fix: Fix memory-leak in CRL.cpp, revocation from DB, multiple CAs

[cassiopeia.git] / src / crypto / sslUtil.h

diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h
index 7a6850451f81566477930f14791a7223b7e34686..a85871a4520751bf2101ebfe8e1ccef62af9c2a6 100644 (file)
--- a/src/crypto/sslUtil.h
+++ b/src/crypto/sslUtil.h
@@ -2,6 +2,7 @@
 #include <openssl/ssl.h>
 #include <memory>
 #include <string>
+#include <vector>
 #include <cinttypes>
 
 class CAConfig {
@@ -11,18 +12,27 @@ public:
 
     std::shared_ptr<X509> ca;
     std::shared_ptr<EVP_PKEY> caKey;
+    std::shared_ptr<ASN1_TIME> notBefore;
     CAConfig( std::string name );
 
 };
 
-
 struct Profile {
     uint16_t id;
 
     std::string eku;
     std::string ku;
 
-    std::shared_ptr<CAConfig> ca;
+    std::vector<std::shared_ptr<CAConfig>> ca;
+    std::shared_ptr<CAConfig> getCA() {
+        for( auto it = ca.rbegin(); it != ca.rend(); it++ ) {
+            if( X509_cmp_current_time( ( *it )->notBefore.get() ) < 0 ) {
+                return *it;
+            }
+        }
+
+        return ca[0];
+    }
 };
 
 extern std::shared_ptr<int> ssl_lib_ref;