What's the purpose of the CertificateSetItem (formerly known as ca_db_item) class?
Mikael Svensson
minisip at mikaelsvensson.info
Tue Aug 7 11:47:44 CEST 2007
Hello
I am trying to figure out the purpose of the CertificateSetItem class.
Whenever a certificate is loaded by the OpenSSL or GNU TLS functions a
CertificateSetItem is created, keeping track of which certificate
directories or single certificates that have been loaded. So far, so good.
However, it appears that the remove() function of the CertificateSet
class (formerly ca_db) removes the CertificateSetItem from the
certificate set but not unloads the actual certificate from memory. The
point being that a CertificateSet does not properly keep track of which
certificates *are actually used by OpenSSL/GNUTLS*, if
CertificateSetItems are removed from their CertificateSets.
My question is this: What is the use of the CertificateSetItem if they
only keep track of certificates and certificate directories that *have
been* loaded in to memory, other than keeping track of which paths that
should eventually be stored in the settings file!?
Or have I misunderstood something here?
Regards
Mikael Svensson
More information about the Minisip-devel
mailing list