/* * free all CA certificates */ void free_authcerts(void) { lock_authcert_list("free_authcerts"); while (x509authcerts != NULL) free_first_authcert(); unlock_authcert_list("free_authcerts"); }
/* * add an authority certificate to the chained list */ void add_authcert(x509cert_t *cert, u_char auth_flags) { x509cert_t *old_cert; /* set authority flags */ cert->authority_flags |= auth_flags; lock_authcert_list("add_authcert"); old_cert = get_authcert(cert->subject, cert->serialNumber , cert->subjectKeyID, auth_flags); if (old_cert != NULL) { if (same_x509cert(cert, old_cert)) { /* cert is already present, just add additional authority flags */ old_cert->authority_flags |= cert->authority_flags; DBG(DBG_X509 | DBG_PARSING , DBG_log(" authcert is already present and identical") ) unlock_authcert_list("add_authcert"); free_x509cert(cert); return; } else { /* cert is already present but will be replaced by new cert */ free_first_authcert(); DBG(DBG_X509 | DBG_PARSING , DBG_log(" existing authcert deleted") ) } } /* add new authcert to chained list */ cert->next = x509authcerts; x509authcerts = cert; share_x509cert(cert); /* set count to one */ DBG(DBG_X509 | DBG_PARSING, DBG_log(" authcert inserted") ) unlock_authcert_list("add_authcert"); }