6 files changed, 51 insertions, 1 deletions

diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c
index 5e71af8bb..f80319226 100644
--- a/src/charon/credentials/credential_manager.c
+++ b/src/charon/credentials/credential_manager.c
@@ -1438,6 +1438,24 @@ static void flush_cache(private_credential_manager_t *this,
 }
 
 /**
+ * Implementation of credential_manager_t.cache_cert.
+ */
+static void cache_cert(private_credential_manager_t *this, certificate_t *cert)
+{
+	credential_set_t *set;
+	enumerator_t *enumerator;
+	
+	pthread_rwlock_rdlock(&this->lock);
+	enumerator = this->sets->create_enumerator(this->sets);
+	while (enumerator->enumerate(enumerator, &set))
+	{
+		set->cache_cert(set, cert);
+	}
+	enumerator->destroy(enumerator);
+	pthread_rwlock_unlock(&this->lock);
+}	
+
+/**
  * Implementation of credential_manager_t.add_set.
  */
 static void add_set(private_credential_manager_t *this,
@@ -1486,6 +1504,7 @@ credential_manager_t *credential_manager_create()
 	this->public.get_private = (private_key_t*(*)(credential_manager_t*, key_type_t type, identification_t *, auth_info_t*))get_private;
 	this->public.create_public_enumerator = (enumerator_t*(*)(credential_manager_t*, key_type_t type, identification_t *id, auth_info_t *aut))create_public_enumerator;
 	this->public.flush_cache = (void(*)(credential_manager_t*, certificate_type_t type))flush_cache;
+	this->public.cache_cert = (void(*)(credential_manager_t*, certificate_t *cert))cache_cert;
 	this->public.add_set = (void(*)(credential_manager_t*, credential_set_t *set))add_set;
 	this->public.remove_set = (void(*)(credential_manager_t*, credential_set_t *set))remove_set;
 	this->public.destroy = (void(*)(credential_manager_t*))destroy;
diff --git a/src/charon/credentials/credential_manager.h b/src/charon/credentials/credential_manager.h
index 7c84c43b8..0848f5fb0 100644
--- a/src/charon/credentials/credential_manager.h
+++ b/src/charon/credentials/credential_manager.h
@@ -163,8 +163,18 @@ struct credential_manager_t {
 					key_type_t type, identification_t *id, auth_info_t *auth);
 	
 	/**
+	 * Cache a certificate by invoking cache_cert() on all registerd sets.
+	 *
+	 * @param cert		certificate to cache
+	 */
+	void (*cache_cert)(credential_manager_t *this, certificate_t *cert);
+	
+	/**
 	 * Flush the certificate cache.
 	 *
+	 * Only the managers local cache is flushed, but not the sets cache filled
+	 * by the cache_cert() method.
+	 *
 	 * @param type		type of certificate to flush, or CERT_ANY
 	 */
 	void (*flush_cache)(credential_manager_t *this, certificate_type_t type);
diff --git a/src/charon/credentials/credential_set.h b/src/charon/credentials/credential_set.h
index a4e891a84..41c5b1674 100644
--- a/src/charon/credentials/credential_set.h
+++ b/src/charon/credentials/credential_set.h
@@ -87,7 +87,17 @@ struct credential_set_t {
 	 * @return			an enumerator over CDPs as char*
 	 */
 	enumerator_t *(*create_cdp_enumerator)(credential_set_t *this,
-						certificate_type_t type, identification_t *id);	
+						certificate_type_t type, identification_t *id);
+	
+	/**
+	 * Cache a certificate in the credential set.
+	 *
+	 * The caching policy is implementation dependent, the sets may cache the
+	 * certificate in-memory, persistent on disk or not at all.
+	 *
+	 * @param cert		certificate to cache
+	 */
+	void (*cache_cert)(credential_set_t *this, certificate_t *cert);	
 };
 
 #endif /* CREDENTIAL_SET_H_ @} */
diff --git a/src/charon/credentials/sets/auth_info_wrapper.c b/src/charon/credentials/sets/auth_info_wrapper.c
index 12349b5fe..b7576a5a7 100644
--- a/src/charon/credentials/sets/auth_info_wrapper.c
+++ b/src/charon/credentials/sets/auth_info_wrapper.c
@@ -145,6 +145,7 @@ auth_info_wrapper_t *auth_info_wrapper_create(auth_info_t *auth)
 	this->public.set.create_cert_enumerator = (void*)create_enumerator;
 	this->public.set.create_shared_enumerator = (void*)return_null;
 	this->public.set.create_cdp_enumerator = (void*)return_null;
+	this->public.set.cache_cert = (void*)nop;
 	this->public.destroy = (void(*)(auth_info_wrapper_t*))destroy;
 	
 	this->auth = auth;
diff --git a/src/charon/credentials/sets/cert_cache.c b/src/charon/credentials/sets/cert_cache.c
index 6a1587f15..8af8bb619 100644
--- a/src/charon/credentials/sets/cert_cache.c
+++ b/src/charon/credentials/sets/cert_cache.c
@@ -266,6 +266,14 @@ static enumerator_t *create_enumerator(private_cert_cache_t *this,
 }
 
 /**
+ * Implementation of credential_set_t.cache_cert.
+ */
+static void cache_cert(private_cert_cache_t *this, certificate_t *cert)
+{
+	/* TODO: implement caching */
+}
+
+/**
  * Implementation of cert_cache_t.flush.
  */
 static void flush(private_cert_cache_t *this, certificate_type_t type)
@@ -309,6 +317,7 @@ cert_cache_t *cert_cache_create()
 	this->public.set.create_cert_enumerator = (void*)create_enumerator;
 	this->public.set.create_shared_enumerator = (void*)return_null;
 	this->public.set.create_cdp_enumerator = (void*)return_null;
+	this->public.set.cache_cert = (void*)cache_cert;
 	this->public.issued_by = (bool(*)(cert_cache_t*, certificate_t *subject, certificate_t *issuer))issued_by;
 	this->public.flush = (void(*)(cert_cache_t*, certificate_type_t type))flush;
 	this->public.destroy = (void(*)(cert_cache_t*))destroy;
diff --git a/src/charon/credentials/sets/ocsp_response_wrapper.c b/src/charon/credentials/sets/ocsp_response_wrapper.c
index 6241a5ada..c4d3a5b0f 100644
--- a/src/charon/credentials/sets/ocsp_response_wrapper.c
+++ b/src/charon/credentials/sets/ocsp_response_wrapper.c
@@ -139,6 +139,7 @@ ocsp_response_wrapper_t *ocsp_response_wrapper_create(ocsp_response_t *response)
 	this->public.set.create_cert_enumerator = (void*)create_enumerator;
 	this->public.set.create_shared_enumerator = (void*)return_null;
 	this->public.set.create_cdp_enumerator = (void*)return_null;
+	this->public.set.cache_cert = (void*)nop;
 	this->public.destroy = (void(*)(ocsp_response_wrapper_t*))destroy;
 	
 	this->response = response;