diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2007-04-03 21:11:23 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2007-04-03 21:11:23 +0000 |
| commit | a0eaa59b501e0c2b07263b73552c23439533c5ca (patch) | |
| tree | ed2e5e2988482157cec0c3c4bfa18aa66079cee9 | |
| parent | 5d6dc162f2a2d84b4d61429269d94d1d018db324 (diff) | |
| download | strongswan-a0eaa59b501e0c2b07263b73552c23439533c5ca.tar.bz2 strongswan-a0eaa59b501e0c2b07263b73552c23439533c5ca.tar.xz | |
implemented dynamic http-based CRL fetching
| -rw-r--r-- | src/charon/config/credentials/local_credential_store.c | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/src/charon/config/credentials/local_credential_store.c b/src/charon/config/credentials/local_credential_store.c index 1a5a1f47f..ed6a760b8 100644 --- a/src/charon/config/credentials/local_credential_store.c +++ b/src/charon/config/credentials/local_credential_store.c @@ -660,12 +660,12 @@ static bool verify(private_local_credential_store_t *this, x509_t *cert, bool *f } /* first check certificate revocation using ocsp */ - status = issuer->verify_by_ocsp(issuer, cert, certinfo, &this->public.credential_store); + status = issuer->verify_by_ocsp(issuer, certinfo, &this->public.credential_store); /* if ocsp service is not available then fall back to crl */ if ((status == CERT_UNDEFINED) || (status == CERT_UNKNOWN && this->strict)) { - status = issuer->verify_by_crl(issuer, cert, certinfo); + status = issuer->verify_by_crl(issuer, certinfo); } nextUpdate = certinfo->get_nextUpdate(certinfo); @@ -1097,12 +1097,7 @@ static void load_crls(private_local_credential_store_t *this) crl = crl_create_from_file(file); if (crl) { - err_t ugh = crl->is_valid(crl, NULL, this->strict); - - if (ugh != NULL) - { - DBG1(DBG_CFG, " warning: crl %s", ugh); - } + DBG1(DBG_CFG, "crl is %s", crl->is_valid(crl)? "valid":"stale"); add_crl(this, crl); } } |