mem-cred: Add a method to unify certificate references, without adding it

In contrast to add_cert_ref(), get_cert_ref() does not add the certificate to
the set, but only finds a reference to the same certificate, if found.

src/libstrongswan/credentials/sets/mem_cred.c

@@ -192,6 +192,24 @@ METHOD(mem_cred_t, add_cert_ref, certificate_t*,
 	return add_cert_internal(this, trusted, cert);
 }
 
+METHOD(mem_cred_t, get_cert_ref, certificate_t*,
+	private_mem_cred_t *this, certificate_t *cert)
+{
+	certificate_t *cached;
+
+	this->lock->write_lock(this->lock);
+	if (this->untrusted->find_first(this->untrusted,
+									(linked_list_match_t)certificate_equals,
+									(void**)&cached, cert) == SUCCESS)
+	{
+		cert->destroy(cert);
+		cert = cached->get_ref(cached);
+	}
+	this->lock->unlock(this->lock);
+
+	return cert;
+}
+
 METHOD(mem_cred_t, add_crl, bool,
 	private_mem_cred_t *this, crl_t *crl)
 {
@@ -736,6 +754,7 @@ mem_cred_t *mem_cred_create()
 			},
 			.add_cert = _add_cert,
 			.add_cert_ref = _add_cert_ref,
+			.get_cert_ref = _get_cert_ref,
 			.add_crl = _add_crl,
 			.add_key = _add_key,
 			.add_shared = _add_shared,

src/libstrongswan/credentials/sets/mem_cred.h

@@ -58,6 +58,18 @@ struct mem_cred_t {
 	certificate_t *(*add_cert_ref)(mem_cred_t *this, bool trusted,
 								   certificate_t *cert);
 
+	/**
+	 * Get an existing reference to the same certificate.
+	 *
+	 * Searches for the same certficate in the set, and returns a reference
+	 * to it, destroying the passed certificate. If the passed certificate
+	 * is not found, it is just returned.
+	 *
+	 * @param cert			certificate to look up
+	 * @return				the same certificate, potentially different instance
+	 */
+	certificate_t* (*get_cert_ref)(mem_cred_t *this, certificate_t *cert);
+
 	/**
 	 * Add an X.509 CRL to the credential set.
 	 *