diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/nss/lib/certdb/cert.h | 4 | ||||
-rw-r--r-- | security/nss/lib/certdb/crl.c | 8 | ||||
-rw-r--r-- | security/nss/lib/nss/nss.def | 7 |
3 files changed, 15 insertions, 4 deletions
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h index 81d2ed1ed..454d0016f 100644 --- a/security/nss/lib/certdb/cert.h +++ b/security/nss/lib/certdb/cert.h @@ -432,6 +432,10 @@ CERT_ImportCRL (CERTCertDBHandle *handle, SECItem *derCRL, char *url, extern void CERT_DestroyCrl (CERTSignedCrl *crl); +/* this is a hint to flush the CRL cache. crlKey is the DER subject of + the issuer (CA). */ +void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey); + /* ** Decode a certificate and put it into the temporary certificate database */ diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 2be0f75c3..92f398ae8 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -634,8 +634,6 @@ loser: SECStatus SEC_DestroyCrl(CERTSignedCrl *crl); -void RefreshIssuer(SECItem* crlKey); - CERTSignedCrl * crl_storeCRL (PK11SlotInfo *slot,char *url, CERTSignedCrl *newCrl, SECItem *derCrl, int type) @@ -695,7 +693,7 @@ crl_storeCRL (PK11SlotInfo *slot,char *url, } /* invalidate CRL cache for this issuer */ - RefreshIssuer(&newCrl->crl.derName); + CERT_CRLCacheRefreshIssuer(NULL, &newCrl->crl.derName); /* Write the new entry into the data base */ crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type); if (crlHandle != CK_INVALID_HANDLE) { @@ -1915,13 +1913,15 @@ SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type) return acrl; } -void RefreshIssuer(SECItem* crlKey) +void CERT_CRLCacheRefreshIssuer(CERTCertDBHandle* dbhandle, SECItem* crlKey) { CERTSignedCrl* acrl = NULL; CRLDPCache* cache = NULL; SECStatus rv = SECSuccess; PRBool writeLocked = PR_FALSE; + (void) dbhandle; /* silence compiler warnings */ + rv = AcquireDPCache(NULL, crlKey, NULL, 0, NULL, &cache, &writeLocked); if (SECSuccess != rv) { diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 35c301fe9..f0ff3c7f2 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -723,3 +723,10 @@ CERT_VerifySignedDataWithPublicKey; ;+ local: ;+ *; ;+}; +;+NSS_3.6.1 { # NSS 3.6.1 release +;+ global: +CERT_CRLCacheRefreshIssuer; +;+ local: +;+ *; +;+}; + |