From 9e7fb8577802de2abf191d783be5b6b953c22271 Mon Sep 17 00:00:00 2001
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Mon, 9 Aug 2010 09:43:35 +0000
Subject: New upstream release.

---
 .../credentials/certificates/certificate.c         | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'src/libstrongswan/credentials/certificates/certificate.c')

diff --git a/src/libstrongswan/credentials/certificates/certificate.c b/src/libstrongswan/credentials/certificates/certificate.c
index 156d12358..661b69e36 100644
--- a/src/libstrongswan/credentials/certificates/certificate.c
+++ b/src/libstrongswan/credentials/certificates/certificate.c
@@ -15,6 +15,7 @@
 
 #include "certificate.h"
 
+#include <debug.h>
 #include <credentials/certificates/x509.h>
 
 ENUM(certificate_type_names, CERT_ANY, CERT_PLUTO_CRL,
@@ -40,3 +41,24 @@ ENUM(cert_validation_names, VALIDATION_GOOD, VALIDATION_REVOKED,
 	"REVOKED",
 );
 
+/**
+ * See header
+ */
+bool certificate_is_newer(certificate_t *this, certificate_t *other)
+{
+	time_t this_update, that_update;
+	char *type = "certificate";
+	bool newer;
+
+	if (this->get_type(this) == CERT_X509_CRL)
+	{
+		type = "crl";
+	}
+	this->get_validity(this, NULL, &this_update, NULL);
+	other->get_validity(other, NULL, &that_update, NULL);
+	newer = this_update > that_update;
+	DBG1(DBG_LIB, "  %s from %T is %s - existing %s from %T %s",
+		 type, &this_update, FALSE, newer ? "newer" : "not newer",
+		 type, &that_update, FALSE, newer ? "replaced" : "retained");
+	return newer;
+}
-- 
cgit v1.2.3