ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

implemented rereadcrls rereadcacerts

This commit is contained in:
Andreas Steffen 2006-06-20 06:08:33 +00:00
parent a8ed64c494
commit 76dafed7a7
8 changed files with 137 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/libstrongswan/crypto/crl.c
View File

@ -331,6 +331,14 @@ static err_t is_valid(const private_crl_t *this, time_t *until, bool strict)
return NULL;
}
/**
* Implements crl_t.is_newer
*/
static bool is_newer(const private_crl_t *this, const private_crl_t *other)
{
return (this->nextUpdate > other->nextUpdate);
}
/**
* Implements crl_t.get_issuer
*/
@ -435,7 +443,8 @@ crl_t *crl_create_from_chunk(chunk_t chunk)
this->public.is_valid = (err_t (*) (const crl_t*,time_t*))is_valid;
this->public.destroy = (void (*) (crl_t*))destroy;
this->public.get_issuer = (identification_t* (*) (const crl_t*))get_issuer;
this->public.equals_issuer = (bool (*) (const crl_t*, const crl_t*))equals_issuer;
this->public.equals_issuer = (bool (*) (const crl_t*,const crl_t*))equals_issuer;
this->public.is_newer = (bool (*) (const crl_t*,const crl_t*))is_newer;
this->public.log_crl = (void (*) (const crl_t*,logger_t*,bool,bool))log_crl;
/* we do not use a per-instance logger right now, since its not always accessible */

13
src/libstrongswan/crypto/crl.h
View File

@ -77,13 +77,22 @@ struct crl_t {
/**
* @brief Checks the validity interval of the crl
*
* @param this certificate being examined
* @param this calling object
* @param until until = min(until, nextUpdate) if strict == TRUE
* @param strict nextUpdate restricts the validiat
* @param strict nextUpdate restricts the validity
* @return NULL if the crl is valid
*/
err_t (*is_valid) (const crl_t *this, time_t *until, bool strict);
/**
* @brief Checks if this crl is newer (thisUpdate) than the other crl
*
* @param this calling object
* @param other other crl object
* @return TRUE if this was issued more recently than other
*/
bool (*is_newer) (const crl_t *this, const crl_t *other);
/**
* @brief Check if a certificate has been revoked.
*

2
src/libstrongswan/utils/linked_list.c
View File

@ -665,7 +665,7 @@ static status_t get_last(private_linked_list_t *this, void **item)
/**
* Implementation of linked_list_t.create_iterator.
*/
static iterator_t *create_iterator (private_linked_list_t *linked_list,bool forward)
static iterator_t *create_iterator (private_linked_list_t *linked_list, bool forward)
{
private_iterator_t *this = malloc_thing(private_iterator_t);

27
src/stroke/stroke.c
View File

@ -193,6 +193,22 @@ static int list(stroke_keyword_t kw, bool utc)
return send_stroke_msg(&msg);
}
static int reread_flags[] = {
REREAD_CACERTS,
REREAD_CRLS,
REREAD_ALL
};
static int reread(stroke_keyword_t kw)
{
stroke_msg_t msg;
msg.type = STR_REREAD;
msg.length = offsetof(stroke_msg_t, buffer);
msg.reread.flags = reread_flags[kw - STROKE_REREAD_FIRST];
return send_stroke_msg(&msg);
}
static int set_logtype(char *context, char *type, int enable)
{
stroke_msg_t msg;
@ -257,8 +273,10 @@ static void exit_usage(char *error)
printf(" LEVEL is 0|1|2|3\n");
printf(" Show connection status:\n");
printf(" stroke status\n");
printf(" Show list of locally loaded certificates:\n");
printf(" stroke listcerts\n");
printf(" Show list of locally loaded certificates and crls:\n");
printf(" stroke listcerts|listcacerts|listcrls|listall\n");
printf(" Reload ca certificates and crls:\n");
printf(" stroke rereadcacerts|rereadcrls|rereadall\n");
exit_error(error);
}
@ -338,6 +356,11 @@ int main(int argc, char *argv[])
case STROKE_LIST_ALL:
res = list(token->kw, argc > 2 && streq(argv[2], "--utc"));
break;
case STROKE_REREAD_CACERTS:
case STROKE_REREAD_CRLS:
case STROKE_REREAD_ALL:
res = reread(token->kw);
break;
default:
exit_usage(NULL);
}

20
src/stroke/stroke.h
View File

@ -39,6 +39,14 @@
#define LIST_CRLS 0x0004 /* list all crls */
#define LIST_ALL 0x0007 /* all list options */
/**
* Definition of the REREAD flags
*/
#define REREAD_NONE 0x0000 /* don't reread anything */
#define REREAD_CACERTS 0x0001 /* reread all ca certs */
#define REREAD_CRLS 0x0002 /* reread all crls */
#define REREAD_ALL 0x0003 /* all reread options */
typedef struct stroke_end_t stroke_end_t;
struct stroke_end_t {
@ -80,8 +88,10 @@ struct stroke_msg_t {
STR_LOGTYPE,
/* set the verbosity of a logging context */
STR_LOGLEVEL,
/* show list of locally loaded certificates */
STR_LIST
/* list various objects */
STR_LIST,
/* reread various objects */
STR_REREAD
/* more to come */
} type;
@ -127,6 +137,12 @@ struct stroke_msg_t {
u_int flags;
bool utc;
} list;
/* data for STR_REREAD */
struct {
u_int flags;
} reread;
};
char buffer[STROKE_BUF_LEN];
};

