diff options
Diffstat (limited to 'src/libstrongswan/plugins')
113 files changed, 758 insertions, 2422 deletions
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index 6e4aeb9d6..c93f84ca7 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c index f13e33492..2a1fed944 100644 --- a/src/libstrongswan/plugins/aes/aes_crypter.c +++ b/src/libstrongswan/plugins/aes/aes_crypter.c @@ -1518,6 +1518,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_aes_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c index b859d3167..d17355d1d 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.c +++ b/src/libstrongswan/plugins/aes/aes_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "aes_crypter.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "aes"; - ->>>>>>> upstream/4.5.1 typedef struct private_aes_plugin_t private_aes_plugin_t; /** @@ -36,6 +31,12 @@ struct private_aes_plugin_t { aes_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_aes_plugin_t *this) +{ + return "aes"; +} + METHOD(plugin_t, destroy, void, private_aes_plugin_t *this) { @@ -54,16 +55,14 @@ plugin_t *aes_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, -======= - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)aes_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in index aa8df979e..00b54b026 100644 --- a/src/libstrongswan/plugins/af_alg/Makefile.in +++ b/src/libstrongswan/plugins/af_alg/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c index 3416ad8d2..7b3c062aa 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.c @@ -63,6 +63,7 @@ static struct { size_t iv_size; } algs[] = { {ENCR_DES, "cbc(des)", 8, 8, 8, 8, }, + {ENCR_DES_ECB, "ecb(des)", 8, 8, 8, 0, }, {ENCR_3DES, "cbc(des3_ede)", 8, 24, 24, 8, }, {ENCR_AES_CBC, "cbc(aes)", 16, 16, 16, 16, }, {ENCR_AES_CBC, "cbc(aes)", 16, 24, 24, 16, }, @@ -91,7 +92,7 @@ static struct { /** * See header. */ -void af_alg_crypter_probe() +void af_alg_crypter_probe(char *plugin) { encryption_algorithm_t prev = -1; af_alg_ops_t *ops; @@ -105,7 +106,7 @@ void af_alg_crypter_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_crypter(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_crypter(lib->crypto, algs[i].id, plugin, (crypter_constructor_t)af_alg_crypter_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h index 711d2fc35..ed7799cc8 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_crypter.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_crypter.h @@ -48,7 +48,9 @@ af_alg_crypter_t *af_alg_crypter_create(encryption_algorithm_t algo, /** * Probe algorithms and register af_alg_crypter_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_crypter_probe(); +void af_alg_crypter_probe(char *plugin); #endif /** AF_ALG_CRYPTER_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c index 7c6297d44..11074c4bd 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.c @@ -59,7 +59,7 @@ static struct { /** * See header. */ -void af_alg_hasher_probe() +void af_alg_hasher_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -70,7 +70,7 @@ void af_alg_hasher_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_hasher(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_hasher(lib->crypto, algs[i].id, plugin, (hasher_constructor_t)af_alg_hasher_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h index e0833e23a..f44ba2938 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_hasher.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_hasher.h @@ -46,7 +46,9 @@ af_alg_hasher_t *af_alg_hasher_create(hash_algorithm_t algo); /** * Probe algorithms and register af_alg_hasher_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_hasher_probe(); +void af_alg_hasher_probe(char *plugin); #endif /** af_alg_HASHER_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.c b/src/libstrongswan/plugins/af_alg/af_alg_ops.c index 7bf1d90db..82a227d97 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.c @@ -21,8 +21,6 @@ #include <debug.h> -const char *af_alg_plugin_name = "af-alg"; - typedef struct private_af_alg_ops_t private_af_alg_ops_t; /** diff --git a/src/libstrongswan/plugins/af_alg/af_alg_ops.h b/src/libstrongswan/plugins/af_alg/af_alg_ops.h index b7d642c00..ad164029f 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_ops.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_ops.h @@ -33,8 +33,6 @@ #define SOL_ALG 279 #endif /* SOL_ALG */ -extern const char *af_alg_plugin_name; - typedef struct af_alg_ops_t af_alg_ops_t; /** diff --git a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c index 54e39f1a0..280ea4e98 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_plugin.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_plugin.c @@ -35,6 +35,12 @@ struct private_af_alg_plugin_t { af_alg_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_af_alg_plugin_t *this) +{ + return "af-alg"; +} + METHOD(plugin_t, destroy, void, private_af_alg_plugin_t *this) { @@ -60,15 +66,17 @@ plugin_t *af_alg_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - af_alg_hasher_probe(); - af_alg_signer_probe(); - af_alg_prf_probe(); - af_alg_crypter_probe(); + af_alg_hasher_probe(get_name(this)); + af_alg_signer_probe(get_name(this)); + af_alg_prf_probe(get_name(this)); + af_alg_crypter_probe(get_name(this)); return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.c b/src/libstrongswan/plugins/af_alg/af_alg_prf.c index 575906bae..1c1174abb 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_prf.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.c @@ -70,7 +70,7 @@ static struct { /** * See header. */ -void af_alg_prf_probe() +void af_alg_prf_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -81,7 +81,7 @@ void af_alg_prf_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_prf(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_prf(lib->crypto, algs[i].id, plugin, (prf_constructor_t)af_alg_prf_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_prf.h b/src/libstrongswan/plugins/af_alg/af_alg_prf.h index a3dea5649..d3275e7be 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_prf.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_prf.h @@ -46,7 +46,9 @@ af_alg_prf_t *af_alg_prf_create(pseudo_random_function_t algo); /** * Probe algorithms and register af_alg_prf_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_prf_probe(); +void af_alg_prf_probe(char *plugin); #endif /** AF_ALG_PRF_H_ @}*/ diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.c b/src/libstrongswan/plugins/af_alg/af_alg_signer.c index 3d6f907bf..34534a06b 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_signer.c +++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.c @@ -71,7 +71,7 @@ static struct { /** * See header. */ -void af_alg_signer_probe() +void af_alg_signer_probe(char *plugin) { af_alg_ops_t *ops; int i; @@ -82,7 +82,7 @@ void af_alg_signer_probe() if (ops) { ops->destroy(ops); - lib->crypto->add_signer(lib->crypto, algs[i].id, af_alg_plugin_name, + lib->crypto->add_signer(lib->crypto, algs[i].id, plugin, (signer_constructor_t)af_alg_signer_create); } } diff --git a/src/libstrongswan/plugins/af_alg/af_alg_signer.h b/src/libstrongswan/plugins/af_alg/af_alg_signer.h index b1d90707f..21487a118 100644 --- a/src/libstrongswan/plugins/af_alg/af_alg_signer.h +++ b/src/libstrongswan/plugins/af_alg/af_alg_signer.h @@ -46,7 +46,9 @@ af_alg_signer_t *af_alg_signer_create(integrity_algorithm_t algo); /** * Probe algorithms and register af_alg_signer_create(). + * + * @param plugin plugin name to register algorithms for */ -void af_alg_signer_probe(); +void af_alg_signer_probe(char *plugin); #endif /** AF_ALG_SIGNER_H_ @}*/ diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index fa255ad23..ce333660d 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c index bd3c1ac75..79c13b7c1 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.c +++ b/src/libstrongswan/plugins/agent/agent_plugin.c @@ -31,6 +31,12 @@ struct private_agent_plugin_t { agent_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_agent_plugin_t *this) +{ + return "agent"; +} + METHOD(plugin_t, destroy, void, private_agent_plugin_t *this) { @@ -49,6 +55,8 @@ plugin_t *agent_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in index 14f25d015..be8ba72ee 100644 --- a/src/libstrongswan/plugins/blowfish/Makefile.in +++ b/src/libstrongswan/plugins/blowfish/Makefile.in @@ -223,13 +223,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -268,14 +264,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c index 784c07eaf..fc3649b36 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c @@ -160,6 +160,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_blowfish_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c index 03f46a63a..9dc8dfe7f 100644 --- a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c @@ -19,11 +19,6 @@ #include <library.h> #include "blowfish_crypter.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "blowfish"; - ->>>>>>> upstream/4.5.1 typedef struct private_blowfish_plugin_t private_blowfish_plugin_t; /** @@ -37,6 +32,12 @@ struct private_blowfish_plugin_t { blowfish_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_blowfish_plugin_t *this) +{ + return "blowfish"; +} + METHOD(plugin_t, destroy, void, private_blowfish_plugin_t *this) { @@ -55,16 +56,14 @@ plugin_t *blowfish_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, -======= - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)blowfish_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in index 504d1938a..b2bc4a51f 100644 --- a/src/libstrongswan/plugins/ccm/Makefile.in +++ b/src/libstrongswan/plugins/ccm/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ccm/ccm_plugin.c b/src/libstrongswan/plugins/ccm/ccm_plugin.c index 15c548e64..2865c2ae4 100644 --- a/src/libstrongswan/plugins/ccm/ccm_plugin.c +++ b/src/libstrongswan/plugins/ccm/ccm_plugin.c @@ -19,11 +19,6 @@ #include "ccm_aead.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "ccm"; - ->>>>>>> upstream/4.5.1 typedef struct private_ccm_plugin_t private_ccm_plugin_t; /** @@ -37,6 +32,12 @@ struct private_ccm_plugin_t { ccm_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_ccm_plugin_t *this) +{ + return "ccm"; +} + METHOD(plugin_t, destroy, void, private_ccm_plugin_t *this) { @@ -52,52 +53,40 @@ METHOD(plugin_t, destroy, void, plugin_t *ccm_plugin_create() { private_ccm_plugin_t *this; -<<<<<<< HEAD -======= crypter_t *crypter; ->>>>>>> upstream/4.5.1 INIT(this, - .public.plugin.destroy = _destroy, + .public = { + .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, + .destroy = _destroy, + }, + }, ); -<<<<<<< HEAD - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, - (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, - (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, - (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, - (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, - (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, - (aead_constructor_t)ccm_aead_create); -======= crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV8, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV12, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_CCM_ICV16, get_name(this), (aead_constructor_t)ccm_aead_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV8, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV12, get_name(this), (aead_constructor_t)ccm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_CAMELLIA_CCM_ICV16, get_name(this), (aead_constructor_t)ccm_aead_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in index 382bfef98..8be502a9c 100644 --- a/src/libstrongswan/plugins/constraints/Makefile.in +++ b/src/libstrongswan/plugins/constraints/Makefile.in @@ -244,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,6 +269,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/constraints/constraints_plugin.c b/src/libstrongswan/plugins/constraints/constraints_plugin.c index 1c3f0c835..502c83559 100644 --- a/src/libstrongswan/plugins/constraints/constraints_plugin.c +++ b/src/libstrongswan/plugins/constraints/constraints_plugin.c @@ -36,6 +36,12 @@ struct private_constraints_plugin_t { constraints_validator_t *validator; }; +METHOD(plugin_t, get_name, char*, + private_constraints_plugin_t *this) +{ + return "constraints"; +} + METHOD(plugin_t, destroy, void, private_constraints_plugin_t *this) { @@ -54,6 +60,8 @@ plugin_t *constraints_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in index ecee15d56..0db640829 100644 --- a/src/libstrongswan/plugins/ctr/Makefile.in +++ b/src/libstrongswan/plugins/ctr/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ctr/ctr_plugin.c b/src/libstrongswan/plugins/ctr/ctr_plugin.c index dc6cba562..6850cacf0 100644 --- a/src/libstrongswan/plugins/ctr/ctr_plugin.c +++ b/src/libstrongswan/plugins/ctr/ctr_plugin.c @@ -19,11 +19,6 @@ #include "ctr_ipsec_crypter.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "ctr"; - ->>>>>>> upstream/4.5.1 typedef struct private_ctr_plugin_t private_ctr_plugin_t; /** @@ -37,6 +32,12 @@ struct private_ctr_plugin_t { ctr_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_ctr_plugin_t *this) +{ + return "ctr"; +} + METHOD(plugin_t, destroy, void, private_ctr_plugin_t *this) { @@ -52,40 +53,31 @@ METHOD(plugin_t, destroy, void, plugin_t *ctr_plugin_create() { private_ctr_plugin_t *this; -<<<<<<< HEAD -======= crypter_t *crypter; ->>>>>>> upstream/4.5.1 INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, - (crypter_constructor_t)ctr_ipsec_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, - (crypter_constructor_t)ctr_ipsec_crypter_create); - -======= crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this), (crypter_constructor_t)ctr_ipsec_crypter_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this), (crypter_constructor_t)ctr_ipsec_crypter_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index f2192399c..cdfb2b801 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index e58188098..7f8c0aec2 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -43,31 +43,49 @@ struct private_curl_fetcher_t { * Optional HTTP headers */ struct curl_slist *headers; + + /** + * Callback function + */ + fetcher_callback_t cb; }; /** - * writes data into a dynamically resizeable chunk_t + * Data to pass to curl callback + */ +typedef struct { + fetcher_callback_t cb; + void *user; +} cb_data_t; + +/** + * Curl callback function, invokes fetcher_callback_t function */ -static size_t append(void *ptr, size_t size, size_t nmemb, chunk_t *data) +static size_t curl_cb(void *ptr, size_t size, size_t nmemb, cb_data_t *data) { size_t realsize = size * nmemb; - data->ptr = (u_char*)realloc(data->ptr, data->len + realsize); - if (data->ptr) + if (data->cb(data->user, chunk_create(ptr, realsize))) { - memcpy(&data->ptr[data->len], ptr, realsize); - data->len += realsize; + return realsize; } - return realsize; + return 0; } METHOD(fetcher_t, fetch, status_t, - private_curl_fetcher_t *this, char *uri, chunk_t *result) + private_curl_fetcher_t *this, char *uri, void *userdata) { char error[CURL_ERROR_SIZE]; status_t status; + cb_data_t data = { + .cb = this->cb, + .user = userdata, + }; - *result = chunk_empty; + if (this->cb == fetcher_default_callback) + { + *(chunk_t*)userdata = chunk_empty; + } if (curl_easy_setopt(this->curl, CURLOPT_URL, uri) != CURLE_OK) { /* URL type not supported by curl */ @@ -77,8 +95,8 @@ METHOD(fetcher_t, fetch, status_t, curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE); curl_easy_setopt(this->curl, CURLOPT_NOSIGNAL, TRUE); curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, DEFAULT_TIMEOUT); - curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)append); - curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void*)result); + curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)curl_cb); + curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, &data); if (this->headers) { curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); @@ -104,10 +122,7 @@ METHOD(fetcher_t, fetch, status_t, METHOD(fetcher_t, set_option, bool, private_curl_fetcher_t *this, fetcher_option_t option, ...) { -<<<<<<< HEAD -======= bool supported = TRUE; ->>>>>>> upstream/4.5.1 va_list args; va_start(args, option); @@ -119,11 +134,7 @@ METHOD(fetcher_t, set_option, bool, curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, (char*)data.ptr); curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, data.len); -<<<<<<< HEAD - return TRUE; -======= break; ->>>>>>> upstream/4.5.1 } case FETCH_REQUEST_TYPE: { @@ -132,44 +143,30 @@ METHOD(fetcher_t, set_option, bool, snprintf(header, BUF_LEN, "Content-Type: %s", request_type); this->headers = curl_slist_append(this->headers, header); -<<<<<<< HEAD - return TRUE; -======= break; ->>>>>>> upstream/4.5.1 } case FETCH_REQUEST_HEADER: { char *header = va_arg(args, char*); this->headers = curl_slist_append(this->headers, header); -<<<<<<< HEAD - return TRUE; -======= break; ->>>>>>> upstream/4.5.1 } case FETCH_HTTP_VERSION_1_0: { curl_easy_setopt(this->curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); -<<<<<<< HEAD - return TRUE; -======= break; ->>>>>>> upstream/4.5.1 } case FETCH_TIMEOUT: { curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, va_arg(args, u_int)); -<<<<<<< HEAD - return TRUE; + break; } - default: - return FALSE; - } -======= + case FETCH_CALLBACK: + { + this->cb = va_arg(args, fetcher_callback_t); break; } default: @@ -178,7 +175,6 @@ METHOD(fetcher_t, set_option, bool, } va_end(args); return supported; ->>>>>>> upstream/4.5.1 } METHOD(fetcher_t, destroy, void, @@ -205,6 +201,7 @@ curl_fetcher_t *curl_fetcher_create() }, }, .curl = curl_easy_init(), + .cb = fetcher_default_callback, ); if (!this->curl) diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index 41026f407..d0e532055 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -34,15 +34,14 @@ struct private_curl_plugin_t { curl_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of curl_plugin_t.curltroy - */ -static void destroy(private_curl_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_curl_plugin_t *this) +{ + return "curl"; +} + METHOD(plugin_t, destroy, void, private_curl_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->fetcher->remove_fetcher(lib->fetcher, (fetcher_constructor_t)curl_fetcher_create); @@ -56,21 +55,17 @@ METHOD(plugin_t, destroy, void, plugin_t *curl_plugin_create() { CURLcode res; -<<<<<<< HEAD - private_curl_plugin_t *this = malloc_thing(private_curl_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_curl_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 res = curl_global_init(CURL_GLOBAL_NOTHING); if (res == CURLE_OK) diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index 9f49f45f4..d24ac40f8 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index 7d9fbe852..695e7e4c4 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -1552,6 +1552,7 @@ METHOD(crypter_t, set_key3, void, METHOD(crypter_t, destroy, void, private_des_crypter_t *this) { + memwipe(this, sizeof(*this)); free(this); } diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index 14c5420ea..78b73347d 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "des_crypter.