Browse files

Provide a fallback implementation of OpenSSL.X509.Revocation.getRevoked

  • Loading branch information...
1 parent 1a3ba76 commit 9c845f7902050a6f246b02b3aaae198e45886890 @phonohawk phonohawk committed Sep 22, 2011
Showing with 23 additions and 20 deletions.
  1. +23 −20 OpenSSL/X509/Revocation.hsc
View
43 OpenSSL/X509/Revocation.hsc
@@ -39,25 +39,25 @@ module OpenSSL.X509.Revocation
, getRevokedList
, addRevoked
-#if OPENSSL_VERSION_NUMBER >= 0x10000000
, getRevoked
-#endif
)
where
-
-import Control.Monad
-import Data.Time.Clock
-import Data.Typeable
-import Foreign
-import Foreign.C
-import OpenSSL.ASN1
-import OpenSSL.BIO
-import OpenSSL.EVP.Digest hiding (digest)
-import OpenSSL.EVP.PKey
-import OpenSSL.EVP.Verify
-import OpenSSL.Stack
-import OpenSSL.Utils
-import OpenSSL.X509.Name
+import Control.Monad
+#if OPENSSL_VERSION_NUMBER < 0x10000000
+import Data.List
+#endif
+import Data.Time.Clock
+import Data.Typeable
+import Foreign
+import Foreign.C
+import OpenSSL.ASN1
+import OpenSSL.BIO
+import OpenSSL.EVP.Digest hiding (digest)
+import OpenSSL.EVP.PKey
+import OpenSSL.EVP.Verify
+import OpenSSL.Stack
+import OpenSSL.Utils
+import OpenSSL.X509.Name
-- |@'CRL'@ is an opaque object that represents Certificate Revocation
-- List.
@@ -123,6 +123,7 @@ foreign import ccall unsafe "X509_CRL_add0_revoked"
_add0_revoked :: Ptr X509_CRL -> Ptr X509_REVOKED -> IO CInt
#if OPENSSL_VERSION_NUMBER >= 0x10000000
+-- This function is only available on OpenSSL 1.0.0 or later.
foreign import ccall unsafe "X509_CRL_get0_by_serial"
_get0_by_serial :: Ptr X509_CRL -> Ptr (Ptr X509_REVOKED)
-> Ptr ASN1_INTEGER -> IO CInt
@@ -323,12 +324,9 @@ addRevoked crl revoked
1 -> return ()
_ -> freeRevoked revPtr >> raiseOpenSSLError
-#if OPENSSL_VERSION_NUMBER >= 0x10000000
-- |@'getRevoked' crl serial@ looks up the corresponding revocation.
---
--- Note that this function is only available on OpenSSL 1.0.0 or
--- later.
getRevoked :: CRL -> Integer -> IO (Maybe RevokedCertificate)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000
getRevoked crl serial =
withCRLPtr crl $ \crlPtr ->
alloca $ \revPtr ->
@@ -337,6 +335,11 @@ getRevoked crl serial =
if r == 1
then fmap Just $ peek revPtr >>= peekRevoked
else return Nothing
+#else
+getRevoked crl serial = find p `fmap` getRevokedList crl
+ where
+ p :: RevokedCertificate -> Bool
+ p = ((==) serial) . revSerialNumber
#endif
-- |@'sortCRL' crl@ sorts the certificates in the revocation list.

0 comments on commit 9c845f7

Please sign in to comment.