/*
* add an authority certificate to the chained list
*/
void
add_authcert(x509cert_t *cert, u_char auth_flags)
{
x509cert_t *old_cert;
/* set authority flags */
cert->authority_flags |= auth_flags;
lock_authcert_list("add_authcert");
old_cert = get_authcert(cert->subject, cert->serialNumber
, cert->subjectKeyID, auth_flags);
if (old_cert != NULL)
{
if (same_x509cert(cert, old_cert))
{
/* cert is already present, just add additional authority flags */
old_cert->authority_flags |= cert->authority_flags;
DBG(DBG_X509 | DBG_PARSING ,
DBG_log(" authcert is already present and identical")
)
unlock_authcert_list("add_authcert");
free_x509cert(cert);
return;
}
else
{
/* cert is already present but will be replaced by new cert */
free_first_authcert();
DBG(DBG_X509 | DBG_PARSING ,
DBG_log(" existing authcert deleted")
)
}
}
/* add new authcert to chained list */
cert->next = x509authcerts;
x509authcerts = cert;
share_x509cert(cert); /* set count to one */
DBG(DBG_X509 | DBG_PARSING,
DBG_log(" authcert inserted")
)
unlock_authcert_list("add_authcert");
}
/*
* add a X.509 user/host certificate to the chained list
*/
x509cert_t *add_x509cert(x509cert_t *cert)
{
x509cert_t *c = x509certs;
while (c != NULL) {
if (same_x509cert(c, cert)) { /* already in chain, free cert */
free_x509cert(cert);
return c;
}
c = c->next;
}
/* insert new cert at the root of the chain */
lock_certs_and_keys("add_x509cert");
cert->next = x509certs;
x509certs = cert;
unlock_certs_and_keys("add_x509cert");
return cert;
}
