Use thread save settings alloc_str function where appropriate
This commit is contained in:
parent
17ce69b47a
commit
3e2419ebe3
|
@ -217,13 +217,15 @@ METHOD(eap_method_t, process_server, status_t,
|
||||||
memcpy(password, data.ptr, data.len);
|
memcpy(password, data.ptr, data.len);
|
||||||
password[data.len] = '\0';
|
password[data.len] = '\0';
|
||||||
|
|
||||||
service = lib->settings->get_str(lib->settings,
|
service = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-gtc.pam_service", GTC_PAM_SERVICE);
|
"charon.plugins.eap-gtc.pam_service", GTC_PAM_SERVICE);
|
||||||
|
|
||||||
if (!authenticate(service, user, password))
|
if (!authenticate(service, user, password))
|
||||||
{
|
{
|
||||||
|
free(service);
|
||||||
return FAILED;
|
return FAILED;
|
||||||
}
|
}
|
||||||
|
free(service);
|
||||||
return SUCCESS;
|
return SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -90,9 +90,10 @@ static status_t start_phase2_auth(private_eap_peap_server_t *this)
|
||||||
char *eap_type_str;
|
char *eap_type_str;
|
||||||
eap_type_t type;
|
eap_type_t type;
|
||||||
|
|
||||||
eap_type_str = lib->settings->get_str(lib->settings,
|
eap_type_str = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-peap.phase2_method", "mschapv2");
|
"charon.plugins.eap-peap.phase2_method", "mschapv2");
|
||||||
type = eap_type_from_string(eap_type_str);
|
type = eap_type_from_string(eap_type_str);
|
||||||
|
free(eap_type_str);
|
||||||
if (type == 0)
|
if (type == 0)
|
||||||
{
|
{
|
||||||
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
|
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
|
||||||
|
|
|
@ -387,6 +387,7 @@ METHOD(eap_method_t, destroy, void,
|
||||||
this->peer->destroy(this->peer);
|
this->peer->destroy(this->peer);
|
||||||
this->server->destroy(this->server);
|
this->server->destroy(this->server);
|
||||||
this->client->destroy(this->client);
|
this->client->destroy(this->client);
|
||||||
|
free(this->id_prefix);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -414,7 +415,7 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
|
||||||
.type = EAP_RADIUS,
|
.type = EAP_RADIUS,
|
||||||
.eap_start = lib->settings->get_bool(lib->settings,
|
.eap_start = lib->settings->get_bool(lib->settings,
|
||||||
"charon.plugins.eap-radius.eap_start", FALSE),
|
"charon.plugins.eap-radius.eap_start", FALSE),
|
||||||
.id_prefix = lib->settings->get_str(lib->settings,
|
.id_prefix = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.id_prefix", ""),
|
"charon.plugins.eap-radius.id_prefix", ""),
|
||||||
.class_group = lib->settings->get_bool(lib->settings,
|
.class_group = lib->settings->get_bool(lib->settings,
|
||||||
"charon.plugins.eap-radius.class_group", FALSE),
|
"charon.plugins.eap-radius.class_group", FALSE),
|
||||||
|
@ -425,6 +426,7 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
|
||||||
this->client = radius_client_create();
|
this->client = radius_client_create();
|
||||||
if (!this->client)
|
if (!this->client)
|
||||||
{
|
{
|
||||||
|
free(this->id_prefix);
|
||||||
free(this);
|
free(this);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
@ -65,18 +65,19 @@ static void load_servers(private_eap_radius_plugin_t *this)
|
||||||
char *nas_identifier, *secret, *address, *section;
|
char *nas_identifier, *secret, *address, *section;
|
||||||
int port, sockets, preference;
|
int port, sockets, preference;
|
||||||
|
|
||||||
address = lib->settings->get_str(lib->settings,
|
address = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.server", NULL);
|
"charon.plugins.eap-radius.server", NULL);
