/src/strongswan/src/libstrongswan/credentials/ocsp_responders.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (C) 2023 Tobias Brunner |
3 | | * |
4 | | * Copyright (C) secunet Security Networks AG |
5 | | * |
6 | | * This program is free software; you can redistribute it and/or modify it |
7 | | * under the terms of the GNU General Public License as published by the |
8 | | * Free Software Foundation; either version 2 of the License, or (at your |
9 | | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. |
10 | | * |
11 | | * This program is distributed in the hope that it will be useful, but |
12 | | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
13 | | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
14 | | * for more details. |
15 | | */ |
16 | | |
17 | | #include "ocsp_responders.h" |
18 | | |
19 | | #include <collections/linked_list.h> |
20 | | #include <threading/rwlock.h> |
21 | | |
22 | | typedef struct private_ocsp_responders_t private_ocsp_responders_t; |
23 | | |
24 | | /** |
25 | | * Private data |
26 | | */ |
27 | | struct private_ocsp_responders_t { |
28 | | |
29 | | /** |
30 | | * Public interface |
31 | | */ |
32 | | ocsp_responders_t public; |
33 | | |
34 | | /** |
35 | | * List of registered OCSP responders |
36 | | */ |
37 | | linked_list_t *responders; |
38 | | |
39 | | /** |
40 | | * Lock to access responder list |
41 | | */ |
42 | | rwlock_t *lock; |
43 | | }; |
44 | | |
45 | | METHOD(ocsp_responders_t, get_status, cert_validation_t, |
46 | | private_ocsp_responders_t *this, certificate_t *cacert, |
47 | | chunk_t serial_number, time_t *revocation_time, |
48 | | crl_reason_t *revocation_reason) |
49 | 0 | { |
50 | 0 | enumerator_t *enumerator; |
51 | 0 | ocsp_responder_t *current; |
52 | 0 | cert_validation_t validation = VALIDATION_SKIPPED; |
53 | |
|
54 | 0 | this->lock->read_lock(this->lock); |
55 | 0 | enumerator = this->responders->create_enumerator(this->responders); |
56 | 0 | while (enumerator->enumerate(enumerator, ¤t)) |
57 | 0 | { |
58 | 0 | validation = current->get_status(current, cacert, serial_number, |
59 | 0 | revocation_time, revocation_reason); |
60 | 0 | if (validation != VALIDATION_SKIPPED && |
61 | 0 | validation != VALIDATION_FAILED) |
62 | 0 | { |
63 | 0 | break; |
64 | 0 | } |
65 | 0 | } |
66 | 0 | enumerator->destroy(enumerator); |
67 | 0 | this->lock->unlock(this->lock); |
68 | |
|
69 | 0 | if (validation == VALIDATION_SKIPPED) |
70 | 0 | { |
71 | 0 | validation = VALIDATION_FAILED; |
72 | 0 | } |
73 | 0 | return validation; |
74 | 0 | } |
75 | | |
76 | | METHOD(ocsp_responders_t, add_responder, void, |
77 | | private_ocsp_responders_t *this, ocsp_responder_t *responder) |
78 | 0 | { |
79 | 0 | this->lock->write_lock(this->lock); |
80 | 0 | this->responders->insert_last(this->responders, responder); |
81 | 0 | this->lock->unlock(this->lock); |
82 | 0 | } |
83 | | |
84 | | METHOD(ocsp_responders_t, remove_responder, void, |
85 | | private_ocsp_responders_t *this, ocsp_responder_t *responder) |
86 | 0 | { |
87 | 0 | this->lock->write_lock(this->lock); |
88 | 0 | this->responders->remove(this->responders, responder, NULL); |
89 | 0 | this->lock->unlock(this->lock); |
90 | 0 | } |
91 | | |
92 | | METHOD(ocsp_responders_t, destroy, void, |
93 | | private_ocsp_responders_t *this) |
94 | 3.92k | { |
95 | 3.92k | this->responders->destroy(this->responders); |
96 | 3.92k | this->lock->destroy(this->lock); |
97 | 3.92k | free(this); |
98 | 3.92k | } |
99 | | |
100 | | /* |
101 | | * Described in header |
102 | | */ |
103 | | ocsp_responders_t *ocsp_responders_create() |
104 | 3.92k | { |
105 | 3.92k | private_ocsp_responders_t *this; |
106 | | |
107 | 3.92k | INIT(this, |
108 | 3.92k | .public = { |
109 | 3.92k | .get_status = _get_status, |
110 | 3.92k | .add_responder = _add_responder, |
111 | 3.92k | .remove_responder = _remove_responder, |
112 | 3.92k | .destroy = _destroy, |
113 | 3.92k | }, |
114 | 3.92k | .responders = linked_list_create(), |
115 | 3.92k | .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), |
116 | 3.92k | ); |
117 | | |
118 | 3.92k | return &this->public; |
119 | 3.92k | } |