diff options
author | Ingela Anderton Andin <[email protected]> | 2010-12-01 23:42:26 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2010-12-16 10:39:38 +0100 |
commit | 5224310c3975d5d5abf78914ecb63007a299ebae (patch) | |
tree | 2e0cd16901b4399ccf57c23123cfa2e2fbf5edb8 /lib/ssl/src/ssl_certificate_db.erl | |
parent | 99e34bba1a60b262e24496cc9288b549360c6377 (diff) | |
download | otp-5224310c3975d5d5abf78914ecb63007a299ebae.tar.gz otp-5224310c3975d5d5abf78914ecb63007a299ebae.tar.bz2 otp-5224310c3975d5d5abf78914ecb63007a299ebae.zip |
Cache invaldation first version does not break old test cases
Diffstat (limited to 'lib/ssl/src/ssl_certificate_db.erl')
-rw-r--r-- | lib/ssl/src/ssl_certificate_db.erl | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_certificate_db.erl b/lib/ssl/src/ssl_certificate_db.erl index 2a5a7f3394..019f73fc80 100644 --- a/lib/ssl/src/ssl_certificate_db.erl +++ b/lib/ssl/src/ssl_certificate_db.erl @@ -27,7 +27,9 @@ -export([create/0, remove/1, add_trusted_certs/3, remove_trusted_certs/2, lookup_trusted_cert/3, issuer_candidate/1, - lookup_cached_certs/1, cache_pem_file/3]). + lookup_cached_certs/1, cache_pem_file/4, uncache_pem_file/2, ref_count/3]). + +-type time() :: {non_neg_integer(), non_neg_integer(), non_neg_integer()}. %%==================================================================== %% Internal application API @@ -98,17 +100,32 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) -> insert(Pid, File, PidToFileDb), {ok, Ref}. %%-------------------------------------------------------------------- --spec cache_pem_file(pid(), string(), certdb_ref()) -> term(). +-spec cache_pem_file(pid(), string(), time(), certdb_ref()) -> term(). %% %% Description: Cache file as binary in DB %%-------------------------------------------------------------------- -cache_pem_file(Pid, File, [CertsDb, _FileToRefDb, PidToFileDb]) -> +cache_pem_file(Pid, File, Time, [CertsDb, _FileToRefDb, PidToFileDb]) -> {ok, PemBin} = file:read_file(File), Content = public_key:pem_decode(PemBin), - insert({file, File}, Content, CertsDb), + insert({file, File}, {Time, Content}, CertsDb), insert(Pid, File, PidToFileDb), {ok, Content}. +%-------------------------------------------------------------------- +-spec uncache_pem_file(string(), certdb_ref()) -> no_return(). +%% +%% Description: If a cached file is no longer valid (changed on disk) +%% we must terminate the connections using the old file content, and +%% when those processes are finish the cache will be cleaned. It is +%% a rare but possible case a new ssl client/server is started with +%% a filename with the same name as previously started client/server +%% but with different content. +%% -------------------------------------------------------------------- +uncache_pem_file(File, [_CertsDb, _FileToRefDb, PidToFileDb]) -> + Pids = select(PidToFileDb, [{{'$1', File},[],['$$']}]), + lists:foreach(fun(Pid) -> + exit(Pid, shutdown) + end, Pids). %%-------------------------------------------------------------------- -spec remove_trusted_certs(pid(), certdb_ref()) -> term(). @@ -202,6 +219,9 @@ lookup(Key, Db) -> [Pick(Data) || Data <- Contents] end. +select(Db, MatchSpec)-> + ets:select(Db, MatchSpec). + remove_certs(Ref, CertsDb) -> ets:match_delete(CertsDb, {{Ref, '_', '_'}, '_'}). |