memcpy(password, data.ptr, data.len);
password[data.len] = '\0';
- service = lib->settings->alloc_str(lib->settings,
+ service = lib->settings->get_str(lib->settings,
"charon.plugins.eap-gtc.pam_service", GTC_PAM_SERVICE);
if (!authenticate(service, user, password))
{
- free(service);
return FAILED;
}
- free(service);
return SUCCESS;
}
eap_code_t phase2_result;
/**
- * Outer phase 1 EAP method
+ * Outer phase 1 EAP method
*/
eap_method_t *ph1_method;
/**
- * Current phase 2 EAP method
+ * Current phase 2 EAP method
*/
eap_method_t *ph2_method;
/**
- * Pending outbound EAP message
+ * Pending outbound EAP message
*/
eap_payload_t *out;
char *eap_type_str;
eap_type_t type;
- eap_type_str = lib->settings->alloc_str(lib->settings,
+ eap_type_str = lib->settings->get_str(lib->settings,
"charon.plugins.eap-peap.phase2_method", "mschapv2");
type = eap_type_from_string(eap_type_str);
- free(eap_type_str);
if (type == 0)
{
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
this->ph2_method->destroy(this->ph2_method);
this->ph2_method = NULL;
- /* EAP-PEAP requires the sending of an inner EAP_SUCCESS message */
- this->phase2_result = EAP_SUCCESS;
+ /* EAP-PEAP requires the sending of an inner EAP_SUCCESS message */
+ this->phase2_result = EAP_SUCCESS;
this->out = eap_payload_create_code(this->phase2_result, 1 +
this->ph1_method->get_identifier(this->ph1_method));
return NEED_MORE;
DBG1(DBG_IKE, "%N method failed", eap_type_names, type);
}
/* EAP-PEAP requires the sending of an inner EAP_FAILURE message */
- this->phase2_result = EAP_FAILURE;
+ this->phase2_result = EAP_FAILURE;
this->out = eap_payload_create_code(this->phase2_result, 1 +
this->ph1_method->get_identifier(this->ph1_method));
return NEED_MORE;
this->ph2_method->initiate(this->ph2_method, &this->out);
this->start_phase2 = FALSE;
}
-
+
this->start_phase2_id = TRUE;
if (this->out)
this->peer->destroy(this->peer);
this->server->destroy(this->server);
this->client->destroy(this->client);
- free(this->id_prefix);
free(this);
}
.type = EAP_RADIUS,
.eap_start = lib->settings->get_bool(lib->settings,
"charon.plugins.eap-radius.eap_start", FALSE),
- .id_prefix = lib->settings->alloc_str(lib->settings,
+ .id_prefix = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.id_prefix", ""),
.class_group = lib->settings->get_bool(lib->settings,
"charon.plugins.eap-radius.class_group", FALSE),
this->client = radius_client_create();
if (!this->client)
{
- free(this->id_prefix);
free(this);
return NULL;
}
char *nas_identifier, *secret, *address, *section;
int port, sockets, preference;
- address = lib->settings->alloc_str(lib->settings,
+ address = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.server", NULL);
if (address)
{ /* legacy configuration */
- secret = lib->settings->alloc_str(lib->settings,
+ secret = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.secret", NULL);
if (!secret)
{
DBG1(DBG_CFG, "no RADUIS secret defined");
- free(address);
return;
}
- nas_identifier = lib->settings->alloc_str(lib->settings,
+ nas_identifier = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.nas_identifier", "strongSwan");
port = lib->settings->get_int(lib->settings,
"charon.plugins.eap-radius.port", RADIUS_PORT);
"charon.plugins.eap-radius.sockets", 1);
server = radius_server_create(address, port, nas_identifier,
secret, sockets, 0);
- free(address);
- free(nas_identifier);
- free(secret);
if (!server)
{
DBG1(DBG_CFG, "no RADUIS server defined");
"charon.plugins.eap-radius.servers");
while (enumerator->enumerate(enumerator, §ion))
{
- address = lib->settings->alloc_str(lib->settings,
+ address = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.servers.%s.address", NULL, section);
if (!address)
{
