + if (this->cb == fetcher_default_callback) + { + *(chunk_t*)userdata = chunk_empty; + } if (curl_easy_setopt(this->curl, CURLOPT_URL, uri) != CURLE_OK) { /* URL type not supported by curl */ @@ -77,8 +95,8 @@ METHOD(fetcher_t, fetch, status_t, curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE); curl_easy_setopt(this->curl, CURLOPT_NOSIGNAL, TRUE); curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, DEFAULT_TIMEOUT); - curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)append); - curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void*)result); + curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)curl_cb); + curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, &data); if (this->headers) { curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); @@ -146,6 +164,11 @@ METHOD(fetcher_t, set_option, bool, va_arg(args, u_int)); break; } + case FETCH_CALLBACK: + { + this->cb = va_arg(args, fetcher_callback_t); + break; + } default: supported = FALSE; break; @@ -178,6 +201,7 @@ curl_fetcher_t *curl_fetcher_create() }, }, .curl = curl_easy_init(), + .cb = fetcher_default_callback, ); if (!this->curl) diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index 387da03aa..d0e532055 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -34,6 +34,12 @@ struct private_curl_plugin_t { curl_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_curl_plugin_t *this) +{ + return "curl"; +} + METHOD(plugin_t, destroy, void, private_curl_plugin_t *this) { @@ -54,6 +60,8 @@ plugin_t *curl_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index e45988ca9..d24ac40f8 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index 7d9fbe852..695e7e4c4 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -1552,6 +1552,7 @@ METHOD(crypter_t, set_key3, void, METHOD(crypter_t, destroy, void, private_des_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index d420d789e..78b73347d 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "des_crypter.h" -static const char *plugin_name = "des"; - typedef struct private_des_plugin_t private_des_plugin_t; /** @@ -33,6 +31,12 @@ struct private_des_plugin_t { des_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_des_plugin_t *this) +{ + return "des"; +} + METHOD(plugin_t, destroy, void, private_des_plugin_t *this) { @@ -51,16 +55,18 @@ plugin_t *des_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)des_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in index d1dce4679..62c52498c 100644 --- a/src/libstrongswan/plugins/dnskey/Makefile.in +++ b/src/libstrongswan/plugins/dnskey/Makefile.in @@ -243,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,6 +268,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c index d11b149df..4e08746f8 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c @@ -31,6 +31,12 @@ struct private_dnskey_plugin_t { dnskey_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_dnskey_plugin_t *this) +{ + return "dnskey"; +} + METHOD(plugin_t, destroy, void, private_dnskey_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *dnskey_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index ab1ed6d00..e88a102b8 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -243,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,6 +268,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index 3cce6ad91..7038da146 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "fips_prf.h" -static const char *plugin_name = "fips-prf"; - typedef struct private_fips_prf_plugin_t private_fips_prf_plugin_t; /** @@ -33,6 +31,12 @@ struct private_fips_prf_plugin_t { fips_prf_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_fips_prf_plugin_t *this) +{ + return "fips-prf"; +} + METHOD(plugin_t, destroy, void, private_fips_prf_plugin_t *this) { @@ -52,6 +56,8 @@ plugin_t *fips_prf_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -61,7 +67,7 @@ plugin_t *fips_prf_plugin_create() if (prf) { prf->destroy(prf); - lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, get_name(this), (prf_constructor_t)fips_prf_create); } diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in index 9e0b49776..202849eb6 100644 --- a/src/libstrongswan/plugins/gcm/Makefile.in +++ b/src/libstrongswan/plugins/gcm/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gcm/gcm_plugin.c b/src/libstrongswan/plugins/gcm/gcm_plugin.c index a438fb073..4b46f0ee4 100644 --- a/src/libstrongswan/plugins/gcm/gcm_plugin.c +++ b/src/libstrongswan/plugins/gcm/gcm_plugin.c @@ -19,8 +19,6 @@ #include "gcm_aead.h" -static const char *plugin_name = "gcm"; - typedef struct private_gcm_plugin_t private_gcm_plugin_t; /** @@ -34,6 +32,12 @@ struct private_gcm_plugin_t { gcm_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_gcm_plugin_t *this) +{ + return "gcm"; +} + METHOD(plugin_t, destroy, void, private_gcm_plugin_t *this) { @@ -52,18 +56,24 @@ plugin_t *gcm_plugin_create() crypter_t *crypter; INIT(this, - .public.plugin.destroy = _destroy, + .public = { + .