From 6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Sun, 25 Aug 2013 15:37:26 +0200 Subject: Imported Upstream version 5.1.0 --- src/scepclient/Makefile.am | 13 +++----- src/scepclient/Makefile.in | 75 +++++++++++++++++++++++++++++---------------- src/scepclient/scep.c | 13 +++++++- src/scepclient/scep.h | 5 +-- src/scepclient/scepclient.c | 20 ++++++++---- 5 files changed, 82 insertions(+), 44 deletions(-) (limited to 'src/scepclient') diff --git a/src/scepclient/Makefile.am b/src/scepclient/Makefile.am index 930f3dd80..c911be1c4 100644 --- a/src/scepclient/Makefile.am +++ b/src/scepclient/Makefile.am @@ -4,16 +4,13 @@ scepclient.c scep.c scep.h scepclient.o : $(top_builddir)/config.status -INCLUDES = \ --I$(top_srcdir)/src/libstrongswan \ --I$(top_srcdir)/src/libhydra - -AM_CFLAGS = \ --DIPSEC_CONFDIR=\"${sysconfdir}\" \ --DPLUGINS=\""${scepclient_plugins}\"" +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libhydra \ + -DIPSEC_CONFDIR=\"${sysconfdir}\" \ + -DPLUGINS=\""${scepclient_plugins}\"" scepclient_LDADD = \ $(top_builddir)/src/libstrongswan/libstrongswan.la dist_man_MANS = scepclient.8 - diff --git a/src/scepclient/Makefile.in b/src/scepclient/Makefile.in index fc796328c..19a7a5d6b 100644 --- a/src/scepclient/Makefile.in +++ b/src/scepclient/Makefile.in @@ -64,7 +64,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ $(top_srcdir)/m4/macros/with.m4 \ $(top_srcdir)/m4/macros/enable-disable.m4 \ $(top_srcdir)/m4/macros/add-plugin.m4 \ - $(top_srcdir)/configure.in + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -77,19 +77,35 @@ am_scepclient_OBJECTS = scepclient.$(OBJEXT) scep.$(OBJEXT) scepclient_OBJECTS = $(am_scepclient_OBJECTS) scepclient_DEPENDENCIES = \ $(top_builddir)/src/libstrongswan/libstrongswan.la +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; SOURCES = $(scepclient_SOURCES) DIST_SOURCES = $(scepclient_SOURCES) am__can_run_installinfo = \ @@ -133,6 +149,7 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ ALLOCA = @ALLOCA@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ @@ -145,6 +162,8 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CHECK_CFLAGS = @CHECK_CFLAGS@ CHECK_LIBS = @CHECK_LIBS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ @@ -160,6 +179,7 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +GENHTML = @GENHTML@ GPERF = @GPERF@ GPRBUILD = @GPRBUILD@ GREP = @GREP@ @@ -168,6 +188,7 @@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ @@ -214,6 +235,7 @@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SOCKLIB = @SOCKLIB@ STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ @@ -242,6 +264,7 @@ charon_natt_port = @charon_natt_port@ charon_plugins = @charon_plugins@ charon_udp_port = @charon_udp_port@ clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ datadir = @datadir@ datarootdir = @datarootdir@ dbusservicedir = @dbusservicedir@ @@ -322,13 +345,11 @@ xml_LIBS = @xml_LIBS@ scepclient_SOURCES = \ scepclient.c scep.c scep.h -INCLUDES = \ --I$(top_srcdir)/src/libstrongswan \ --I$(top_srcdir)/src/libhydra - -AM_CFLAGS = \ --DIPSEC_CONFDIR=\"${sysconfdir}\" \ --DPLUGINS=\""${scepclient_plugins}\"" +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libhydra \ + -DIPSEC_CONFDIR=\"${sysconfdir}\" \ + -DPLUGINS=\""${scepclient_plugins}\"" scepclient_LDADD = \ $(top_builddir)/src/libstrongswan/libstrongswan.la @@ -416,7 +437,7 @@ clean-ipsecPROGRAMS: rm -f $$list scepclient$(EXEEXT): $(scepclient_OBJECTS) $(scepclient_DEPENDENCIES) $(EXTRA_scepclient_DEPENDENCIES) @rm -f scepclient$(EXEEXT) - $(LINK) $(scepclient_OBJECTS) $(scepclient_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(scepclient_OBJECTS) $(scepclient_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -428,25 +449,25 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scepclient.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< .c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index 3fdcd6c28..5bb29bbd8 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -339,15 +339,22 @@ static char* escape_http_request(chunk_t req) * Send a SCEP request via HTTP and wait for a response */ bool scep_http_request(const char *url, chunk_t msg, scep_op_t op, - bool http_get_request, u_int timeout, chunk_t *response) + bool http_get_request, u_int timeout, char *src, + chunk_t *response) { int len; status_t status; char *complete_url = NULL; + host_t *srcip = NULL; /* initialize response */ *response = chunk_empty; + if (src) + { + srcip = host_create_from_string(src, 