XRootD
Loading...
Searching...
No Matches
XrdTlsCrl Namespace Reference

Functions

void * Refresh (void *parg)
 

Function Documentation

◆ Refresh()

void * XrdTlsCrl::Refresh ( void *  parg)

Definition at line 83 of file XrdTlsContext.cc.

84{
85 EPNAME("Refresh");
86 int sleepTime;
87 bool doreplace;
88
89// Get the implementation details
90//
91 XrdTlsContextImpl *ctxImpl = static_cast<XrdTlsContextImpl*>(parg);
92
93// Indicate we have started in the trace record
94//
95 DBG_CTX("CRL refresh started.")
96
97// Do this forever but first get the sleep time
98//
99do{ctxImpl->crlMutex.ReadLock();
100 sleepTime = ctxImpl->Parm.crlRT;
101 ctxImpl->crlMutex.UnLock();
102
103// We may have been cancelled, in which case we just exit
104//
105 if (!sleepTime)
106 {ctxImpl->crlMutex.WriteLock();
107 ctxImpl->crlRunning = false;
108 ctxImpl->crlMutex.UnLock();
109 DBG_CTX("CRL refresh ending by request!");
110 return (void *)0;
111 }
112
113// Indicate we how long before a refresh
114//
115 DBG_CTX("CRL refresh will happen in " <<sleepTime <<" seconds.");
116
117// Now sleep the request amount of time
118//
119 XrdSysTimer::Snooze(sleepTime);
120
121 if (ctxImpl->owner->x509Verify() || ctxImpl->owner->newHostCertificateDetected()) {
122 // Check if this context is still alive. Generally, it never gets deleted.
123 //
124 ctxImpl->crlMutex.WriteLock();
125 if (!ctxImpl->owner) break;
126
127 // We clone the original, this will give us the latest crls (i.e. refreshed).
128 // We drop the lock while doing so as this may take a long time. This is
129 // completely safe to do because we implicitly own the implementation.
130 //
131 ctxImpl->crlMutex.UnLock();
132 XrdTlsContext *newctx = ctxImpl->owner->Clone();
133
134 // Verify that the context was properly built
135 //
136 if (!newctx || !newctx->isOK())
137 {XrdTls::Emsg("CrlRefresh:","Refresh of context failed!!!",false);
138 continue;
139 }
140
141 // OK, set the new context to be used next time Session() is called.
142 //
143 ctxImpl->crlMutex.WriteLock();
144 doreplace = (ctxImpl->ctxnew != 0);
145 if (doreplace) delete ctxImpl->ctxnew;
146 ctxImpl->ctxnew = newctx;
147 ctxImpl->crlMutex.UnLock();
148
149 // Do some debugging
150 //
151 if (doreplace) {DBG_CTX("CRL refresh created replacement x509 store.");}
152 else {DBG_CTX("CRL refresh created new x509 store.");}
153 }
154 } while(true);
155
156// If we are here the context that started us has gone away and we are done
157//
158 bool keepctx = ctxImpl->flsRunning;
159 ctxImpl->crlRunning = false;
160 ctxImpl->crlMutex.UnLock();
161 if (!keepctx) delete ctxImpl;
162 return (void *)0;
163}
#define EPNAME(x)
#define DBG_CTX(y)
static void Snooze(int seconds)
XrdTlsContext * Clone(bool full=true, bool startCRLRefresh=false)
bool newHostCertificateDetected()
static void Emsg(const char *tid, const char *msg=0, bool flush=true)
Definition XrdTls.cc:104
XrdTlsContext * owner
XrdTlsContext::CTX_Params Parm
XrdTlsContext * ctxnew
XrdSysRWLock crlMutex
int crlRT
crl refresh interval time in seconds

References XrdTlsContext::Clone(), XrdTlsContextImpl::crlMutex, XrdTlsContext::CTX_Params::crlRT, XrdTlsContextImpl::crlRunning, XrdTlsContextImpl::ctxnew, DBG_CTX, XrdTls::Emsg(), EPNAME, XrdTlsContextImpl::flsRunning, XrdTlsContext::isOK(), XrdTlsContext::newHostCertificateDetected(), XrdTlsContextImpl::owner, XrdTlsContextImpl::Parm, XrdSysRWLock::ReadLock(), XrdSysTimer::Snooze(), XrdSysRWLock::UnLock(), XrdSysRWLock::WriteLock(), and XrdTlsContext::x509Verify().

Referenced by XrdTlsContext::SetCrlRefresh().

+ Here is the call graph for this function:
+ Here is the caller graph for this function: