implemented ipsec purgeocsp
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Mar 2007 20:43:11 +0000 (20:43 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Mar 2007 20:43:11 +0000 (20:43 -0000)
src/libstrongswan/crypto/ca.c
src/libstrongswan/crypto/ca.h

index d80738d..36c8530 100644 (file)
@@ -492,6 +492,20 @@ ret:
 }
 
 /**
+ * Implements ca_info_t.purge_ocsp
+ */
+static void purge_ocsp(private_ca_info_t *this)
+{
+       pthread_mutex_lock(&(this->mutex));
+
+       this->certinfos->destroy_offset(this->certinfos,
+                                                                       offsetof(certinfo_t, destroy));
+       this->certinfos = linked_list_create();
+
+       pthread_mutex_unlock(&(this->mutex));
+}
+
+/**
  * Implements ca_info_t.destroy
  */
 static void destroy(private_ca_info_t *this)
@@ -624,6 +638,7 @@ ca_info_t *ca_info_create(const char *name, x509_t *cacert)
        this->public.get_certificate = (x509_t* (*) (ca_info_t*))get_certificate;
        this->public.verify_by_crl = (cert_status_t (*) (ca_info_t*,const x509_t*,certinfo_t*))verify_by_crl;
        this->public.verify_by_ocsp = (cert_status_t (*) (ca_info_t*,const x509_t*,certinfo_t*,credential_store_t*))verify_by_ocsp;
+       this->public.purge_ocsp = (void (*) (ca_info_t*))purge_ocsp;
        this->public.destroy = (void (*) (ca_info_t*))destroy;
 
        return &this->public;
index 3ecf17e..da51673 100644 (file)
@@ -178,6 +178,13 @@ struct ca_info_t {
        cert_status_t (*verify_by_ocsp) (ca_info_t* this, const x509_t* cert, certinfo_t* certinfo, credential_store_t* credentials);
 
        /**
+        * @brief Purge the OCSP certinfos of a ca info record
+        * 
+        * @param this                  ca info object
+        */
+       void (*purge_ocsp) (ca_info_t *this);
+
+       /**
         * @brief Destroys a ca info record
         * 
         * @param this                  ca info to destroy