0); + } + DBG2(DBG_APP, "sending scep request to '%s'", url); if (op == SCEP_PKI_OPERATION) @@ -371,6 +378,7 @@ bool scep_http_request(const char *url, chunk_t msg, scep_op_t op, FETCH_REQUEST_HEADER, "Pragma:", FETCH_REQUEST_HEADER, "Host:", FETCH_REQUEST_HEADER, "Accept:", + FETCH_SOURCEIP, srcip, FETCH_END); } else /* HTTP_POST */ @@ -386,6 +394,7 @@ bool scep_http_request(const char *url, chunk_t msg, scep_op_t op, FETCH_REQUEST_DATA, msg, FETCH_REQUEST_TYPE, "", FETCH_REQUEST_HEADER, "Expect:", + FETCH_SOURCEIP, srcip, FETCH_END); } } @@ -412,9 +421,11 @@ bool scep_http_request(const char *url, chunk_t msg, scep_op_t op, status = lib->fetcher->fetch(lib->fetcher, complete_url, response, FETCH_HTTP_VERSION_1_0, FETCH_TIMEOUT, timeout, + FETCH_SOURCEIP, srcip, FETCH_END); } + DESTROY_IF(srcip); free(complete_url); return (status == SUCCESS); } diff --git a/src/scepclient/scep.h b/src/scepclient/scep.h index ec8fa6515..4ef5eaf8e 100644 --- a/src/scepclient/scep.h +++ b/src/scepclient/scep.h @@ -78,8 +78,9 @@ chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg, certificate_t *enc_cert, encryption_algorithm_t enc_alg, size_t key_size, certificate_t *signer_cert, hash_algorithm_t digest_alg, private_key_t *private_key); -bool scep_http_request(const char *url, chunk_t message, scep_op_t op, - bool http_get_request, u_int timeout, chunk_t *response); +bool scep_http_request(const char *url, chunk_t msg, scep_op_t op, + bool http_get_request, u_int timeout, char *src, + chunk_t *response); err_t scep_parse_response(chunk_t response, chunk_t transID, container_t **out, scep_attributes_t *attrs); diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 26f210d12..1267370ba 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -116,6 +116,9 @@ bool pkcs11_keep_state = FALSE; /* by default HTTP fetch timeout is 30s */ static u_int http_timeout = 30; +/* address to bind for HTTP fetches */ +static char* http_bind = NULL; + /* options read by optionsfrom */ options_t *options; @@ -348,6 +351,7 @@ static void usage(const char *message) " --optionsfrom (-+) reads additional options from given file\n" " --force (-f) force existing file(s)\n" " --httptimeout (-T) timeout for HTTP operations (default: 30s)\n" + " --bind (-b) source address to bind for HTTP operations\n" "\n" "Options for key generation (pkcs1):\n" " --keylength (-k) key length for RSA key generation\n" @@ -523,6 +527,7 @@ int main(int argc, char **argv) { "out", required_argument, NULL, 'o' }, { "force", no_argument, NULL, 'f' }, { "httptimeout", required_argument, NULL, 'T' }, + { "bind", required_argument, NULL, 'b' }, { "keylength", required_argument, NULL, 'k' }, { "dn", required_argument, NULL, 'd' }, { "days", required_argument, NULL, 'D' }, @@ -675,6 +680,10 @@ int main(int argc, char **argv) } continue; + case 'b': /* --bind */ + http_bind = optarg; + continue; + case '+': /* --optionsfrom */ if (!options->from(options, optarg, &argc, &argv, optind)) { @@ -915,13 +924,12 @@ int main(int argc, char **argv) init_log("scepclient"); /* load plugins, further infrastructure may need it */ - if (!lib->plugins->load(lib->plugins, NULL, + if (!lib->plugins->load(lib->plugins, lib->settings->get_str(lib->settings, "scepclient.load", PLUGINS))) { exit_scepclient("plugin loading failed"); } - DBG1(DBG_APP, " loaded plugins: %s", - lib->plugins->loaded_plugins(lib->plugins)); + lib->plugins->status(lib->plugins, LEVEL_DIAG); if ((filetype_out == 0) && (!request_ca_certificate)) { @@ -953,7 +961,7 @@ int main(int argc, char **argv) if (!scep_http_request(scep_url, chunk_create(ca_name, strlen(ca_name)), SCEP_GET_CA_CERT, http_get_request, - http_timeout, &scep_response)) + http_timeout, http_bind, &scep_response)) { exit_scepclient("did not receive a valid scep response"); } @@ -1331,7 +1339,7 @@ int main(int argc, char **argv) creds->add_cert(creds, TRUE, x509_ca_sig->get_ref(x509_ca_sig)); if (!scep_http_request(scep_url, pkcs7, SCEP_PKI_OPERATION, - http_get_request, http_timeout, &scep_response)) + http_get_request, http_timeout, http_bind, &scep_response)) { exit_scepclient("did not receive a valid scep response"); } @@ -1381,7 +1389,7 @@ int main(int argc, char **argv) exit_scepclient("failed to build scep request"); } if (!scep_http_request(scep_url, getCertInitial, SCEP_PKI_OPERATION, - http_get_request, http_timeout, &scep_response)) + http_get_request, http_timeout, http_bind, &scep_response)) { exit_scepclient("did not receive a valid scep response"); } -- cgit v1.2.3