|
||||||
if (address)
|
if (address)
|
||||||
{ /* legacy configuration */
|
{ /* legacy configuration */
|
||||||
secret = lib->settings->get_str(lib->settings,
|
secret = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.secret", NULL);
|
"charon.plugins.eap-radius.secret", NULL);
|
||||||
if (!secret)
|
if (!secret)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "no RADUIS secret defined");
|
DBG1(DBG_CFG, "no RADUIS secret defined");
|
||||||
|
free(address);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
nas_identifier = lib->settings->get_str(lib->settings,
|
nas_identifier = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.nas_identifier", "strongSwan");
|
"charon.plugins.eap-radius.nas_identifier", "strongSwan");
|
||||||
port = lib->settings->get_int(lib->settings,
|
port = lib->settings->get_int(lib->settings,
|
||||||
"charon.plugins.eap-radius.port", RADIUS_PORT);
|
"charon.plugins.eap-radius.port", RADIUS_PORT);
|
||||||
|
@ -84,6 +85,9 @@ static void load_servers(private_eap_radius_plugin_t *this)
|
||||||
"charon.plugins.eap-radius.sockets", 1);
|
"charon.plugins.eap-radius.sockets", 1);
|
||||||
server = radius_server_create(address, port, nas_identifier,
|
server = radius_server_create(address, port, nas_identifier,
|
||||||
secret, sockets, 0);
|
secret, sockets, 0);
|
||||||
|
free(address);
|
||||||
|
free(nas_identifier);
|
||||||
|
free(secret);
|
||||||
if (!server)
|
if (!server)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "no RADUIS server defined");
|
DBG1(DBG_CFG, "no RADUIS server defined");
|
||||||
|
@ -97,21 +101,22 @@ static void load_servers(private_eap_radius_plugin_t *this)
|
||||||
"charon.plugins.eap-radius.servers");
|
"charon.plugins.eap-radius.servers");
|
||||||
while (enumerator->enumerate(enumerator, §ion))
|
while (enumerator->enumerate(enumerator, §ion))
|
||||||
{
|
{
|
||||||
address = lib->settings->get_str(lib->settings,
|
address = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.servers.%s.address", NULL, section);
|
"charon.plugins.eap-radius.servers.%s.address", NULL, section);
|
||||||
if (!address)
|
if (!address)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "RADIUS server '%s' misses address, skipped", section);
|
DBG1(DBG_CFG, "RADIUS server '%s' misses address, skipped", section);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
secret = lib->settings->get_str(lib->settings,
|
secret = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.servers.%s.secret", NULL, section);
|
"charon.plugins.eap-radius.servers.%s.secret", NULL, section);
|
||||||
if (!secret)
|
if (!secret)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "RADIUS server '%s' misses secret, skipped", section);
|
DBG1(DBG_CFG, "RADIUS server '%s' misses secret, skipped", section);
|
||||||
|
free(address);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
nas_identifier = lib->settings->get_str(lib->settings,
|
nas_identifier = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-radius.servers.%s.nas_identifier",
|
"charon.plugins.eap-radius.servers.%s.nas_identifier",
|
||||||
"strongSwan", section);
|
"strongSwan", section);
|
||||||
port = lib->settings->get_int(lib->settings,
|
port = lib->settings->get_int(lib->settings,
|
||||||
|
@ -122,6 +127,9 @@ static void load_servers(private_eap_radius_plugin_t *this)
|
||||||
"charon.plugins.eap-radius.servers.%s.preference", 0, section);
|
"charon.plugins.eap-radius.servers.%s.preference", 0, section);
|
||||||
server = radius_server_create(address, port, nas_identifier,
|
server = radius_server_create(address, port, nas_identifier,
