* Password for EAP
*/
shared_key_t *pwd;
+
+ /**
+ * List of certificate distribution points to include in generated certs
+ */
+ linked_list_t *cdps;
};
/**
BUILD_NOT_BEFORE_TIME, now - 60 * 60 * 24,
BUILD_NOT_AFTER_TIME, now + 60 * 60 * 24,
BUILD_SERIAL, chunk_from_thing(serial),
+ BUILD_CRL_DISTRIBUTION_POINTS, this->cdps,
BUILD_END);
peer_key->destroy(peer_key);
sans->destroy(sans);
DESTROY_IF(this->ca);
this->psk->destroy(this->psk);
this->pwd->destroy(this->pwd);
+ this->cdps->destroy_function(this->cdps, free);
free(this);
}
load_tester_creds_t *load_tester_creds_create()
{
private_load_tester_creds_t *this;
- char *pwd, *psk, *digest;
+ char *pwd, *psk, *digest, *crl;
psk = lib->settings->get_str(lib->settings,
"%s.plugins.load-tester.preshared_key", default_psk, lib->ns);
"%s.plugins.load-tester.eap_password", default_pwd, lib->ns);
digest = lib->settings->get_str(lib->settings,
"%s.plugins.load-tester.digest", "sha1", lib->ns);
+ crl = lib->settings->get_str(lib->settings,
+ "%s.plugins.load-tester.crl", NULL, lib->ns);
INIT(this,
.public = {
.private = load_issuer_key(),
.ca = load_issuer_cert(),
.cas = linked_list_create(),
+ .cdps = linked_list_create(),
.psk = shared_key_create(SHARED_IKE,
chunk_clone(chunk_create(psk, strlen(psk)))),
.pwd = shared_key_create(SHARED_EAP,
this->digest = HASH_SHA1;
}
+ if (crl)
+ {
+ x509_cdp_t *cdp;
+
+ INIT(cdp,
+ .uri = crl,
+ );
+ this->cdps->insert_last(this->cdps, cdp);
+ }
+
load_ca_certs(this);
return &this->public;