X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fcrypto%2FsslUtil.h;h=2ecba42b9874686014d7c72ac77919de321a1b63;hb=6121035a7d8ea738bc89c2de8e6602fb1099b0e2;hp=c4193fe46766f656f2f7757c7d00fc4ad2eed700;hpb=b14903fa5cded58b70beb4e84fb0409011b6e7aa;p=cassiopeia.git diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h index c4193fe..2ecba42 100644 --- a/src/crypto/sslUtil.h +++ b/src/crypto/sslUtil.h @@ -2,6 +2,7 @@ #include #include +#include #include #include #include @@ -10,15 +11,18 @@ #include "db/database.h" -class CAConfig { -public: +struct CAConfig { std::string path; std::string name; + std::string crlURL; + std::string crtURL; std::shared_ptr ca; std::shared_ptr caKey; std::shared_ptr notBefore; - CAConfig( std::string name ); + + CAConfig( const std::string& name ); + bool crlNeedsResign(); }; @@ -31,22 +35,31 @@ struct Profile { std::vector> ca; std::time_t maxValidity; std::shared_ptr getCA() { + std::shared_ptr min = nullptr; + for( auto it = ca.rbegin(); it != ca.rend(); it++ ) { if( X509_cmp_current_time( ( *it )->notBefore.get() ) < 0 ) { - return *it; + if( min != nullptr ) { + if( strcmp( min->name.c_str(), ( *it )->name.c_str() ) < 0 ) { + min = *it; + } + } else { + min = *it; + } } } - return ca[0]; + return min ? min : ca[0]; } }; extern std::shared_ptr ssl_lib_ref; -std::shared_ptr loadX509FromFile( std::string filename ); -std::shared_ptr loadPkeyFromFile( std::string filename ); +std::shared_ptr loadX509FromFile( const std::string& filename ); +std::shared_ptr loadPkeyFromFile( const std::string& filename ); std::shared_ptr generateSSLContext( bool server ); -std::shared_ptr openSerial( const std::string name ); +std::shared_ptr openSerial( const std::string& name ); std::string timeToString( std::shared_ptr time ); + void extractTimes( std::shared_ptr source, std::shared_ptr cert );