/* * add an authority certificate to the chained list */ void add_authcert(x509cert_t *cert, u_char auth_flags) { x509cert_t *old_cert; /* set authority flags */ cert->authority_flags |= auth_flags; lock_authcert_list("add_authcert"); old_cert = get_authcert(cert->subject, cert->serialNumber , cert->subjectKeyID, auth_flags); if (old_cert != NULL) { if (same_x509cert(cert, old_cert)) { /* cert is already present, just add additional authority flags */ old_cert->authority_flags |= cert->authority_flags; DBG(DBG_X509 | DBG_PARSING , DBG_log(" authcert is already present and identical") ) unlock_authcert_list("add_authcert"); free_x509cert(cert); return; } else { /* cert is already present but will be replaced by new cert */ free_first_authcert(); DBG(DBG_X509 | DBG_PARSING , DBG_log(" existing authcert deleted") ) } } /* add new authcert to chained list */ cert->next = x509authcerts; x509authcerts = cert; share_x509cert(cert); /* set count to one */ DBG(DBG_X509 | DBG_PARSING, DBG_log(" authcert inserted") ) unlock_authcert_list("add_authcert"); }
/* * add a X.509 user/host certificate to the chained list */ x509cert_t *add_x509cert(x509cert_t *cert) { x509cert_t *c = x509certs; while (c != NULL) { if (same_x509cert(c, cert)) { /* already in chain, free cert */ free_x509cert(cert); return c; } c = c->next; } /* insert new cert at the root of the chain */ lock_certs_and_keys("add_x509cert"); cert->next = x509certs; x509certs = cert; unlock_certs_and_keys("add_x509cert"); return cert; }