auto reqCA = CAs.at( ca );
( *log ) << "CA found" << std::endl;
- std::shared_ptr<X509_CRL> crl = signer->revoke( reqCA, serial );
+ std::shared_ptr<CRL> crl;
+ std::string date;
+ std::tie<std::shared_ptr<CRL>, std::string>( crl, date ) = signer->revoke( reqCA, serial );
- std::shared_ptr<BIO> mem( BIO_new( BIO_s_mem() ), BIO_free );
+ respondCommand( RecordHeader::SignerResult::REVOKED, date + crl->getSignature() );
- PEM_write_bio_X509_CRL( mem.get(), crl.get() );
- BUF_MEM* bptr;
- BIO_get_mem_ptr( mem.get(), &bptr );
+ break;
+ }
- std::string newCRL( bptr->data, bptr->length );
- respondCommand( RecordHeader::SignerResult::REVOKED, newCRL );
+ case RecordHeader::SignerCommand::GET_FULL_CRL: {
+ auto ca = CAs.at( data );
+ CRL c( ca->path + "/ca.crl" );
+ respondCommand( RecordHeader::SignerResult::FULL_CRL, c.toString() );
if( !SSL_shutdown( ssl.get() ) && !SSL_shutdown( ssl.get() ) ) {
( *log ) << "ERROR: SSL close failed" << std::endl;
projects / cassiopeia.git / blobdiff