diff options
author | Martin Willi <martin@strongswan.org> | 2008-03-27 06:37:29 +0000 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2008-03-27 06:37:29 +0000 |
commit | f957f7dfb32b18fd483285fa7feabd8514d34216 (patch) | |
tree | bc2acb35d6a3365b5f3761a1c8b51cdfba0021ad /src/charon/credentials | |
parent | d61bd27a9a1853aa246004903707dfa255578f23 (diff) | |
download | strongswan-f957f7dfb32b18fd483285fa7feabd8514d34216.tar.bz2 strongswan-f957f7dfb32b18fd483285fa7feabd8514d34216.tar.xz |
implemented cert cache flushing, ipsec purgeocsp
Diffstat (limited to 'src/charon/credentials')
-rw-r--r-- | src/charon/credentials/credential_manager.c | 12 | ||||
-rw-r--r-- | src/charon/credentials/credential_manager.h | 7 | ||||
-rw-r--r-- | src/charon/credentials/sets/cert_cache.c | 22 | ||||
-rw-r--r-- | src/charon/credentials/sets/cert_cache.h | 7 |
4 files changed, 48 insertions, 0 deletions
diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c index 35816a820..7c49d39a0 100644 --- a/src/charon/credentials/credential_manager.c +++ b/src/charon/credentials/credential_manager.c @@ -1223,6 +1223,17 @@ static private_key_t *get_private(private_credential_manager_t *this, } /** + * Implementation of credential_manager_t.flush_cache. + */ +static void flush_cache(private_credential_manager_t *this, + certificate_type_t type) +{ + this->mutex->lock(this->mutex); + this->cache->flush(this->cache, type); + this->mutex->unlock(this->mutex); +} + +/** * Implementation of credential_manager_t.add_set. */ static void add_set(private_credential_manager_t *this, @@ -1268,6 +1279,7 @@ credential_manager_t *credential_manager_create() this->public.get_shared = (shared_key_t *(*)(credential_manager_t *this,shared_key_type_t type,identification_t *me, identification_t *other))get_shared; this->public.get_private = (private_key_t*(*)(credential_manager_t*, key_type_t type, identification_t *, auth_info_t*))get_private; this->public.get_public = (public_key_t*(*)(credential_manager_t*, key_type_t type, identification_t *, auth_info_t*))get_public; + this->public.flush_cache = (void(*)(credential_manager_t*, certificate_type_t type))flush_cache; this->public.add_set = (void(*)(credential_manager_t*, credential_set_t *set))add_set; this->public.remove_set = (void(*)(credential_manager_t*, credential_set_t *set))remove_set; this->public.destroy = (void(*)(credential_manager_t*))destroy; diff --git a/src/charon/credentials/credential_manager.h b/src/charon/credentials/credential_manager.h index 816b9028e..ca22f98a2 100644 --- a/src/charon/credentials/credential_manager.h +++ b/src/charon/credentials/credential_manager.h @@ -160,6 +160,13 @@ struct credential_manager_t { identification_t *id, auth_info_t *auth); /** + * Flush the certificate cache. + * + * @param type type of certificate to flush, or CERT_ANY + */ + void (*flush_cache)(credential_manager_t *this, certificate_type_t type); + + /** * Register a credential set to the manager. * * @param set set to register diff --git a/src/charon/credentials/sets/cert_cache.c b/src/charon/credentials/sets/cert_cache.c index 5d4964314..5c112c084 100644 --- a/src/charon/credentials/sets/cert_cache.c +++ b/src/charon/credentials/sets/cert_cache.c @@ -179,6 +179,27 @@ static enumerator_t *create_enumerator(private_cert_cache_t *this, } /** + * Implementation of cert_cache_t.flush. + */ +static void flush(private_cert_cache_t *this, certificate_type_t type) +{ + enumerator_t *enumerator; + relation_t *relation; + + enumerator = this->relations->create_enumerator(this->relations); + while (enumerator->enumerate(enumerator, &relation)) + { + if (type == CERT_ANY || + type == relation->subject->get_type(relation->subject)) + { + this->relations->remove_at(this->relations, enumerator); + relation_destroy(relation); + } + } + enumerator->destroy(enumerator); +} + +/** * Implementation of cert_cache_t.destroy */ static void destroy(private_cert_cache_t *this) @@ -199,6 +220,7 @@ cert_cache_t *cert_cache_create() this->public.set.create_shared_enumerator = (void*)return_null; this->public.set.create_cdp_enumerator = (void*)return_null; this->public.issued_by = (bool(*)(cert_cache_t*, certificate_t *subject, certificate_t *issuer))issued_by; + this->public.flush = (void(*)(cert_cache_t*, certificate_type_t type))flush; this->public.destroy = (void(*)(cert_cache_t*))destroy; this->relations = linked_list_create(); diff --git a/src/charon/credentials/sets/cert_cache.h b/src/charon/credentials/sets/cert_cache.h index 7e392ae87..281189d53 100644 --- a/src/charon/credentials/sets/cert_cache.h +++ b/src/charon/credentials/sets/cert_cache.h @@ -53,6 +53,13 @@ struct cert_cache_t { certificate_t *subject, certificate_t *issuer); /** + * Flush the certificate cache. + * + * @param type type of certificate to flush, or CERT_ANY + */ + void (*flush)(cert_cache_t *this, certificate_type_t type); + + /** * Destroy a cert_cache instance. */ void (*destroy)(cert_cache_t *this); |