int X509_set_notAfter(X509 *x, const ASN1_TIME *tm) { ASN1_TIME *in; if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); in=x->cert_info->validity->notAfter; if (in != tm) { in=M_ASN1_TIME_dup(tm); if (in != NULL) { M_ASN1_TIME_free(x->cert_info->validity->notAfter); x->cert_info->validity->notAfter=in; } } return(in != NULL); }
int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) { ASN1_TIME *in; if (x == NULL) return(0); in=x->crl->nextUpdate; if (in != tm) { in=M_ASN1_TIME_dup(tm); if (in != NULL) { M_ASN1_TIME_free(x->crl->nextUpdate); x->crl->nextUpdate=in; } } return(in != NULL); }
int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) { ASN1_TIME *in; if (x == NULL) return(0); in=x->revocationDate; if (in != tm) { in=M_ASN1_TIME_dup(tm); if (in != NULL) { M_ASN1_TIME_free(x->revocationDate); x->revocationDate=in; } } return(in != NULL); }
int ocspd_load_ca_crl ( CA_LIST_ENTRY *a, OCSPD_CONFIG *conf ) { if(!a) return(-1); if( conf->debug ) PKI_log_debug( "ACQUIRING WRITE LOCK -- BEGIN CRL RELOAD"); PKI_RWLOCK_write_lock ( &conf->crl_lock ); // pthread_rwlock_wrlock( &crl_lock ); if( conf->debug ) PKI_log_debug( "INFO::LOCK ACQUIRED (CRL RELOAD)"); if( a->crl ) PKI_X509_CRL_free ( a->crl ); a->crl = NULL; a->crl_list = NULL; if( a->crl_url == NULL ) { PKI_log_err ( "Missing CRL URL for CA %s", a->ca_id ); return(-1); } /* We now re-load the CRL */ if( (a->crl = PKI_X509_CRL_get_url( a->crl_url, NULL, NULL)) == NULL ) { PKI_log_err ("Can not reload CRL [ %s ] for CA [%s]", a->crl_url->addr, a->ca_id); PKI_RWLOCK_release_write ( &conf->crl_lock ); return(-1); } if( conf->verbose ) PKI_log( PKI_LOG_INFO, "INFO::CRL successfully reloaded [ %s ]", a->ca_id ); /* Let's get the CRLs entries, if any */ if( ocspd_build_crl_entries_list ( a, a->crl ) == NULL ) { if( conf->verbose ) PKI_log(PKI_LOG_INFO, "INFO::No Entries for CRL [ %s ]", a->ca_id ); }; if(conf->verbose) PKI_log( PKI_LOG_INFO, "INFO::CRL loaded successfully [ %s ]", a->ca_id ); /* If previous values are there, then we clear them up */ if ( a->lastUpdate ) ASN1_TIME_free(a->lastUpdate); if ( a->nextUpdate ) ASN1_TIME_free(a->nextUpdate); /* Get new values from the recently loaded CRL */ a->lastUpdate = M_ASN1_TIME_dup ( PKI_X509_CRL_get_data ( a->crl, PKI_X509_DATA_LASTUPDATE )); a->nextUpdate = M_ASN1_TIME_dup ( PKI_X509_CRL_get_data ( a->crl, PKI_X509_DATA_NEXTUPDATE )); if(conf->debug) PKI_log_debug("RELEASING LOCK (CRL RELOAD)"); PKI_RWLOCK_release_write ( &conf->crl_lock ); // pthread_rwlock_unlock ( &crl_lock ); if(conf->debug) PKI_log_debug ( "LOCK RELEASED --END--"); /* Now check the CRL validity */ a->crl_status = check_crl_validity( a, conf ); if( a->crl_status == CRL_OK ) { PKI_log(PKI_LOG_ALWAYS, "%s's CRL reloaded (OK)", a->ca_id); } return(0); }