stroke: Purge existing CA/AA certificates during reread

author: Martin Willi <martin@revosec.ch> 2015-02-06 12:22:32 +0100
committer: Martin Willi <martin@revosec.ch> 2015-03-03 13:50:26 +0100
commit: aba46b104ec0e3e8555f51af2a718ab7f528dde9 (patch)
tree: ac935b4cd5e7a08968f6782ff040818e66e69cac /src/libcharon/plugins/stroke
parent: d69cf39bb45e57bf936b16ca7b9328a5637f6c72 (diff)
download: strongswan-aba46b104ec0e3e8555f51af2a718ab7f528dde9.tar.bz2
strongswan-aba46b104ec0e3e8555f51af2a718ab7f528dde9.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c
index 31d9e0723..1f021027d 100644
--- a/src/libcharon/plugins/stroke/stroke_cred.c
+++ b/src/libcharon/plugins/stroke/stroke_cred.c
@@ -1381,6 +1381,8 @@ METHOD(stroke_cred_t, reread, void,
 	{
 		DBG1(DBG_CFG, "rereading ca certificates from '%s'",
 			 CA_CERTIFICATE_DIR);
+		this->cacerts->clear(this->cacerts);
+		lib->credmgr->flush_cache(lib->credmgr, CERT_X509);
 		load_certdir(this, CA_CERTIFICATE_DIR, CERT_X509, X509_CA);
 	}
 	if (msg->reread.flags & REREAD_OCSPCERTS)
@@ -1394,6 +1396,8 @@ METHOD(stroke_cred_t, reread, void,
 	{
 		DBG1(DBG_CFG, "rereading aa certificates from '%s'",
 			 AA_CERTIFICATE_DIR);
+		this->aacerts->clear(this->aacerts);
+		lib->credmgr->flush_cache(lib->credmgr, CERT_X509);
 		load_certdir(this, AA_CERTIFICATE_DIR, CERT_X509, X509_AA);
 	}
 	if (msg->reread.flags & REREAD_ACERTS)
author	Martin Willi <martin@revosec.ch>	2015-02-06 12:22:32 +0100
committer	Martin Willi <martin@revosec.ch>	2015-03-03 13:50:26 +0100
commit	aba46b104ec0e3e8555f51af2a718ab7f528dde9 (patch)
tree	ac935b4cd5e7a08968f6782ff040818e66e69cac /src/libcharon/plugins/stroke
parent	d69cf39bb45e57bf936b16ca7b9328a5637f6c72 (diff)
download	strongswan-aba46b104ec0e3e8555f51af2a718ab7f528dde9.tar.bz2 strongswan-aba46b104ec0e3e8555f51af2a718ab7f528dde9.tar.xz