diff options
| author | jpierre%netscape.com <devnull@localhost> | 2002-11-15 05:04:05 +0000 |
|---|---|---|
| committer | jpierre%netscape.com <devnull@localhost> | 2002-11-15 05:04:05 +0000 |
| commit | d7e671e82a998d547db491f392baf6bfd2f7e90f (patch) | |
| tree | 4a2c08450a20891b5cb6ad9de410e4cce05fb931 /security | |
| parent | a56f67d0b112522c378d23e04fe3a92da4794873 (diff) | |
| download | nss-hg-d7e671e82a998d547db491f392baf6bfd2f7e90f.tar.gz | |
Patch for 180228 - export CRL cache flush API . r=wtc
Diffstat (limited to 'security')
| -rw-r--r-- | security/nss/lib/certdb/cert.h | 4 | ||||
| -rw-r--r-- | security/nss/lib/certdb/crl.c | 8 | ||||
| -rw-r--r-- | security/nss/lib/nss/nss.def | 7 |
3 files changed, 15 insertions, 4 deletions
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h index 81d2ed1ed..454d0016f 100644 --- a/security/nss/lib/certdb/cert.h +++ b/security/nss/lib/certdb/cert.h @@ -432,6 +432,10 @@ CERT_ImportCRL (CERTCertDBHandle *handle, SECItem *derCRL, char *url, extern void CERT_DestroyCrl (CERTSignedCrl *crl); +/* this is a hint to flush the CRL cache. crlKey is the DER subject of + the issuer (CA). */ +void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey); + /* ** Decode a certificate and put it into the temporary certificate database */ diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 2be0f75c3..92f398ae8 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -634,8 +634,6 @@ loser: SECStatus SEC_DestroyCrl(CERTSignedCrl *crl); -void RefreshIssuer(SECItem* crlKey); - CERTSignedCrl * crl_storeCRL (PK11SlotInfo *slot,char *url, CERTSignedCrl *newCrl, SECItem *derCrl, int type) @@ -695,7 +693,7 @@ crl_storeCRL (PK11SlotInfo *slot,char *url, } /* invalidate CRL cache for this issuer */ - RefreshIssuer(&newCrl->crl.derName); + CERT_CRLCacheRefreshIssuer(NULL, &newCrl->crl.derName); /* Write the new entry into the data base */ crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type); if (crlHandle != CK_INVALID_HANDLE) { @@ -1915,13 +1913,15 @@ SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type) return acrl; } -void RefreshIssuer(SECItem* crlKey) +void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey) { CERTSignedCrl* acrl = NULL; CRLDPCache* cache = NULL; SECStatus rv = SECSuccess; PRBool writeLocked = PR_FALSE; + (void) dbhandle; /* silence compiler warnings */ + rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &cache, &writeLocked); if (SECSuccess != rv) { diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 35c301fe9..f0ff3c7f2 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -723,3 +723,10 @@ CERT_VerifySignedDataWithPublicKey; ;+ local: ;+ *; ;+}; +;+NSS_3.6.1 { # NSS 3.6.1 release +;+ global: +CERT_CRLCacheRefreshIssuer; +;+ local: +;+ *; +;+}; + |