Add support for IKEv2 OCSP extensions (RFC 4806)

[thirdparty/strongswan.git] / src / libstrongswan / credentials / credential_manager.c

diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index d66a6e9a4a174797edcc8ef5201bcd99eba02275..f3b0af0cf6cbe259100f6d06be91519eb10cd359 100644 (file)
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -1352,6 +1352,33 @@ METHOD(credential_manager_t, get_private, private_key_t*,
        return private;
 }
 
+METHOD(credential_manager_t, get_ocsp, certificate_t*,
+       private_credential_manager_t *this, certificate_t *subject,
+       certificate_t *issuer)
+{
+       cert_validator_t *validator;
+       enumerator_t *enumerator;
+       certificate_t *response = NULL;
+
+       this->lock->read_lock(this->lock);
+       enumerator = this->validators->create_enumerator(this->validators);
+       while (enumerator->enumerate(enumerator, &validator))
+       {
+               if (validator->ocsp)
+               {
+                       response = validator->ocsp(validator, subject, issuer);
+                       if (response)
+                       {
+                               break;
+                       }
+               }
+       }
+       enumerator->destroy(enumerator);
+       this->lock->unlock(this->lock);
+
+       return response;
+}
+
 METHOD(credential_manager_t, flush_cache, void,
        private_credential_manager_t *this, certificate_type_t type)
 {
@@ -1427,6 +1454,7 @@ credential_manager_t *credential_manager_create()
                        .get_cert = _get_cert,
                        .get_shared = _get_shared,
                        .get_private = _get_private,
+                       .get_ocsp = _get_ocsp,
                        .create_trusted_enumerator = _create_trusted_enumerator,
                        .create_public_enumerator = _create_public_enumerator,
                        .flush_cache = _flush_cache,