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "des"; - ->>>>>>> upstream/4.5.1 typedef struct private_des_plugin_t private_des_plugin_t; /** @@ -36,6 +31,12 @@ struct private_des_plugin_t { des_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_des_plugin_t *this) +{ + return "des"; +} + METHOD(plugin_t, destroy, void, private_des_plugin_t *this) { @@ -54,24 +55,18 @@ plugin_t *des_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, - (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, - (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, -======= - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)des_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)des_crypter_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in index 262d64565..62c52498c 100644 --- a/src/libstrongswan/plugins/dnskey/Makefile.in +++ b/src/libstrongswan/plugins/dnskey/Makefile.in @@ -222,13 +222,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,14 +263,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c index 75743ae2e..4e08746f8 100644 --- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c +++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c @@ -31,15 +31,14 @@ struct private_dnskey_plugin_t { dnskey_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of dnskey_plugin_t.dnskeytroy - */ -static void destroy(private_dnskey_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_dnskey_plugin_t *this) +{ + return "dnskey"; +} + METHOD(plugin_t, destroy, void, private_dnskey_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)dnskey_public_key_load); @@ -51,22 +50,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *dnskey_plugin_create() { -<<<<<<< HEAD - private_dnskey_plugin_t *this = malloc_thing(private_dnskey_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - -======= private_dnskey_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE, (builder_function_t)dnskey_public_key_load); lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, FALSE, diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index 6bd31f0e1..e88a102b8 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -222,13 +222,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,14 +263,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index 27a3b9cc6..ee71f6efd 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -106,12 +106,8 @@ static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[]) * 0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78, * 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16 */ -<<<<<<< HEAD -static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) -======= METHOD(prf_t, get_bytes, void, private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) ->>>>>>> upstream/4.5.1 { int i; u_int8_t xval[this->b]; @@ -144,19 +140,6 @@ METHOD(prf_t, get_bytes, void, /* 3.3 done already, mod q not used */ } -<<<<<<< HEAD -/** - * Implementation of prf_t.get_block_size. - */ -static size_t get_block_size(private_fips_prf_t *this) -{ - return 2 * this->b; -} -/** - * Implementation of prf_t.allocate_bytes. - */ -static void allocate_bytes(private_fips_prf_t *this, chunk_t seed, chunk_t *chunk) -======= METHOD(prf_t, get_block_size, size_t, private_fips_prf_t *this) { @@ -164,34 +147,19 @@ METHOD(prf_t, get_block_size, size_t, } METHOD(prf_t, allocate_bytes, void, private_fips_prf_t *this, chunk_t seed, chunk_t *chunk) ->>>>>>> upstream/4.5.1 { *chunk = chunk_alloc(get_block_size(this)); get_bytes(this, seed, chunk->ptr); } -<<<<<<< HEAD -/** - * Implementation of prf_t.get_key_size. - */ -static size_t get_key_size(private_fips_prf_t *this) -======= METHOD(prf_t, get_key_size, size_t, private_fips_prf_t *this) ->>>>>>> upstream/4.5.1 { return this->b; } -<<<<<<< HEAD -/** - * Implementation of prf_t.set_key. - */ -static void set_key(private_fips_prf_t *this, chunk_t key) -======= METHOD(prf_t, set_key, void, private_fips_prf_t *this, chunk_t key) ->>>>>>> upstream/4.5.1 { /* save key as "key mod 2^b" */ chunk_mod(this->b, key, this->key); @@ -223,15 +191,8 @@ void g_sha1(private_fips_prf_t *this, chunk_t c, u_int8_t res[]) this->keyed_prf->get_bytes(this->keyed_prf, c, res); } -<<<<<<< HEAD -/** - * Implementation of prf_t.destroy. - */ -static void destroy(private_fips_prf_t *this) -======= METHOD(prf_t, destroy, void, private_fips_prf_t *this) ->>>>>>> upstream/4.5.1 { this->keyed_prf->destroy(this->keyed_prf); free(this->key); @@ -243,16 +204,6 @@ METHOD(prf_t, destroy, void, */ fips_prf_t *fips_prf_create(pseudo_random_function_t algo) { -<<<<<<< HEAD - private_fips_prf_t *this = malloc_thing(private_fips_prf_t); - - this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes; - this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes; - this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size; - this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size; - this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key; - this->public.prf_interface.destroy = (void (*) (prf_t *))destroy; -======= private_fips_prf_t *this; INIT(this, @@ -267,7 +218,6 @@ fips_prf_t *fips_prf_create(pseudo_random_function_t algo) }, }, ); ->>>>>>> upstream/4.5.1 switch (algo) { diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index 202d6653a..7038da146 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "fips_prf.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "fips-prf"; - ->>>>>>> upstream/4.5.1 typedef struct private_fips_prf_plugin_t private_fips_prf_plugin_t; /** @@ -36,15 +31,14 @@ struct private_fips_prf_plugin_t { fips_prf_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of fips_prf_plugin_t.destroy - */ -static void destroy(private_fips_prf_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_fips_prf_plugin_t *this) +{ + return "fips-prf"; +} + METHOD(plugin_t, destroy, void, private_fips_prf_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_prf(lib->crypto, (prf_constructor_t)fips_prf_create); @@ -56,20 +50,14 @@ METHOD(plugin_t, destroy, void, */ plugin_t *fips_prf_plugin_create() { -<<<<<<< HEAD - private_fips_prf_plugin_t *this = malloc_thing(private_fips_prf_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, - (prf_constructor_t)fips_prf_create); -======= private_fips_prf_plugin_t *this; prf_t *prf; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -79,10 +67,9 @@ plugin_t *fips_prf_plugin_create() if (prf) { prf->destroy(prf); - lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, get_name(this), (prf_constructor_t)fips_prf_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in index 7f5a59abd..202849eb6 100644 --- a/src/libstrongswan/plugins/gcm/Makefile.in +++ b/src/libstrongswan/plugins/gcm/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gcm/gcm_plugin.c b/src/libstrongswan/plugins/gcm/gcm_plugin.c index 984026778..4b46f0ee4 100644 --- a/src/libstrongswan/plugins/gcm/gcm_plugin.c +++ b/src/libstrongswan/plugins/gcm/gcm_plugin.c @@ -19,11 +19,6 @@ #include "gcm_aead.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "gcm"; - ->>>>>>> upstream/4.5.1 typedef struct private_gcm_plugin_t private_gcm_plugin_t; /** @@ -37,6 +32,12 @@ struct private_gcm_plugin_t { gcm_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_gcm_plugin_t *this) +{ + return "gcm"; +} + METHOD(plugin_t, destroy, void, private_gcm_plugin_t *this) { @@ -52,35 +53,29 @@ METHOD(plugin_t, destroy, void, plugin_t *gcm_plugin_create() { private_gcm_plugin_t *this; -<<<<<<< HEAD -======= crypter_t *crypter; ->>>>>>> upstream/4.5.1 INIT(this, - .public.plugin.destroy = _destroy, + .public = { + .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, + .destroy = _destroy, + }, + }, ); -<<<<<<< HEAD - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, - (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, - (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, - (aead_constructor_t)gcm_aead_create); -======= crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 0); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV8, get_name(this), (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV12, get_name(this), (aead_constructor_t)gcm_aead_create); - lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, plugin_name, + lib->crypto->add_aead(lib->crypto, ENCR_AES_GCM_ICV16, get_name(this), (aead_constructor_t)gcm_aead_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in index bb4e29b3b..bedb918b9 100644 --- a/src/libstrongswan/plugins/gcrypt/Makefile.in +++ b/src/libstrongswan/plugins/gcrypt/Makefile.in @@ -223,13 +223,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -268,14 +264,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index c709d497f..e26277b0b 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -29,11 +29,6 @@ #include <errno.h> #include <gcrypt.h> -<<<<<<< HEAD -======= -static const char *plugin_name = "gcrypt"; - ->>>>>>> upstream/4.5.1 typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t; /** @@ -98,6 +93,12 @@ static struct gcry_thread_cbs thread_functions = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }; +METHOD(plugin_t, get_name, char*, + private_gcrypt_plugin_t *this) +{ + return "gcrypt"; +} + METHOD(plugin_t, destroy, void, private_gcrypt_plugin_t *this) { @@ -147,161 +148,87 @@ plugin_t *gcrypt_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); /* hashers */ -<<<<<<< HEAD - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, - (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, - (hasher_constructor_t)gcrypt_hasher_create); - - /* crypters */ - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, - (crypter_constructor_t)gcrypt_crypter_create); -#ifdef HAVE_GCRY_CIPHER_CAMELLIA - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, - (crypter_constructor_t)gcrypt_crypter_create); -#endif /* HAVE_GCRY_CIPHER_CAMELLIA */ - lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, - (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, - (crypter_constructor_t)gcrypt_crypter_create); - - /* random numbers */ - lib->crypto->add_rng(lib->crypto, RNG_WEAK, - (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, - (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, - (rng_constructor_t)gcrypt_rng_create); - - /* diffie hellman groups, using modp */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, - (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, -======= - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)gcrypt_hasher_create); /* crypters */ - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CTR, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); #ifdef HAVE_GCRY_CIPHER_CAMELLIA - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CTR, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); #endif /* HAVE_GCRY_CIPHER_CAMELLIA */ - lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, get_name(this), (crypter_constructor_t)gcrypt_crypter_create); /* random numbers */ - lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this), (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)gcrypt_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)gcrypt_rng_create); /* diffie hellman groups, using modp */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)gcrypt_dh_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)gcrypt_dh_create_custom); /* RSA */ diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index dde840936..18592ab4a 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c index 798602e84..55ccd4a4f 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.c +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c @@ -20,11 +20,6 @@ #include "gmp_rsa_private_key.h" #include "gmp_rsa_public_key.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "gmp"; - ->>>>>>> upstream/4.5.1 typedef struct private_gmp_plugin_t private_gmp_plugin_t; /** @@ -38,6 +33,12 @@ struct private_gmp_plugin_t { gmp_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_gmp_plugin_t *this) +{ + return "gmp"; +} + METHOD(plugin_t, destroy, void, private_gmp_plugin_t *this) { @@ -64,62 +65,37 @@ plugin_t *gmp_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, - (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, - (dh_constructor_t)gmp_diffie_hellman_create); - - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, -======= - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)gmp_diffie_hellman_create_custom); lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, FALSE, diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index e8355ab21..b9e2cd817 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c index c7b2739df..397a1ea11 100644 --- a/src/libstrongswan/plugins/hmac/hmac.c +++ b/src/libstrongswan/plugins/hmac/hmac.c @@ -147,8 +147,8 @@ METHOD(hmac_t, destroy, void, private_hmac_t *this) { this->h->destroy(this->h); - free(this->opaded_key.ptr); - free(this->ipaded_key.ptr); + chunk_clear(&this->opaded_key); + chunk_clear(&this->ipaded_key); free(this); } diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c index c15a29b1c..47d6d3cde 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.c +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c @@ -19,11 +19,6 @@ #include "hmac_signer.h" #include "hmac_prf.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "hmac"; - ->>>>>>> upstream/4.5.1 typedef struct private_hmac_plugin_t private_hmac_plugin_t; /** @@ -37,6 +32,12 @@ struct private_hmac_plugin_t { hmac_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_hmac_plugin_t *this) +{ + return "hmac"; +} + METHOD(plugin_t, destroy, void, private_hmac_plugin_t *this) { @@ -53,74 +54,40 @@ METHOD(plugin_t, destroy, void, plugin_t *hmac_plugin_create() { private_hmac_plugin_t *this; -<<<<<<< HEAD -======= hasher_t *hasher; ->>>>>>> upstream/4.5.1 INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, - (prf_constructor_t)hmac_prf_create); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, - (prf_constructor_t)hmac_prf_create); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, - (prf_constructor_t)hmac_prf_create); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, - (prf_constructor_t)hmac_prf_create); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, - (prf_constructor_t)hmac_prf_create); - - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, - (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, - (signer_constructor_t)hmac_signer_create); -======= hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA1, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_96, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA256); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_256, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_256, get_name(this), (signer_constructor_t)hmac_signer_create); } @@ -128,34 +95,33 @@ plugin_t *hmac_plugin_create() if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_MD5, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_128, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA384); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_384, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_192, get_name(this), (signer_constructor_t)hmac_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_384_384, get_name(this), (signer_constructor_t)hmac_signer_create); } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA512); if (hasher) { hasher->destroy(hasher); - lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_HMAC_SHA2_512, get_name(this), (prf_constructor_t)hmac_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_512_256, get_name(this), (signer_constructor_t)hmac_signer_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index 7dd7e92f0..b496ace28 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index 57c367ca1..fc6114b0a 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -100,13 +100,8 @@ static bool parse(LDAP *ldap, LDAPMessage *result, chunk_t *response) } -<<<<<<< HEAD -static status_t fetch(private_ldap_fetcher_t *this, char *url, - chunk_t *result, va_list args) -======= METHOD(fetcher_t, fetch, status_t, - private_ldap_fetcher_t *this, char *url, chunk_t *result) ->>>>>>> upstream/4.5.1 + private_ldap_fetcher_t *this, char *url, void *userdata) { LDAP *ldap; LDAPURLDesc *lurl; @@ -115,6 +110,7 @@ METHOD(fetcher_t, fetch, status_t, int ldap_version = LDAP_VERSION3; struct timeval timeout; status_t status = FAILED; + chunk_t *result = userdata; if (!strneq(url, "ldap", 4)) { @@ -171,15 +167,8 @@ METHOD(fetcher_t, fetch, status_t, } -<<<<<<< HEAD -/** - * Implementation of fetcher_t.set_option. - */ -static bool set_option(private_ldap_fetcher_t *this, fetcher_option_t option, ...) -======= METHOD(fetcher_t, set_option, bool, private_ldap_fetcher_t *this, fetcher_option_t option, ...) ->>>>>>> upstream/4.5.1 { va_list args; @@ -196,15 +185,8 @@ METHOD(fetcher_t, set_option, bool, } } -<<<<<<< HEAD -/** - * Implements ldap_fetcher_t.destroy - */ -static void destroy(private_ldap_fetcher_t *this) -======= METHOD(fetcher_t, destroy, void, private_ldap_fetcher_t *this) ->>>>>>> upstream/4.5.1 { free(this); } @@ -214,15 +196,6 @@ METHOD(fetcher_t, destroy, void, */ ldap_fetcher_t *ldap_fetcher_create() { -<<<<<<< HEAD - private_ldap_fetcher_t *this = malloc_thing(private_ldap_fetcher_t); - - this->public.interface.fetch = (status_t(*)(fetcher_t*,char*,chunk_t*))fetch; - this->public.interface.set_option = (bool(*)(fetcher_t*, fetcher_option_t option, ...))set_option; - this->public.interface.destroy = (void (*)(fetcher_t*))destroy; - - this->timeout = DEFAULT_TIMEOUT; -======= private_ldap_fetcher_t *this; INIT(this, @@ -235,7 +208,6 @@ ldap_fetcher_t *ldap_fetcher_create() }, .timeout = DEFAULT_TIMEOUT, ); ->>>>>>> upstream/4.5.1 return &this->public; } diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c index 434a023ce..08d9748ce 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.c +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c @@ -31,15 +31,14 @@ struct private_ldap_plugin_t { ldap_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of ldap_plugin_t.destroy - */ -static void destroy(private_ldap_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_ldap_plugin_t *this) +{ + return "ldap"; +} + METHOD(plugin_t, destroy, void, private_ldap_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->fetcher->remove_fetcher(lib->fetcher, (fetcher_constructor_t)ldap_fetcher_create); @@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *ldap_plugin_create() { -<<<<<<< HEAD - private_ldap_plugin_t *this = malloc_thing(private_ldap_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_ldap_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->fetcher->add_fetcher(lib->fetcher, (fetcher_constructor_t)ldap_fetcher_create, "ldap://"); diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in index 4f69538a8..82781054b 100644 --- a/src/libstrongswan/plugins/md4/Makefile.in +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c index cdb0fe914..371bba280 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.c +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "md4_hasher.