95
src/stroke/stroke_keywords.c
View File

@ -56,12 +56,12 @@ struct stroke_token {
stroke_keyword_t kw;
};
#define TOTAL_KEYWORDS 14
#define TOTAL_KEYWORDS 17
#define MIN_WORD_LENGTH 2
#define MAX_WORD_LENGTH 11
#define MAX_WORD_LENGTH 13
#define MIN_HASH_VALUE 2
#define MAX_HASH_VALUE 21
/* maximum key range = 20, duplicates = 0 */
#define MAX_HASH_VALUE 23
/* maximum key range = 22, duplicates = 0 */
#ifdef __GNUC__
__inline
@ -77,32 +77,32 @@ hash (str, len)
{
static const unsigned char asso_values[] =
{
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
0, 15, 22, 22, 22, 5, 22, 22, 22, 22,
22, 0, 0, 22, 22, 22, 0, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
20, 0, 24, 24, 24, 10, 24, 24, 24, 24,
24, 0, 0, 24, 24, 24, 5, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
24, 24, 24, 24, 24, 24
};
return len + asso_values[(unsigned char)str[1]];
}
@ -110,24 +110,27 @@ hash (str, len)
static const struct stroke_token wordlist[] =
{
{""}, {""},
{"up", STROKE_UP},
{"add", STROKE_ADD},
{"down", STROKE_DOWN},
{"route", STROKE_ROUTE},
{"status", STROKE_STATUS},
{"logtype", STROKE_LOGTYPE},
{"loglevel", STROKE_LOGLEVEL},
{"statusall", STROKE_STATUSALL},
{""}, {""},
{"listall", STROKE_LIST_ALL},
{"listcrls", STROKE_LIST_CRLS},
{"listcerts", STROKE_LIST_CERTS},
{"up", STROKE_UP},
{"del", STROKE_DEL},
{"down", STROKE_DOWN},
{"route", STROKE_ROUTE},
{"delete", STROKE_DELETE},
{"logtype", STROKE_LOGTYPE},
{"loglevel", STROKE_LOGLEVEL},
{"rereadall", STROKE_REREAD_ALL},
{"rereadcrls", STROKE_REREAD_CRLS,},
{"status", STROKE_STATUS},
{""},
{"listcacerts", STROKE_LIST_CACERTS},
{""},
{"del", STROKE_DEL},
{"rereadcacerts", STROKE_REREAD_CACERTS,},
{"statusall", STROKE_STATUSALL},
{""}, {""},
{"delete", STROKE_DELETE}
{"listall", STROKE_LIST_ALL,},
{"listcrls", STROKE_LIST_CRLS},
{"listcerts", STROKE_LIST_CERTS},
{""},
{"listcacerts", STROKE_LIST_CACERTS},
{""},
{"add", STROKE_ADD}
};
#ifdef __GNUC__

8
src/stroke/stroke_keywords.h
View File

@ -32,10 +32,14 @@ typedef enum {
STROKE_LIST_CERTS,
STROKE_LIST_CACERTS,
STROKE_LIST_CRLS,
STROKE_LIST_ALL
STROKE_LIST_ALL,
STROKE_REREAD_CACERTS,
STROKE_REREAD_CRLS,
STROKE_REREAD_ALL
} stroke_keyword_t;
#define STROKE_LIST_FIRST STROKE_LIST_CERTS
#define STROKE_LIST_FIRST STROKE_LIST_CERTS
#define STROKE_REREAD_FIRST STROKE_REREAD_CACERTS
typedef struct stroke_token stroke_token_t;

31
src/stroke/stroke_keywords.txt
View File

@ -26,17 +26,20 @@ struct stroke_token {
stroke_keyword_t kw;
};
%%
add, STROKE_ADD
del, STROKE_DEL
delete, STROKE_DELETE
route, STROKE_ROUTE
up, STROKE_UP
down, STROKE_DOWN
logtype, STROKE_LOGTYPE
loglevel, STROKE_LOGLEVEL
status, STROKE_STATUS
statusall, STROKE_STATUSALL
listcerts, STROKE_LIST_CERTS
listcacerts, STROKE_LIST_CACERTS
listcrls, STROKE_LIST_CRLS
listall, STROKE_LIST_ALL
add, STROKE_ADD
del, STROKE_DEL
delete, STROKE_DELETE
route, STROKE_ROUTE
up, STROKE_UP
down, STROKE_DOWN
logtype, STROKE_LOGTYPE
loglevel, STROKE_LOGLEVEL
status, STROKE_STATUS
statusall, STROKE_STATUSALL
listcerts, STROKE_LIST_CERTS
listcacerts, STROKE_LIST_CACERTS
listcrls, STROKE_LIST_CRLS
listall, STROKE_LIST_ALL,
rereadcacerts, STROKE_REREAD_CACERTS,
rereadcrls, STROKE_REREAD_CRLS,
rereadall, STROKE_REREAD_ALL