diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-09-22 16:20:09 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-09-22 16:35:55 +0100 |
commit | 1e898fb0f58c9b6cee13917a8453809b1009fec2 (patch) | |
tree | c0628c5cc1d16860d3dfc22f271459bd693c78eb /crypto/x509/x509_lcl.h | |
parent | 0d0099ea3b1825fe51bce11e076292e408b55feb (diff) |
Move certificate request and CRL routines to x509 dir.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/x509/x509_lcl.h')
-rw-r--r-- | crypto/x509/x509_lcl.h | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/crypto/x509/x509_lcl.h b/crypto/x509/x509_lcl.h index eb5ae4382a..71c8a2af6b 100644 --- a/crypto/x509/x509_lcl.h +++ b/crypto/x509/x509_lcl.h @@ -100,3 +100,21 @@ struct X509_extension_st { ASN1_BOOLEAN critical; ASN1_OCTET_STRING *value; }; + +/* + * Method to handle CRL access. In general a CRL could be very large (several + * Mb) and can consume large amounts of resources if stored in memory by + * multiple processes. This method allows general CRL operations to be + * redirected to more efficient callbacks: for example a CRL entry database. + */ + +#define X509_CRL_METHOD_DYNAMIC 1 + +struct x509_crl_method_st { + int flags; + int (*crl_init) (X509_CRL *crl); + int (*crl_free) (X509_CRL *crl); + int (*crl_lookup) (X509_CRL *crl, X509_REVOKED **ret, + ASN1_INTEGER *ser, X509_NAME *issuer); + int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk); +}; |