oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add the time the crl/ocsp info expire

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17372 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-04-30 14:05:57 +00:00
parent 71d1acf5ff
commit 38bd0f7fda
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/hx509/revoke.c
View File

@@ -482,6 +482,7 @@ hx509_revoke_verify(hx509_context context,
hx509_revoke_ctx revoke, hx509_revoke_ctx revoke,
hx509_certs certs, hx509_certs certs,
time_t now, time_t now,
time_t *expiration,
hx509_cert cert, hx509_cert cert,
hx509_cert parent_cert) hx509_cert parent_cert)
{ {
@@ -490,6 +491,9 @@ hx509_revoke_verify(hx509_context context,
unsigned long i, j, k; unsigned long i, j, k;
int ret; int ret;
if (expiration)
*expiration = 0;
for (i = 0; i < revoke->ocsps.len; i++) { for (i = 0; i < revoke->ocsps.len; i++) {
struct revoke_ocsp *ocsp = &revoke->ocsps.val[i]; struct revoke_ocsp *ocsp = &revoke->ocsps.val[i];
struct stat sb; struct stat sb;
@@ -557,6 +561,13 @@ hx509_revoke_verify(hx509_context context,
} else } else
/* Should force a refetch, but can we ? */; /* Should force a refetch, but can we ? */;
if (expiration) {
if (*ocsp->ocsp.tbsResponseData.responses.val[i])
*expiration = *ocsp->ocsp.tbsResponseData.responses.val[i].nextUpdate;
else
*expiration = now + context->ocsp_time_diff;
}
return 0; return 0;
} }
} }
@@ -619,6 +630,10 @@ hx509_revoke_verify(hx509_context context,
return HX509_CRL_CERT_REVOKED; return HX509_CRL_CERT_REVOKED;
} }
if (expiration)
*expiration = *crl->tbsCertList.nextUpdate;
return 0; return 0;
} }