enumerator = enumerator_create_token(cert, ",", " ");
while (enumerator->enumerate(enumerator, &cert))
{
- certificate = this->cred->load_peer(this->cred, cert);
+ if (strpfx(cert, "cga:"))
+ {
+ certificate = this->cred->load_cga(this->cred, cert + 4);
+ }
+ else
+ {
+ certificate = this->cred->load_peer(this->cred, cert);
+ }
if (certificate)
{
if (local)
return NULL;
}
+METHOD(stroke_cred_t, load_cga, certificate_t*,
+ private_stroke_cred_t *this, char *filename)
+{
+ certificate_t *cert;
+ char path[PATH_MAX];
+
+ if (*filename == '/')
+ {
+ snprintf(path, sizeof(path), "%s", filename);
+ }
+ else
+ {
+ snprintf(path, sizeof(path), "%s/%s", CERTIFICATE_DIR, filename);
+ }
+ cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_CGA_PARAMS,
+ BUILD_FROM_FILE, path, BUILD_END);
+ if (cert)
+ {
+ cert = this->creds->add_cert_ref(this->creds, TRUE, cert);
+ DBG1(DBG_CFG, " loaded CGA parameters \"%Y\" from '%s'",
+ cert->get_subject(cert), filename);
+ return cert;
+ }
+ DBG1(DBG_CFG, " loading CGA parameters from '%s' failed", filename);
+ return NULL;
+}
+
/**
* load trusted certificates from a directory
*/
.load_ca = _load_ca,
.load_peer = _load_peer,
.load_pubkey = _load_pubkey,
+ .load_cga = _load_cga,
.add_shared = _add_shared,
.cachecrl = _cachecrl,
.destroy = _destroy,
certificate_t* (*load_pubkey)(stroke_cred_t *this, char *filename,
identification_t *identity);
+ /**
+ * Load CGA parameters from file.
+ *
+ * @param filename file to read CGA parameters from
+ * @return CGA parameters, as certificate
+ */
+ certificate_t* (*load_cga)(stroke_cred_t *this, char *filename);
+
/**
* Add a shared secret to serve through the credential_set.
*
projects / thirdparty / strongswan.git / commitdiff
