From 3f03b0d221e392a9b730b436908a553eb7574ee1 Mon Sep 17 00:00:00 2001
From: Gerardo Ganis <Gerardo.Ganis@cern.ch>
Date: Wed, 31 May 2017 11:20:52 +0200
Subject: [PATCH] secgsi: remove definition and use of GSIStack

This is not needed anymore with the new XrdSutCache because entry content can be
deleted when found invalid
---
 src/XrdSecgsi/XrdSecProtocolgsi.cc | 27 +++++++--------------------
 src/XrdSecgsi/XrdSecProtocolgsi.hh | 28 +---------------------------
 2 files changed, 8 insertions(+), 47 deletions(-)

diff --git a/src/XrdSecgsi/XrdSecProtocolgsi.cc b/src/XrdSecgsi/XrdSecProtocolgsi.cc
index d263f6ed205..b88620c5ecf 100644
--- a/src/XrdSecgsi/XrdSecProtocolgsi.cc
+++ b/src/XrdSecgsi/XrdSecProtocolgsi.cc
@@ -180,10 +180,6 @@ XrdSutCache  XrdSecProtocolgsi::cacheAuthzFun; // Entities filled by AuthzFun (d
 // Services
 XrdOucGMap *XrdSecProtocolgsi::servGMap = 0; // Grid map service
 //
-// CA and CRL stacks
-GSIStack<XrdCryptoX509Chain>  XrdSecProtocolgsi::stackCA; // Stack of CA in use
-GSIStack<XrdCryptoX509Crl>  XrdSecProtocolgsi::stackCRL; // Stack of CRL in use
-//
 // GMAP control vars
 time_t XrdSecProtocolgsi::lastGMAPCheck = -1; // Time of last check
 XrdSysMutex XrdSecProtocolgsi::mutexGMAP;  // Mutex to control GMAP reloads
@@ -4275,8 +4271,8 @@ int XrdSecProtocolgsi::GetCA(const char *cahash,
    // If invalid we fail
    if (cent->status == kCE_inactive) {
       // Cleanup and remove existing invalid entries
-      if (chain) stackCA.Del(chain);
-      if (crl) stackCRL.Del(crl);
+      if (chain) delete chain;
+      if (crl) delete crl;
       PRINT("unable to get a valid entry from cache for " << tag);
       return -1;
    }
@@ -4286,25 +4282,18 @@ int XrdSecProtocolgsi::GetCA(const char *cahash,
       // Save chain
       chain = (X509Chain *)(cent->buf1.buf);
       if (hs) hs->Chain = chain;
-      stackCA.Add(chain);
       // Save crl
-      bool goodcrl = (crl) ? 1 : 0;
-      if (goodcrl && CRLCheck >= 3 && crl->IsExpired()) goodcrl = 0;
-      if (goodcrl && CRLRefresh > 0 && ((timestamp - cent->mtime) > CRLRefresh)) goodcrl = 0;
-      // If the CA is not good, we reload the CRL in any case
-      if (goodcrl) {
-         if (hs) hs->Crl = crl;
-         // Add to the stack for proper cleaning of invalidated CRLs
-         stackCRL.Add(crl);
-      }
+      if (crl && hs) hs->Crl = crl;
+      // Done
       return 0;
    }
 
    // Cleanup and remove existing invalid entries
-   if (chain) stackCA.Del(chain);
-   if (crl) stackCRL.Del(crl);
+   if (chain) delete chain;
+   if (crl) delete crl;
 
    chain = 0;
+   crl = 0;
    cent->buf1.buf = 0;
    cent->buf2.buf = 0;
 
@@ -4355,11 +4344,9 @@ int XrdSecProtocolgsi::GetCA(const char *cahash,
             // Add to the cache
             cent->buf1.buf = (char *)(chain);
             cent->buf1.len = 0;      // Just a flag
-            stackCA.Add(chain);
             if (crl) {
                cent->buf2.buf = (char *)(crl);
                cent->buf2.len = 0;      // Just a flag
-               stackCRL.Add(crl);
             }
             cent->mtime = timestamp;
             cent->status = kCE_ok;
diff --git a/src/XrdSecgsi/XrdSecProtocolgsi.hh b/src/XrdSecgsi/XrdSecProtocolgsi.hh
index 2ff8c0799ed..4fa8e202de4 100644
--- a/src/XrdSecgsi/XrdSecProtocolgsi.hh
+++ b/src/XrdSecgsi/XrdSecProtocolgsi.hh
@@ -234,27 +234,6 @@ typedef struct {
    int         bits;
 } ProxyIn_t;
 
-template<class T>
-class GSIStack {
-public:
-   void Add(T *t) {
-      char k[40]; snprintf(k, 40, "%p", t); 
-      mtx.Lock();
-      if (!stack.Find(k)) stack.Add(k, t, 0, Hash_count); // We need an additional count
-      stack.Add(k, t, 0, Hash_count);
-      mtx.UnLock();
-   }
-   void Del(T *t) {
-      char k[40]; snprintf(k, 40, "%p", t); 
-      mtx.Lock();
-      if (stack.Find(k)) stack.Del(k, Hash_count);
-      mtx.UnLock();
-   }
-private:
-   XrdSysMutex                  mtx;
-   XrdOucHash<T> stack;
-};
-
 /******************************************************************************/
 /*              X r d S e c P r o t o c o l g s i   C l a s s                 */
 /******************************************************************************/
@@ -359,10 +338,6 @@ private:
    // Services
    static XrdOucGMap      *servGMap;  // Grid mapping service 
    //
-   // CA and CRL stacks
-   static GSIStack<XrdCryptoX509Chain>    stackCA; // Stack of CA in use
-   static GSIStack<XrdCryptoX509Crl>      stackCRL; // Stack of CRL in use
-   //
    // GMAP control vars
    static time_t           lastGMAPCheck; // time of last check on GMAP
    static XrdSysMutex      mutexGMAP;     // mutex to control GMAP reloads
@@ -514,8 +489,7 @@ public:
                   if (Crl) {
                      // This decreases the counter and actually deletes the object only
                      // when no instance is using it
-                     XrdSecProtocolgsi::stackCRL.Del(Crl);
-                     Crl = 0;
+                     SafeDelete(Crl);
                   }
                   // The proxy chain is owned by the proxy cache; invalid proxies are
                   // detected (and eventually removed) by QueryProxy