return revoked;
}
+ /** Get certificate usability
+ * @return True if the certificate is not expired nor revoked
+ */
+ bool IsUsable()
+ {
+ return !invalid && !revoked && error.empty();
+ }
+
+ /** Get CA trust status
+ * @return True if the certificate is issued by a CA
+ * and valid.
+ */
bool IsCAVerified()
{
- return trusted && !invalid && !revoked && !unknownsigner && error.empty();
+ return IsUsable() && trusted && !unknownsigner;
}
std::string GetMetaLine()
*/
ssl_cert* GetCertificate() const
{
- return certificate;
+ if (certificate && certificate->IsUsable())
+ return certificate;
+ return NULL;
}
/**
*/
virtual ssl_cert* GetCertificate(User* user) = 0;
+ /** Set the SSL certificate of a user.
+ * @param user The user whose certificate to set.
+ * @param cert The SSL certificate to set for the user.
+ */
+ virtual void SetCertificate(User* user, ssl_cert* cert) = 0;
+
/** Get the key fingerprint from a user's certificate
* @param user The user whose key fingerprint to get, user may be remote
* @return The key fingerprint from the user's SSL certificate or an empty string