Coverage Report

Created: 2024-02-29 06:05

/src/strongswan/src/libstrongswan/credentials/ocsp_responders.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (C) 2023 Tobias Brunner
3
 *
4
 * Copyright (C) secunet Security Networks AG
5
 *
6
 * This program is free software; you can redistribute it and/or modify it
7
 * under the terms of the GNU General Public License as published by the
8
 * Free Software Foundation; either version 2 of the License, or (at your
9
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
10
 *
11
 * This program is distributed in the hope that it will be useful, but
12
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * for more details.
15
 */
16
17
#include "ocsp_responders.h"
18
19
#include <collections/linked_list.h>
20
#include <threading/rwlock.h>
21
22
typedef struct private_ocsp_responders_t private_ocsp_responders_t;
23
24
/**
25
 * Private data
26
 */
27
struct private_ocsp_responders_t {
28
29
  /**
30
   * Public interface
31
   */
32
  ocsp_responders_t public;
33
34
  /**
35
   * List of registered OCSP responders
36
   */
37
  linked_list_t *responders;
38
39
  /**
40
   * Lock to access responder list
41
   */
42
  rwlock_t *lock;
43
};
44
45
METHOD(ocsp_responders_t, get_status, cert_validation_t,
46
  private_ocsp_responders_t *this, certificate_t *cacert,
47
  chunk_t serial_number, time_t *revocation_time,
48
  crl_reason_t *revocation_reason)
49
0
{
50
0
  enumerator_t *enumerator;
51
0
  ocsp_responder_t *current;
52
0
  cert_validation_t validation = VALIDATION_SKIPPED;
53
54
0
  this->lock->read_lock(this->lock);
55
0
  enumerator = this->responders->create_enumerator(this->responders);
56
0
  while (enumerator->enumerate(enumerator, &current))
57
0
  {
58
0
    validation = current->get_status(current, cacert, serial_number,
59
0
                     revocation_time, revocation_reason);
60
0
    if (validation != VALIDATION_SKIPPED &&
61
0
      validation != VALIDATION_FAILED)
62
0
    {
63
0
      break;
64
0
    }
65
0
  }
66
0
  enumerator->destroy(enumerator);
67
0
  this->lock->unlock(this->lock);
68
69
0
  if (validation == VALIDATION_SKIPPED)
70
0
  {
71
0
    validation = VALIDATION_FAILED;
72
0
  }
73
0
  return validation;
74
0
}
75
76
METHOD(ocsp_responders_t, add_responder, void,
77
  private_ocsp_responders_t *this, ocsp_responder_t *responder)
78
0
{
79
0
  this->lock->write_lock(this->lock);
80
0
  this->responders->insert_last(this->responders, responder);
81
0
  this->lock->unlock(this->lock);
82
0
}
83
84
METHOD(ocsp_responders_t, remove_responder, void,
85
  private_ocsp_responders_t *this, ocsp_responder_t *responder)
86
0
{
87
0
  this->lock->write_lock(this->lock);
88
0
  this->responders->remove(this->responders, responder, NULL);
89
0
  this->lock->unlock(this->lock);
90
0
}
91
92
METHOD(ocsp_responders_t, destroy, void,
93
  private_ocsp_responders_t *this)
94
3.92k
{
95
3.92k
  this->responders->destroy(this->responders);
96
3.92k
  this->lock->destroy(this->lock);
97
3.92k
  free(this);
98
3.92k
}
99
100
/*
101
 * Described in header
102
 */
103
ocsp_responders_t *ocsp_responders_create()
104
3.92k
{
105
3.92k
  private_ocsp_responders_t *this;
106
107
3.92k
  INIT(this,
108
3.92k
    .public = {
109
3.92k
      .get_status = _get_status,
110
3.92k
      .add_responder = _add_responder,
111
3.92k
      .remove_responder = _remove_responder,
112
3.92k
      .destroy = _destroy,
113
3.92k
    },
114
3.92k
    .responders = linked_list_create(),
115
3.92k
    .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
116
3.92k
  );
117
118
3.92k
  return &this->public;
119
3.92k
}