DBG1(DBG_CFG, "RADIUS server '%s' misses address, skipped", section);
continue;
}
- secret = lib->settings->alloc_str(lib->settings,
+ secret = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.servers.%s.secret", NULL, section);
if (!secret)
{
DBG1(DBG_CFG, "RADIUS server '%s' misses secret, skipped", section);
- free(address);
continue;
}
- nas_identifier = lib->settings->alloc_str(lib->settings,
+ nas_identifier = lib->settings->get_str(lib->settings,
"charon.plugins.eap-radius.servers.%s.nas_identifier",
"strongSwan", section);
port = lib->settings->get_int(lib->settings,
"charon.plugins.eap-radius.servers.%s.preference", 0, section);
server = radius_server_create(address, port, nas_identifier,
secret, sockets, preference);
- free(address);
- free(nas_identifier);
- free(secret);
if (!server)
{
DBG1(DBG_CFG, "loading RADIUS server '%s' failed, skipped", section);
.destroy = _destroy,
},
.reachable = TRUE,
- .nas_identifier = chunk_clone(chunk_create(nas_identifier,
- strlen(nas_identifier))),
+ .nas_identifier = chunk_create(nas_identifier, strlen(nas_identifier)),
.socket_count = sockets,
.sockets = linked_list_create(),
.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
destroy(this);
return NULL;
}
- this->secret = chunk_clone(secret);
+ this->secret = secret;
this->signer->set_key(this->signer, secret);
/* we use a random identifier, helps if we restart often */
this->identifier = random();
/** Maximum number of EAP-TNC messages/fragments allowed */
-#define MAX_MESSAGE_COUNT 10
+#define MAX_MESSAGE_COUNT 10
/** Default size of a EAP-TNC fragment */
#define MAX_FRAGMENT_LEN 50000
"charon.plugins.eap-tnc.fragment_size", MAX_FRAGMENT_LEN);
max_msg_count = lib->settings->get_int(lib->settings,
"charon.plugins.eap-tnc.max_message_count", MAX_MESSAGE_COUNT);
- protocol = lib->settings->alloc_str(lib->settings,
+ protocol = lib->settings->get_str(lib->settings,
"charon.plugins.eap-tnc.protocol", "tnccs-1.1");
if (strcaseeq(protocol, "tnccs-2.0"))
{
else
{
DBG1(DBG_TNC, "TNCCS protocol '%s' not supported", protocol);
- free(protocol);
free(this);
return NULL;
}
- free(protocol);
tnccs = charon->tnccs->create_instance(charon->tnccs, type, is_server);
this->tls_eap = tls_eap_create(EAP_TNC, (tls_t*)tnccs, frag_size, max_msg_count);
if (!this->tls_eap)
bool start_phase2_tnc;
/**
- * Current phase 2 EAP method
+ * Current phase 2 EAP method
*/
eap_method_t *method;
/**
- * Pending outbound EAP message
+ * Pending outbound EAP message
*/
eap_payload_t *out;
char *eap_type_str;
eap_type_t type;
- eap_type_str = lib->settings->alloc_str(lib->settings,
+ eap_type_str = lib->settings->get_str(lib->settings,
"charon.plugins.eap-ttls.phase2_method", "md5");
type = eap_type_from_string(eap_type_str);
- free(eap_type_str);
if (type == 0)
{
DBG1(DBG_IKE, "unrecognized phase2 method \"%s\"", eap_type_str);
this->peer_cfg->destroy(this->peer_cfg);
DESTROY_IF(this->proposal);
DESTROY_IF(this->vip);
- free(this->pool);
- free(this->remote);
- free(this->initiator_auth);
- free(this->responder_auth);
free(this);
}
{
this->vip = host_create_from_string("0.0.0.0", 0);
}
- this->pool = lib->settings->alloc_str(lib->settings,
+ this->pool = lib->settings->get_str(lib->settings,
"charon.plugins.load-tester.pool", NULL);
- this->remote = lib->settings->alloc_str(lib->settings,
+ this->remote = lib->settings->get_str(lib->settings,
"charon.plugins.load-tester.remote", "127.0.0.1");
this->proposal = proposal_create_from_string(PROTO_IKE,
this->child_rekey = lib->settings->get_int(lib->settings,
"charon.plugins.load-tester.child_rekey", 600);
- this->initiator_auth = lib->settings->alloc_str(lib->settings,
+ this->initiator_auth = lib->settings->get_str(lib->settings,