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, + .destroy = _destroy, + }, + }, ); crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, get_name(this), (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, get_name(this), (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, get_name(this), (aead_constructor_t)gcm_aead_create); } diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in index 1bcada7dc..bedb918b9 100644 --- a/src/libstrongswan/plugins/gcrypt/Makefile.in +++ b/src/libstrongswan/plugins/gcrypt/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index a53fed448..e26277b0b 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -29,8 +29,6 @@ #include <errno.h> #include <gcrypt.h> -static const char *plugin_name = "gcrypt"; - typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t; /** @@ -95,6 +93,12 @@ static struct gcry_thread_cbs thread_functions = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; +METHOD(plugin_t, get_name, char*, + private_gcrypt_plugin_t *this) +{ + return "gcrypt"; +} + METHOD(plugin_t, destroy, void, private_gcrypt_plugin_t *this) { @@ -144,85 +148,87 @@ plugin_t *gcrypt_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); /* hashers */ - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); /* crypters */ - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); #ifdef HAVE_GCRY_CIPHER_CAMELLIA - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); #endif /* HAVE_GCRY_CIPHER_CAMELLIA */ - lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); /* random numbers */ - lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this), (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)gcrypt_rng_create); /* diffie hellman groups, using modp */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)gcrypt_dh_create_custom); /* RSA */ diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index f73bfb406..18592ab4a 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c index e9bfbcc28..55ccd4a4f 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.c +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c @@ -20,8 +20,6 @@ #include "gmp_rsa_private_key.h" #include "gmp_rsa_public_key.h" -static const char *plugin_name = "gmp"; - typedef struct private_gmp_plugin_t private_gmp_plugin_t; /** @@ -35,6 +33,12 @@ struct private_gmp_plugin_t { gmp_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_gmp_plugin_t *this) +{ + return "gmp"; +} + METHOD(plugin_t, destroy, void, private_gmp_plugin_t *this) { @@ -61,35 +65,37 @@ plugin_t *gmp_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create_custom); lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, FALSE, diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index 72cc23b72..b9e2cd817 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c index c7b2739df..397a1ea11 100644 --- a/src/libstrongswan/plugins/hmac/hmac.c +++ b/src/libstrongswan/plugins/hmac/hmac.c @@ -147,8 +147,8 @@ METHOD(hmac_t, destroy, void, private_hmac_t *this) { this->h->destroy(this->h); - free(this->opaded_key.ptr); - free(this->ipaded_key.ptr); + chunk_clear(&this->opaded_key); + chunk_clear(&this->ipaded_key); free(this); } diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c index 76d6157ae..47d6d3cde 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.c +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c @@ -19,8 +19,6 @@ #include "hmac_signer.h" #include "hmac_prf.h" -static const char *plugin_name = "hmac"; - typedef struct private_hmac_plugin_t private_hmac_plugin_t; /** @@ -34,6 +32,12 @@ struct private_hmac_plugin_t { hmac_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_hmac_plugin_t *this) +{ + return "hmac"; +} + METHOD(plugin_t, destroy, void, private_hmac_plugin_t *this) { @@ -55,6 +59,8 @@ plugin_t *hmac_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -64,24 +70,24 @@ plugin_t *hmac_plugin_create() if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA256); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, get_name(this), (signer_constructor_t)hmac_signer_create); } @@ -89,31 +95,31 @@ plugin_t *hmac_plugin_create() if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA384); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA512); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, get_name(this), (signer_constructor_t)hmac_signer_create); } diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index 7235784e2..b496ace28 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index e6c592217..fc6114b0a 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -101,7 +101,7 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response) METHOD(fetcher_t, fetch, status_t, - private_ldap_fetcher_t *this, char *url, chunk_t *result) + private_ldap_fetcher_t *this, char *url, void *userdata) { LDAP *ldap; LDAPURLDesc *lurl; @@ -110,6 +110,7 @@ METHOD(fetcher_t, fetch, status_t, int ldap_version = LDAP_VERSION3; struct timeval timeout; status_t status = FAILED; + chunk_t *result = userdata; if (!strneq(url, "ldap", 4)) { diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c index 3682ddd1f..08d9748ce 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.c +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c @@ -31,6 +31,12 @@ struct private_ldap_plugin_t { ldap_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_ldap_plugin_t *this) +{ + return "ldap"; +} + METHOD(plugin_t, destroy, void, private_ldap_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *ldap_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in index ea1a7a69a..82781054b 100644 --- a/src/libstrongswan/plugins/md4/Makefile.in +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c index cea1a61f3..371bba280 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.c +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "md4_hasher.h" -static const char *plugin_name = "md4"; - typedef struct private_md4_plugin_t private_md4_plugin_t; /** @@ -33,6 +31,12 @@ struct private_md4_plugin_t { md4_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_md4_plugin_t *this) +{ + return "md4"; +} + METHOD(plugin_t, destroy, void, private_md4_plugin_t *this) { @@ -51,12 +55,14 @@ plugin_t *md4_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)md4_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index 05f101564..0e3c37e7e 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c index d11173817..c72284193 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.c +++ b/src/libstrongswan/plugins/md5/md5_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "md5_hasher.h" -static const char *plugin_name = "md5"; - typedef struct private_md5_plugin_t private_md5_plugin_t; /** @@ -33,6 +31,12 @@ struct private_md5_plugin_t { md5_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_md5_plugin_t *this) +{ + return "md5"; +} + METHOD(plugin_t, destroy, void, private_md5_plugin_t *this) { @@ -51,12 +55,14 @@ plugin_t *md5_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)md5_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index 4880415b3..32067d5b4 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 65d8681cb..579df4d50 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -32,6 +32,12 @@ struct private_mysql_plugin_t { mysql_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_mysql_plugin_t *this) +{ + return "mysql"; +} + METHOD(plugin_t, destroy, void, private_mysql_plugin_t *this) { @@ -57,6 +63,8 @@ plugin_t *mysql_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index b43be29f1..d1c8fce81 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -247,6 +247,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -270,6 +272,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c index 2ed07ff0c..cd9a3bd4a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.c +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c @@ -152,7 +152,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_openssl_crypter_t *this) { - free(this->key.ptr); + chunk_clear(&this->key); free(this); } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 32fc2bccd..78ed2811a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -257,7 +257,7 @@ METHOD(diffie_hellman_t, destroy, void, { EC_POINT_clear_free(this->pub_key); EC_KEY_free(this->key); - chunk_free(&this->shared_secret); + chunk_clear(&this->shared_secret); free(this); } diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 0050572ee..96aa38bb6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -41,8 +41,6 @@ #include "openssl_x509.h" #include "openssl_crl.h" -static const char *plugin_name = "openssl"; - typedef struct private_openssl_plugin_t private_openssl_plugin_t; /** @@ -195,6 +193,12 @@ static void threading_cleanup() mutex = NULL; } +METHOD(plugin_t, get_name, char*, + private_openssl_plugin_t *this) +{ + return "openssl"; +} + METHOD(plugin_t, destroy, void, private_openssl_plugin_t *this) { @@ -250,6 +254,8 @@ plugin_t *openssl_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -274,85 +280,85 @@ plugin_t *openssl_plugin_create() } /* crypter */ - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_RC5, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_RC5, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_NULL, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_NULL, get_name(this), (crypter_constructor_t)openssl_crypter_create); /* hasher */ - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)openssl_hasher_create); /* prf */ - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this), (prf_constructor_t)openssl_sha1_prf_create); /* (ec) diffie hellman */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); #ifndef OPENSSL_NO_EC - lib->crypto->add_dh(lib->crypto, ECP_256_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_256_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_384_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_384_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_521_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_521_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_224_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_224_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_192_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); #endif /* OPENSSL_NO_EC */ - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); /* rsa */ diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 0b607c386..d1afd94cc 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -455,6 +455,7 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type, return NULL; } +#ifndef OPENSSL_NO_ENGINE /** * Login to engine with a PIN specified for a keyid */ @@ -496,6 +497,7 @@ static bool login(ENGINE *engine, chunk_t keyid) } return success; } +#endif /* OPENSSL_NO_ENGINE */ /** * See header. diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 7c89d0abd..7bc342995 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -243,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,6 +268,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c index 06c20292f..119de86aa 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c @@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv, *dst = chunk_alloc(src.len); padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr, src.len / AES_BLOCK_SIZE, iv_aligned); + + memwipe(key_aligned, sizeof(key_aligned)); } METHOD(crypter_t, decrypt, void, @@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_padlock_aes_crypter_t *this) { - free(this->key.ptr); + chunk_clear(&this->key); free(this); } diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 695823acf..9d4afd8e8 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -23,8 +23,6 @@ #include <library.h> #include <debug.h> -static const char *plugin_name = "padlock"; - typedef struct private_padlock_plugin_t private_padlock_plugin_t; typedef enum padlock_feature_t padlock_feature_t; @@ -103,6 +101,12 @@ static padlock_feature_t get_padlock_features() return 0; } +METHOD(plugin_t, get_name, char*, + private_padlock_plugin_t *this) +{ + return "padlock"; +} + METHOD(plugin_t, destroy, void, private_padlock_plugin_t *this) { @@ -138,6 +142,8 @@ plugin_t *padlock_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -163,21 +169,21 @@ plugin_t *padlock_plugin_create() if (this->features & PADLOCK_RNG_ENABLED) { - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this), (rng_constructor_t)padlock_rng_create); } if (this->features & PADLOCK_ACE2_ENABLED) { - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)padlock_aes_crypter_create); } if (this->features & PADLOCK_PHE_ENABLED) { - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)padlock_sha1_hasher_create); } return &this->public.plugin; diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in index 60740eb35..92c7fa2fe 100644 --- a/src/libstrongswan/plugins/pem/Makefile.in +++ b/src/libstrongswan/plugins/pem/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c index f2415a318..c81605ae5 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.c +++ b/src/libstrongswan/plugins/pem/pem_plugin.c @@ -33,6 +33,12 @@ struct private_pem_plugin_t { pem_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_pem_plugin_t *this) +{ + return "pem"; +} + METHOD(plugin_t, destroy, void, private_pem_plugin_t *this) { @@ -55,6 +61,8 @@ plugin_t *pem_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in index ab14f8ced..6be915f29 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.in +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c index eaf0a1088..52e9d96b1 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.c +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -33,6 +33,12 @@ struct private_pgp_plugin_t { pgp_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_pgp_plugin_t *this) +{ + return "pgp"; +} + METHOD(plugin_t, destroy, void, private_pgp_plugin_t *this) { @@ -59,6 +65,8 @@ plugin_t *pgp_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in index 8ed4a08e9..1ae880c3b 100644 --- a/src/libstrongswan/plugins/pkcs1/Makefile.in +++ b/src/libstrongswan/plugins/pkcs1/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c index 88c848899..a605fabc7 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c @@ -57,7 +57,7 @@ static public_key_t *parse_public_key(chunk_t blob) int oid = asn1_parse_algorithmIdentifier(object, parser->get_level(parser)+1, NULL); - if (oid == OID_RSA_ENCRYPTION) + if (oid == OID_RSA_ENCRYPTION || oid == OID_RSAES_OAEP) { type = KEY_RSA; } diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c index 33732f8a4..e0e24cab2 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c @@ -32,6 +32,12 @@ struct private_pkcs1_plugin_t { pkcs1_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_pkcs1_plugin_t *this) +{ + return "pkcs1"; +} + METHOD(plugin_t, destroy, void, private_pkcs1_plugin_t *this) { @@ -55,6 +61,8 @@ plugin_t *pkcs1_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in index 6c03b0497..1a67f88cc 100644 --- a/src/libstrongswan/plugins/pkcs11/Makefile.in +++ b/src/libstrongswan/plugins/pkcs11/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c index 9308e9c25..431cd6a2c 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c @@ -369,7 +369,7 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb, "libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module); if (!entry->path) { - DBG1(DBG_CFG, "PKCS11 module '%s' misses library path", module); + DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module); free(entry); continue; } diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c index 071d2f782..7b537cfa7 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c @@ -26,8 +26,6 @@ #include "pkcs11_public_key.h" #include "pkcs11_hasher.h" -static const char *plugin_name = "pkcs11"; - typedef struct private_pkcs11_plugin_t private_pkcs11_plugin_t; /** @@ -103,6 +101,12 