implemented cert cache flushing, ipsec purgeocsp
This commit is contained in:
parent
d61bd27a9a
commit
f957f7dfb3
|
@ -1222,6 +1222,17 @@ static private_key_t *get_private(private_credential_manager_t *this,
|
|||
return private;
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of credential_manager_t.flush_cache.
|
||||
*/
|
||||
static void flush_cache(private_credential_manager_t *this,
|
||||
certificate_type_t type)
|
||||
{
|
||||
this->mutex->lock(this->mutex);
|
||||
this->cache->flush(this->cache, type);
|
||||
this->mutex->unlock(this->mutex);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of credential_manager_t.add_set.
|
||||
*/
|
||||
|
@ -1268,6 +1279,7 @@ credential_manager_t *credential_manager_create()
|
|||
this->public.get_shared = (shared_key_t *(*)(credential_manager_t *this,shared_key_type_t type,identification_t *me, identification_t *other))get_shared;
|
||||
this->public.get_private = (private_key_t*(*)(credential_manager_t*, key_type_t type, identification_t *, auth_info_t*))get_private;
|
||||
this->public.get_public = (public_key_t*(*)(credential_manager_t*, key_type_t type, identification_t *, auth_info_t*))get_public;
|
||||
this->public.flush_cache = (void(*)(credential_manager_t*, certificate_type_t type))flush_cache;
|
||||
this->public.add_set = (void(*)(credential_manager_t*, credential_set_t *set))add_set;
|
||||
this->public.remove_set = (void(*)(credential_manager_t*, credential_set_t *set))remove_set;
|
||||
this->public.destroy = (void(*)(credential_manager_t*))destroy;
|
||||
|
|
|
@ -159,6 +159,13 @@ struct credential_manager_t {
|
|||
public_key_t* (*get_public)(credential_manager_t *this, key_type_t type,
|
||||
identification_t *id, auth_info_t *auth);
|
||||
|
||||
/**
|
||||
* Flush the certificate cache.
|
||||
*
|
||||
* @param type type of certificate to flush, or CERT_ANY
|
||||
*/
|
||||
void (*flush_cache)(credential_manager_t *this, certificate_type_t type);
|
||||
|
||||
/**
|
||||
* Register a credential set to the manager.
|
||||
*
|
||||
|
|
|
@ -178,6 +178,27 @@ static enumerator_t *create_enumerator(private_cert_cache_t *this,
|
|||
(void*)certs_filter, data, (void*)free);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of cert_cache_t.flush.
|
||||
*/
|
||||
static void flush(private_cert_cache_t *this, certificate_type_t type)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
relation_t *relation;
|
||||
|
||||
enumerator = this->relations->create_enumerator(this->relations);
|
||||
while (enumerator->enumerate(enumerator, &relation))
|
||||
{
|
||||
if (type == CERT_ANY ||
|
||||
type == relation->subject->get_type(relation->subject))
|
||||
{
|
||||
this->relations->remove_at(this->relations, enumerator);
|
||||
relation_destroy(relation);
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of cert_cache_t.destroy
|
||||
*/
|
||||
|
@ -199,6 +220,7 @@ cert_cache_t *cert_cache_create()
|
|||
this->public.set.create_shared_enumerator = (void*)return_null;
|
||||
this->public.set.create_cdp_enumerator = (void*)return_null;
|
||||
this->public.issued_by = (bool(*)(cert_cache_t*, certificate_t *subject, certificate_t *issuer))issued_by;
|
||||
this->public.flush = (void(*)(cert_cache_t*, certificate_type_t type))flush;
|
||||
this->public.destroy = (void(*)(cert_cache_t*))destroy;
|
||||
|
||||
this->relations = linked_list_create();
|
||||
|
|
|
@ -52,6 +52,13 @@ struct cert_cache_t {
|
|||
bool (*issued_by)(cert_cache_t *this,
|
||||
certificate_t *subject, certificate_t *issuer);
|
||||
|
||||
/**
|
||||
* Flush the certificate cache.
|
||||
*
|
||||
* @param type type of certificate to flush, or CERT_ANY
|
||||
*/
|
||||
void (*flush)(cert_cache_t *this, certificate_type_t type);
|
||||
|
||||
/**
|
||||
* Destroy a cert_cache instance.
|
||||
*/
|
||||
|
|
|
@ -271,8 +271,8 @@ static void stroke_del_ca(private_stroke_socket_t *this,
|
|||
/**
|
||||
* show status of daemon
|
||||
*/
|
||||
static void stroke_status(private_stroke_socket_t *this, stroke_msg_t *msg, FILE *out,
|
||||
bool all)
|
||||
static void stroke_status(private_stroke_socket_t *this,
|
||||
stroke_msg_t *msg, FILE *out, bool all)
|
||||
{
|
||||
pop_string(msg, &(msg->status.name));
|
||||
|
||||
|
@ -303,9 +303,11 @@ static void stroke_reread(private_stroke_socket_t *this,
|
|||
/**
|
||||
* purge various information
|
||||
*/
|
||||
static void stroke_purge(private_stroke_socket_t *this, stroke_msg_t *msg, FILE *out)
|
||||
static void stroke_purge(private_stroke_socket_t *this,
|
||||
stroke_msg_t *msg, FILE *out)
|
||||
{
|
||||
/* TODO: flush cache */
|
||||
charon->credentials->flush_cache(charon->credentials,
|
||||
CERT_X509_OCSP_RESPONSE);
|
||||
}
|
||||
|
||||
signal_t get_signal_from_logtype(char *type)
|
||||
|
|
Loading…
Reference in New Issue