diff options
author | julien.pierre.bugs%sun.com <devnull@localhost> | 2005-04-13 18:08:48 +0000 |
---|---|---|
committer | julien.pierre.bugs%sun.com <devnull@localhost> | 2005-04-13 18:08:48 +0000 |
commit | 7283639377e446712c2802998d6b1b1613b177e7 (patch) | |
tree | 087ee553ae6c828b90426c09ecd7558b92588f2a | |
parent | fa3408d3c0012a8f914a02c514e187fa231843d3 (diff) | |
download | nss-hg-7283639377e446712c2802998d6b1b1613b177e7.tar.gz |
Fix for 290121 - always fill the CRL cache on first entry, to fix AIX problem. r=nelson
-rw-r--r-- | security/nss/lib/certdb/crl.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index aee251f67..a1a4ed040 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -1763,11 +1763,12 @@ static SECStatus DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate* /* first, make sure we have obtained all the CRLs we need. We do an expensive token fetch in the following cases : - 1) cache is explicitly set to refresh state - 2) cache is in invalid state because last fetch failed - 3) cache contains no token CRLs, and it's been more than one minute + 1) cache is empty because no fetch was ever performed yet + 2) cache is explicitly set to refresh state + 3) cache is in invalid state because last fetch failed + 4) cache contains no token CRLs, and it's been more than one minute since the last fetch - 4) cache contains token CRLs, and it's been more than 10 minutes since + 5) cache contains token CRLs, and it's been more than 10 minutes since the last fetch */ forcedrefresh = cache->refresh; @@ -1778,7 +1779,9 @@ static SECStatus DPCache_GetUpToDate(CRLDPCache* cache, CERTCertificate* now = PR_IntervalNow(); hastokenCRLs = DPCache_HasTokenCRLs(cache); } - if ( (PR_TRUE == forcedrefresh) || + if ( (0 == lastfetch) || + + (PR_TRUE == forcedrefresh) || (cache->invalid & CRL_CACHE_LAST_FETCH_FAILED) || |