- switch( ( RecordHeader::SignerResult ) head.command ) {
- case RecordHeader::SignerResult::REVOKED: {
- const unsigned char* buffer2 = ( const unsigned char* ) payload.data();
- const unsigned char* pos = buffer2;
- ASN1_TIME* time = d2i_ASN1_TIME( NULL, &pos, payload.size() );
- ASN1_TIME_free( time );
- date = payload.substr( 0, pos - buffer2 );
- std::string rest = payload.substr( pos - buffer2 );
- crl->revoke( serial, date );
- crl->setSignature( rest );
- bool ok = crl->verify( ca );
-
- if( ok ) {
- ( *log ) << "CRL verificated successfully" << std::endl;
- writeFile( ca->path + std::string( "/ca.crl" ), crl->toString() );
- } else {
- ( *log ) << "CRL is broken" << std::endl;
- send( conn, head, RecordHeader::SignerCommand::GET_FULL_CRL, ca->name );
- length = conn->read( buffer.data(), buffer.size() );