Roxen.git / server / etc / modules / CertDB.pmod

version» Context lines:

Roxen.git/server/etc/modules/CertDB.pmod:123:    pem_file, strerror(errno()));    } else {    pem_hash = Crypto.SHA256.hash(raw_pem);    if (pem_info->hash == pem_hash) {    // No change.    return;    }    }    }    -  // Mark the old certs and keys as no longer in the PEM file. +  if (!raw_pem) { +  // Mark any old certs and keys as stale.    db->query("UPDATE certs "    " SET pem_id = NULL, "    " msg_no = NULL "    " WHERE pem_id = %d",    pem_id);    db->query("UPDATE cert_keys "    " SET pem_id = NULL, "    " msg_no = NULL "    " WHERE pem_id = %d",    pem_id); -  +  return; +  }    -  if (!raw_pem) return; +  // Mark any old certs and keys as update in progress. +  db->query("UPDATE certs " +  " SET msg_no = NULL " +  " WHERE pem_id = %d", +  pem_id); +  db->query("UPDATE cert_keys " +  " SET msg_no = NULL " +  " WHERE pem_id = %d", +  pem_id);       mixed err =    catch {    Standards.PEM.Messages messages = Standards.PEM.Messages(raw_pem);    foreach(messages->fragments; int msg_no; string|Standards.PEM.Message msg) {    if (stringp(msg)) continue;       mapping(string:string|int) entry = ([    "pem_id": pem_id,    "msg_no": msg_no,
Roxen.git/server/etc/modules/CertDB.pmod:345:    " SET pem_id = %d, "    " msg_no = %d, "    " expires = %d, "    " data = %s "    " WHERE id = %d",    cert_info->pem_id, cert_info->msg_no,    cert_info->expires, cert_info->data,    tmp[0]->id);    }    } +  +  // Mark any old certs and keys that are still update in progress as stale. +  db->query("UPDATE certs " +  " SET pem_id = NULL " +  " WHERE pem_id = %d " +  " AND msg_no IS NULL", +  pem_id); +  db->query("UPDATE cert_keys " +  " SET pem_id = NULL " +  " WHERE pem_id = %d " +  " AND msg_no IS NULL", +  pem_id); +  +  // Update metadata about the imported PEM file. +  db->query("UPDATE cert_pem_files " +  " SET hash = %s, " +  " mtime = %d, " +  " itime = %d " +  " WHERE id = %d", +  pem_hash, st->mtime, time(1), +  pem_id);   }      void refresh_pem(int pem_id)   {    object privs = Privs("Reading cert file");       low_refresh_pem(pem_id);   }      //! Register a single PEM file (no @[Privs]).