"charon.plugins.load-tester.initiator_auth", "pubkey");
- this->responder_auth = lib->settings->alloc_str(lib->settings,
+ this->responder_auth = lib->settings->get_str(lib->settings,
"charon.plugins.load-tester.responder_auth", "pubkey");
this->port = lib->settings->get_int(lib->settings,
* Next IMC ID to be assigned
*/
TNC_IMCID next_imc_id;
-
- /**
- * Preferred language
- */
- char *preferred_language;
};
METHOD(imc_manager_t, add, bool,
METHOD(imc_manager_t, get_preferred_language, char*,
private_tnc_imc_manager_t *this)
{
- return this->preferred_language;
+ return lib->settings->get_str(lib->settings,
+ "charon.plugins.tnc-imc.preferred_language", "en");
}
METHOD(imc_manager_t, notify_connection_change, void,
imc->destroy(imc);
}
this->imcs->destroy(this->imcs);
- free(this->preferred_language);
free(this);
}
},
.imcs = linked_list_create(),
.next_imc_id = 1,
- .preferred_language = lib->settings->alloc_str(lib->settings,
- "charon.plugins.tnc-imc.preferred_language", "en");
);
return &this->public;
host_t *host;
char *str;
- str = lib->settings->alloc_str(lib->settings, "%s.%s%d", NULL,
- hydra->daemon, key, nr);
+ str = lib->settings->get_str(lib->settings, "%s.%s%d", NULL, hydra->daemon,
+ key, nr);
if (str)
{
host = host_create_from_string(str, 0);
configuration_attribute_type_names, entry->type, &entry->value);
this->attributes->insert_last(this->attributes, entry);
}
- free(str);
}
}
static void destroy(private_resolve_handler_t *this)
{
this->mutex->destroy(this->mutex);
- free(this->file);
free(this);
}
this->public.destroy = (void(*)(resolve_handler_t*))destroy;
this->mutex = mutex_create(MUTEX_TYPE_DEFAULT);
- this->file = lib->settings->alloc_str(lib->settings,
+ this->file = lib->settings->get_str(lib->settings,
"%s.plugins.resolve.file", RESOLV_CONF, hydra->daemon);
return &this->public;
if (!engine_id)
{
- engine_id = lib->settings->alloc_str(lib->settings,
+ engine_id = lib->settings->get_str(lib->settings,
"libstrongswan.plugins.openssl.engine_id", "pkcs11");
}
engine = ENGINE_by_id(engine_id);
if (!engine)
{
DBG2(DBG_LIB, "engine '%s' is not available", engine_id);
- goto engine_failed;
+ return NULL;
}
if (!ENGINE_init(engine))
{
DBG1(DBG_LIB, "failed to initialize engine '%s'", engine_id);
- goto engine_failed;
+ ENGINE_free(engine);
+ return NULL;
}
if (!login(engine, keyid))
{
DBG1(DBG_LIB, "login to engine '%s' failed", engine_id);
- goto engine_failed;
+ ENGINE_free(engine);
+ return NULL;
}
key = ENGINE_load_private_key(engine, keyname, NULL, NULL);
if (!key)
{
DBG1(DBG_LIB, "failed to load private key with ID '%s' from "
"engine '%s'", keyname, engine_id);
- goto engine_failed;
+ ENGINE_free(engine);
+ return NULL;
}
ENGINE_free(engine);
- free(engine_id);
this = create_empty();
this->rsa = EVP_PKEY_get1_RSA(key);
#else /* OPENSSL_NO_ENGINE */
return NULL;
#endif /* OPENSSL_NO_ENGINE */
-engine_failed:
- if (engine)
- {
- ENGINE_free(engine);
- }
- free(engine_id);
- return NULL;
}
{
entry->job->cancel(entry->job);
}
- DESTROY_IF(entry->lib);
- free(entry->path);
+ entry->lib->destroy(entry->lib);
free(entry);
}
.this = this,
);
- entry->path = lib->settings->alloc_str(lib->settings,
+ entry->path = lib->settings->get_str(lib->settings,
"libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module);
if (!entry->path)
{
DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module);
- lib_entry_destroy(entry);
+ free(entry);
continue;
}
entry->lib = pkcs11_library_create(module, entry->path,
FALSE, module));
if (!entry->lib)
{
- lib_entry_destroy(entry);
+ free(entry);
continue;
}
this->libs->insert_last(this->libs, entry);
return def;
}
-METHOD(settings_t, alloc_str, char*,
- private_settings_t *this, char *key, char *def, ...)