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "md4"; - ->>>>>>> upstream/4.5.1 typedef struct private_md4_plugin_t private_md4_plugin_t; /** @@ -36,15 +31,14 @@ struct private_md4_plugin_t { md4_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of md4_plugin_t.destroy - */ -static void destroy(private_md4_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_md4_plugin_t *this) +{ + return "md4"; +} + METHOD(plugin_t, destroy, void, private_md4_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_hasher(lib->crypto, (hasher_constructor_t)md4_hasher_create); @@ -56,25 +50,19 @@ METHOD(plugin_t, destroy, void, */ plugin_t *md4_plugin_create() { -<<<<<<< HEAD - private_md4_plugin_t *this = malloc_thing(private_md4_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_hasher(lib->crypto, HASH_MD4, -======= private_md4_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)md4_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index c0ffec7ad..0e3c37e7e 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c index 015274ddf..c72284193 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.c +++ b/src/libstrongswan/plugins/md5/md5_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "md5_hasher.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "md5"; - ->>>>>>> upstream/4.5.1 typedef struct private_md5_plugin_t private_md5_plugin_t; /** @@ -36,15 +31,14 @@ struct private_md5_plugin_t { md5_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of md5_plugin_t.destroy - */ -static void destroy(private_md5_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_md5_plugin_t *this) +{ + return "md5"; +} + METHOD(plugin_t, destroy, void, private_md5_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_hasher(lib->crypto, (hasher_constructor_t)md5_hasher_create); @@ -56,25 +50,19 @@ METHOD(plugin_t, destroy, void, */ plugin_t *md5_plugin_create() { -<<<<<<< HEAD - private_md5_plugin_t *this = malloc_thing(private_md5_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_hasher(lib->crypto, HASH_MD5, -======= private_md5_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)md5_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index 7a6c57dd1..32067d5b4 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c index 0b9f8285d..5fbfa0f28 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.c +++ b/src/libstrongswan/plugins/mysql/mysql_database.c @@ -474,15 +474,8 @@ static bool mysql_enumerator_enumerate(mysql_enumerator_t *this, ...) return TRUE; } -<<<<<<< HEAD -/** - * Implementation of database_t.query. - */ -static enumerator_t* query(private_mysql_database_t *this, char *sql, ...) -======= METHOD(database_t, query, enumerator_t*, private_mysql_database_t *this, char *sql, ...) ->>>>>>> upstream/4.5.1 { MYSQL_STMT *stmt; va_list args; @@ -568,15 +561,8 @@ METHOD(database_t, query, enumerator_t*, return (enumerator_t*)enumerator; } -<<<<<<< HEAD -/** - * Implementation of database_t.execute. - */ -static int execute(private_mysql_database_t *this, int *rowid, char *sql, ...) -======= METHOD(database_t, execute, int, private_mysql_database_t *this, int *rowid, char *sql, ...) ->>>>>>> upstream/4.5.1 { MYSQL_STMT *stmt; va_list args; @@ -604,28 +590,14 @@ METHOD(database_t, execute, int, return affected; } -<<<<<<< HEAD -/** - * Implementation of database_t.get_driver - */ -static db_driver_t get_driver(private_mysql_database_t *this) -======= METHOD(database_t, get_driver,db_driver_t, private_mysql_database_t *this) ->>>>>>> upstream/4.5.1 { return DB_MYSQL; } -<<<<<<< HEAD -/** - * Implementation of database_t.destroy - */ -static void destroy(private_mysql_database_t *this) -======= METHOD(database_t, destroy, void, private_mysql_database_t *this) ->>>>>>> upstream/4.5.1 { this->pool->destroy_function(this->pool, (void*)conn_destroy); this->mutex->destroy(this->mutex); @@ -697,14 +669,6 @@ mysql_database_t *mysql_database_create(char *uri) return NULL; } -<<<<<<< HEAD - this = malloc_thing(private_mysql_database_t); - - this->public.db.query = (enumerator_t* (*)(database_t *this, char *sql, ...))query; - this->public.db.execute = (int (*)(database_t *this, int *rowid, char *sql, ...))execute; - this->public.db.get_driver = (db_driver_t(*)(database_t*))get_driver; - this->public.db.destroy = (void(*)(database_t*))destroy; -======= INIT(this, .public = { .db = { @@ -715,7 +679,6 @@ mysql_database_t *mysql_database_create(char *uri) }, }, ); ->>>>>>> upstream/4.5.1 if (!parse_uri(this, uri)) { diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 738bbeddb..579df4d50 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -32,15 +32,14 @@ struct private_mysql_plugin_t { mysql_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of plugin_t.destroy - */ -static void destroy(private_mysql_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_mysql_plugin_t *this) +{ + return "mysql"; +} + METHOD(plugin_t, destroy, void, private_mysql_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->db->remove_database(lib->db, (database_constructor_t)mysql_database_create); @@ -61,18 +60,15 @@ plugin_t *mysql_plugin_create() return NULL; } -<<<<<<< HEAD - this = malloc_thing(private_mysql_plugin_t); - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->db->add_database(lib->db, (database_constructor_t)mysql_database_create); diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index 4048bbd02..d1c8fce81 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -226,13 +226,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -253,6 +247,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -271,14 +267,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c index 7708af958..58401faa5 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crl.c +++ b/src/libstrongswan/plugins/openssl/openssl_crl.c @@ -382,11 +382,8 @@ static private_openssl_crl_t *create_empty() }, .get_serial = _get_serial, .get_authKeyIdentifier = _get_authKeyIdentifier, -<<<<<<< HEAD -======= .is_delta_crl = (void*)return_false, .create_delta_crl_uri_enumerator = (void*)enumerator_create_empty, ->>>>>>> upstream/4.5.1 .create_enumerator = _create_enumerator, }, }, @@ -463,9 +460,6 @@ static bool parse_extensions(private_openssl_crl_t *this) ok = parse_crlNumber_ext(this, ext); break; default: -<<<<<<< HEAD - ok = TRUE; -======= ok = X509_EXTENSION_get_critical(ext) == 0 || !lib->settings->get_bool(lib->settings, "libstrongswan.x509.enforce_critical", TRUE); @@ -474,7 +468,6 @@ static bool parse_extensions(private_openssl_crl_t *this) DBG1(DBG_LIB, "found unsupported critical X.509 " "CRL extension"); } ->>>>>>> upstream/4.5.1 break; } if (!ok) diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c index 2ed07ff0c..cd9a3bd4a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.c +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c @@ -152,7 +152,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_openssl_crypter_t *this) { - free(this->key.ptr); + chunk_clear(&this->key); free(this); } diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 32fc2bccd..78ed2811a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -257,7 +257,7 @@ METHOD(diffie_hellman_t, destroy, void, { EC_POINT_clear_free(this->pub_key); EC_KEY_free(this->key); - chunk_free(&this->shared_secret); + chunk_clear(&this->shared_secret); free(this); } diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index cf48b4c15..96aa38bb6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -41,11 +41,6 @@ #include "openssl_x509.h" #include "openssl_crl.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "openssl"; - ->>>>>>> upstream/4.5.1 typedef struct private_openssl_plugin_t private_openssl_plugin_t; /** @@ -198,6 +193,12 @@ static void threading_cleanup() mutex = NULL; } +METHOD(plugin_t, get_name, char*, + private_openssl_plugin_t *this) +{ + return "openssl"; +} + METHOD(plugin_t, destroy, void, private_openssl_plugin_t *this) { @@ -253,6 +254,8 @@ plugin_t *openssl_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -277,167 +280,85 @@ plugin_t *openssl_plugin_create() } /* crypter */ -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_RC5, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, - (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_NULL, - (crypter_constructor_t)openssl_crypter_create); - - /* hasher */ - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD2, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, - (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, - (hasher_constructor_t)openssl_hasher_create); - - /* prf */ - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, - (prf_constructor_t)openssl_sha1_prf_create); - - /* (ec) diffie hellman */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); -#ifndef OPENSSL_NO_EC - lib->crypto->add_dh(lib->crypto, ECP_256_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_384_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_521_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_224_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_192_BIT, - (dh_constructor_t)openssl_ec_diffie_hellman_create); -#endif /* OPENSSL_NO_EC */ - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, - (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, -======= - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_3DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_RC5, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_RC5, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_CAST, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_CAST, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, get_name(this), (crypter_constructor_t)openssl_crypter_create); - lib->crypto->add_crypter(lib->crypto, ENCR_NULL, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_NULL, get_name(this), (crypter_constructor_t)openssl_crypter_create); /* hasher */ - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD4, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD4, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)openssl_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)openssl_hasher_create); /* prf */ - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this), (prf_constructor_t)openssl_sha1_prf_create); /* (ec) diffie hellman */ - lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_224, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_224, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_2048_256, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_2048_256, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); #ifndef OPENSSL_NO_EC - lib->crypto->add_dh(lib->crypto, ECP_256_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_256_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_384_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_384_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_521_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_521_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_224_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_224_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, ECP_192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, ECP_192_BIT, get_name(this), (dh_constructor_t)openssl_ec_diffie_hellman_create); #endif /* OPENSSL_NO_EC */ - lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_1024_160, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_1024_160, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_768_BIT, plugin_name, + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); - lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, get_name(this), (dh_constructor_t)openssl_diffie_hellman_create); /* rsa */ diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 0b607c386..d1afd94cc 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -455,6 +455,7 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_load(key_type_t type, return NULL; } +#ifndef OPENSSL_NO_ENGINE /** * Login to engine with a PIN specified for a keyid */ @@ -496,6 +497,7 @@ static bool login(ENGINE *engine, chunk_t keyid) } return success; } +#endif /* OPENSSL_NO_ENGINE */ /** * See header. diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index 7c7f2aa06..f7495b2ae 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -84,11 +84,7 @@ struct private_openssl_x509_t { /** * Pathlen constraint */ -<<<<<<< HEAD - int pathlen; -======= u_char pathlen; ->>>>>>> upstream/4.5.1 /** * certificate subject @@ -141,11 +137,7 @@ struct private_openssl_x509_t { linked_list_t *issuerAltNames; /** -<<<<<<< HEAD - * List of CRL URIs -======= * List of CRL URIs, as x509_cdp_t ->>>>>>> upstream/4.5.1 */ linked_list_t *crl_uris; @@ -161,8 +153,6 @@ struct private_openssl_x509_t { }; /** -<<<<<<< HEAD -======= * Destroy a CRL URI struct */ static void crl_uri_destroy(x509_cdp_t *this) @@ -173,7 +163,6 @@ static void crl_uri_destroy(x509_cdp_t *this) } /** ->>>>>>> upstream/4.5.1 * Convert a GeneralName to an identification_t. */ static identification_t *general_name2id(GENERAL_NAME *name) @@ -261,12 +250,6 @@ METHOD(x509_t, get_authKeyIdentifier, chunk_t, return chunk_empty; } -<<<<<<< HEAD -METHOD(x509_t, get_pathLenConstraint, int, - private_openssl_x509_t *this) -{ - return this->pathlen; -======= METHOD(x509_t, get_constraint, u_int, private_openssl_x509_t *this, x509_constraint_t type) { @@ -277,7 +260,6 @@ METHOD(x509_t, get_constraint, u_int, default: return X509_NO_CONSTRAINT; } ->>>>>>> upstream/4.5.1 } METHOD(x509_t, create_subjectAltName_enumerator, enumerator_t*, @@ -298,16 +280,6 @@ METHOD(x509_t, create_ocsp_uri_enumerator, enumerator_t*, return this->ocsp_uris->create_enumerator(this->ocsp_uris); } -<<<<<<< HEAD -METHOD(x509_t, create_ipAddrBlock_enumerator, enumerator_t*, - private_openssl_x509_t *this) -{ - /* TODO */ - return enumerator_create_empty(); -} - -======= ->>>>>>> upstream/4.5.1 METHOD(certificate_t, get_type, certificate_type_t, private_openssl_x509_t *this) { @@ -520,11 +492,7 @@ METHOD(certificate_t, destroy, void, offsetof(identification_t, destroy)); this->issuerAltNames->destroy_offset(this->issuerAltNames, offsetof(identification_t, destroy)); -<<<<<<< HEAD - this->crl_uris->destroy_function(this->crl_uris, free); -======= this->crl_uris->destroy_function(this->crl_uris, (void*)crl_uri_destroy); ->>>>>>> upstream/4.5.1 this->ocsp_uris->destroy_function(this->ocsp_uris, free); free(this); } @@ -558,13 +526,6 @@ static private_openssl_x509_t *create_empty() .get_serial = _get_serial, .get_subjectKeyIdentifier = _get_subjectKeyIdentifier, .get_authKeyIdentifier = _get_authKeyIdentifier, -<<<<<<< HEAD - .get_pathLenConstraint = _get_pathLenConstraint, - .create_subjectAltName_enumerator = _create_subjectAltName_enumerator, - .create_crl_uri_enumerator = _create_crl_uri_enumerator, - .create_ocsp_uri_enumerator = _create_ocsp_uri_enumerator, - .create_ipAddrBlock_enumerator = _create_ipAddrBlock_enumerator, -======= .get_constraint = _get_constraint, .create_subjectAltName_enumerator = _create_subjectAltName_enumerator, .create_crl_uri_enumerator = _create_crl_uri_enumerator, @@ -573,18 +534,13 @@ static private_openssl_x509_t *create_empty() .create_name_constraint_enumerator = (void*)enumerator_create_empty, .create_cert_policy_enumerator = (void*)enumerator_create_empty, .create_policy_mapping_enumerator = (void*)enumerator_create_empty, ->>>>>>> upstream/4.5.1 }, }, .subjectAltNames = linked_list_create(), .issuerAltNames = linked_list_create(), .crl_uris = linked_list_create(), .ocsp_uris = linked_list_create(), -<<<<<<< HEAD - .pathlen = X509_NO_PATH_LEN_CONSTRAINT, -======= .pathlen = X509_NO_CONSTRAINT, ->>>>>>> upstream/4.5.1 .ref = 1, ); @@ -630,10 +586,7 @@ static bool parse_basicConstraints_ext(private_openssl_x509_t *this, X509_EXTENSION *ext) { BASIC_CONSTRAINTS *constraints; -<<<<<<< HEAD -======= long pathlen; ->>>>>>> upstream/4.5.1 constraints = (BASIC_CONSTRAINTS*)X509V3_EXT_d2i(ext); if (constraints) @@ -644,14 +597,10 @@ static bool parse_basicConstraints_ext(private_openssl_x509_t *this, } if (constraints->pathlen) { -<<<<<<< HEAD - this->pathlen = ASN1_INTEGER_get(constraints->pathlen); -======= pathlen = ASN1_INTEGER_get(constraints->pathlen); this->pathlen = (pathlen >= 0 && pathlen < 128) ? pathlen : X509_NO_CONSTRAINT; ->>>>>>> upstream/4.5.1 } BASIC_CONSTRAINTS_free(constraints); return TRUE; @@ -667,16 +616,10 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this, { CRL_DIST_POINTS *cdps; DIST_POINT *cdp; -<<<<<<< HEAD - identification_t *id; - char *uri; - int i, j, point_num, name_num; -======= identification_t *id, *issuer; x509_cdp_t *entry; char *uri; int i, j, k, point_num, name_num, issuer_num; ->>>>>>> upstream/4.5.1 cdps = X509V3_EXT_d2i(ext); if (!cdps) @@ -701,9 +644,6 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this, { if (asprintf(&uri, "%Y", id) > 0) { -<<<<<<< HEAD - this->crl_uris->insert_first(this->crl_uris, uri); -======= if (cdp->CRLissuer) { issuer_num = sk_GENERAL_NAME_num(cdp->CRLissuer); @@ -730,16 +670,12 @@ static bool parse_crlDistributionPoints_ext(private_openssl_x509_t *this, ); this->crl_uris->insert_last(this->crl_uris, entry); } ->>>>>>> upstream/4.5.1 } id->destroy(id); } } } -<<<<<<< HEAD -======= ->>>>>>> upstream/4.5.1 DIST_POINT_free(cdp); } } @@ -872,9 +808,6 @@ static bool parse_extensions(private_openssl_x509_t *this) ok = parse_crlDistributionPoints_ext(this, ext); break; default: -<<<<<<< HEAD - ok = TRUE; -======= ok = X509_EXTENSION_get_critical(ext) == 0 || !lib->settings->get_bool(lib->settings, "libstrongswan.x509.enforce_critical", TRUE); @@ -882,7 +815,6 @@ static bool parse_extensions(private_openssl_x509_t *this) { DBG1(DBG_LIB, "found unsupported critical X.509 extension"); } ->>>>>>> upstream/4.5.1 break; } if (!ok) @@ -940,8 +872,6 @@ static bool parse_certificate(private_openssl_x509_t *this) { return FALSE; } -<<<<<<< HEAD -======= if (X509_get_version(this->x509) < 0 || X509_get_version(this->x509) > 2) { DBG1(DBG_LIB, "unsupported x509 version: %d", @@ -949,7 +879,6 @@ static bool parse_certificate(private_openssl_x509_t *this) return FALSE; } ->>>>>>> upstream/4.5.1 this->subject = openssl_x509_name2id(X509_get_subject_name(this->x509)); this->issuer = openssl_x509_name2id(X509_get_issuer_name(this->x509)); @@ -993,11 +922,7 @@ static bool parse_certificate(private_openssl_x509_t *this) if (!parse_extensions(this)) { -<<<<<<< HEAD - return TRUE; -======= return FALSE; ->>>>>>> upstream/4.5.1 } parse_extKeyUsage(this); diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 24c7441d7..7bc342995 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -222,13 +222,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,14 +263,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c index 06c20292f..119de86aa 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c @@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv, *dst = chunk_alloc(src.len); padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr, src.len / AES_BLOCK_SIZE, iv_aligned); + + memwipe(key_aligned, sizeof(key_aligned)); } METHOD(crypter_t, decrypt, void, @@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_padlock_aes_crypter_t *this) { - free(this->key.ptr); + chunk_clear(&this->key); free(this); } diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index a78f2076b..9d4afd8e8 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -23,11 +23,6 @@ #include <library.h> #include <debug.h> -<<<<<<< HEAD -======= -static const char *plugin_name = "padlock"; - ->>>>>>> upstream/4.5.1 