Return to crl.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / certificates

Annotation of embedaddon/strongswan/src/libstrongswan/credentials/certificates/crl.c, revision 1.1.1.1

1.1       misho       1: /*
                      2:  * Copyright (C) 2008 Martin Willi
                      3:  * Copyright (C) 2006 Andreas Steffen
                      4:  * HSR Hochschule fuer Technik Rapperswil
                      5:  *
                      6:  * This program is free software; you can redistribute it and/or modify it
                      7:  * under the terms of the GNU General Public License as published by the
                      8:  * Free Software Foundation; either version 2 of the License, or (at your
                      9:  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
                     10:  *
                     11:  * This program is distributed in the hope that it will be useful, but
                     12:  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
                     13:  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
                     14:  * for more details.
                     15:  */
                     16: 
                     17: #include "crl.h"
                     18: 
                     19: #include <utils/debug.h>
                     20: 
                     21: ENUM(crl_reason_names, CRL_REASON_UNSPECIFIED, CRL_REASON_REMOVE_FROM_CRL,
                     22:        "unspecified",
                     23:        "key compromise",
                     24:        "ca compromise",
                     25:        "affiliation changed",
                     26:        "superseded",
                     27:        "cessation of operation",
                     28:        "certificate hold",
                     29:        "reason #7",
                     30:        "remove from crl",
                     31: );
                     32: 
                     33: /**
                     34:  * Check if this CRL is newer
                     35:  */
                     36: bool crl_is_newer(crl_t *this, crl_t *other)
                     37: {
                     38:        chunk_t this_num, other_num;
                     39:        bool newer;
                     40: 
                     41:        this_num = this->get_serial(this);
                     42:        other_num = other->get_serial(other);
                     43: 
                     44:        /* compare crlNumbers if available - otherwise use generic cert compare */
                     45:        if (this_num.ptr != NULL && other_num.ptr != NULL)
                     46:        {
                     47:                newer = chunk_compare(this_num, other_num) > 0;
                     48:                DBG1(DBG_LIB, "  crl #%#B is %s - existing crl #%#B %s",
                     49:                         &this_num, newer ? "newer" : "not newer",
                     50:                         &other_num, newer ? "replaced" : "retained");
                     51:        }
                     52:        else
                     53:        {
                     54:                newer = certificate_is_newer(&this->certificate, &other->certificate);
                     55:        }
                     56:        return newer;
                     57: }