-{
- char *value;
- va_list args;
-
- va_start(args, def);
- /* additional lock to savely strdup */
- this->lock->read_lock(this->lock);
- value = strdupnull(find_value(this, this->top, key, args) ?: def);
- this->lock->unlock(this->lock);
- va_end(args);
- return value;
-}
-
/**
* Described in header
*/
INIT(this,
.public = {
.get_str = _get_str,
- .alloc_str = _alloc_str,
.get_int = _get_int,
.get_double = _get_double,
.get_time = _get_time,
/**
* Get a settings value as a string.
*
- * This functions returns a string held by settings_t. It is not thread
- * save, a thread calling load_files might free the returned string at
- * any time. Use the thread save alloc_str if a different thread might
- * call load_files() or set_str().
- *
* @param key key including sections, printf style format
* @param def value returned if key not found
* @param ... argument list for key
- * @return value pointing to internal string, not to be freed
+ * @return value pointing to internal string
*/
char* (*get_str)(settings_t *this, char *key, char *def, ...);
- /**
- * Get a settings value as a string, thread save variant.
- *
- * This function is identical to get_str, but is thread save. It allocates
- * a copy for the returned string which must be freed.
- *
- * @param key key including sections, printf style format
- * @param def value returned if key not found
- * @param ... argument list for key
- * @return allocated string, to be free
- */
- char* (*alloc_str)(settings_t *this, char *key, char *def, ...);
-
/**
* Get a boolean yes|no, true|false value.
*
int i, remaining = 0;
char *token, *config;
- config = lib->settings->alloc_str(lib->settings, "libtls.key_exchange", NULL);
+ config = lib->settings->get_str(lib->settings, "libtls.key_exchange", NULL);
if (config)
{
for (i = 0; i < *count; i++)
enumerator->destroy(enumerator);
}
*count = remaining;
- free(config);
}
}
int i, remaining = 0;
char *token, *config;
- config = lib->settings->alloc_str(lib->settings, "libtls.cipher", NULL);
+ config = lib->settings->get_str(lib->settings, "libtls.cipher", NULL);
if (config)
{
for (i = 0; i < *count; i++)
enumerator->destroy(enumerator);
}
*count = remaining;
- free(config);
}
}
int i, remaining = 0;
char *token, *config;
- config = lib->settings->alloc_str(lib->settings, "libtls.mac", NULL);
+ config = lib->settings->get_str(lib->settings, "libtls.mac", NULL);
if (config)
{
for (i = 0; i < *count; i++)
enumerator->destroy(enumerator);
}
*count = remaining;
- free(config);
}
}
int i, remaining = 0, suite;
char *token, *config;
- config = lib->settings->alloc_str(lib->settings, "libtls.suites", NULL);
+ config = lib->settings->get_str(lib->settings, "libtls.suites", NULL);
if (config)
{
for (i = 0; i < *count; i++)
enumerator->destroy(enumerator);
}
*count = remaining;
- free(config);
}
}
projects / thirdparty / strongswan.git / commitdiff