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11, } } +METHOD(plugin_t, get_name, char*, + private_pkcs11_plugin_t *this) +{ + return "pkcs11"; +} + METHOD(plugin_t, destroy, void, private_pkcs11_plugin_t *this) { @@ -136,6 +140,8 @@ plugin_t *pkcs11_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -148,17 +154,17 @@ plugin_t *pkcs11_plugin_create() if (lib->settings->get_bool(lib->settings, "libstrongswan.plugins.pkcs11.use_hasher", FALSE)) { - lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); } diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h index 6d8a370fb..5c92fd1d8 100644 --- a/src/libstrongswan/plugins/plugin.h +++ b/src/libstrongswan/plugins/plugin.h @@ -21,6 +21,8 @@ #ifndef PLUGIN_H_ #define PLUGIN_H_ +#include <utils.h> + typedef struct plugin_t plugin_t; /** @@ -29,6 +31,20 @@ typedef struct plugin_t plugin_t; struct plugin_t { /** + * Get the name of the plugin. + * + * @return plugin name + */ + char* (*get_name)(plugin_t *this); + + /** + * Try to reload plugin configuration. + * + * @return TRUE if reloaded, FALSE if reloading not supporty by plugin + */ + bool (*reload)(plugin_t *this); + + /** * Destroy a plugin instance. */ void (*destroy)(plugin_t *this); diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index 473db5ccf..b4d7bf7c7 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -43,11 +43,6 @@ struct private_plugin_loader_t { * list of loaded plugins */ linked_list_t *plugins; - - /** - * names of loaded plugins - */ - linked_list_t *names; }; /** @@ -70,8 +65,6 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle, constructor = dlsym(handle, create); if (constructor == NULL) { - DBG2(DBG_LIB, "plugin '%s': failed to load - %s not found", name, - create); return NOT_FOUND; } if (integrity && lib->integrity) @@ -153,12 +146,12 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name) { enumerator_t *enumerator; bool found = FALSE; - char *current; + plugin_t *plugin; - enumerator = this->names->create_enumerator(this->names); - while (enumerator->enumerate(enumerator, ¤t)) + enumerator = this->plugins->create_enumerator(this->plugins); + while (enumerator->enumerate(enumerator, &plugin)) { - if (streq(name, current)) + if (streq(plugin->get_name(plugin), name)) { found = TRUE; break; @@ -168,10 +161,8 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name) return found; } -/** - * Implementation of plugin_loader_t.load_plugins. - */ -static bool load(private_plugin_loader_t *this, char *path, char *list) +METHOD(plugin_loader_t, load_plugins, bool, + private_plugin_loader_t *this, char *path, char *list) { enumerator_t *enumerator; char *token; @@ -205,7 +196,6 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) if (plugin) { this->plugins->insert_last(this->plugins, plugin); - this->names->insert_last(this->names, token); } else { @@ -214,20 +204,17 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) critical_failed = TRUE; DBG1(DBG_LIB, "loading critical plugin '%s' failed", token); } - free(token); } + free(token); } enumerator->destroy(enumerator); return !critical_failed; } -/** - * Implementation of plugin_loader_t.unload - */ -static void unload(private_plugin_loader_t *this) +METHOD(plugin_loader_t, unload, void, + private_plugin_loader_t *this) { plugin_t *plugin; - char *name; /* unload plugins in reverse order */ while (this->plugins->remove_last(this->plugins, @@ -235,27 +222,64 @@ static void unload(private_plugin_loader_t *this) { plugin->destroy(plugin); } - while (this->names->remove_last(this->names, (void**)&name) == SUCCESS) - { - free(name); - } } -/** - * Implementation of plugin_loader_t.create_plugin_enumerator - */ -static enumerator_t* create_plugin_enumerator(private_plugin_loader_t *this) +METHOD(plugin_loader_t, create_plugin_enumerator, enumerator_t*, + private_plugin_loader_t *this) { - return this->names->create_enumerator(this->names); + return this->plugins->create_enumerator(this->plugins); } /** - * Implementation of plugin_loader_t.destroy + * Reload a plugin by name, NULL for all */ -static void destroy(private_plugin_loader_t *this) +static u_int reload_by_name(private_plugin_loader_t *this, char *name) +{ + u_int reloaded = 0; + enumerator_t *enumerator; + plugin_t *plugin; + + enumerator = create_plugin_enumerator(this); + while (enumerator->enumerate(enumerator, &plugin)) + { + if (name == NULL || streq(name, plugin->get_name(plugin))) + { + if (plugin->reload(plugin)) + { + DBG2(DBG_LIB, "reloaded configuration of '%s' plugin", + plugin->get_name(plugin)); + reloaded++; + } + } + } + enumerator->destroy(enumerator); + return reloaded; +} + +METHOD(plugin_loader_t, reload, u_int, + private_plugin_loader_t *this, char *list) +{ + u_int reloaded = 0; + enumerator_t *enumerator; + char *name; + + if (list == NULL) + { + return reload_by_name(this, NULL); + } + enumerator = enumerator_create_token(list, " ", ""); + while (enumerator->enumerate(enumerator, &name)) + { + reloaded += reload_by_name(this, name); + } + enumerator->destroy(enumerator); + return reloaded; +} + +METHOD(plugin_loader_t, destroy, void, + private_plugin_loader_t *this) { this->plugins->destroy_offset(this->plugins, offsetof(plugin_t, destroy)); - this->names->destroy_function(this->names, free); free(this); } @@ -264,15 +288,18 @@ static void destroy(private_plugin_loader_t *this) */ plugin_loader_t *plugin_loader_create() { - private_plugin_loader_t *this = malloc_thing(private_plugin_loader_t); - - this->public.load = (bool(*)(plugin_loader_t*, char *path, char *prefix))load; - this->public.unload = (void(*)(plugin_loader_t*))unload; - this->public.create_plugin_enumerator = (enumerator_t*(*)(plugin_loader_t*))create_plugin_enumerator; - this->public.destroy = (void(*)(plugin_loader_t*))destroy; + private_plugin_loader_t *this; - this->plugins = linked_list_create(); - this->names = linked_list_create(); + INIT(this, + .public = { + .load = _load_plugins, + .reload = _reload, + .unload = _unload, + .create_plugin_enumerator = _create_plugin_enumerator, + .destroy = _destroy, + }, + .plugins = linked_list_create(), + ); return &this->public; } diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h index f72c91c60..e03da4543 100644 --- a/src/libstrongswan/plugins/plugin_loader.h +++ b/src/libstrongswan/plugins/plugin_loader.h @@ -44,14 +44,22 @@ struct plugin_loader_t { bool (*load)(plugin_loader_t *this, char *path, char *list); /** + * Reload the configuration of one or multiple plugins. + * + * @param space separated plugin names to reload, NULL for all + * @return number of plugins that did support reloading + */ + u_int (*reload)(plugin_loader_t *this, char *list); + + /** * Unload all loaded plugins. */ void (*unload)(plugin_loader_t *this); /** - * Create an enumerator over all loaded plugin names. + * Create an enumerator over all loaded plugins. * - * @return enumerator over char* + * @return enumerator over plugin_t* */ enumerator_t* (*create_plugin_enumerator)(plugin_loader_t *this); diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index 46349f9ba..97fba22fc 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index cc12217a4..ae6607e5a 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -31,6 +31,12 @@ struct private_pubkey_plugin_t { pubkey_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_pubkey_plugin_t *this) +{ + return "pubkey"; +} + METHOD(plugin_t, destroy, void, private_pubkey_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *pubkey_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index 21f8aff11..761d2c96e 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index cc5cb0a3c..00202a5a6 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "random_rng.h" -static const char *plugin_name = "random"; - typedef struct private_random_plugin_t private_random_plugin_t; /** @@ -33,6 +31,12 @@ struct private_random_plugin_t { random_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_random_plugin_t *this) +{ + return "random"; +} + METHOD(plugin_t, destroy, void, private_random_plugin_t *this) { @@ -51,14 +55,16 @@ plugin_t *random_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)random_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)random_rng_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in index 4ed4b9694..e8856b7d7 100644 --- a/src/libstrongswan/plugins/revocation/Makefile.in +++ b/src/libstrongswan/plugins/revocation/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/revocation/revocation_plugin.c b/src/libstrongswan/plugins/revocation/revocation_plugin.c index 02393b907..fa04fb2a2 100644 --- a/src/libstrongswan/plugins/revocation/revocation_plugin.c +++ b/src/libstrongswan/plugins/revocation/revocation_plugin.c @@ -36,6 +36,12 @@ struct private_revocation_plugin_t { revocation_validator_t *validator; }; +METHOD(plugin_t, get_name, char*, + private_revocation_plugin_t *this) +{ + return "revocation"; +} + METHOD(plugin_t, destroy, void, private_revocation_plugin_t *this) { @@ -54,6 +60,8 @@ plugin_t *revocation_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index 3d96f4339..b4b275648 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c index dda2cbc1a..a9b84e790 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.c +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c @@ -19,8 +19,6 @@ #include "sha1_hasher.h" #include "sha1_prf.h" -static const char *plugin_name = "sha1"; - typedef struct private_sha1_plugin_t private_sha1_plugin_t; /** @@ -34,6 +32,12 @@ struct private_sha1_plugin_t { sha1_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_sha1_plugin_t *this) +{ + return "sha1"; +} + METHOD(plugin_t, destroy, void, private_sha1_plugin_t *this) { @@ -54,14 +58,16 @@ plugin_t *sha1_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)sha1_hasher_create); - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this), (prf_constructor_t)sha1_prf_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index fcbfa0c44..bdc235555 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -240,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -263,6 +265,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c index a5937dbb2..4ec03a268 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.c +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c @@ -18,8 +18,6 @@ #include <library.h> #include "sha2_hasher.h" -static const char *plugin_name = "sha2"; - typedef