add UnloadCAs ability for CTX or CertManager

2013-04-22 13:18:08 -07:00 · 2013-04-22 13:18:08 -07:00 · 4491de3b77
commit 4491de3b77
parent 8c0ee8a6f7
2 changed files with 37 additions and 0 deletions
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -167,6 +167,7 @@ CYASSL_API int CyaSSL_CTX_use_certificate_file(CYASSL_CTX*, const char*, int);
 CYASSL_API int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX*, const char*, int);
 CYASSL_API int CyaSSL_CTX_load_verify_locations(CYASSL_CTX*, const char*,
                                                const char*);
+CYASSL_API int CyaSSL_CTX_UnloadCAs(CYASSL_CTX*);
 CYASSL_API int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX *,
                                                     const char *file);
 CYASSL_API int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX*, const char*, int);
@ -869,6 +870,7 @@ typedef void (*CbMissingCRL)(const char* url);

    CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f,
                                                                 const char* d);
+    CYASSL_API int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm);
    CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f,
                                                                    int format);
    CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm,
--- a/src/ssl.c
+++ b/src/ssl.c
@ -692,6 +692,31 @@ void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm)

 }

+
+/* Unload the CA signer list */
+int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm)
+{
+    Signer* signers;
+
+    CYASSL_ENTER("CyaSSL_CertManagerUnloadCAs");
+
+    if (cm == NULL)
+        return BAD_FUNC_ARG;
+
+    if (LockMutex(&cm->caLock) != 0)
+        return BAD_MUTEX_ERROR;
+
+    signers = cm->caList;
+    cm->caList = NULL;
+
+    UnLockMutex(&cm->caLock);
+
+    FreeSigners(signers, NULL);
+
+    return SSL_SUCCESS;
+}
+
+
 #endif /* !NO_CERTS */


@ -3882,6 +3907,16 @@ int CyaSSL_set_compression(CYASSL* ssl)
                             ssl, NULL, 1);
    }

+    int CyaSSL_CTX_UnloadCAs(CYASSL_CTX* ctx)
+    {
+        CYASSL_ENTER("CyaSSL_CTX_UnloadCAs");
+
+        if (ctx == NULL)
+            return BAD_FUNC_ARG;
+
+        return CyaSSL_CertManagerUnloadCAs(ctx->cm);
+    }
+
 /* old NO_FILESYSTEM end */
 #endif /* !NO_CERTS */