Switch names of checkRevocation options based on feedback.

author Scott Cantor <cantor.2@osu.edu>

Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)

committer Scott Cantor <cantor.2@osu.edu>

Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)
author Scott Cantor <cantor.2@osu.edu>
Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)
committer Scott Cantor <cantor.2@osu.edu>
Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)
diff --git a/xmltooling/security/AbstractPKIXTrustEngine.h b/xmltooling/security/AbstractPKIXTrustEngine.h

index 3da7efa..641e059 100644 (file)
--- a/xmltooling/security/AbstractPKIXTrustEngine.h
+++ b/xmltooling/security/AbstractPKIXTrustEngine.h
@@ -46,14 +46,14 @@ namespace xmltooling {
           * If a DOM is supplied, the following XML content is supported:
           * 
           * <ul>
-         *  <li>checkRevocation attribute (optional, required, all)
+         *  <li>checkRevocation attribute (optional, entityOnly, fullChain)
           * </ul>
           * 
           * @param e DOM to supply configuration for provider
           */
          AbstractPKIXTrustEngine(const xercesc::DOMElement* e=nullptr);
  
-               /** Controls revocation checking, currently limited to CRLs and supports "optional" and "required". */
+               /** Controls revocation checking, currently limited to CRLs and supports "optional", "entityOnly", "fullChain". */
                 std::string m_checkRevocation;
  
          /** Flag controls whether every issuer in the trust path must have a CRL loaded. */
diff --git a/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp b/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp

index aced79d..ba5cfb2 100644 (file)
--- a/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp
+++ b/xmltooling/security/impl/AbstractPKIXTrustEngine.cpp
@@ -369,8 +369,8 @@ bool AbstractPKIXTrustEngine::validateWithCRLs(
                                 certEE,
                                 certChain,
                                 pkix.get(),
-                               (m_checkRevocation=="required" || m_checkRevocation=="all"),
-                               (m_fullCRLChain || m_checkRevocation=="all"),
+                               (m_checkRevocation=="entityOnly" || m_checkRevocation=="fullChain"),
+                               (m_fullCRLChain || m_checkRevocation=="fullChain"),
                                 inlineCRLs
                                 )) {
              return true;
author	Scott Cantor <cantor.2@osu.edu>
	Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)
committer	Scott Cantor <cantor.2@osu.edu>
	Fri, 12 Nov 2010 19:07:51 +0000 (19:07 +0000)
xmltooling/security/AbstractPKIXTrustEngine.h		patch \| blob \| history
xmltooling/security/impl/AbstractPKIXTrustEngine.cpp		patch \| blob \| history