typedef struct private_padlock_plugin_t private_padlock_plugin_t; typedef enum padlock_feature_t padlock_feature_t; @@ -106,6 +101,12 @@ static padlock_feature_t get_padlock_features() return 0; } +METHOD(plugin_t, get_name, char*, + private_padlock_plugin_t *this) +{ + return "padlock"; +} + METHOD(plugin_t, destroy, void, private_padlock_plugin_t *this) { @@ -141,6 +142,8 @@ plugin_t *padlock_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -166,37 +169,21 @@ plugin_t *padlock_plugin_create() if (this->features & PADLOCK_RNG_ENABLED) { -<<<<<<< HEAD - lib->crypto->add_rng(lib->crypto, RNG_TRUE, - (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, - (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_WEAK, -======= - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this), (rng_constructor_t)padlock_rng_create); } if (this->features & PADLOCK_ACE2_ENABLED) { -<<<<<<< HEAD - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, -======= - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)padlock_aes_crypter_create); } if (this->features & PADLOCK_PHE_ENABLED) { -<<<<<<< HEAD - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, -======= - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)padlock_sha1_hasher_create); } return &this->public.plugin; diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in index 5a2469145..92c7fa2fe 100644 --- a/src/libstrongswan/plugins/pem/Makefile.in +++ b/src/libstrongswan/plugins/pem/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c index 2a69e4ea6..9c8237e4d 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.c +++ b/src/libstrongswan/plugins/pem/pem_encoder.c @@ -111,11 +111,7 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, } /* compute and allocate maximum size of PEM object */ -<<<<<<< HEAD - pem_chars = 4*(asn1.len + 2)/3; -======= pem_chars = 4 * ((asn1.len + 2) / 3); ->>>>>>> upstream/4.5.1 pem_lines = (asn1.len + BYTES_PER_LINE - 1) / BYTES_PER_LINE; *encoding = chunk_alloc(5 + 2*(6 + strlen(label) + 6) + 3 + pem_chars + pem_lines); pos = encoding->ptr; diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c index 0e6a4788c..c81605ae5 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.c +++ b/src/libstrongswan/plugins/pem/pem_plugin.c @@ -33,15 +33,14 @@ struct private_pem_plugin_t { pem_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of pem_plugin_t.pemtroy - */ -static void destroy(private_pem_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_pem_plugin_t *this) +{ + return "pem"; +} + METHOD(plugin_t, destroy, void, private_pem_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)pem_private_key_load); @@ -57,21 +56,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *pem_plugin_create() { -<<<<<<< HEAD - private_pem_plugin_t *this = malloc_thing(private_pem_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_pem_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 /* register private key PEM decoding builders */ lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_ANY, FALSE, diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in index 336e293be..6be915f29 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.in +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c index 762eb061f..52e9d96b1 100644 --- a/src/libstrongswan/plugins/pgp/pgp_plugin.c +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -33,15 +33,14 @@ struct private_pgp_plugin_t { pgp_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of pgp_plugin_t.pgptroy - */ -static void destroy(private_pgp_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_pgp_plugin_t *this) +{ + return "pgp"; +} + METHOD(plugin_t, destroy, void, private_pgp_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)pgp_public_key_load); @@ -61,22 +60,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *pgp_plugin_create() { -<<<<<<< HEAD - private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - -======= private_pgp_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE, (builder_function_t)pgp_public_key_load); lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, FALSE, @@ -85,15 +79,8 @@ plugin_t *pgp_plugin_create() (builder_function_t)pgp_private_key_load); lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, FALSE, (builder_function_t)pgp_private_key_load); -<<<<<<< HEAD - - lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG, FALSE, - (builder_function_t)pgp_cert_load); - -======= lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG, FALSE, (builder_function_t)pgp_cert_load); ->>>>>>> upstream/4.5.1 lib->encoding->add_encoder(lib->encoding, pgp_encoder_encode); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in index 2169d022c..1ae880c3b 100644 --- a/src/libstrongswan/plugins/pkcs1/Makefile.in +++ b/src/libstrongswan/plugins/pkcs1/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c index 88c848899..a605fabc7 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c @@ -57,7 +57,7 @@ static public_key_t *parse_public_key(chunk_t blob) int oid = asn1_parse_algorithmIdentifier(object, parser->get_level(parser)+1, NULL); - if (oid == OID_RSA_ENCRYPTION) + if (oid == OID_RSA_ENCRYPTION || oid == OID_RSAES_OAEP) { type = KEY_RSA; } diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c index d91de0e7f..e0e24cab2 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c @@ -32,15 +32,14 @@ struct private_pkcs1_plugin_t { pkcs1_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of pkcs1_plugin_t.pkcs1troy - */ -static void destroy(private_pkcs1_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_pkcs1_plugin_t *this) +{ + return "pkcs1"; +} + METHOD(plugin_t, destroy, void, private_pkcs1_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)pkcs1_public_key_load); @@ -57,21 +56,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *pkcs1_plugin_create() { -<<<<<<< HEAD - private_pkcs1_plugin_t *this = malloc_thing(private_pkcs1_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_pkcs1_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, FALSE, (builder_function_t)pkcs1_public_key_load); diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in index 8d6bad565..1a67f88cc 100644 --- a/src/libstrongswan/plugins/pkcs11/Makefile.in +++ b/src/libstrongswan/plugins/pkcs11/Makefile.in @@ -223,13 +223,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -268,14 +264,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c index 6783699e5..a81ec1147 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_creds.c @@ -55,16 +55,6 @@ struct private_pkcs11_creds_t { * Find certificates, optionally trusted */ static void find_certificates(private_pkcs11_creds_t *this, -<<<<<<< HEAD - CK_SESSION_HANDLE session, CK_BBOOL trusted) -{ - CK_OBJECT_CLASS class = CKO_CERTIFICATE; - CK_CERTIFICATE_TYPE type = CKC_X_509; - CK_ATTRIBUTE tmpl[] = { - {CKA_CLASS, &class, sizeof(class)}, - {CKA_CERTIFICATE_TYPE, &type, sizeof(type)}, - {CKA_TRUSTED, &trusted, sizeof(trusted)}, -======= CK_SESSION_HANDLE session) { CK_OBJECT_CLASS class = CKO_CERTIFICATE; @@ -73,16 +63,12 @@ static void find_certificates(private_pkcs11_creds_t *this, CK_ATTRIBUTE tmpl[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_CERTIFICATE_TYPE, &type, sizeof(type)}, ->>>>>>> upstream/4.5.1 }; CK_OBJECT_HANDLE object; CK_ATTRIBUTE attr[] = { {CKA_VALUE, NULL, 0}, {CKA_LABEL, NULL, 0}, -<<<<<<< HEAD -======= {CKA_TRUSTED, &trusted, sizeof(trusted)} ->>>>>>> upstream/4.5.1 }; enumerator_t *enumerator; linked_list_t *raw; @@ -90,13 +76,6 @@ static void find_certificates(private_pkcs11_creds_t *this, struct { chunk_t value; chunk_t label; -<<<<<<< HEAD - } *entry; - - raw = linked_list_create(); - enumerator = this->lib->create_object_enumerator(this->lib, - session, tmpl, countof(tmpl), attr, countof(attr)); -======= bool trusted; } *entry; int count = countof(attr); @@ -110,7 +89,6 @@ static void find_certificates(private_pkcs11_creds_t *this, } enumerator = this->lib->create_object_enumerator(this->lib, session, tmpl, countof(tmpl), attr, count); ->>>>>>> upstream/4.5.1 while (enumerator->enumerate(enumerator, &object)) { entry = malloc(sizeof(*entry)); @@ -118,10 +96,7 @@ static void find_certificates(private_pkcs11_creds_t *this, chunk_create(attr[0].pValue, attr[0].ulValueLen)); entry->label = chunk_clone( chunk_create(attr[1].pValue, attr[1].ulValueLen)); -<<<<<<< HEAD -======= entry->trusted = trusted; ->>>>>>> upstream/4.5.1 raw->insert_last(raw, entry); } enumerator->destroy(enumerator); @@ -134,17 +109,10 @@ static void find_certificates(private_pkcs11_creds_t *this, if (cert) { DBG1(DBG_CFG, " loaded %strusted cert '%.*s'", -<<<<<<< HEAD - trusted ? "" : "un", entry->label.len, entry->label.ptr); - /* trusted certificates are also returned as untrusted */ - this->untrusted->insert_last(this->untrusted, cert); - if (trusted) -======= entry->trusted ? "" : "un", entry->label.len, entry->label.ptr); /* trusted certificates are also returned as untrusted */ this->untrusted->insert_last(this->untrusted, cert); if (entry->trusted) ->>>>>>> upstream/4.5.1 { this->trusted->insert_last(this->trusted, cert->get_ref(cert)); } @@ -177,12 +145,7 @@ static bool load_certificates(private_pkcs11_creds_t *this) return FALSE; } -<<<<<<< HEAD - find_certificates(this, session, CK_TRUE); - find_certificates(this, session, CK_FALSE); -======= find_certificates(this, session); ->>>>>>> upstream/4.5.1 this->lib->f->C_CloseSession(session); return TRUE; diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c index 6d819da34..6f7926808 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.c @@ -466,14 +466,11 @@ struct private_pkcs11_library_t { * Name as passed to the constructor */ char *name; -<<<<<<< HEAD -======= /** * Supported feature set */ pkcs11_feature_t features; ->>>>>>> upstream/4.5.1 }; METHOD(pkcs11_library_t, get_name, char*, @@ -482,15 +479,12 @@ METHOD(pkcs11_library_t, get_name, char*, return this->name; } -<<<<<<< HEAD -======= METHOD(pkcs11_library_t, get_features, pkcs11_feature_t, private_pkcs11_library_t *this) { return this->features; } ->>>>>>> upstream/4.5.1 /** * Object enumerator */ @@ -783,11 +777,6 @@ static CK_RV UnlockMutex(CK_VOID_PTR data) } /** -<<<<<<< HEAD - * Initialize a PKCS#11 library - */ -static bool initialize(private_pkcs11_library_t *this, char *name, char *file) -======= * Check if the library has at least a given cryptoki version */ static bool has_version(CK_INFO *info, int major, int minor) @@ -814,27 +803,19 @@ static void check_features(private_pkcs11_library_t *this, CK_INFO *info) */ static bool initialize(private_pkcs11_library_t *this, char *name, char *file, bool os_locking) ->>>>>>> upstream/4.5.1 { CK_C_GetFunctionList pC_GetFunctionList; CK_INFO info; CK_RV rv; -<<<<<<< HEAD - CK_C_INITIALIZE_ARGS args = { -======= static CK_C_INITIALIZE_ARGS args = { ->>>>>>> upstream/4.5.1 .CreateMutex = CreateMutex, .DestroyMutex = DestroyMutex, .LockMutex = LockMutex, .UnlockMutex = UnlockMutex, }; -<<<<<<< HEAD -======= static CK_C_INITIALIZE_ARGS args_os = { .flags = CKF_OS_LOCKING_OK, }; ->>>>>>> upstream/4.5.1 pC_GetFunctionList = dlsym(this->handle, "C_GetFunctionList"); if (!pC_GetFunctionList) @@ -849,16 +830,6 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file, name, ck_rv_names, rv); return FALSE; } -<<<<<<< HEAD - - rv = this->public.f->C_Initialize(&args); - if (rv == CKR_CANT_LOCK) - { /* try OS locking */ - memset(&args, 0, sizeof(args)); - args.flags = CKF_OS_LOCKING_OK; - rv = this->public.f->C_Initialize(&args); - } -======= if (os_locking) { rv = CKR_CANT_LOCK; @@ -872,7 +843,6 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file, os_locking = TRUE; rv = this->public.f->C_Initialize(&args_os); } ->>>>>>> upstream/4.5.1 if (rv != CKR_OK) { DBG1(DBG_CFG, "C_Initialize() error for '%s': %N", @@ -898,40 +868,26 @@ static bool initialize(private_pkcs11_library_t *this, char *name, char *file, DBG1(DBG_CFG, " %s: %s v%d.%d", info.manufacturerID, info.libraryDescription, info.libraryVersion.major, info.libraryVersion.minor); -<<<<<<< HEAD - if (args.flags & CKF_OS_LOCKING_OK) - { - DBG1(DBG_CFG, " uses OS locking functions"); - } -======= if (os_locking) { DBG1(DBG_CFG, " uses OS locking functions"); } check_features(this, &info); ->>>>>>> upstream/4.5.1 return TRUE; } /** * See header */ -<<<<<<< HEAD -pkcs11_library_t *pkcs11_library_create(char *name, char *file) -======= pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking) ->>>>>>> upstream/4.5.1 { private_pkcs11_library_t *this; INIT(this, .public = { .get_name = _get_name, -<<<<<<< HEAD -======= .get_features = _get_features, ->>>>>>> upstream/4.5.1 .create_object_enumerator = _create_object_enumerator, .create_mechanism_enumerator = _create_mechanism_enumerator, .destroy = _destroy, @@ -947,11 +903,7 @@ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_locking) return NULL; } -<<<<<<< HEAD - if (!initialize(this, name, file)) -======= if (!initialize(this, name, file, os_locking)) ->>>>>>> upstream/4.5.1 { dlclose(this->handle); free(this); diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h index 384258089..abe023448 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_library.h +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_library.h @@ -21,10 +21,7 @@ #ifndef PKCS11_LIBRARY_H_ #define PKCS11_LIBRARY_H_ -<<<<<<< HEAD -======= typedef enum pkcs11_feature_t pkcs11_feature_t; ->>>>>>> upstream/4.5.1 typedef struct pkcs11_library_t pkcs11_library_t; #include "pkcs11.h" @@ -33,8 +30,6 @@ typedef struct pkcs11_library_t pkcs11_library_t; #include <utils/enumerator.h> /** -<<<<<<< HEAD -======= * Optional PKCS#11 features some libraries support, some not */ enum pkcs11_feature_t { @@ -45,7 +40,6 @@ enum pkcs11_feature_t { }; /** ->>>>>>> upstream/4.5.1 * A loaded and initialized PKCS#11 library. */ struct pkcs11_library_t { @@ -63,8 +57,6 @@ struct pkcs11_library_t { char* (*get_name)(pkcs11_library_t *this); /** -<<<<<<< HEAD -======= * Get the feature set supported by this library. * * @return ORed set of features supported @@ -72,7 +64,6 @@ struct pkcs11_library_t { pkcs11_feature_t (*get_features)(pkcs11_library_t *this); /** ->>>>>>> upstream/4.5.1 * Create an enumerator over CK_OBJECT_HANDLE using a search template. * * An optional attribute array is automatically filled in with the @@ -130,15 +121,9 @@ void pkcs11_library_trim(char *str, int len); * * @param name an arbitrary name, for debugging * @param file pkcs11 library file to dlopen() -<<<<<<< HEAD - * @return library abstraction - */ -pkcs11_library_t *pkcs11_library_create(char *name, char *file); -======= * @param os_lock enforce OS Locking for this library * @return library abstraction */ pkcs11_library_t *pkcs11_library_create(char *name, char *file, bool os_lock); ->>>>>>> upstream/4.5.1 #endif /** PKCS11_LIBRARY_H_ @}*/ diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c index b7ca3538c..431cd6a2c 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c @@ -369,18 +369,14 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb, "libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module); if (!entry->path) { - DBG1(DBG_CFG, "PKCS11 module '%s' misses library path", module); + DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module); free(entry); continue; } -<<<<<<< HEAD - entry->lib = pkcs11_library_create(module, entry->path); -======= entry->lib = pkcs11_library_create(module, entry->path, lib->settings->get_bool(lib->settings, "libstrongswan.plugins.pkcs11.modules.%s.os_locking", FALSE, module)); ->>>>>>> upstream/4.5.1 if (!entry->lib) { free(entry); diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c index b02873870..7b537cfa7 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c @@ -26,11 +26,6 @@ #include "pkcs11_public_key.h" #include "pkcs11_hasher.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "pkcs11"; - ->>>>>>> upstream/4.5.1 typedef struct private_pkcs11_plugin_t private_pkcs11_plugin_t; /** @@ -106,6 +101,12 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11, } } +METHOD(plugin_t, get_name, char*, + private_pkcs11_plugin_t *this) +{ + return "pkcs11"; +} + METHOD(plugin_t, destroy, void, private_pkcs11_plugin_t *this) { @@ -139,6 +140,8 @@ plugin_t *pkcs11_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -151,31 +154,17 @@ plugin_t *pkcs11_plugin_create() if (lib->settings->get_bool(lib->settings, "libstrongswan.plugins.pkcs11.use_hasher", FALSE)) { -<<<<<<< HEAD - lib->crypto->add_hasher(lib->crypto, HASH_MD2, - (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, - (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, - (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, - (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, - (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, -======= - lib->crypto->add_hasher(lib->crypto, HASH_MD2, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD2, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_MD5, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_MD5, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)pkcs11_hasher_create); } diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c index 6d2c93c98..b4cc7a805 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c @@ -401,20 +401,6 @@ static bool find_key(private_pkcs11_private_key_t *this, chunk_t keyid) }; CK_OBJECT_HANDLE object; CK_KEY_TYPE type; -<<<<<<< HEAD - CK_BBOOL reauth; - CK_ATTRIBUTE attr[] = { - {CKA_KEY_TYPE, &type, sizeof(type)}, - {CKA_ALWAYS_AUTHENTICATE, &reauth, sizeof(reauth)}, - {CKA_MODULUS, NULL, 0}, - {CKA_PUBLIC_EXPONENT, NULL, 0}, - }; - enumerator_t *enumerator; - chunk_t modulus, pubexp; - - enumerator = this->lib->create_object_enumerator(this->lib, - this->session, tmpl, countof(tmpl), attr, countof(attr)); -======= CK_BBOOL reauth = FALSE; CK_ATTRIBUTE attr[] = { {CKA_KEY_TYPE, &type, sizeof(type)}, @@ -433,28 +419,18 @@ static bool find_key(private_pkcs11_private_key_t *this, chunk_t keyid) } enumerator = this->lib->create_object_enumerator(this->lib, this->session, tmpl, countof(tmpl), attr, count); ->>>>>>> upstream/4.5.1 if (enumerator->enumerate(enumerator, &object)) { switch (type) { case CKK_RSA: -<<<<<<< HEAD - if (attr[2].ulValueLen == -1 || attr[3].ulValueLen == -1) -======= if (attr[1].ulValueLen == -1 || attr[2].ulValueLen == -1) ->>>>>>> upstream/4.5.1 { DBG1(DBG_CFG, "reading modulus/exponent from PKCS#1 failed"); break; } -<<<<<<< HEAD - modulus = chunk_create(attr[2].pValue, attr[2].ulValueLen); - pubexp = chunk_create(attr[3].pValue, attr[3].ulValueLen); -======= modulus = chunk_create(attr[1].pValue, attr[1].ulValueLen); pubexp = chunk_create(attr[2].pValue, attr[2].ulValueLen); ->>>>>>> upstream/4.5.1 this->pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, BUILD_RSA_MODULUS, modulus, BUILD_RSA_PUB_EXP, pubexp, BUILD_END); diff --git a/src/libstrongswan/plugins/plugin.h b/src/libstrongswan/plugins/plugin.h index 6d8a370fb..5c92fd1d8 100644 --- a/src/libstrongswan/plugins/plugin.h +++ b/src/libstrongswan/plugins/plugin.h @@ -21,6 +21,8 @@ #ifndef PLUGIN_H_ #define PLUGIN_H_ +#include <utils.h> + typedef struct plugin_t plugin_t; /** @@ -29,6 +31,20 @@ typedef struct plugin_t plugin_t; struct plugin_t { /** + * Get the name of the plugin. + * + * @return plugin name + */ + char* (*get_name)(plugin_t *this); + + /** + * Try to reload plugin configuration. + * + * @return TRUE if reloaded, FALSE if reloading not supporty by plugin + */ + bool (*reload)(plugin_t *this); + + /** * Destroy a plugin instance. */ void (*destroy)(plugin_t *this); diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index 4429d9436..b4d7bf7c7 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -43,24 +43,8 @@ struct private_plugin_loader_t { * list of loaded plugins */ linked_list_t *plugins; - - /** - * names of loaded plugins - */ - linked_list_t *names; }; -<<<<<<< HEAD -#ifdef MONOLITHIC -/** - * load a single plugin in monolithic mode - */ -static plugin_t* load_plugin(private_plugin_loader_t *this, - char *path, char *name) -{ - char create[128]; - plugin_t *plugin; -======= /** * create a plugin * returns: NOT_FOUND, if the constructor was not found @@ -70,44 +54,17 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle, char *name, bool integrity, plugin_t **plugin) { char create[128]; ->>>>>>> upstream/4.5.1 plugin_constructor_t constructor; if (snprintf(create, sizeof(create), "%s_plugin_create", name) >= sizeof(create)) { -<<<<<<< HEAD - return NULL; - } - translate(create, "-", "_"); - constructor = dlsym(RTLD_DEFAULT, create); - if (constructor == NULL) - { - DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, - create); - return NULL; - } - plugin = constructor(); - if (plugin == NULL) - { - DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, - create); - return NULL; - } - DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); - - return plugin; -} -#else -======= return FAILED; } translate(create, "-", "_"); constructor = dlsym(handle, create); if (constructor == NULL) { - DBG2(DBG_LIB, "plugin '%s': failed to load - %s not found", name, - create); return NOT_FOUND; } if (integrity && lib->integrity) @@ -131,29 +88,12 @@ static status_t create_plugin(private_plugin_loader_t *this, void *handle, return SUCCESS; } ->>>>>>> upstream/4.5.1 /** * load a single plugin */ static plugin_t* load_plugin(private_plugin_loader_t *this, char *path, char *name) { -<<<<<<< HEAD - char create[128]; - char file[PATH_MAX]; - void *handle; - plugin_t *plugin; - plugin_constructor_t constructor; - - if (snprintf(file, sizeof(file), "%s/libstrongswan-%s.so", path, - name) >= sizeof(file) || - snprintf(create, sizeof(create), "%s_plugin_create", - name) >= sizeof(create)) - { - return NULL; - } - translate(create, "-", "_"); -======= char file[PATH_MAX]; void *handle; plugin_t *plugin; @@ -174,7 +114,6 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, { return NULL; } ->>>>>>> upstream/4.5.1 if (lib->integrity) { if (!lib->integrity->check_file(lib->integrity, name, file)) @@ -190,42 +129,6 @@ static plugin_t* load_plugin(private_plugin_loader_t *this, DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror()); return NULL; } -<<<<<<< HEAD - constructor = dlsym(handle, create); - if (constructor == NULL) - { - DBG1(DBG_LIB, "plugin '%s': failed to load - %s not found", name, - create); - dlclose(handle); - return NULL; - } - if (lib->integrity) - { - if (!lib->integrity->check_segment(lib->integrity, name, constructor)) - { - DBG1(DBG_LIB, "plugin '%s': failed segment integrity test", name); - dlclose(handle); - return NULL; - } - DBG1(DBG_LIB, "plugin '%s': passed file and segment integrity tests", - name); - } - plugin = constructor(); - if (plugin == NULL) - { - DBG1(DBG_LIB, "plugin '%s': failed to load - %s returned NULL", name, - create); - dlclose(handle); - return NULL; - } - DBG2(DBG_LIB, "plugin '%s': loaded successfully", name); - - /* we do not store or free dlopen() handles, leak_detective requires - * the modules to keep loaded until leak report */ - return plugin; -} -#endif -======= if (create_plugin(this, handle, name, TRUE, &plugin) != SUCCESS) { dlclose(handle); @@ -243,12 +146,12 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name) { enumerator_t *enumerator; bool found = FALSE; - char *current; + plugin_t *plugin; - enumerator = this->names->create_enumerator(this->names); - while (enumerator->enumerate(enumerator, ¤t)) + enumerator = this->plugins->create_enumerator(this->plugins); + while (enumerator->enumerate(enumerator, &plugin)) { - if (streq(name, current)) + if (streq(plugin->get_name(plugin), name)) { found = TRUE; break; @@ -257,29 +160,18 @@ static bool plugin_loaded(private_plugin_loader_t *this, char *name) enumerator->destroy(enumerator); return found; } ->>>>>>> upstream/4.5.1 -/** - * Implementation of plugin_loader_t.load_plugins. - */ -static bool load(private_plugin_loader_t *this, char *path, char *list) +METHOD(plugin_loader_t, load_plugins, bool, + private_plugin_loader_t *this, char *path, char *list) { enumerator_t *enumerator; char *token; bool critical_failed = FALSE; -<<<<<<< HEAD -#ifndef MONOLITHIC -======= ->>>>>>> upstream/4.5.1 if (path == NULL) { path = PLUGINDIR; } -<<<<<<< HEAD -#endif -======= ->>>>>>> upstream/4.5.1 enumerator = enumerator_create_token(list, " ", " "); while (!critical_failed && enumerator->enumerate(enumerator, &token)) @@ -295,19 +187,15 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) critical = TRUE; token[len-1] = '\0'; } -<<<<<<< HEAD -======= if (plugin_loaded(this, token)) { free(token); continue; } ->>>>>>> upstream/4.5.1 plugin = load_plugin(this, path, token); if (plugin) { this->plugins->insert_last(this->plugins, plugin); - this->names->insert_last(this->names, token); } else { @@ -316,20 +204,17 @@ static bool load(private_plugin_loader_t *this, char *path, char *list) critical_failed = TRUE; DBG1(DBG_LIB, "loading critical plugin '%s' failed", token); } - free(token); } + free(token); } enumerator->destroy(enumerator); return !critical_failed; } -/** - * Implementation of plugin_loader_t.unload - */ -static void unload(private_plugin_loader_t *this) +METHOD(plugin_loader_t, unload, void, + private_plugin_loader_t *this) { plugin_t *plugin; - char *name; /* unload plugins in reverse order */ while (this->plugins->remove_last(this->plugins, @@ -337,27 +222,64 @@ static void unload(private_plugin_loader_t *this) { plugin->destroy(plugin); } - while (this->names->remove_last(this->names, (void**)&name) == SUCCESS) - { - free(name); - } } -/** - * Implementation of plugin_loader_t.create_plugin_enumerator - */ -static enumerator_t* create_plugin_enumerator(private_plugin_loader_t *this) +METHOD(plugin_loader_t, create_plugin_enumerator, enumerator_t*, + private_plugin_loader_t *this) { - return this->names->create_enumerator(this->names); + return this->plugins->create_enumerator(this->plugins); } /** - * Implementation of plugin_loader_t.destroy + * Reload a plugin by name, NULL for all */ -static void destroy(private_plugin_loader_t *this) +static u_int reload_by_name(private_plugin_loader_t *this, char *name) +{ + u_int reloaded = 0; + enumerator_t *enumerator; + plugin_t *plugin; + + enumerator = create_plugin_enumerator(this); + while (enumerator->enumerate(enumerator, &plugin)) + { + if (name == NULL || streq(name, plugin->get_name(plugin))) + { + if (plugin->reload(plugin)) + { + DBG2(DBG_LIB, "reloaded configuration of '%s' plugin", + plugin->get_name(plugin)); + reloaded++; + } + } + } + enumerator->destroy(enumerator); + return reloaded; +} + +METHOD(plugin_loader_t, reload, u_int, + private_plugin_loader_t *this, char *list) +{ + u_int reloaded = 0; + enumerator_t *enumerator; + char *name; + + if (list == NULL) + { + return reload_by_name(this, NULL); + } + enumerator = enumerator_create_token(list, " ", ""); + while (enumerator->enumerate(enumerator, &name)) + { + reloaded += reload_by_name(this, name); + } + enumerator->destroy(enumerator); + return reloaded; +} + +METHOD(plugin_loader_t, destroy, void, + private_plugin_loader_t *this) { this->plugins->destroy_offset(this->plugins, offsetof(plugin_t, destroy)); - this->names->destroy_function(this->names, free); free(this); } @@ -366,15 +288,18 @@ static void destroy(private_plugin_loader_t *this) */ plugin_loader_t *plugin_loader_create() { - private_plugin_loader_t *this = malloc_thing(private_plugin_loader_t); - - this->public.load = (bool(*)(plugin_loader_t*, char *path, char *prefix))load; - this->public.unload = (void(*)(plugin_loader_t*))unload; - this->public.create_plugin_enumerator = (enumerator_t*(*)(plugin_loader_t*))create_plugin_enumerator; - this->public.destroy = (void(*)(plugin_loader_t*))destroy; + private_plugin_loader_t *this; - this->plugins = linked_list_create(); - this->names = linked_list_create(); + INIT(this, + .public = { + .load = _load_plugins, + .reload = _reload, + .unload = _unload, + .create_plugin_enumerator = _create_plugin_enumerator, + .destroy = _destroy, + }, + .plugins = linked_list_create(), + ); return &this->public; } diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h index f72c91c60..e03da4543 100644 --- a/src/libstrongswan/plugins/plugin_loader.h +++ b/src/libstrongswan/plugins/plugin_loader.h @@ -44,14 +44,22 @@ struct plugin_loader_t { bool (*load)(plugin_loader_t *this, char *path, char *list); /** + * Reload the configuration of one or multiple plugins. + * + * @param space separated plugin names to reload, NULL for all + * @return number of plugins that did support reloading + */ + u_int (*reload)(plugin_loader_t *this, char *list); + + /** * Unload all loaded plugins. */ void (*unload)(plugin_loader_t *this); /** - * Create an enumerator over all loaded plugin names. + * Create an enumerator over all loaded plugins. * - * @return enumerator over char* + * @return enumerator over plugin_t* */ enumerator_t* (*create_plugin_enumerator)(plugin_loader_t *this); diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index bb2564238..97fba22fc 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index 3546c9bf9..ae6607e5a 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -31,15 +31,14 @@ struct private_pubkey_plugin_t { pubkey_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of pubkey_plugin_t.pubkeytroy - */ -static void destroy(private_pubkey_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_pubkey_plugin_t *this) +{ + return "pubkey"; +} + METHOD(plugin_t, destroy, void, private_pubkey_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)pubkey_cert_wrap); @@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *pubkey_plugin_create() { -<<<<<<< HEAD - private_pubkey_plugin_t *this = malloc_thing(private_pubkey_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_pubkey_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_TRUSTED_PUBKEY, FALSE, (builder_function_t)pubkey_cert_wrap); diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index fbdf35170..761d2c96e 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index f70998334..00202a5a6 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "random_rng.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "random"; - ->>>>>>> upstream/4.5.1 typedef struct private_random_plugin_t private_random_plugin_t; /** @@ -36,15 +31,14 @@ struct private_random_plugin_t { random_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of random_plugin_t.gmptroy - */ -static void destroy(private_random_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_random_plugin_t *this) +{ + return "random"; +} + METHOD(plugin_t, destroy, void, private_random_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_rng(lib->crypto, (rng_constructor_t)random_rng_create); @@ -56,29 +50,21 @@ METHOD(plugin_t, destroy, void, */ plugin_t *random_plugin_create() { -<<<<<<< HEAD - private_random_plugin_t *this = malloc_thing(private_random_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_rng(lib->crypto, RNG_STRONG, - (rng_constructor_t)random_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, -======= private_random_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)random_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)random_rng_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index e4247a3cc..1d99a63d5 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -55,16 +55,8 @@ struct private_random_rng_t { char *file; }; -<<<<<<< HEAD -/** - * Implementation of random_rng_t.get_bytes. - */ -static void get_bytes(private_random_rng_t *this, size_t bytes, - u_int8_t *buffer) -======= METHOD(rng_t, get_bytes, void, private_random_rng_t *this, size_t bytes, u_int8_t *buffer) ->>>>>>> upstream/4.5.1 { size_t done; ssize_t got; @@ -86,30 +78,15 @@ METHOD(rng_t, get_bytes, void, } } -<<<<<<< HEAD -/** - * Implementation of random_rng_t.allocate_bytes. - */ -static void allocate_bytes(private_random_rng_t *this, size_t bytes, - chunk_t *chunk) -======= METHOD(rng_t, allocate_bytes, void, private_random_rng_t *this, size_t bytes, chunk_t *chunk) ->>>>>>> upstream/4.5.1 { *chunk = chunk_alloc(bytes); get_bytes(this, chunk->len, chunk->ptr); } -<<<<<<< HEAD -/** - * Implementation of random_rng_t.destroy. - */ -static void destroy(private_random_rng_t *this) -======= METHOD(rng_t, destroy, void, private_random_rng_t *this) ->>>>>>> upstream/4.5.1 { close(this->dev); free(this); @@ -120,14 +97,6 @@ METHOD(rng_t, destroy, void, */ random_rng_t *random_rng_create(rng_quality_t quality) { -<<<<<<< HEAD - private_random_rng_t *this = malloc_thing(private_random_rng_t); - - /* public functions */ - this->public.rng.get_bytes = (void (*) (rng_t *, size_t, u_int8_t*)) get_bytes; - this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes; - this->public.rng.destroy = (void (*) (rng_t *))destroy; -======= private_random_rng_t *this; INIT(this, @@ -139,7 +108,6 @@ random_rng_t *random_rng_create(rng_quality_t quality) }, }, ); ->>>>>>> upstream/4.5.1 if (quality == RNG_TRUE) { diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in index 19ec1e719..e8856b7d7 100644 --- a/src/libstrongswan/plugins/revocation/Makefile.in +++ b/src/libstrongswan/plugins/revocation/Makefile.in @@ -223,13 +223,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -250,6 +244,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -268,14 +264,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/revocation/revocation_plugin.c b/src/libstrongswan/plugins/revocation/revocation_plugin.c index 02393b907..fa04fb2a2 100644 --- a/src/libstrongswan/plugins/revocation/revocation_plugin.c +++ b/src/libstrongswan/plugins/revocation/revocation_plugin.c @@ -36,6 +36,12 @@ struct private_revocation_plugin_t { revocation_validator_t *validator; }; +METHOD(plugin_t, get_name, char*, + private_revocation_plugin_t *this) +{ + return "revocation"; +} + METHOD(plugin_t, destroy, void, private_revocation_plugin_t *this) { @@ -54,6 +60,8 @@ plugin_t *revocation_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index dc8b849c7..def169275 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -93,20 +93,13 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject, /** * check the signature of an OCSP response */ -<<<<<<< HEAD -static bool verify_ocsp(ocsp_response_t *response) -======= static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth) ->>>>>>> upstream/4.5.1 { certificate_t *issuer, *subject; identification_t *responder; ocsp_response_wrapper_t *wrapper; enumerator_t *enumerator; -<<<<<<< HEAD -======= auth_cfg_t *current; ->>>>>>> upstream/4.5.1 bool verified = FALSE; wrapper = ocsp_response_wrapper_create((ocsp_response_t*)response); @@ -116,23 +109,16 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth) responder = subject->get_issuer(subject); enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY, responder, FALSE); -<<<<<<< HEAD - while (enumerator->enumerate(enumerator, &issuer, NULL)) -======= while (enumerator->enumerate(enumerator, &issuer, ¤t)) ->>>>>>> upstream/4.5.1 { if (lib->credmgr->issued_by(lib->credmgr, subject, issuer)) { DBG1(DBG_CFG, " ocsp response correctly signed by \"%Y\"", issuer->get_subject(issuer)); -<<<<<<< HEAD -======= if (auth) { auth->merge(auth, current, FALSE); } ->>>>>>> upstream/4.5.1 verified = TRUE; break; } @@ -148,12 +134,8 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth) * Get the better of two OCSP responses, and check for usable OCSP info */ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best, -<<<<<<< HEAD - x509_t *subject, x509_t *issuer, cert_validation_t *valid, bool cache) -======= x509_t *subject, x509_t *issuer, cert_validation_t *valid, auth_cfg_t *auth, bool cache) ->>>>>>> upstream/4.5.1 { ocsp_response_t *response; time_t revocation, this_update, next_update, valid_until; @@ -163,11 +145,7 @@ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best, response = (ocsp_response_t*)cand; /* check ocsp signature */ -<<<<<<< HEAD - if (!verify_ocsp(response)) -======= if (!verify_ocsp(response, auth)) ->>>>>>> upstream/4.5.1 { DBG1(DBG_CFG, "ocsp response verification failed"); cand->destroy(cand); @@ -248,12 +226,8 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, while (enumerator->enumerate(enumerator, ¤t)) { current->get_ref(current); -<<<<<<< HEAD - best = get_better_ocsp(current, best, subject, issuer, &valid, FALSE); -======= best = get_better_ocsp(current, best, subject, issuer, &valid, auth, FALSE); ->>>>>>> upstream/4.5.1 if (best && valid != VALIDATION_STALE) { DBG1(DBG_CFG, " using cached ocsp response"); @@ -280,11 +254,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, if (current) { best = get_better_ocsp(current, best, subject, issuer, -<<<<<<< HEAD - &valid, TRUE); -======= &valid, auth, TRUE); ->>>>>>> upstream/4.5.1 if (best && valid != VALIDATION_STALE) { break; @@ -306,11 +276,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, if (current) { best = get_better_ocsp(current, best, subject, issuer, -<<<<<<< HEAD - &valid, TRUE); -======= &valid, auth, TRUE); ->>>>>>> upstream/4.5.1 if (best && valid != VALIDATION_STALE) { break; @@ -364,39 +330,25 @@ static certificate_t* fetch_crl(char *url) /** * check the signature of an CRL */ -<<<<<<< HEAD -static bool verify_crl(certificate_t *crl) -======= static bool verify_crl(certificate_t *crl, auth_cfg_t *auth) ->>>>>>> upstream/4.5.1 { certificate_t *issuer; enumerator_t *enumerator; bool verified = FALSE; -<<<<<<< HEAD - - enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, - KEY_ANY, crl->get_issuer(crl), FALSE); - while (enumerator->enumerate(enumerator, &issuer, NULL)) -======= auth_cfg_t *current; enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY, crl->get_issuer(crl), FALSE); while (enumerator->enumerate(enumerator, &issuer, ¤t)) ->>>>>>> upstream/4.5.1 { if (lib->credmgr->issued_by(lib->credmgr, crl, issuer)) { DBG1(DBG_CFG, " crl correctly signed by \"%Y\"", issuer->get_subject(issuer)); -<<<<<<< HEAD -======= if (auth) { auth->merge(auth, current, FALSE); } ->>>>>>> upstream/4.5.1 verified = TRUE; break; } @@ -410,23 +362,13 @@ static bool verify_crl(certificate_t *crl, auth_cfg_t *auth) * Get the better of two CRLs, and check for usable CRL info */ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, -<<<<<<< HEAD - x509_t *subject, x509_t *issuer, cert_validation_t *valid, bool cache) -======= x509_t *subject, cert_validation_t *valid, auth_cfg_t *auth, bool cache, crl_t *base) ->>>>>>> upstream/4.5.1 { enumerator_t *enumerator; time_t revocation, valid_until; crl_reason_t reason; chunk_t serial; -<<<<<<< HEAD - crl_t *crl; - - /* check CRL signature */ - if (!verify_crl(cand)) -======= crl_t *crl = (crl_t*)cand; if (base) @@ -449,17 +391,12 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, /* check CRL signature */ if (!verify_crl(cand, auth)) ->>>>>>> upstream/4.5.1 { DBG1(DBG_CFG, "crl response verification failed"); cand->destroy(cand); return best; } -<<<<<<< HEAD - crl = (crl_t*)cand; -======= ->>>>>>> upstream/4.5.1 enumerator = crl->create_enumerator(crl); while (enumerator->enumerate(enumerator, &serial, &revocation, &reason)) { @@ -504,81 +441,6 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, } /** -<<<<<<< HEAD - * validate a x509 certificate using CRL - */ -static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, - auth_cfg_t *auth) -{ - cert_validation_t valid = VALIDATION_SKIPPED; - identification_t *keyid = NULL; - certificate_t *best = NULL; - certificate_t *current; - public_key_t *public; - enumerator_t *enumerator; - chunk_t chunk; - char *uri = NULL; - - /* derive the authorityKeyIdentifier from the issuer's public key */ - current = &issuer->interface; - public = current->get_public_key(current); - if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) - { - keyid = identification_create_from_encoding(ID_KEY_ID, chunk); - - /* find a cached crl by authorityKeyIdentifier */ - enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, - CERT_X509_CRL, KEY_ANY, keyid, FALSE); - while (enumerator->enumerate(enumerator, ¤t)) - { - current->get_ref(current); - best = get_better_crl(current, best, subject, issuer, - &valid, FALSE); - if (best && valid != VALIDATION_STALE) - { - DBG1(DBG_CFG, " using cached crl"); - break; - } - } - enumerator->destroy(enumerator); - - /* fallback to fetching crls from credential sets cdps */ - if (valid != VALIDATION_GOOD && valid != VALIDATION_REVOKED) - { - enumerator = lib->credmgr->create_cdp_enumerator(lib->credmgr, - CERT_X509_CRL, keyid); - while (enumerator->enumerate(enumerator, &uri)) - { - current = fetch_crl(uri); - if (current) - { - best = get_better_crl(current, best, subject, issuer, - &valid, TRUE); - if (best && valid != VALIDATION_STALE) - { - break; - } - } - } - enumerator->destroy(enumerator); - } - keyid->destroy(keyid); - } - DESTROY_IF(public); - - /* fallback to fetching crls from cdps from subject's certificate */ - if (valid != VALIDATION_GOOD && valid != VALIDATION_REVOKED) - { - enumerator = subject->create_crl_uri_enumerator(subject); - - while (enumerator->enumerate(enumerator, &uri)) - { - current = fetch_crl(uri); - if (current) - { - best = get_better_crl(current, best, subject, issuer, - &valid, TRUE); -======= * Find or fetch a certificate for a given crlIssuer */ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, @@ -764,7 +626,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, } best = get_better_crl(current, best, subject, &valid, auth, TRUE, NULL); ->>>>>>> upstream/4.5.1 if (best && valid != VALIDATION_STALE) { break; @@ -774,10 +635,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, enumerator->destroy(enumerator); } -<<<<<<< HEAD - /* an uri was found, but no result. switch validation state to failed */ - if (valid == VALIDATION_SKIPPED && uri) -======= /* look for delta CRLs */ if (best && (valid == VALIDATION_GOOD || valid == VALIDATION_STALE)) { @@ -786,7 +643,6 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, /* an uri was found, but no result. switch validation state to failed */ if (valid == VALIDATION_SKIPPED && uri_found) ->>>>>>> upstream/4.5.1 { valid = VALIDATION_FAILED; } @@ -809,12 +665,8 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, METHOD(cert_validator_t, validate, bool, private_revocation_validator_t *this, certificate_t *subject, -<<<<<<< HEAD - certificate_t *issuer, bool online, int pathlen, auth_cfg_t *auth) -======= certificate_t *issuer, bool online, u_int pathlen, bool anchor, auth_cfg_t *auth) ->>>>>>> upstream/4.5.1 { if (subject->get_type(subject) == CERT_X509 && issuer->get_type(issuer) == CERT_X509 && @@ -822,12 +674,8 @@ METHOD(cert_validator_t, validate, bool, { DBG1(DBG_CFG, "checking certificate status of \"%Y\"", subject->get_subject(subject)); -<<<<<<< HEAD - switch (check_ocsp((x509_t*)subject, (x509_t*)issuer, auth)) -======= switch (check_ocsp((x509_t*)subject, (x509_t*)issuer, pathlen ? NULL : auth)) ->>>>>>> upstream/4.5.1 { case VALIDATION_GOOD: DBG1(DBG_CFG, "certificate status is good"); @@ -845,12 +693,8 @@ METHOD(cert_validator_t, validate, bool, DBG1(DBG_CFG, "ocsp check failed, fallback to crl"); break; } -<<<<<<< HEAD - switch (check_crl((x509_t*)subject, (x509_t*)issuer, auth)) -======= switch (check_crl((x509_t*)subject, (x509_t*)issuer, pathlen ? NULL : auth)) ->>>>>>> upstream/4.5.1 { case VALIDATION_GOOD: DBG1(DBG_CFG, "certificate status is good"); diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index 95e4e403d..b4b275648 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c index fcb75dfa2..a9b84e790 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.c +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c @@ -19,11 +19,6 @@ #include "sha1_hasher.h" #include "sha1_prf.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "sha1"; - ->>>>>>> upstream/4.5.1 typedef struct private_sha1_plugin_t private_sha1_plugin_t; /** @@ -37,15 +32,14 @@ struct private_sha1_plugin_t { sha1_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of sha1_plugin_t.destroy - */ -static void destroy(private_sha1_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_sha1_plugin_t *this) +{ + return "sha1"; +} + METHOD(plugin_t, destroy, void, private_sha1_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_hasher(lib->crypto, (hasher_constructor_t)sha1_hasher_create); @@ -59,29 +53,21 @@ METHOD(plugin_t, destroy, void, */ plugin_t *sha1_plugin_create() { -<<<<<<< HEAD - private_sha1_plugin_t *this = malloc_thing(private_sha1_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, - (hasher_constructor_t)sha1_hasher_create); - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, -======= private_sha1_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)sha1_hasher_create); - lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, get_name(this), (prf_constructor_t)sha1_prf_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index 0dc56ac37..bdc235555 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -219,13 +219,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -246,6 +240,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,14 +260,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c index b47f07b8d..4ec03a268 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.c +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c @@ -18,11 +18,6 @@ #include <library.h> #include "sha2_hasher.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "sha2"; - ->>>>>>> upstream/4.5.1 typedef struct private_sha2_plugin_t private_sha2_plugin_t; /** @@ -36,15 +31,14 @@ struct private_sha2_plugin_t { sha2_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of sha2_plugin_t.destroy - */ -static void destroy(private_sha2_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_sha2_plugin_t *this) +{ + return "sha2"; +} + METHOD(plugin_t, destroy, void, private_sha2_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->crypto->remove_hasher(lib->crypto, (hasher_constructor_t)sha2_hasher_create); @@ -56,37 +50,25 @@ METHOD(plugin_t, destroy, void, */ plugin_t *sha2_plugin_create() { -<<<<<<< HEAD - private_sha2_plugin_t *this = malloc_thing(private_sha2_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; - - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, - (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, - (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, - (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, -======= private_sha2_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); - lib->crypto->add_hasher(lib->crypto, HASH_SHA224, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA224, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA256, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA384, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, get_name(this), (hasher_constructor_t)sha2_hasher_create); - lib->crypto->add_hasher(lib->crypto, HASH_SHA512, plugin_name, ->>>>>>> upstream/4.5.1 + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, get_name(this), (hasher_constructor_t)sha2_hasher_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in index 35d175f95..ec370d38c 100644 --- a/src/libstrongswan/plugins/soup/Makefile.in +++ b/src/libstrongswan/plugins/soup/Makefile.in @@ -241,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -264,6 +266,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/soup/soup_fetcher.c b/src/libstrongswan/plugins/soup/soup_fetcher.c index fd97631bd..3e5786b12 100644 --- a/src/libstrongswan/plugins/soup/soup_fetcher.c +++ b/src/libstrongswan/plugins/soup/soup_fetcher.c @@ -58,44 +58,77 @@ struct private_soup_fetcher_t { * HTTP request version */ SoupHTTPVersion version; + + /** + * Fetcher callback function + */ + fetcher_callback_t cb; }; +/** + * Data to pass to soup callback + */ +typedef struct { + fetcher_callback_t cb; + void *user; + SoupSession *session; +} cb_data_t; + +/** + * Soup callback invoking our callback + */ +static void soup_cb(SoupMessage *message, SoupBuffer *chunk, cb_data_t *data) +{ + if (!data->cb(data->user, chunk_create((u_char*)chunk->data, chunk->length))) + { + soup_session_cancel_message(data->session, message, + SOUP_STATUS_CANCELLED); + } +} + METHOD(fetcher_t, fetch, status_t, - private_soup_fetcher_t *this, char *uri, chunk_t *result) + private_soup_fetcher_t *this, char *uri, void *userdata) { - SoupSession *session; SoupMessage *message; status_t status = FAILED; + cb_data_t data = { + .cb = this->cb, + .user = userdata, + }; message = soup_message_new(this->method, uri); if (!message) { return NOT_SUPPORTED; } + if (this->cb == fetcher_default_callback) + { + *(chunk_t*)userdata = chunk_empty; + } if (this->type) { soup_message_set_request(message, this->type, SOUP_MEMORY_STATIC, this->data.ptr, this->data.len); } soup_message_set_http_version(message, this->version); - session = soup_session_sync_new(); - g_object_set(G_OBJECT(session), + soup_message_body_set_accumulate(message->response_body, FALSE); + g_signal_connect(message, "got-chunk", G_CALLBACK(soup_cb), &data); + data.session = soup_session_sync_new(); + g_object_set(G_OBJECT(data.session), SOUP_SESSION_TIMEOUT, (guint)this->timeout, NULL); DBG2(DBG_LIB, "sending http request to '%s'...", uri); - soup_session_send_message(session, message); + soup_session_send_message(data.session, message); if (SOUP_STATUS_IS_SUCCESSFUL(message->status_code)) { - *result = chunk_clone(chunk_create((u_char*)message->response_body->data, - message->response_body->length)); status = SUCCESS; } else { - DBG1(DBG_LIB, "HTTP request failed, code %d", message->status_code); + DBG1(DBG_LIB, "HTTP request failed: %s", message->reason_phrase); } g_object_unref(G_OBJECT(message)); - g_object_unref(G_OBJECT(session)); + g_object_unref(G_OBJECT(data.session)); return status; } @@ -121,6 +154,9 @@ METHOD(fetcher_t, set_option, bool, case FETCH_TIMEOUT: this->timeout = va_arg(args, u_int); break; + case FETCH_CALLBACK: + this->cb = va_arg(args, fetcher_callback_t); + break; default: supported = FALSE; break; @@ -153,6 +189,7 @@ soup_fetcher_t *soup_fetcher_create() .method = SOUP_METHOD_GET, .version = SOUP_HTTP_1_1, .timeout = DEFAULT_TIMEOUT, + .cb = fetcher_default_callback, ); return &this->public; diff --git a/src/libstrongswan/plugins/soup/soup_plugin.c b/src/libstrongswan/plugins/soup/soup_plugin.c index 970e32472..22c8762e0 100644 --- a/src/libstrongswan/plugins/soup/soup_plugin.c +++ b/src/libstrongswan/plugins/soup/soup_plugin.c @@ -34,6 +34,12 @@ struct private_soup_plugin_t { soup_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_soup_plugin_t *this) +{ + return "soup"; +} + METHOD(plugin_t, destroy, void, private_soup_plugin_t *this) { @@ -58,6 +64,8 @@ plugin_t *soup_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index bf952acc5..e2ec799a9 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -222,13 +222,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -249,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -267,14 +263,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c index e1c51f098..f9e06199e 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c @@ -213,15 +213,8 @@ static bool sqlite_enumerator_enumerate(sqlite_enumerator_t *this, ...) return TRUE; } -<<<<<<< HEAD -/** - * Implementation of database_t.query. - */ -static enumerator_t* query(private_sqlite_database_t *this, char *sql, ...) -======= METHOD(database_t, query, enumerator_t*, private_sqlite_database_t *this, char *sql, ...) ->>>>>>> upstream/4.5.1 { sqlite3_stmt *stmt; va_list args; @@ -253,15 +246,8 @@ METHOD(database_t, query, enumerator_t*, return (enumerator_t*)enumerator; } -<<<<<<< HEAD -/** - * Implementation of database_t.execute. - */ -static int execute(private_sqlite_database_t *this, int *rowid, char *sql, ...) -======= METHOD(database_t, execute, int, private_sqlite_database_t *this, int *rowid, char *sql, ...) ->>>>>>> upstream/4.5.1 { sqlite3_stmt *stmt; int affected = -1; @@ -293,15 +279,8 @@ METHOD(database_t, execute, int, return affected; } -<<<<<<< HEAD -/** - * Implementation of database_t.get_driver - */ -static db_driver_t get_driver(private_sqlite_database_t *this) -======= METHOD(database_t, get_driver, db_driver_t, private_sqlite_database_t *this) ->>>>>>> upstream/4.5.1 { return DB_SQLITE; } @@ -317,15 +296,8 @@ static int busy_handler(private_sqlite_database_t *this, int count) return 1; } -<<<<<<< HEAD -/** - * Implementation of database_t.destroy - */ -static void destroy(private_sqlite_database_t *this) -======= METHOD(database_t, destroy, void, private_sqlite_database_t *this) ->>>>>>> upstream/4.5.1 { sqlite3_close(this->db); this->mutex->destroy(this->mutex); @@ -349,16 +321,6 @@ sqlite_database_t *sqlite_database_create(char *uri) } file = uri + 9; -<<<<<<< HEAD - this = malloc_thing(private_sqlite_database_t); - - this->public.db.query = (enumerator_t* (*)(database_t *this, char *sql, ...))query; - this->public.db.execute = (int (*)(database_t *this, int *rowid, char *sql, ...))execute; - this->public.db.get_driver = (db_driver_t(*)(database_t*))get_driver; - this->public.db.destroy = (void(*)(database_t*))destroy; - - this->mutex = mutex_create(MUTEX_TYPE_RECURSIVE); -======= INIT(this, .public = { .db = { @@ -370,17 +332,12 @@ sqlite_database_t *sqlite_database_create(char *uri) }, .mutex = mutex_create(MUTEX_TYPE_RECURSIVE), ); ->>>>>>> upstream/4.5.1 if (sqlite3_open(file, &this->db) != SQLITE_OK) { DBG1(DBG_LIB, "opening SQLite database '%s' failed: %s", file, sqlite3_errmsg(this->db)); -<<<<<<< HEAD - destroy(this); -======= _destroy(this); ->>>>>>> upstream/4.5.1 return NULL; } diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c index e0bdf0634..d8c6a560c 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c @@ -31,15 +31,14 @@ struct private_sqlite_plugin_t { sqlite_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of plugin_t.destroy - */ -static void destroy(private_sqlite_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_sqlite_plugin_t *this) +{ + return "sqlite"; +} + METHOD(plugin_t, destroy, void, private_sqlite_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->db->remove_database(lib->db, (database_constructor_t)sqlite_database_create); @@ -51,21 +50,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *sqlite_plugin_create() { -<<<<<<< HEAD - private_sqlite_plugin_t *this = malloc_thing(private_sqlite_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_sqlite_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->db->add_database(lib->db, (database_constructor_t)sqlite_database_create); diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in index 651fb8a9f..70cdfd600 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.in +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -227,13 +227,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -254,6 +248,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -272,14 +268,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c index 80b5f1010..b4bf1fe6a 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c @@ -25,7 +25,6 @@ crypter_test_vector_t des_ecb1 = { .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, .key = "\x00\x01\x02\x03\x04\x05\x06\x07", - .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", .plain = "\x41\xAD\x06\x85\x48\x80\x9D\x02", .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" }; @@ -36,7 +35,6 @@ crypter_test_vector_t des_ecb1 = { crypter_test_vector_t des_ecb2 = { .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", - .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", .plain = "\xB1\x0F\x84\x30\x97\xA0\xF9\x32", .