|
||||||
secret, sockets, preference);
|
secret, sockets, preference);
|
||||||
|
free(address);
|
||||||
|
free(nas_identifier);
|
||||||
|
free(secret);
|
||||||
if (!server)
|
if (!server)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "loading RADIUS server '%s' failed, skipped", section);
|
DBG1(DBG_CFG, "loading RADIUS server '%s' failed, skipped", section);
|
||||||
|
|
|
@ -176,6 +176,7 @@ METHOD(radius_server_t, destroy, void,
|
||||||
this->condvar->destroy(this->condvar);
|
this->condvar->destroy(this->condvar);
|
||||||
this->sockets->destroy_offset(this->sockets,
|
this->sockets->destroy_offset(this->sockets,
|
||||||
offsetof(radius_socket_t, destroy));
|
offsetof(radius_socket_t, destroy));
|
||||||
|
free(this->nas_identifier.ptr);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -200,7 +201,8 @@ radius_server_t *radius_server_create(char *server, u_int16_t port,
|
||||||
.destroy = _destroy,
|
.destroy = _destroy,
|
||||||
},
|
},
|
||||||
.reachable = TRUE,
|
.reachable = TRUE,
|
||||||
.nas_identifier = chunk_create(nas_identifier, strlen(nas_identifier)),
|
.nas_identifier = chunk_clone(chunk_create(nas_identifier,
|
||||||
|
strlen(nas_identifier))),
|
||||||
.socket_count = sockets,
|
.socket_count = sockets,
|
||||||
.sockets = linked_list_create(),
|
.sockets = linked_list_create(),
|
||||||
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
|
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
|
||||||
|
|
|
@ -257,6 +257,7 @@ METHOD(radius_socket_t, destroy, void,
|
||||||
DESTROY_IF(this->hasher);
|
DESTROY_IF(this->hasher);
|
||||||
DESTROY_IF(this->signer);
|
DESTROY_IF(this->signer);
|
||||||
DESTROY_IF(this->rng);
|
DESTROY_IF(this->rng);
|
||||||
|
chunk_clear(&this->secret);
|
||||||
close(this->fd);
|
close(this->fd);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
@ -300,7 +301,7 @@ radius_socket_t *radius_socket_create(host_t *host, chunk_t secret)
|
||||||
destroy(this);
|
destroy(this);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
this->secret = secret;
|
this->secret = chunk_clone(secret);
|
||||||
this->signer->set_key(this->signer, secret);
|
this->signer->set_key(this->signer, secret);
|
||||||
/* we use a random identifier, helps if we restart often */
|
/* we use a random identifier, helps if we restart often */
|
||||||
this->identifier = random();
|
this->identifier = random();
|
||||||
|
|
|
@ -149,7 +149,7 @@ static eap_tnc_t *eap_tnc_create(identification_t *server,
|
||||||
"charon.plugins.eap-tnc.fragment_size", MAX_FRAGMENT_LEN);
|
"charon.plugins.eap-tnc.fragment_size", MAX_FRAGMENT_LEN);
|
||||||
max_msg_count = lib->settings->get_int(lib->settings,
|
max_msg_count = lib->settings->get_int(lib->settings,
|
||||||
"charon.plugins.eap-tnc.max_message_count", MAX_MESSAGE_COUNT);
|
"charon.plugins.eap-tnc.max_message_count", MAX_MESSAGE_COUNT);
|
||||||
protocol = lib->settings->get_str(lib->settings,
|
protocol = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-tnc.protocol", "tnccs-1.1");
|
"charon.plugins.eap-tnc.protocol", "tnccs-1.1");
|
||||||
if (strcaseeq(protocol, "tnccs-2.0"))
|
if (strcaseeq(protocol, "tnccs-2.0"))
|
||||||
{
|
{
|
||||||
|
@ -166,9 +166,11 @@ static eap_tnc_t *eap_tnc_create(identification_t *server,
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
DBG1(DBG_TNC, "TNCCS protocol '%s' not supported", protocol);
|
DBG1(DBG_TNC, "TNCCS protocol '%s' not supported", protocol);
|
||||||
|
free(protocol);
|
||||||
free(this);
|
free(this);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
