From abadd47736cff58467ed9cf8c40742a5e889d1d0 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 11 Aug 2025 15:37:51 +0200 Subject: [PATCH] charon-cmd: Cache shared secret under identities if available We won't have identities for private key passwords, but we do for EAP identities and they might get reused if redirected. --- src/charon-cmd/cmd/cmd_creds.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/charon-cmd/cmd/cmd_creds.c b/src/charon-cmd/cmd/cmd_creds.c index e2bc4b9c28..6ad6783a2f 100644 --- a/src/charon-cmd/cmd/cmd_creds.c +++ b/src/charon-cmd/cmd/cmd_creds.c @@ -71,6 +71,7 @@ static shared_key_t* callback_shared(private_cmd_creds_t *this, id_match_t *match_me, id_match_t *match_other) { shared_key_t *shared; + linked_list_t *owners; char *label, *pwd = NULL; if (type == this->prompted) @@ -113,7 +114,16 @@ static shared_key_t* callback_shared(private_cmd_creds_t *this, shared = shared_key_create(type, chunk_clone(chunk_from_str(pwd))); memwipe(pwd, strlen(pwd)); /* cache password in case it is required more than once */ - this->creds->add_shared(this->creds, shared, NULL); + owners = linked_list_create(); + if (me) + { + owners->insert_last(owners, me->clone(me)); + } + if (other && other->get_type(other) != ID_ANY) + { + owners->insert_last(owners, other->clone(other)); + } + this->creds->add_shared_list(this->creds, shared, owners); return shared->get_ref(shared); } -- 2.47.3