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" }; diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c index c021ef67b..4a8743289 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c @@ -104,15 +104,14 @@ struct private_test_vectors_plugin_t { test_vectors_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of test_vectors_plugin_t.test_vectorstroy - */ -static void destroy(private_test_vectors_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_test_vectors_plugin_t *this) +{ + return "test-vectors"; +} + METHOD(plugin_t, destroy, void, private_test_vectors_plugin_t *this) ->>>>>>> upstream/4.5.1 { free(this); } @@ -122,23 +121,18 @@ METHOD(plugin_t, destroy, void, */ plugin_t *test_vectors_plugin_create() { -<<<<<<< HEAD - private_test_vectors_plugin_t *this = malloc_thing(private_test_vectors_plugin_t); - int i; - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_test_vectors_plugin_t *this; int i; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 for (i = 0; i < countof(crypter); i++) { diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 785d6441c..58cdf2c7c 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -221,13 +221,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -248,6 +242,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,14 +262,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 0eabc8010..8b228a2b6 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -117,11 +117,7 @@ struct private_x509_cert_t { linked_list_t *subjectAltNames; /** -<<<<<<< HEAD - * List of crlDistributionPoints as allocated char* -======= * List of crlDistributionPoints as x509_cdp_t* ->>>>>>> upstream/4.5.1 */ linked_list_t *crl_uris; @@ -136,8 +132,6 @@ struct private_x509_cert_t { linked_list_t *ipAddrBlocks; /** -<<<<<<< HEAD -======= * List of permitted name constraints */ linked_list_t *permitted_names; @@ -158,7 +152,6 @@ struct private_x509_cert_t { linked_list_t *policy_mappings; /** ->>>>>>> upstream/4.5.1 * certificate's embedded public key */ public_key_t *public_key; @@ -181,9 +174,6 @@ struct private_x509_cert_t { /** * Path Length Constraint */ -<<<<<<< HEAD - int pathLenConstraint; -======= u_char pathLenConstraint; /** @@ -200,7 +190,6 @@ struct private_x509_cert_t { * inhibitAnyPolicy Constraint */ u_char inhibit_any; ->>>>>>> upstream/4.5.1 /** * x509 constraints and other flags @@ -233,8 +222,6 @@ static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars( ); /** -<<<<<<< HEAD -======= * Destroy a CertificateDistributionPoint */ static void crl_uri_destroy(x509_cdp_t *this) @@ -282,7 +269,6 @@ static u_int parse_constraint(chunk_t object) } /** ->>>>>>> upstream/4.5.1 * ASN.1 definition of a basicConstraints extension */ static const asn1Object_t basicConstraintsObjects[] = { @@ -324,19 +310,7 @@ static void parse_basicConstraints(chunk_t blob, int level0, case BASIC_CONSTRAINTS_PATH_LEN: if (isCA) { -<<<<<<< HEAD - if (object.len == 0) - { - this->pathLenConstraint = 0; - } - else if (object.len == 1) - { - this->pathLenConstraint = *object.ptr; - } - /* we ignore path length constraints > 127 */ -======= this->pathLenConstraint = parse_constraint(object); ->>>>>>> upstream/4.5.1 } break; default: @@ -674,11 +648,7 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, } break; default: -<<<<<<< HEAD - /* unkown accessMethod, ignoring */ -======= /* unknown accessMethod, ignoring */ ->>>>>>> upstream/4.5.1 break; } break; @@ -693,8 +663,6 @@ end: } /** -<<<<<<< HEAD -======= * Extract KeyUsage flags */ static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this) @@ -749,7 +717,6 @@ static void parse_keyUsage(chunk_t blob, private_x509_cert_t *this) } /** ->>>>>>> upstream/4.5.1 * ASN.1 definition of a extendedKeyUsage extension */ static const asn1Object_t extendedKeyUsageObjects[] = { @@ -761,11 +728,7 @@ static const asn1Object_t extendedKeyUsageObjects[] = { #define EXT_KEY_USAGE_PURPOSE_ID 1 /** -<<<<<<< HEAD - * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned -======= * Extracts extendedKeyUsage OIDs ->>>>>>> upstream/4.5.1 */ static void parse_extendedKeyUsage(chunk_t blob, int level0, private_x509_cert_t *this) @@ -814,18 +777,11 @@ static const asn1Object_t crlDistributionPointsObjects[] = { { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */ { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */ -<<<<<<< HEAD - { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */ -======= { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_OBJ }, /* 10 */ ->>>>>>> upstream/4.5.1 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; -<<<<<<< HEAD -#define CRL_DIST_POINTS_FULLNAME 3 -======= #define CRL_DIST_POINTS 1 #define CRL_DIST_POINTS_FULLNAME 3 #define CRL_DIST_POINTS_ISSUER 10 @@ -874,21 +830,10 @@ static void add_cdps(linked_list_t *list, linked_list_t *uris, id->destroy(id); } } ->>>>>>> upstream/4.5.1 /** * Extracts one or several crlDistributionPoints into a list */ -<<<<<<< HEAD -static void parse_crlDistributionPoints(chunk_t blob, int level0, - private_x509_cert_t *this) -{ - asn1_parser_t *parser; - chunk_t object; - int objectID; - linked_list_t *list = linked_list_create(); - -======= void x509_parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list) { @@ -899,36 +844,11 @@ void x509_parse_crlDistributionPoints(chunk_t blob, int level0, uris = linked_list_create(); issuers = linked_list_create(); ->>>>>>> upstream/4.5.1 parser = asn1_parser_create(crlDistributionPointsObjects, blob); parser->set_top_level(parser, level0); while (parser->iterate(parser, &objectID, &object)) { -<<<<<<< HEAD - if (objectID == CRL_DIST_POINTS_FULLNAME) - { - identification_t *id; - - /* append extracted generalNames to existing chained list */ - x509_parse_generalNames(object, parser->get_level(parser)+1, - TRUE, list); - - while (list->remove_last(list, (void**)&id) == SUCCESS) - { - char *uri; - - if (asprintf(&uri, "%Y", id) > 0) - { - this->crl_uris->insert_last(this->crl_uris, uri); - } - id->destroy(id); - } - } - } - parser->destroy(parser); - list->destroy(list); -======= switch (objectID) { case CRL_DIST_POINTS: @@ -1017,15 +937,15 @@ static const asn1Object_t certificatePoliciesObject[] = { { 0, "certificatePolicies", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */ { 1, "policyInformation", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */ { 2, "policyId", ASN1_OID, ASN1_BODY }, /* 2 */ - { 2, "qualifier", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 3 */ + { 2, "qualifiers", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 3 */ { 3, "qualifierInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 4 */ { 4, "qualifierId", ASN1_OID, ASN1_BODY }, /* 5 */ { 4, "cPSuri", ASN1_IA5STRING, ASN1_OPT|ASN1_BODY }, /* 6 */ { 4, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ - { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */ + { 4, "userNotice", ASN1_SEQUENCE, ASN1_OPT|ASN1_BODY }, /* 8 */ { 5, "explicitText", ASN1_EOC, ASN1_RAW }, /* 9 */ { 4, "end choice", ASN1_EOC, ASN1_END }, /* 10 */ - { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */ + { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; @@ -1179,7 +1099,6 @@ static void parse_policyConstraints(chunk_t blob, int level0, } } parser->destroy(parser); ->>>>>>> upstream/4.5.1 } /** @@ -1198,7 +1117,7 @@ static const asn1Object_t ipAddrBlocksObjects[] = { { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */ { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */ { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */ - { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */ + { 2, "end opt/loop", ASN1_EOC, ASN1_END }, /* 12 */ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */ { 0, "exit", ASN1_EOC, ASN1_EXIT } }; @@ -1374,14 +1293,6 @@ static const asn1Object_t certObjects[] = { #define X509_OBJ_SIGNATURE 25 /** -<<<<<<< HEAD - * forward declaration - */ -static bool issued_by(private_x509_cert_t *this, certificate_t *issuer); - -/** -======= ->>>>>>> upstream/4.5.1 * Parses an X.509v3 certificate */ static bool parse_certificate(private_x509_cert_t *this) @@ -1481,12 +1392,8 @@ static bool parse_certificate(private_x509_cert_t *this) parse_basicConstraints(object, level, this); break; case OID_CRL_DISTRIBUTION_POINTS: -<<<<<<< HEAD - parse_crlDistributionPoints(object, level, this); -======= x509_parse_crlDistributionPoints(object, level, this->crl_uris); ->>>>>>> upstream/4.5.1 break; case OID_AUTHORITY_KEY_ID: this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object, @@ -1496,11 +1403,7 @@ static bool parse_certificate(private_x509_cert_t *this) parse_authorityInfoAccess(object, level, this); break; case OID_KEY_USAGE: -<<<<<<< HEAD - /* TODO parse the flags */ -======= parse_keyUsage(object, this); ->>>>>>> upstream/4.5.1 break; case OID_EXTENDED_KEY_USAGE: parse_extendedKeyUsage(object, level, this); @@ -1508,8 +1411,6 @@ static bool parse_certificate(private_x509_cert_t *this) case OID_IP_ADDR_BLOCKS: parse_ipAddrBlocks(object, level, this); break; -<<<<<<< HEAD -======= case OID_NAME_CONSTRAINTS: parse_nameConstraints(object, level, this); break; @@ -1530,7 +1431,6 @@ static bool parse_certificate(private_x509_cert_t *this) } this->inhibit_any = parse_constraint(object); break; ->>>>>>> upstream/4.5.1 case OID_NS_REVOCATION_URL: case OID_NS_CA_REVOCATION_URL: case OID_NS_CA_POLICY_URL: @@ -1543,15 +1443,9 @@ static bool parse_certificate(private_x509_cert_t *this) break; default: if (critical && lib->settings->get_bool(lib->settings, -<<<<<<< HEAD - "libstrongswan.plugins.x509.enforce_critical", FALSE)) - { - DBG1(DBG_LIB, "critical %s extension not supported", -======= "libstrongswan.x509.enforce_critical", TRUE)) { DBG1(DBG_LIB, "critical '%s' extension not supported", ->>>>>>> upstream/4.5.1 (extn_oid == OID_UNKNOWN) ? "unknown" : (char*)oid_names[extn_oid].name); goto end; @@ -1584,13 +1478,9 @@ end: hasher_t *hasher; /* check if the certificate is self-signed */ -<<<<<<< HEAD - if (issued_by(this, &this->public.interface.interface)) -======= if (this->public.interface.interface.issued_by( &this->public.interface.interface, &this->public.interface.interface)) ->>>>>>> upstream/4.5.1 { this->flags |= X509_SELF_SIGNED; } @@ -1607,54 +1497,26 @@ end: return success; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_type - */ -static certificate_type_t get_type(private_x509_cert_t *this) -======= METHOD(certificate_t, get_type, certificate_type_t, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return CERT_X509; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_subject - */ -static identification_t* get_subject(private_x509_cert_t *this) -======= METHOD(certificate_t, get_subject, identification_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->subject; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_issuer - */ -static identification_t* get_issuer(private_x509_cert_t *this) -======= METHOD(certificate_t, get_issuer, identification_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->issuer; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.has_subject. - */ -static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject) -======= METHOD(certificate_t, has_subject, id_match_t, private_x509_cert_t *this, identification_t *subject) ->>>>>>> upstream/4.5.1 { identification_t *current; enumerator_t *enumerator; @@ -1695,29 +1557,15 @@ METHOD(certificate_t, has_subject, id_match_t, return best; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.has_issuer. - */ -static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer) -======= METHOD(certificate_t, has_issuer, id_match_t, private_x509_cert_t *this, identification_t *issuer) ->>>>>>> upstream/4.5.1 { /* issuerAltNames currently not supported */ return this->issuer->matches(this->issuer, issuer); } -<<<<<<< HEAD -/** - * Implementation of certificate_t.issued_by. - */ -static bool issued_by(private_x509_cert_t *this, certificate_t *issuer) -======= METHOD(certificate_t, issued_by, bool, private_x509_cert_t *this, certificate_t *issuer) ->>>>>>> upstream/4.5.1 { public_key_t *key; signature_scheme_t scheme; @@ -1764,44 +1612,13 @@ METHOD(certificate_t, issued_by, bool, return valid; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_public_key - */ -static public_key_t* get_public_key(private_x509_cert_t *this) -======= METHOD(certificate_t, get_public_key, public_key_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { this->public_key->get_ref(this->public_key); return this->public_key; } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_ref - */ -static private_x509_cert_t* get_ref(private_x509_cert_t *this) -{ - ref_get(&this->ref); - return this; -} - -/** - * Implementation of x509_cert_t.get_flags. - */ -static x509_flag_t get_flags(private_x509_cert_t *this) -{ - return this->flags; -} - -/** - * Implementation of x509_cert_t.get_validity. - */ -static bool get_validity(private_x509_cert_t *this, time_t *when, - time_t *not_before, time_t *not_after) -======= METHOD(certificate_t, get_ref, certificate_t*, private_x509_cert_t *this) { @@ -1812,7 +1629,6 @@ METHOD(certificate_t, get_ref, certificate_t*, METHOD(certificate_t, get_validity, bool, private_x509_cert_t *this, time_t *when, time_t *not_before, time_t *not_after) ->>>>>>> upstream/4.5.1 { time_t t = when ? *when : time(NULL); @@ -1827,16 +1643,8 @@ METHOD(certificate_t, get_validity, bool, return (t >= this->notBefore && t <= this->notAfter); } -<<<<<<< HEAD -/** - * Implementation of certificate_t.get_encoding. - */ -static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type, - chunk_t *encoding) -======= METHOD(certificate_t, get_encoding, bool, private_x509_cert_t *this, cred_encoding_type_t type, chunk_t *encoding) ->>>>>>> upstream/4.5.1 { if (type == CERT_ASN1_DER) { @@ -1847,15 +1655,8 @@ METHOD(certificate_t, get_encoding, bool, CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END); } -<<<<<<< HEAD -/** - * Implementation of certificate_t.equals. - */ -static bool equals(private_x509_cert_t *this, certificate_t *other) -======= METHOD(certificate_t, equals, bool, private_x509_cert_t *this, certificate_t *other) ->>>>>>> upstream/4.5.1 { chunk_t encoding; bool equal; @@ -1881,12 +1682,6 @@ METHOD(certificate_t, equals, bool, return equal; } -<<<<<<< HEAD -/** - * Implementation of x509_t.get_serial. - */ -static chunk_t get_serial(private_x509_cert_t *this) -======= METHOD(x509_t, get_flags, x509_flag_t, private_x509_cert_t *this) { @@ -1895,20 +1690,12 @@ METHOD(x509_t, get_flags, x509_flag_t, METHOD(x509_t, get_serial, chunk_t, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->serialNumber; } -<<<<<<< HEAD -/** - * Implementation of x509_t.get_subjectKeyIdentifier. - */ -static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this) -======= METHOD(x509_t, get_subjectKeyIdentifier, chunk_t, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { if (this->subjectKeyIdentifier.ptr) { @@ -1930,33 +1717,12 @@ METHOD(x509_t, get_subjectKeyIdentifier, chunk_t, } } -<<<<<<< HEAD -/** - * Implementation of x509_t.get_authKeyIdentifier. - */ -static chunk_t get_authKeyIdentifier(private_x509_cert_t *this) -======= METHOD(x509_t, get_authKeyIdentifier, chunk_t, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->authKeyIdentifier; } -<<<<<<< HEAD -/** - * Implementation of x509_t.get_pathLenConstraint. - */ -static int get_pathLenConstraint(private_x509_cert_t *this) -{ - return this->pathLenConstraint; -} - -/** - * Implementation of x509_cert_t.create_subjectAltName_enumerator. - */ -static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this) -======= METHOD(x509_t, get_constraint, u_int, private_x509_cert_t *this, x509_constraint_t type) { @@ -1977,56 +1743,28 @@ METHOD(x509_t, get_constraint, u_int, METHOD(x509_t, create_subjectAltName_enumerator, enumerator_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->subjectAltNames->create_enumerator(this->subjectAltNames); } -<<<<<<< HEAD -/** - * Implementation of x509_cert_t.create_ocsp_uri_enumerator. - */ -static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this) -======= METHOD(x509_t, create_ocsp_uri_enumerator, enumerator_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->ocsp_uris->create_enumerator(this->ocsp_uris); } -<<<<<<< HEAD -/** - * Implementation of x509_cert_t.create_crl_uri_enumerator. - */ -static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this) -======= METHOD(x509_t, create_crl_uri_enumerator, enumerator_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->crl_uris->create_enumerator(this->crl_uris); } -<<<<<<< HEAD -/** - * Implementation of x509_cert_t.create_ipAddrBlock_enumerator. - */ -static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this) -======= METHOD(x509_t, create_ipAddrBlock_enumerator, enumerator_t*, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks); } -<<<<<<< HEAD -/** - * Implementation of certificate_t.destroy. - */ -static void destroy(private_x509_cert_t *this) -======= METHOD(x509_t, create_name_constraint_enumerator, enumerator_t*, private_x509_cert_t *this, bool perm) { @@ -2051,17 +1789,11 @@ METHOD(x509_t, create_policy_mapping_enumerator, enumerator_t*, METHOD(certificate_t, destroy, void, private_x509_cert_t *this) ->>>>>>> upstream/4.5.1 { if (ref_put(&this->ref)) { this->subjectAltNames->destroy_offset(this->subjectAltNames, offsetof(identification_t, destroy)); -<<<<<<< HEAD - this->crl_uris->destroy_function(this->crl_uris, free); - this->ocsp_uris->destroy_function(this->ocsp_uris, free); - this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy)); -======= this->crl_uris->destroy_function(this->crl_uris, (void*)crl_uri_destroy); this->ocsp_uris->destroy_function(this->ocsp_uris, free); this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, @@ -2074,7 +1806,6 @@ METHOD(certificate_t, destroy, void, (void*)cert_policy_destroy); this->policy_mappings->destroy_function(this->policy_mappings, (void*)policy_mapping_destroy); ->>>>>>> upstream/4.5.1 DESTROY_IF(this->issuer); DESTROY_IF(this->subject); DESTROY_IF(this->public_key); @@ -2096,56 +1827,6 @@ METHOD(certificate_t, destroy, void, */ static private_x509_cert_t* create_empty(void) { -<<<<<<< HEAD - private_x509_cert_t *this = malloc_thing(private_x509_cert_t); - - this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type; - this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject; - this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer; - this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject; - this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer; - this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; - this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; - this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; - this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; - this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; - this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; - this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; - this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags; - this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial; - this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier; - this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier; - this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint; - this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator; - this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator; - this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator; - this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator; - - this->encoding = chunk_empty; - this->encoding_hash = chunk_empty; - this->tbsCertificate = chunk_empty; - this->version = 1; - this->serialNumber = chunk_empty; - this->notBefore = 0; - this->notAfter = 0; - this->public_key = NULL; - this->subject = NULL; - this->issuer = NULL; - this->subjectAltNames = linked_list_create(); - this->crl_uris = linked_list_create(); - this->ocsp_uris = linked_list_create(); - this->ipAddrBlocks = linked_list_create(); - this->subjectKeyIdentifier = chunk_empty; - this->authKeyIdentifier = chunk_empty; - this->authKeySerialNumber = chunk_empty; - this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT; - this->algorithm = 0; - this->signature = chunk_empty; - this->flags = 0; - this->ref = 1; - this->parsed = FALSE; - -======= private_x509_cert_t *this; INIT(this, @@ -2194,13 +1875,10 @@ static private_x509_cert_t* create_empty(void) .inhibit_any = X509_NO_CONSTRAINT, .ref = 1, ); ->>>>>>> upstream/4.5.1 return this; } /** -<<<<<<< HEAD -======= * Build a generalName from an id */ chunk_t build_generalName(identification_t *id) @@ -2231,16 +1909,11 @@ chunk_t build_generalName(identification_t *id) } /** ->>>>>>> upstream/4.5.1 * Encode a linked list of subjectAltNames */ chunk_t x509_build_subjectAltNames(linked_list_t *list) { -<<<<<<< HEAD - chunk_t subjectAltNames = chunk_empty; -======= chunk_t subjectAltNames = chunk_empty, name; ->>>>>>> upstream/4.5.1 enumerator_t *enumerator; identification_t *id; @@ -2252,33 +1925,7 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list) enumerator = list->create_enumerator(list); while (enumerator->enumerate(enumerator, &id)) { -<<<<<<< HEAD - int context; - chunk_t name; - - switch (id->get_type(id)) - { - case ID_RFC822_ADDR: - context = ASN1_CONTEXT_S_1; - break; - case ID_FQDN: - context = ASN1_CONTEXT_S_2; - break; - case ID_IPV4_ADDR: - case ID_IPV6_ADDR: - context = ASN1_CONTEXT_S_7; - break; - default: - DBG1(DBG_LIB, "encoding %N as subjectAltName not supported", - id_type_names, id->get_type(id)); - enumerator->destroy(enumerator); - free(subjectAltNames.ptr); - return chunk_empty; - } - name = asn1_wrap(context, "c", id->get_encoding(id)); -======= name = build_generalName(id); ->>>>>>> upstream/4.5.1 subjectAltNames = chunk_cat("mm", subjectAltNames, name); } enumerator->destroy(enumerator); @@ -2292,8 +1939,6 @@ chunk_t x509_build_subjectAltNames(linked_list_t *list) } /** -<<<<<<< HEAD -======= * Encode CRL distribution points extension from a x509_cdp_t list */ chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn) @@ -2335,7 +1980,6 @@ chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn) } /** ->>>>>>> upstream/4.5.1 * Generate and sign a new certificate */ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, @@ -2343,14 +1987,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, { chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty; chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty; -<<<<<<< HEAD - chunk_t ocspSigning = chunk_empty; - chunk_t basicConstraints = chunk_empty; - chunk_t keyUsage = chunk_empty; - chunk_t subjectAltNames = chunk_empty; - chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty; - chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty; -======= chunk_t ocspSigning = chunk_empty, certPolicies = chunk_empty; chunk_t basicConstraints = chunk_empty, nameConstraints = chunk_empty; chunk_t keyUsage = chunk_empty, keyUsageBits = chunk_empty; @@ -2358,7 +1994,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty; chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty; chunk_t policyConstraints = chunk_empty, inhibitAnyPolicy = chunk_empty; ->>>>>>> upstream/4.5.1 identification_t *issuer, *subject; chunk_t key_info; signature_scheme_t scheme; @@ -2412,34 +2047,8 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, /* encode subjectAltNames */ subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames); -<<<<<<< HEAD - /* encode CRL distribution points extension */ - enumerator = cert->crl_uris->create_enumerator(cert->crl_uris); - while (enumerator->enumerate(enumerator, &uri)) - { - chunk_t distributionPoint; - - distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m", - asn1_wrap(ASN1_CONTEXT_C_0, "m", - asn1_wrap(ASN1_CONTEXT_C_0, "m", - asn1_wrap(ASN1_CONTEXT_S_6, "c", - chunk_create(uri, strlen(uri)))))); - - crlDistributionPoints = chunk_cat("mm", crlDistributionPoints, - distributionPoint); - } - enumerator->destroy(enumerator); - if (crlDistributionPoints.ptr) - { - crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS), - asn1_wrap(ASN1_OCTET_STRING, "m", - asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints))); - } -======= crlDistributionPoints = x509_build_crlDistributionPoints(cert->crl_uris, OID_CRL_DISTRIBUTION_POINTS); ->>>>>>> upstream/4.5.1 /* encode OCSP URIs in authorityInfoAccess extension */ enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris); @@ -2468,18 +2077,10 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, { chunk_t pathLenConstraint = chunk_empty; -<<<<<<< HEAD - if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT) - { - char pathlen = (char)cert->pathLenConstraint; - - pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen)); -======= if (cert->pathLenConstraint != X509_NO_CONSTRAINT) { pathLenConstraint = asn1_integer("c", chunk_from_thing(cert->pathLenConstraint)); ->>>>>>> upstream/4.5.1 } basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm", asn1_build_known_oid(OID_BASIC_CONSTRAINTS), @@ -2490,15 +2091,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, asn1_wrap(ASN1_BOOLEAN, "c", chunk_from_chars(0xFF)), pathLenConstraint))); -<<<<<<< HEAD - keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm", - asn1_build_known_oid(OID_KEY_USAGE), - asn1_wrap(ASN1_BOOLEAN, "c", - chunk_from_chars(0xFF)), - asn1_wrap(ASN1_OCTET_STRING, "m", - asn1_wrap(ASN1_BIT_STRING, "c", - chunk_from_chars(0x01, 0x06)))); -======= /* set CertificateSign and implicitly CRLsign */ keyUsageBits = chunk_from_chars(0x01, 0x06); } @@ -2513,7 +2105,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, asn1_wrap(ASN1_BOOLEAN, "c", chunk_from_chars(0xFF)), asn1_wrap(ASN1_OCTET_STRING, "m", asn1_wrap(ASN1_BIT_STRING, "c", keyUsageBits))); ->>>>>>> upstream/4.5.1 } /* add serverAuth extendedKeyUsage flag */ @@ -2542,11 +2133,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, } /* add subjectKeyIdentifier to CA and OCSP signer certificates */ -<<<<<<< HEAD - if (cert->flags & (X509_CA | X509_OCSP_SIGNER)) -======= if (cert->flags & (X509_CA | X509_OCSP_SIGNER | X509_CRL_SIGN)) ->>>>>>> upstream/4.5.1 { chunk_t keyid; @@ -2574,17 +2161,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid)))); } } -<<<<<<< HEAD - if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr || - crlDistributionPoints.ptr) - { - extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m", - asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm", - basicConstraints, keyUsage, subjectKeyIdentifier, - authKeyIdentifier, subjectAltNames, - extendedKeyUsage, crlDistributionPoints, - authorityInfoAccess)); -======= if (cert->permitted_names->get_count(cert->permitted_names) || cert->excluded_names->get_count(cert->excluded_names)) @@ -2732,7 +2308,6 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, extendedKeyUsage, crlDistributionPoints, authorityInfoAccess, nameConstraints, certPolicies, policyMappings, policyConstraints, inhibitAnyPolicy)); ->>>>>>> upstream/4.5.1 } cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm", @@ -2815,10 +2390,7 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args) certificate_t *sign_cert = NULL; private_key_t *sign_key = NULL; hash_algorithm_t digest_alg = HASH_SHA1; -<<<<<<< HEAD -======= u_int constraint; ->>>>>>> upstream/4.5.1 cert = create_empty(); while (TRUE) @@ -2862,15 +2434,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args) { enumerator_t *enumerator; linked_list_t *list; -<<<<<<< HEAD - char *uri; - - list = va_arg(args, linked_list_t*); - enumerator = list->create_enumerator(list); - while (enumerator->enumerate(enumerator, &uri)) - { - cert->crl_uris->insert_last(cert->crl_uris, strdup(uri)); -======= x509_cdp_t *in, *cdp; list = va_arg(args, linked_list_t*); @@ -2882,7 +2445,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args) .issuer = in->issuer ? in->issuer->clone(in->issuer) : NULL, ); cert->crl_uris->insert_last(cert->crl_uris, cdp); ->>>>>>> upstream/4.5.1 } enumerator->destroy(enumerator); continue; @@ -2903,13 +2465,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args) continue; } case BUILD_PATHLEN: -<<<<<<< HEAD - cert->pathLenConstraint = va_arg(args, int); - if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127) - { - cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT; - } -======= constraint = va_arg(args, u_int); cert->pathLenConstraint = (constraint < 128) ? constraint : X509_NO_CONSTRAINT; @@ -3000,7 +2555,6 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args) constraint = va_arg(args, u_int); cert->inhibit_any = (constraint < 128) ? constraint : X509_NO_CONSTRAINT; ->>>>>>> upstream/4.5.1 continue; case BUILD_NOT_BEFORE_TIME: cert->notBefore = va_arg(args, time_t); diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index 3e62681f5..758505ab5 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -100,14 +100,11 @@ struct private_x509_crl_t { linked_list_t *revoked; /** -<<<<<<< HEAD -======= * List of Freshest CRL distribution points */ linked_list_t *crl_uris; /** ->>>>>>> upstream/4.5.1 * Authority Key Identifier */ chunk_t authKeyIdentifier; @@ -118,14 +115,11 @@ struct private_x509_crl_t { chunk_t authKeySerialNumber; /** -<<<<<<< HEAD -======= * Number of BaseCRL, if a delta CRL */ chunk_t baseCrlNumber; /** ->>>>>>> upstream/4.5.1 * Signature algorithm */ int algorithm; @@ -149,11 +143,6 @@ struct private_x509_crl_t { /** * from x509_cert */ -<<<<<<< HEAD -extern chunk_t x509_parse_authorityKeyIdentifier( - chunk_t blob, int level0, - chunk_t *authKeySerialNumber); -======= extern chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t *authKeySerialNumber); @@ -167,7 +156,6 @@ extern void x509_parse_crlDistributionPoints(chunk_t blob, int level0, * from x509_cert */ extern chunk_t x509_build_crlDistributionPoints(linked_list_t *list, int extn); ->>>>>>> upstream/4.5.1 /** * ASN.1 definition of an X.509 certificate revocation list @@ -238,11 +226,7 @@ static bool parse(private_x509_crl_t *this) int objectID; int sig_alg = OID_UNKNOWN; bool success = FALSE; -<<<<<<< HEAD - bool critical; -======= bool critical = FALSE; ->>>>>>> upstream/4.5.1 revoked_t *revoked = NULL; parser = asn1_parser_create(crlObjects, this->encoding); @@ -294,28 +278,6 @@ static bool parse(private_x509_crl_t *this) break; case CRL_OBJ_CRL_ENTRY_EXTN_VALUE: case CRL_OBJ_EXTN_VALUE: -<<<<<<< HEAD - { - int extn_oid = asn1_known_oid(extnID); - - if (revoked && extn_oid == OID_CRL_REASON_CODE) - { - if (*object.ptr == ASN1_ENUMERATED && - asn1_length(&object) == 1) - { - revoked->reason = *object.ptr; - } - DBG2(DBG_LIB, " '%N'", crl_reason_names, - revoked->reason); - } - else if (extn_oid == OID_AUTHORITY_KEY_ID) - { - this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object, - level, &this->authKeySerialNumber); - } - else if (extn_oid == OID_CRL_NUMBER) - { -======= { int extn_oid = asn1_known_oid(extnID); @@ -339,18 +301,12 @@ static bool parse(private_x509_crl_t *this) object, level, &this->authKeySerialNumber); break; case OID_CRL_NUMBER: ->>>>>>> upstream/4.5.1 if (!asn1_parse_simple_object(&object, ASN1_INTEGER, level, "crlNumber")) { goto end; } this->crlNumber = object; -<<<<<<< HEAD - } - } - break; -======= break; case OID_FRESHEST_CRL: x509_parse_crlDistributionPoints(object, level, @@ -377,7 +333,6 @@ static bool parse(private_x509_crl_t *this) } break; } ->>>>>>> upstream/4.5.1 case CRL_OBJ_ALGORITHM: { this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL); @@ -435,8 +390,6 @@ METHOD(crl_t, get_authKeyIdentifier, chunk_t, return this->authKeyIdentifier; } -<<<<<<< HEAD -======= METHOD(crl_t, is_delta_crl, bool, private_x509_crl_t *this, chunk_t *base_crl) { @@ -457,7 +410,6 @@ METHOD(crl_t, create_delta_crl_uri_enumerator, enumerator_t*, return this->crl_uris->create_enumerator(this->crl_uris); } ->>>>>>> upstream/4.5.1 METHOD(crl_t, create_enumerator, enumerator_t*, private_x509_crl_t *this) { @@ -502,11 +454,7 @@ METHOD(certificate_t, issued_by, bool, { return FALSE; } -<<<<<<< HEAD - if (!(x509->get_flags(x509) & X509_CA)) -======= if (!(x509->get_flags(x509) & (X509_CA | X509_CRL_SIGN))) ->>>>>>> upstream/4.5.1 { return FALSE; } @@ -619,8 +567,6 @@ static void revoked_destroy(revoked_t *revoked) free(revoked); } -<<<<<<< HEAD -======= /** * Destroy a CDP entry */ @@ -631,27 +577,20 @@ static void cdp_destroy(x509_cdp_t *this) free(this); } ->>>>>>> upstream/4.5.1 METHOD(certificate_t, destroy, void, private_x509_crl_t *this) { if (ref_put(&this->ref)) { this->revoked->destroy_function(this->revoked, (void*)revoked_destroy); -<<<<<<< HEAD -======= this->crl_uris->destroy_function(this->crl_uris, (void*)cdp_destroy); ->>>>>>> upstream/4.5.1 DESTROY_IF(this->issuer); free(this->authKeyIdentifier.ptr); free(this->encoding.ptr); if (this->generated) { free(this->crlNumber.ptr); -<<<<<<< HEAD -======= free(this->baseCrlNumber.ptr); ->>>>>>> upstream/4.5.1 free(this->signature.ptr); free(this->tbsCertList.ptr); } @@ -685,19 +624,13 @@ static private_x509_crl_t* create_empty(void) }, .get_serial = _get_serial, .get_authKeyIdentifier = _get_authKeyIdentifier, -<<<<<<< HEAD -======= .is_delta_crl = _is_delta_crl, .create_delta_crl_uri_enumerator = _create_delta_crl_uri_enumerator, ->>>>>>> upstream/4.5.1 .create_enumerator = _create_enumerator, }, }, .revoked = linked_list_create(), -<<<<<<< HEAD -======= .crl_uris = linked_list_create(), ->>>>>>> upstream/4.5.1 .ref = 1, ); return this; @@ -766,10 +699,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert, private_key_t *key, hash_algorithm_t digest_alg) { chunk_t extensions = chunk_empty, certList = chunk_empty, serial; -<<<<<<< HEAD -======= chunk_t crlDistributionPoints = chunk_empty, baseCrlNumber = chunk_empty; ->>>>>>> upstream/4.5.1 enumerator_t *enumerator; crl_reason_t reason; time_t date; @@ -777,11 +707,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert, x509 = (x509_t*)cert; -<<<<<<< HEAD - this->issuer = cert->get_issuer(cert); -======= this->issuer = cert->get_subject(cert); ->>>>>>> upstream/4.5.1 this->issuer = this->issuer->clone(this->issuer); this->authKeyIdentifier = chunk_clone(x509->get_subjectKeyIdentifier(x509)); @@ -816,10 +742,6 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert, } enumerator->destroy(enumerator); -<<<<<<< HEAD - extensions = asn1_wrap(ASN1_CONTEXT_C_0, "m", - asn1_wrap(ASN1_SEQUENCE, "mm", -======= crlDistributionPoints = x509_build_crlDistributionPoints(this->crl_uris, OID_FRESHEST_CRL); @@ -835,7 +757,6 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert, extensions = asn1_wrap(ASN1_CONTEXT_C_0, "m", asn1_wrap(ASN1_SEQUENCE, "mmmm", ->>>>>>> upstream/4.5.1 asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_AUTHORITY_KEY_ID), asn1_wrap(ASN1_OCTET_STRING, "m", @@ -845,14 +766,8 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert, asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_CRL_NUMBER), asn1_wrap(ASN1_OCTET_STRING, "m", -<<<<<<< HEAD - asn1_integer("c", this->crlNumber)) - ) - )); -======= asn1_integer("c", this->crlNumber))), crlDistributionPoints, baseCrlNumber)); ->>>>>>> upstream/4.5.1 this->tbsCertList = asn1_wrap(ASN1_SEQUENCE, "cmcmmmm", ASN1_INTEGER_1, @@ -915,8 +830,6 @@ x509_crl_t *x509_crl_gen(certificate_type_t type, va_list args) case BUILD_REVOKED_ENUMERATOR: read_revoked(crl, va_arg(args, enumerator_t*)); continue; -<<<<<<< HEAD -======= case BUILD_BASE_CRL: crl->baseCrlNumber = va_arg(args, chunk_t); crl->baseCrlNumber = chunk_clone(crl->baseCrlNumber); @@ -940,7 +853,6 @@ x509_crl_t *x509_crl_gen(certificate_type_t type, va_list args) enumerator->destroy(enumerator); continue; } ->>>>>>> upstream/4.5.1 case BUILD_END: break; default: diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 829f47f81..4cbe3f718 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -453,7 +453,7 @@ static const asn1Object_t basicResponseObjects[] = { { 5, "critical", ASN1_BOOLEAN, ASN1_BODY | ASN1_DEF }, /* 16 */ { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */ - { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */ + { 3, "end loop", ASN1_EOC, ASN1_END }, /* 18 */ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */ { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */ { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */ diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index a3c071f12..bfeb74b0e 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -36,15 +36,14 @@ struct private_x509_plugin_t { x509_plugin_t public; }; -<<<<<<< HEAD -/** - * Implementation of x509_plugin_t.x509troy - */ -static void destroy(private_x509_plugin_t *this) -======= +METHOD(plugin_t, get_name, char*, + private_x509_plugin_t *this) +{ + return "x509"; +} + METHOD(plugin_t, destroy, void, private_x509_plugin_t *this) ->>>>>>> upstream/4.5.1 { lib->creds->remove_builder(lib->creds, (builder_function_t)x509_cert_gen); @@ -74,21 +73,17 @@ METHOD(plugin_t, destroy, void, */ plugin_t *x509_plugin_create() { -<<<<<<< HEAD - private_x509_plugin_t *this = malloc_thing(private_x509_plugin_t); - - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; -======= private_x509_plugin_t *this; INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); ->>>>>>> upstream/4.5.1 lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_X509, FALSE, (builder_function_t)x509_cert_gen); diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index 22b3c9543..35f868de4 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -220,13 +220,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -<<<<<<< HEAD -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ -======= -ipsecgroup = @ipsecgroup@ ->>>>>>> upstream/4.5.1 ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -247,6 +241,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -265,14 +261,12 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ -<<<<<<< HEAD -======= soup_CFLAGS = @soup_CFLAGS@ soup_LIBS = @soup_LIBS@ ->>>>>>> upstream/4.5.1 srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index be18d92b8..8ddde962c 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -236,13 +236,17 @@ METHOD(xcbc_t, set_key, void, memset(k1.ptr, 0x01, this->b); this->k1->encrypt(this->k1, k1, iv, NULL); this->k1->set_key(this->k1, k1); + + memwipe(k1.ptr, k1.len); } METHOD(xcbc_t, destroy, void, private_xcbc_t *this) { this->k1->destroy(this->k1); + memwipe(this->k2, this->b); free(this->k2); + memwipe(this->k3, this->b); free(this->k3); free(this->e); free(this->remaining); diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c index 19d5a03fe..0fcb093c8 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c @@ -19,11 +19,6 @@ #include "xcbc_signer.h" #include "xcbc_prf.h" -<<<<<<< HEAD -======= -static const char *plugin_name = "xcbc"; - ->>>>>>> upstream/4.5.1 typedef struct private_xcbc_plugin_t private_xcbc_plugin_t; /** @@ -37,6 +32,12 @@ struct private_xcbc_plugin_t { xcbc_plugin_t public; }; +METHOD(plugin_t, get_name, char*, + private_xcbc_plugin_t *this) +{ + return "xcbc"; +} + METHOD(plugin_t, destroy, void, private_xcbc_plugin_t *this) { @@ -53,49 +54,36 @@ METHOD(plugin_t, destroy, void, plugin_t *xcbc_plugin_create() { private_xcbc_plugin_t *this; -<<<<<<< HEAD -======= crypter_t *crypter; ->>>>>>> upstream/4.5.1 INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, ); -<<<<<<< HEAD - lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, - (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, - (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, - (signer_constructor_t)xcbc_signer_create); - lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, - (signer_constructor_t)xcbc_signer_create); - -======= crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_AES128_XCBC, get_name(this), (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_AES_XCBC_96, get_name(this), (signer_constructor_t)xcbc_signer_create); } crypter = lib->crypto->create_crypter(lib->crypto, ENCR_CAMELLIA_CBC, 16); if (crypter) { crypter->destroy(crypter); - lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, plugin_name, + lib->crypto->add_prf(lib->crypto, PRF_CAMELLIA128_XCBC, get_name(this), (prf_constructor_t)xcbc_prf_create); - lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, plugin_name, + lib->crypto->add_signer(lib->crypto, AUTH_CAMELLIA_XCBC_96, get_name(this), (signer_constructor_t)xcbc_signer_create); } ->>>>>>> upstream/4.5.1 return &this->public.plugin; } |