free(protocol);
|
||||||
tnccs = charon->tnccs->create_instance(charon->tnccs, type, is_server);
|
tnccs = charon->tnccs->create_instance(charon->tnccs, type, is_server);
|
||||||
this->tls_eap = tls_eap_create(EAP_TNC, (tls_t*)tnccs, frag_size, max_msg_count);
|
this->tls_eap = tls_eap_create(EAP_TNC, (tls_t*)tnccs, frag_size, max_msg_count);
|
||||||
if (!this->tls_eap)
|
if (!this->tls_eap)
|
||||||
|
|
|
@ -77,9 +77,10 @@ static status_t start_phase2_auth(private_eap_ttls_server_t *this)
|
||||||
char *eap_type_str;
|
char *eap_type_str;
|
||||||
eap_type_t type;
|
eap_type_t type;
|
||||||
|
|
||||||
eap_type_str = lib->settings->get_str(lib->settings,
|
eap_type_str = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.eap-ttls.phase2_method", "md5");
|
"charon.plugins.eap-ttls.phase2_method", "md5");
|
||||||
type = eap_type_from_string(eap_type_str);
|
type = eap_type_from_string(eap_type_str);
|
||||||
|
free(eap_type_str);
|
||||||
if (type == 0)
|
if (type == 0)
|
||||||
{
|
{
|
||||||
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
|
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
|
||||||
|
|
|
@ -279,6 +279,10 @@ static void destroy(private_load_tester_config_t *this)
|
||||||
this->peer_cfg->destroy(this->peer_cfg);
|
this->peer_cfg->destroy(this->peer_cfg);
|
||||||
DESTROY_IF(this->proposal);
|
DESTROY_IF(this->proposal);
|
||||||
DESTROY_IF(this->vip);
|
DESTROY_IF(this->vip);
|
||||||
|
free(this->pool);
|
||||||
|
free(this->remote);
|
||||||
|
free(this->initiator_auth);
|
||||||
|
free(this->responder_auth);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -300,9 +304,9 @@ load_tester_config_t *load_tester_config_create()
|
||||||
{
|
{
|
||||||
this->vip = host_create_from_string("0.0.0.0", 0);
|
this->vip = host_create_from_string("0.0.0.0", 0);
|
||||||
}
|
}
|
||||||
this->pool = lib->settings->get_str(lib->settings,
|
this->pool = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.load-tester.pool", NULL);
|
"charon.plugins.load-tester.pool", NULL);
|
||||||
this->remote = lib->settings->get_str(lib->settings,
|
this->remote = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.load-tester.remote", "127.0.0.1");
|
"charon.plugins.load-tester.remote", "127.0.0.1");
|
||||||
|
|
||||||
this->proposal = proposal_create_from_string(PROTO_IKE,
|
this->proposal = proposal_create_from_string(PROTO_IKE,
|
||||||
|
@ -318,9 +322,9 @@ load_tester_config_t *load_tester_config_create()
|
||||||
this->child_rekey = lib->settings->get_int(lib->settings,
|
this->child_rekey = lib->settings->get_int(lib->settings,
|
||||||
"charon.plugins.load-tester.child_rekey", 600);
|
"charon.plugins.load-tester.child_rekey", 600);
|
||||||
|
|
||||||
this->initiator_auth = lib->settings->get_str(lib->settings,
|
this->initiator_auth = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.load-tester.initiator_auth", "pubkey");
|
"charon.plugins.load-tester.initiator_auth", "pubkey");
|
||||||
this->responder_auth = lib->settings->get_str(lib->settings,
|
this->responder_auth = lib->settings->alloc_str(lib->settings,
|
||||||
"charon.plugins.load-tester.responder_auth", "pubkey");
|
"charon.plugins.load-tester.responder_auth", "pubkey");
|
||||||
|
|
||||||
this->port = lib->settings->get_int(lib->settings,
|
this->port = lib->settings->get_int(lib->settings,
|
||||||
|
|
|
@ -43,6 +43,11 @@ struct private_tnc_imc_manager_t {
|
||||||
* Next IMC ID to be assigned
|
* Next IMC ID to be assigned
|
||||||
*/
|
*/
|
||||||
TNC_IMCID next_imc_id;
|
TNC_IMCID next_imc_id;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Preferred language
