pin_data.keyid = chunk;
pin_data.try = 1;
cb = callback_cred_create_shared((void*)pin_cb, &pin_data);
- lib->credmgr->add_local_set(lib->credmgr, &cb->set);
+ lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
}
else
{
id = identification_create_from_encoding(ID_KEY_ID, chunk);
mem = mem_cred_create();
mem->add_shared(mem, shared, id, NULL);
- lib->credmgr->add_local_set(lib->credmgr, &mem->set);
+ lib->credmgr->add_local_set(lib->credmgr, &mem->set, FALSE);
}
/* unlock: smartcard needs the pin and potentially calls public set */
pp_data.path = path;
pp_data.try = 1;
cb = callback_cred_create_shared((void*)passphrase_cb, &pp_data);
- lib->credmgr->add_local_set(lib->credmgr, &cb->set);
+ lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, key_type,
BUILD_FROM_FILE, path, BUILD_END);
shared = shared_key_create(SHARED_PRIVATE_KEY_PASS, secret);
mem = mem_cred_create();
mem->add_shared(mem, shared, NULL);
- lib->credmgr->add_local_set(lib->credmgr, &mem->set);
+ lib->credmgr->add_local_set(lib->credmgr, &mem->set, FALSE);
key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, key_type,
BUILD_FROM_FILE, path, BUILD_END);
*/
thread_value_t *local_sets;
+ /**
+ * Exclusive local sets, linked_list_t with credential_set_t
+ */
+ thread_value_t *exclusive_local_sets;
+
/**
* trust relationship and certificate cache
*/
enumerator_t *global;
/** enumerator over local sets */
enumerator_t *local;
+ /** enumerator over exclusive local sets */
+ enumerator_t *exclusive;
} sets_enumerator_t;
METHOD(enumerator_t, sets_enumerate, bool,
sets_enumerator_t *this, credential_set_t **set)
{
+ if (this->exclusive)
+ {
+ if (this->exclusive->enumerate(this->exclusive, set))
+ { /* only enumerate last added */
+ this->exclusive->destroy(this->exclusive);
+ this->exclusive = NULL;
+ return TRUE;
+ }
+ }
if (this->global)
{
if (this->global->enumerate(this->global, set))
{
DESTROY_IF(this->global);
DESTROY_IF(this->local);
+ DESTROY_IF(this->exclusive);
free(this);
}
static enumerator_t *create_sets_enumerator(private_credential_manager_t *this)
{
sets_enumerator_t *enumerator;
- linked_list_t *local;
+ linked_list_t *list;
INIT(enumerator,
.public = {
.enumerate = (void*)_sets_enumerate,
.destroy = _sets_destroy,
},
- .global = this->sets->create_enumerator(this->sets),
);
- local = this->local_sets->get(this->local_sets);
- if (local)
+
+ list = this->exclusive_local_sets->get(this->exclusive_local_sets);
+ if (list && list->get_count(list))
{
- enumerator->local = local->create_enumerator(local);
+ enumerator->exclusive = list->create_enumerator(list);
+ }
+ else
+ {
+ enumerator->global = this->sets->create_enumerator(this->sets);
+ list = this->local_sets->get(this->local_sets);
+ if (list)
+ {
+ enumerator->local = list->create_enumerator(list);
+ }
}
return &enumerator->public;
}
}
METHOD(credential_manager_t, add_local_set, void,
- private_credential_manager_t *this, credential_set_t *set)
+ private_credential_manager_t *this, credential_set_t *set, bool exclusive)
{
linked_list_t *sets;
+ thread_value_t *tv;
- sets = this->local_sets->get(this->local_sets);
+ if (exclusive)
+ {
+ tv = this->exclusive_local_sets;
+ }
+ else
+ {
+ tv = this->local_sets;
+ }
+ sets = tv->get(tv);
if (!sets)
- { /* first invocation */
+ {
sets = linked_list_create();
- this->local_sets->set(this->local_sets, sets);
+ tv->set(tv, sets);
+ }
+ if (exclusive)
+ {
+ sets->insert_first(sets, set);
+ }
+ else
+ {
+ sets->insert_last(sets, set);
}
- sets->insert_last(sets, set);
}
METHOD(credential_manager_t, remove_local_set, void,
private_credential_manager_t *this, credential_set_t *set)
{
linked_list_t *sets;
+ thread_value_t *tv;
- sets = this->local_sets->get(this->local_sets);
- sets->remove(sets, set, NULL);
- if (sets->get_count(sets) == 0)
+ tv = this->local_sets;
+ sets = tv->get(tv);
+ if (sets && sets->remove(sets, set, NULL) && sets->get_count(sets) == 0)
+ {
+ tv->set(tv, NULL);
+ sets->destroy(sets);
+ }
+ tv = this->exclusive_local_sets;
+ sets = tv->get(tv);
+ if (sets && sets->remove(sets, set, NULL) && sets->get_count(sets) == 0)
{
- this->local_sets->set(this->local_sets, NULL);
+ tv->set(tv, NULL);
sets->destroy(sets);
}
}
if (auth)
{
enumerator->wrapper = auth_cfg_wrapper_create(auth);
- add_local_set(this, &enumerator->wrapper->set);
+ add_local_set(this, &enumerator->wrapper->set, FALSE);
}
this->lock->read_lock(this->lock);
return &enumerator->public;
this->sets->remove(this->sets, this->cache, NULL);
this->sets->destroy(this->sets);
this->local_sets->destroy(this->local_sets);
+ this->exclusive_local_sets->destroy(this->exclusive_local_sets);
this->cache->destroy(this->cache);
this->validators->destroy(this->validators);
this->lock->destroy(this->lock);
);
this->local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
+ this->exclusive_local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
this->sets->insert_first(this->sets, this->cache);
return &this->public;
callback_cred_t *cb;
cb = callback_cred_create_shared((void*)whack_pass_cb, pass);
- lib->credmgr->add_local_set(lib->credmgr, &cb->set);
+ lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_FROM_FILE, path, BUILD_END);
shared_key_t *shared;
mem = mem_cred_create();
- lib->credmgr->add_local_set(lib->credmgr, &mem->set);
+ lib->credmgr->add_local_set(lib->credmgr, &mem->set, FALSE);
shared = shared_key_create(SHARED_PRIVATE_KEY_PASS,
chunk_clone(chunk_create(pass->secret, strlen(pass->secret))));
mem->add_shared(mem, shared, NULL);
projects / thirdparty / strongswan.git / commitdiff
