summaryrefslogtreecommitdiff
path: root/src/pluto/crl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pluto/crl.c')
-rw-r--r--src/pluto/crl.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/src/pluto/crl.c b/src/pluto/crl.c
index 84fe77554..c8fb107d5 100644
--- a/src/pluto/crl.c
+++ b/src/pluto/crl.c
@@ -159,7 +159,7 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
{
certificate_t *old_cert_crl = oldcrl->crl;
- if (cert_crl->is_newer(cert_crl, old_cert_crl))
+ if (crl_is_newer((crl_t*)cert_crl, (crl_t*)old_cert_crl))
{
/* keep any known CRL distribution points */
add_distribution_points(x509crl->distributionPoints,
@@ -202,9 +202,11 @@ bool insert_crl(x509crl_t *x509crl, char *crl_uri, bool cache_crl)
snprintf(buf, sizeof(buf), "%s/%s.crl", CRL_PATH, hex);
free(hex.ptr);
- encoding = cert_crl->get_encoding(cert_crl);
- chunk_write(encoding, buf, "crl", 022, TRUE);
- free(encoding.ptr);
+ if (cert_crl->get_encoding(cert_crl, CERT_ASN1_DER, &encoding))
+ {
+ chunk_write(encoding, buf, "crl", 022, TRUE);
+ free(encoding.ptr);
+ }
}
/* is the fetched crl valid? */
@@ -313,7 +315,7 @@ void check_crls(void)
certificate_t *cert_crl = x509crl->crl;
crl_t *crl = (crl_t*)cert_crl;
identification_t *issuer = cert_crl->get_issuer(cert_crl);
- chunk_t authKeyID = crl->get_authKeyIdentifier(crl);
+ chunk_t authKeyID = crl->get_authKeyIdentifier(crl);
cert_crl->get_validity(cert_crl, &now, NULL, &nextUpdate);
time_left = nextUpdate - now;
@@ -353,7 +355,7 @@ cert_status_t verify_by_crl(cert_t *cert, time_t *until, time_t *revocationDate,
char *point;
ca = get_ca_info(issuer, authKeyID);
-
+
*revocationDate = UNDEFINED_TIME;
*revocationReason = CRL_REASON_UNSPECIFIED;