|
||||||
|
*/
|
||||||
|
char *preferred_language;
|
||||||
};
|
};
|
||||||
|
|
||||||
METHOD(imc_manager_t, add, bool,
|
METHOD(imc_manager_t, add, bool,
|
||||||
|
@ -95,8 +100,7 @@ METHOD(imc_manager_t, remove_, imc_t*,
|
||||||
METHOD(imc_manager_t, get_preferred_language, char*,
|
METHOD(imc_manager_t, get_preferred_language, char*,
|
||||||
private_tnc_imc_manager_t *this)
|
private_tnc_imc_manager_t *this)
|
||||||
{
|
{
|
||||||
return lib->settings->get_str(lib->settings,
|
return this->preferred_language;
|
||||||
"charon.plugins.tnc-imc.preferred_language", "en");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
METHOD(imc_manager_t, notify_connection_change, void,
|
METHOD(imc_manager_t, notify_connection_change, void,
|
||||||
|
@ -208,6 +212,7 @@ METHOD(imc_manager_t, destroy, void,
|
||||||
imc->destroy(imc);
|
imc->destroy(imc);
|
||||||
}
|
}
|
||||||
this->imcs->destroy(this->imcs);
|
this->imcs->destroy(this->imcs);
|
||||||
|
free(this->preferred_language);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -232,6 +237,8 @@ imc_manager_t* tnc_imc_manager_create(void)
|
||||||
},
|
},
|
||||||
.imcs = linked_list_create(),
|
.imcs = linked_list_create(),
|
||||||
.next_imc_id = 1,
|
.next_imc_id = 1,
|
||||||
|
.preferred_language = lib->settings->alloc_str(lib->settings,
|
||||||
|
"charon.plugins.tnc-imc.preferred_language", "en");
|
||||||
);
|
);
|
||||||
|
|
||||||
return &this->public;
|
return &this->public;
|
||||||
|
|
|
@ -109,8 +109,8 @@ static void add_legacy_entry(private_attr_provider_t *this, char *key, int nr,
|
||||||
host_t *host;
|
host_t *host;
|
||||||
char *str;
|
char *str;
|
||||||
|
|
||||||
str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, hydra->daemon,
|
str = lib->settings->alloc_str(lib->settings, "%s.%s%d", NULL,
|
||||||
key, nr);
|
hydra->daemon, key, nr);
|
||||||
if (str)
|
if (str)
|
||||||
{
|
{
|
||||||
host = host_create_from_string(str, 0);
|
host = host_create_from_string(str, 0);
|
||||||
|
@ -139,6 +139,7 @@ static void add_legacy_entry(private_attr_provider_t *this, char *key, int nr,
|
||||||
configuration_attribute_type_names, entry->type, &entry->value);
|
configuration_attribute_type_names, entry->type, &entry->value);
|
||||||
this->attributes->insert_last(this->attributes, entry);
|
this->attributes->insert_last(this->attributes, entry);
|
||||||
}
|
}
|
||||||
|
free(str);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -228,6 +228,7 @@ static enumerator_t* create_attribute_enumerator(private_resolve_handler_t *this
|
||||||
static void destroy(private_resolve_handler_t *this)
|
static void destroy(private_resolve_handler_t *this)
|
||||||
{
|
{
|
||||||
this->mutex->destroy(this->mutex);
|
this->mutex->destroy(this->mutex);
|
||||||
|
free(this->file);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -244,7 +245,7 @@ resolve_handler_t *resolve_handler_create()
|
||||||
this->public.destroy = (void(*)(resolve_handler_t*))destroy;
|
this->public.destroy = (void(*)(resolve_handler_t*))destroy;
|
||||||
|
|
||||||
this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
|
this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
|
||||||
this->file = lib->settings->get_str(lib->settings,
|
this->file = lib->settings->alloc_str(lib->settings,
|
||||||
"%s.plugins.resolve.file", RESOLV_CONF, hydra->daemon);
|
"%s.plugins.resolve.file", RESOLV_CONF, hydra->daemon);
|
||||||
|
|
||||||
return &this->public;
|
return &this->public;
|
||||||
|
|
|
@ -550,36 +550,34 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