struct private_sha2_plugin_t private_sha2_plugin_t; /** @@ -33,6 +31,12 @@ struct private_sha2_plugin_t { sha2_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_sha2_plugin_t *this) +{ + return "sha2"; +} + METHOD(plugin_t, destroy, void, private_sha2_plugin_t *this) { @@ -51,18 +55,20 @@ plugin_t *sha2_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)sha2_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in index 35d175f95..ec370d38c 100644 --- a/src/libstrongswan/plugins/soup/Makefile.in +++ b/src/libstrongswan/plugins/soup/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/soup/soup_fetcher.c b/src/libstrongswan/plugins/soup/soup_fetcher.c index fd97631bd..3e5786b12 100644 --- a/src/libstrongswan/plugins/soup/soup_fetcher.c +++ b/src/libstrongswan/plugins/soup/soup_fetcher.c @@ -58,44 +58,77 @@ struct private_soup_fetcher_t { * HTTP request version */ SoupHTTPVersion version; + + /** + * Fetcher callback function + */ + fetcher_callback_t cb; }; +/** + * Data to pass to soup callback + */ +typedef struct { + fetcher_callback_t cb; + void *user; + SoupSession *session; +} cb_data_t; + +/** + * Soup callback invoking our callback + */ +static void soup_cb(SoupMessage *message, SoupBuffer *chunk, cb_data_t *data) +{ + if (!data->cb(data->user, chunk_create((u_char*)chunk->data, chunk->length))) + { + soup_session_cancel_message(data->session, message, + SOUP_STATUS_CANCELLED); + } +} + METHOD(fetcher_t, fetch, status_t, - private_soup_fetcher_t *this, char *uri, chunk_t *result) + private_soup_fetcher_t *this, char *uri, void *userdata) { - SoupSession *session; SoupMessage *message; status_t status = FAILED; + cb_data_t data = { + .cb = this->cb, + .user = userdata, + }; message = soup_message_new(this->method, uri); if (!message) { return NOT_SUPPORTED; } + if (this->cb == fetcher_default_callback) + { + *(chunk_t*)userdata = chunk_empty; + } if (this->type) { soup_message_set_request(message, this->type, SOUP_MEMORY_STATIC, this->data.ptr, this->data.len); } soup_message_set_http_version(message, this->version); - session = soup_session_sync_new(); - g_object_set(G_OBJECT(session), + soup_message_body_set_accumulate(message->response_body, FALSE); + g_signal_connect(message, "got-chunk", G_CALLBACK(soup_cb), &data); + data.session = soup_session_sync_new(); + g_object_set(G_OBJECT(data.session), SOUP_SESSION_TIMEOUT, (guint)this->timeout, NULL); DBG2(DBG_LIB, "sending http request to '%s'...", uri); - soup_session_send_message(session, message); + soup_session_send_message(data.session, message); if (SOUP_STATUS_IS_SUCCESSFUL(message->status_code)) { - *result = chunk_clone(chunk_create((u_char*)message->response_body->data, - message->response_body->length)); status = SUCCESS; } else { - DBG1(DBG_LIB, "HTTP request failed, code %d", message->status_code); + DBG1(DBG_LIB, "HTTP request failed: %s", message->reason_phrase); } g_object_unref(G_OBJECT(message)); - g_object_unref(G_OBJECT(session)); + g_object_unref(G_OBJECT(data.session)); return status; } @@ -121,6 +154,9 @@ METHOD(fetcher_t, set_option, bool, case FETCH_TIMEOUT: this->timeout = va_arg(args, u_int); break; + case FETCH_CALLBACK: + this->cb = va_arg(args, fetcher_callback_t); + break; default: supported = FALSE; break; @@ -153,6 +189,7 @@ soup_fetcher_t *soup_fetcher_create() .method = SOUP_METHOD_GET, .version = SOUP_HTTP_1_1, .timeout = DEFAULT_TIMEOUT, + .cb = fetcher_default_callback, ); return &this->public; diff --git a/src/libstrongswan/plugins/soup/soup_plugin.c b/src/libstrongswan/plugins/soup/soup_plugin.c index 970e32472..22c8762e0 100644 --- a/src/libstrongswan/plugins/soup/soup_plugin.c +++ b/src/libstrongswan/plugins/soup/soup_plugin.c @@ -34,6 +34,12 @@ struct private_soup_plugin_t { soup_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_soup_plugin_t *this) +{ + return "soup"; +} + METHOD(plugin_t, destroy, void, private_soup_plugin_t *this) { @@ -58,6 +64,8 @@ plugin_t *soup_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index ae015d1a8..e2ec799a9 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -243,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,6 +268,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c index e0b8e6ce1..d8c6a560c 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c @@ -31,6 +31,12 @@ struct private_sqlite_plugin_t { sqlite_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_sqlite_plugin_t *this) +{ + return "sqlite"; +} + METHOD(plugin_t, destroy, void, private_sqlite_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *sqlite_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in index 9dccb05e3..70cdfd600 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.in +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -248,6 +248,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -271,6 +273,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c index 80b5f1010..b4bf1fe6a 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c @@ -25,7 +25,6 @@ crypter_test_vector_t des_ecb1 = { .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, .key = "\x00\x01\x02\x03\x04\x05\x06\x07", - .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", .plain = "\x41\xAD\x06\x85\x48\x80\x9D\x02", .