зеркало из https://github.com/mozilla/gecko-dev.git
Keep a copy of the DER Crl.
This commit is contained in:
Родитель
695668b70f
Коммит
89b3664a5c
|
@ -33,7 +33,7 @@
|
|||
/*
|
||||
* certt.h - public data structures for the certificate library
|
||||
*
|
||||
* $Id: certt.h,v 1.13 2001/11/21 18:00:09 relyea%netscape.com Exp $
|
||||
* $Id: certt.h,v 1.14 2002/01/11 17:31:09 relyea%netscape.com Exp $
|
||||
*/
|
||||
#ifndef _CERTT_H_
|
||||
#define _CERTT_H_
|
||||
|
@ -402,6 +402,7 @@ struct CERTSignedCrlStr {
|
|||
PRArenaPool *arena;
|
||||
CERTCrl crl;
|
||||
/*certDBEntryRevocation *dbEntry; database entry struct */
|
||||
SECItem *derCrl;
|
||||
PK11SlotInfo *slot;
|
||||
/* PRBool keep; keep this crl in the cache for the session*/
|
||||
CK_OBJECT_HANDLE pkcs11ID;
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
/*
|
||||
* Moved from secpkcs7.c
|
||||
*
|
||||
* $Id: crl.c,v 1.5 2001/12/07 01:35:47 relyea%netscape.com Exp $
|
||||
* $Id: crl.c,v 1.6 2002/01/11 17:31:09 relyea%netscape.com Exp $
|
||||
*/
|
||||
|
||||
#include "cert.h"
|
||||
|
@ -344,6 +344,15 @@ CERT_DecodeDERCrl(PRArenaPool *narena, SECItem *derSignedCrl, int type)
|
|||
|
||||
crl->arena = arena;
|
||||
|
||||
crl->derCrl = (SECItem *)PORT_ArenaZAlloc(arena,sizeof(SECItem));
|
||||
if (crl->derCrl == NULL) {
|
||||
goto loser;
|
||||
}
|
||||
rv = SECITEM_CopyItem(arena, crl->derCrl, derSignedCrl);
|
||||
if (rv != SECSuccess) {
|
||||
goto loser;
|
||||
}
|
||||
|
||||
/* Save the arena in the inner crl for CRL extensions support */
|
||||
crl->crl.arena = arena;
|
||||
|
||||
|
@ -420,6 +429,9 @@ loser:
|
|||
if (slot) {
|
||||
PK11_FreeSlot(slot);
|
||||
}
|
||||
if (derCrl) {
|
||||
SECITEM_FreeItem(derCrl,PR_TRUE);
|
||||
}
|
||||
return(crl);
|
||||
}
|
||||
|
||||
|
@ -434,10 +446,20 @@ crl_storeCRL (PK11SlotInfo *slot,char *url,
|
|||
|
||||
oldCrl = SEC_FindCrlByKeyOnSlot(slot, &newCrl->crl.derName, type);
|
||||
|
||||
|
||||
|
||||
/* if there is an old crl, make sure the one we are installing
|
||||
* is newer. If not, exit out, otherwise delete the old crl.
|
||||
*/
|
||||
if (oldCrl != NULL) {
|
||||
/* if it's already there, quietly continue */
|
||||
if (SECITEM_CompareItem(newCrl->derCrl, oldCrl->derCrl)
|
||||
== SECEqual) {
|
||||
crl = newCrl;
|
||||
crl->slot = PK11_ReferenceSlot(slot);
|
||||
crl->pkcs11ID = oldCrl->pkcs11ID;
|
||||
goto done;
|
||||
}
|
||||
if (!SEC_CrlIsNewer(&newCrl->crl,&oldCrl->crl)) {
|
||||
|
||||
if (type == SEC_CRL_TYPE) {
|
||||
|
|
Загрузка…
Ссылка в новой задаче