|
||||||
|
|
||||||
if (!engine_id)
|
if (!engine_id)
|
||||||
{
|
{
|
||||||
engine_id = lib->settings->get_str(lib->settings,
|
engine_id = lib->settings->alloc_str(lib->settings,
|
||||||
"libstrongswan.plugins.openssl.engine_id", "pkcs11");
|
"libstrongswan.plugins.openssl.engine_id", "pkcs11");
|
||||||
}
|
}
|
||||||
engine = ENGINE_by_id(engine_id);
|
engine = ENGINE_by_id(engine_id);
|
||||||
if (!engine)
|
if (!engine)
|
||||||
{
|
{
|
||||||
DBG2(DBG_LIB, "engine '%s' is not available", engine_id);
|
DBG2(DBG_LIB, "engine '%s' is not available", engine_id);
|
||||||
return NULL;
|
goto engine_failed;
|
||||||
}
|
}
|
||||||
if (!ENGINE_init(engine))
|
if (!ENGINE_init(engine))
|
||||||
{
|
{
|
||||||
DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id);
|
DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id);
|
||||||
ENGINE_free(engine);
|
goto engine_failed;
|
||||||
return NULL;
|
|
||||||
}
|
}
|
||||||
if (!login(engine, keyid))
|
if (!login(engine, keyid))
|
||||||
{
|
{
|
||||||
DBG1(DBG_LIB, "login to engine '%s' failed", engine_id);
|
DBG1(DBG_LIB, "login to engine '%s' failed", engine_id);
|
||||||
ENGINE_free(engine);
|
goto engine_failed;
|
||||||
return NULL;
|
|
||||||
}
|
}
|
||||||
key = ENGINE_load_private_key(engine, keyname, NULL, NULL);
|
key = ENGINE_load_private_key(engine, keyname, NULL, NULL);
|
||||||
if (!key)
|
if (!key)
|
||||||
{
|
{
|
||||||
DBG1(DBG_LIB, "failed to load private key with ID '%s' from "
|
DBG1(DBG_LIB, "failed to load private key with ID '%s' from "
|
||||||
"engine '%s'", keyname, engine_id);
|
"engine '%s'", keyname, engine_id);
|
||||||
ENGINE_free(engine);
|
goto engine_failed;
|
||||||
return NULL;
|
|
||||||
}
|
}
|
||||||
ENGINE_free(engine);
|
ENGINE_free(engine);
|
||||||
|
free(engine_id);
|
||||||
|
|
||||||
this = create_empty();
|
this = create_empty();
|
||||||
this->rsa = EVP_PKEY_get1_RSA(key);
|
this->rsa = EVP_PKEY_get1_RSA(key);
|
||||||
|
@ -594,5 +592,12 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
|
||||||
#else /* OPENSSL_NO_ENGINE */
|
#else /* OPENSSL_NO_ENGINE */
|
||||||
return NULL;
|
return NULL;
|
||||||
#endif /* OPENSSL_NO_ENGINE */
|
#endif /* OPENSSL_NO_ENGINE */
|
||||||
|
engine_failed:
|
||||||
|
if (engine)
|
||||||
|
{
|
||||||
|
ENGINE_free(engine);
|
||||||
|
}
|
||||||
|
free(engine_id);
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -74,7 +74,8 @@ static void lib_entry_destroy(lib_entry_t *entry)
|
||||||
{
|
{
|
||||||
entry->job->cancel(entry->job);
|
entry->job->cancel(entry->job);
|
||||||
}
|
}
|
||||||
entry->lib->destroy(entry->lib);
|
DESTROY_IF(entry->lib);
|
||||||
|
free(entry->path);
|
||||||
free(entry);
|
free(entry);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -365,12 +366,12 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
|
||||||
.this = this,
|
.this = this,
|
||||||
);
|
);
|
||||||
|
|
||||||
entry->path = lib->settings->get_str(lib->settings,
|
entry->path = lib->settings->alloc_str(lib->settings,
|
||||||
"libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module);
|
"libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module);
|
||||||
if (!entry->path)
|
if (!entry->path)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module);
|
DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module);
|
||||||
free(entry);
|
lib_entry_destroy(entry);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
entry->lib = pkcs11_library_create(module, entry->path,
|
entry->lib = pkcs11_library_create(module, entry->path,
|
||||||
|