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" }; @@ -36,7 +35,6 @@ crypter_test_vector_t des_ecb1 = { crypter_test_vector_t des_ecb2 = { .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", - .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", .plain = "\xB1\x0F\x84\x30\x97\xA0\xF9\x32", .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" }; diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c index 176bc438d..4a8743289 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c @@ -104,6 +104,12 @@ struct private_test_vectors_plugin_t { test_vectors_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_test_vectors_plugin_t *this) +{ + return "test-vectors"; +} + METHOD(plugin_t, destroy, void, private_test_vectors_plugin_t *this) { @@ -121,6 +127,8 @@ plugin_t *test_vectors_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 57deab98e..58cdf2c7c 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -242,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,6 +267,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 526dbe8c6..8b228a2b6 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -937,15 +937,15 @@ static const asn1Object_t certificatePoliciesObject[] = { { 0, "certificatePolicies", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */ { 1, "policyInformation", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */ { 2, "policyId", ASN1_OID, ASN1_BODY }, /* 2 */ - { 2, "qualifier", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 3 */ + { 2, "qualifiers", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 3 */ { 3, "qualifierInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 4 */ { 4, "qualifierId", ASN1_OID, ASN1_BODY }, /* 5 */ { 4, "cPSuri", ASN1_IA5STRING, ASN1_OPT|ASN1_BODY }, /* 6 */ { 4, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ - { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */ + { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 8 */ { 5, "explicitText", ASN1_EOC, ASN1_RAW }, /* 9 */ { 4, "end choice", ASN1_EOC, ASN1_END }, /* 10 */ - { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */ + { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; @@ -1117,7 +1117,7 @@ static const asn1Object_t ipAddrBlocksObjects[] = { { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */ { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */ { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */ - { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */ + { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 829f47f81..4cbe3f718 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -453,7 +453,7 @@ static const asn1Object_t basicResponseObjects[] = { { 5, "critical", ASN1_BOOLEAN, ASN1_BODY | ASN1_DEF }, /* 16 */ { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */ - { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */ + { 3, "end loop", ASN1_EOC, ASN1_END }, /* 18 */ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */ { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */ { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */ diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index d40cc3567..bfeb74b0e 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -36,6 +36,12 @@ struct private_x509_plugin_t { x509_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_x509_plugin_t *this) +{ + return "x509"; +} + METHOD(plugin_t, destroy, void, private_x509_plugin_t *this) { @@ -72,6 +78,8 @@ plugin_t *x509_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index 06d7a2121..35f868de4 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index be18d92b8..8ddde962c 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -236,13 +236,17 @@ METHOD(xcbc_t, set_key, void, memset(k1.ptr, 0x01, this->b); this->k1->encrypt(this->k1, k1, iv, NULL); this->k1->set_key(this->k1, k1); + + memwipe(k1.ptr, k1.len); } METHOD(xcbc_t, destroy, void, private_xcbc_t *this) { this->k1->destroy(this->k1); + memwipe(this->k2, this->b); free(this->k2); + memwipe(this->k3, this->b); free(this->k3); free(this->e); free(this->remaining); diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c index 65e88335c..0fcb093c8 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c @@ -19,8 +19,6 @@ #include "xcbc_signer.h" #include "xcbc_prf.h" -static const char *plugin_name = "xcbc"; - typedef struct private_xcbc_plugin_t private_xcbc_plugin_t; /** @@ -34,6 +32,12 @@ struct private_xcbc_plugin_t { xcbc_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_xcbc_plugin_t *this) +{ + return "xcbc"; +} + METHOD(plugin_t, destroy, void, private_xcbc_plugin_t *this) { @@ -55,6 +59,8 @@ plugin_t *xcbc_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -64,18 +70,18 @@ plugin_t *xcbc_plugin_create() if (crypter) { crypter->destroy(crypter); - lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, get_name(this), (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, get_name(this), (signer_constructor_t)xcbc_signer_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, get_name(this), (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, get_name(this), (signer_constructor_t)xcbc_signer_create); } return &this->public.plugin; |