diff options
author | Magnus Henoch <[email protected]> | 2016-02-16 15:09:07 +0000 |
---|---|---|
committer | Magnus Henoch <[email protected]> | 2016-04-01 15:45:15 +0100 |
commit | 8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c (patch) | |
tree | 505be567f4349063f00ece003b711333ad18ccba /lib/xmerl/include/xmerl.hrl | |
parent | d166fec5d5c901a93e21a1ea7b3165b6fe68d320 (diff) | |
download | otp-8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c.tar.gz otp-8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c.tar.bz2 otp-8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c.zip |
Add issuer arg to ssl_crl_cache_api lookup callback
Change the ssl_crl_cache_api callback specification, passing the
certificate issuer name as an argument to the lookup callback
function. Support the previous API too, for the time being.
The purpose of this change is to accomodate CRL cache modules that
index CRLs by issuer name, not by distribution point URL.
While in most cases such lookups could be performed using the select/2
callback function, that doesn't work when the CRL in question contains
an Issuing Distribution Point (IDP) extension, since RFC 5280
specifies different processing rules for CRLs specified in a
distribution point (DP) and other CRLs. For the latter, a DP is
assumed that most likely will not match the IDP of the CRL.
In order to accommodate cache modules that index CRLs by issuer name,
let's pass them the issuer as well.
Diffstat (limited to 'lib/xmerl/include/xmerl.hrl')
0 files changed, 0 insertions, 0 deletions