@ -379,7 +380,7 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
|
||||||
FALSE, module));
|
FALSE, module));
|
||||||
if (!entry->lib)
|
if (!entry->lib)
|
||||||
{
|
{
|
||||||
free(entry);
|
lib_entry_destroy(entry);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
this->libs->insert_last(this->libs, entry);
|
this->libs->insert_last(this->libs, entry);
|
||||||
|
|
|
@ -706,7 +706,7 @@ static void filter_key_exchange_config_suites(private_tls_crypto_t *this,
|
||||||
int i, remaining = 0;
|
int i, remaining = 0;
|
||||||
char *token, *config;
|
char *token, *config;
|
||||||
|
|
||||||
config = lib->settings->get_str(lib->settings, "libtls.key_exchange", NULL);
|
config = lib->settings->alloc_str(lib->settings, "libtls.key_exchange", NULL);
|
||||||
if (config)
|
if (config)
|
||||||
{
|
{
|
||||||
for (i = 0; i < *count; i++)
|
for (i = 0; i < *count; i++)
|
||||||
|
@ -747,6 +747,7 @@ static void filter_key_exchange_config_suites(private_tls_crypto_t *this,
|
||||||
enumerator->destroy(enumerator);
|
enumerator->destroy(enumerator);
|
||||||
}
|
}
|
||||||
*count = remaining;
|
*count = remaining;
|
||||||
|
free(config);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -760,7 +761,7 @@ static void filter_cipher_config_suites(private_tls_crypto_t *this,
|
||||||
int i, remaining = 0;
|
int i, remaining = 0;
|
||||||
char *token, *config;
|
char *token, *config;
|
||||||
|
|
||||||
config = lib->settings->get_str(lib->settings, "libtls.cipher", NULL);
|
config = lib->settings->alloc_str(lib->settings, "libtls.cipher", NULL);
|
||||||
if (config)
|
if (config)
|
||||||
{
|
{
|
||||||
for (i = 0; i < *count; i++)
|
for (i = 0; i < *count; i++)
|
||||||
|
@ -812,6 +813,7 @@ static void filter_cipher_config_suites(private_tls_crypto_t *this,
|
||||||
enumerator->destroy(enumerator);
|
enumerator->destroy(enumerator);
|
||||||
}
|
}
|
||||||
*count = remaining;
|
*count = remaining;
|
||||||
|
free(config);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -825,7 +827,7 @@ static void filter_mac_config_suites(private_tls_crypto_t *this,
|
||||||
int i, remaining = 0;
|
int i, remaining = 0;
|
||||||
char *token, *config;
|
char *token, *config;
|
||||||
|
|
||||||
config = lib->settings->get_str(lib->settings, "libtls.mac", NULL);
|
config = lib->settings->alloc_str(lib->settings, "libtls.mac", NULL);
|
||||||
if (config)
|
if (config)
|
||||||
{
|
{
|
||||||
for (i = 0; i < *count; i++)
|
for (i = 0; i < *count; i++)
|
||||||
|
@ -861,6 +863,7 @@ static void filter_mac_config_suites(private_tls_crypto_t *this,
|
||||||
enumerator->destroy(enumerator);
|
enumerator->destroy(enumerator);
|
||||||
}
|
}
|
||||||
*count = remaining;
|
*count = remaining;
|
||||||
|
free(config);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -874,7 +877,7 @@ static void filter_specific_config_suites(private_tls_crypto_t *this,
|
||||||
int i, remaining = 0, suite;
|
int i, remaining = 0, suite;
|
||||||
char *token, *config;
|
char *token, *config;
|
||||||
|
|
||||||
config = lib->settings->get_str(lib->settings, "libtls.suites", NULL);
|
config = lib->settings->alloc_str(lib->settings, "libtls.suites", NULL);
|
||||||
if (config)
|
if (config)
|
||||||
{
|
{
|
||||||
for (i = 0; i < *count; i++)
|
for (i = 0; i < *count; i++)
|
||||||
|
@ -892,6 +895,7 @@ static void filter_specific_config_suites(private_tls_crypto_t *this,
|
||||||
enumerator->destroy(enumerator);
|
enumerator->destroy(enumerator);
|
||||||
}
|
}
|
||||||
*count = remaining;
|
*count = remaining;
|
||||||
|
free(config);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue