diff options
author | Erlang/OTP <[email protected]> | 2010-02-12 10:29:45 +0000 |
---|---|---|
committer | Erlang/OTP <[email protected]> | 2010-02-12 10:29:45 +0000 |
commit | 96ceb366d9f600e645516f24396c976fb738182a (patch) | |
tree | 65517b7865a8edb136c9ef7b90e120d1389cfd37 /lib/ssl/src/ssl_certificate_db.erl | |
parent | 9e009689743b32168ec0b5be8cb113d5867fec3f (diff) | |
parent | 464f2bac3b5dadd35add52fdee2ccfe8e05facd9 (diff) | |
download | otp-96ceb366d9f600e645516f24396c976fb738182a.tar.gz otp-96ceb366d9f600e645516f24396c976fb738182a.tar.bz2 otp-96ceb366d9f600e645516f24396c976fb738182a.zip |
Merge branch 'yh/packet_option_for_new_ssl_send' into ccase/r13b04_dev
* yh/packet_option_for_new_ssl_send:
Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl.
Fixed bug file cache bug and improved the error messages.
Allow <c>ssl:listen/2</c> to be called with option {ssl_imp, old}.
prepend packet size bytes in ssl:send() in new_ssl implementation
OTP-8441 ssl:send/2 ignored packet option, fix provided by YAMASHINA Hio.
Fixed a file cache bug which caused problems when the same file
was used for both cert and cacert.
Allow ssl:listen/2 to be called with option {ssl_imp, old}.
Fixed ssl:setopts(Socket, binary) which didn't work for 'new'
ssl..
Diffstat (limited to 'lib/ssl/src/ssl_certificate_db.erl')
-rw-r--r-- | lib/ssl/src/ssl_certificate_db.erl | 51 |
1 files changed, 27 insertions, 24 deletions
diff --git a/lib/ssl/src/ssl_certificate_db.erl b/lib/ssl/src/ssl_certificate_db.erl index decc6c9fea..adae92530a 100644 --- a/lib/ssl/src/ssl_certificate_db.erl +++ b/lib/ssl/src/ssl_certificate_db.erl @@ -1,19 +1,19 @@ %% %% %CopyrightBegin% -%% -%% Copyright Ericsson AB 2007-2009. All Rights Reserved. -%% +%% +%% Copyright Ericsson AB 2007-2010. All Rights Reserved. +%% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in %% compliance with the License. You should have received a copy of the %% Erlang Public License along with this software. If not, it can be %% retrieved online at http://www.erlang.org/. -%% +%% %% Software distributed under the License is distributed on an "AS IS" %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See %% the License for the specific language governing rights and limitations %% under the License. -%% +%% %% %CopyrightEnd% %% @@ -27,7 +27,7 @@ -export([create/0, remove/1, add_trusted_certs/3, remove_trusted_certs/2, lookup_trusted_cert/3, issuer_candidate/1, - cache_pem_file/3]). + lookup_cached_certs/1, cache_pem_file/3]). %%==================================================================== %% Internal application API @@ -74,6 +74,9 @@ lookup_trusted_cert(Ref, SerialNumber, Issuer) -> {ok, Certs} end. +lookup_cached_certs(File) -> + ets:lookup(certificate_db_name(), {file, File}). + %%-------------------------------------------------------------------- %% Function: add_trusted_certs(Pid, File, Db) -> {ok, Ref} %% Pid = pid() @@ -90,7 +93,7 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) -> undefined -> NewRef = make_ref(), add_certs_from_file(File, NewRef, CertsDb), - insert(File, NewRef, 1, FileToRefDb), + insert(File, NewRef, 1, FileToRefDb), NewRef; [OldRef] -> ref_count(File,FileToRefDb,1), @@ -104,14 +107,11 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) -> %% %% Description: Cache file as binary in DB %%-------------------------------------------------------------------- -cache_pem_file(Pid, File, [_CertsDb, FileToRefDb, PidToFileDb]) -> - try ref_count(File, FileToRefDb,1) - catch _:_ -> - {ok, Content} = public_key:pem_to_der(File), - insert(File,Content,1,FileToRefDb) - end, +cache_pem_file(Pid, File, [CertsDb, _FileToRefDb, PidToFileDb]) -> + Res = {ok, Content} = public_key:pem_to_der(File), + insert({file, File}, Content, CertsDb), insert(Pid, File, PidToFileDb), - {ok, FileToRefDb}. + Res. %%-------------------------------------------------------------------- %% Function: remove_trusted_certs(Pid, Db) -> _ @@ -123,15 +123,16 @@ remove_trusted_certs(Pid, [CertsDb, FileToRefDb, PidToFileDb]) -> Files = lookup(Pid, PidToFileDb), delete(Pid, PidToFileDb), Clear = fun(File) -> - case ref_count(File, FileToRefDb, -1) of - 0 -> - case lookup(File, FileToRefDb) of - [Ref] when is_reference(Ref) -> - remove_certs(Ref, CertsDb); - _ -> ok - end, - delete(File, FileToRefDb); - _ -> + delete({file,File}, CertsDb), + try + 0 = ref_count(File, FileToRefDb, -1), + case lookup(File, FileToRefDb) of + [Ref] when is_reference(Ref) -> + remove_certs(Ref, CertsDb); + _ -> ok + end, + delete(File, FileToRefDb) + catch _:_ -> ok end end, @@ -168,6 +169,8 @@ issuer_candidate(PrevCandidateKey) -> case ets:next(Db, PrevCandidateKey) of '$end_of_table' -> no_more_candidates; + {file, _} = Key -> + issuer_candidate(Key); Key -> [Cert] = lookup(Key, Db), {Key, Cert} @@ -189,7 +192,7 @@ ref_count(Key, Db,N) -> ets:update_counter(Db,Key,N). delete(Key, Db) -> - true = ets:delete(Db, Key). + _ = ets:delete(Db, Key). lookup(Key, Db) -> case ets:lookup(Db, Key) of |