Browse Source

[crypto] Expose certstore_del() to explicitly remove stored certificates

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 8 years ago
parent
commit
534eae4d92
2 changed files with 16 additions and 4 deletions
  1. 15
    4
      src/crypto/certstore.c
  2. 1
    0
      src/include/ipxe/certstore.h

+ 15
- 4
src/crypto/certstore.c View File

@@ -145,6 +145,20 @@ void certstore_add ( struct x509_certificate *cert ) {
145 145
 	       x509_name ( cert ) );
146 146
 }
147 147
 
148
+/**
149
+ * Remove certificate from store
150
+ *
151
+ * @v cert		X.509 certificate
152
+ */
153
+void certstore_del ( struct x509_certificate *cert ) {
154
+
155
+	/* Remove certificate from store */
156
+	DBGC ( &certstore, "CERTSTORE removed certificate %s\n",
157
+	       x509_name ( cert ) );
158
+	list_del ( &cert->store.list );
159
+	x509_put ( cert );
160
+}
161
+
148 162
 /**
149 163
  * Discard a stored certificate
150 164
  *
@@ -158,10 +172,7 @@ static unsigned int certstore_discard ( void ) {
158 172
 	 */
159 173
 	list_for_each_entry_reverse ( cert, &certstore.links, store.list ) {
160 174
 		if ( cert->refcnt.count == 0 ) {
161
-			DBGC ( &certstore, "CERTSTORE discarded certificate "
162
-			       "%s\n", x509_name ( cert ) );
163
-			list_del ( &cert->store.list );
164
-			x509_put ( cert );
175
+			certstore_del ( cert );
165 176
 			return 1;
166 177
 		}
167 178
 	}

+ 1
- 0
src/include/ipxe/certstore.h View File

@@ -17,5 +17,6 @@ extern struct x509_chain certstore;
17 17
 extern struct x509_certificate * certstore_find ( struct asn1_cursor *raw );
18 18
 extern struct x509_certificate * certstore_find_key ( struct asn1_cursor *key );
19 19
 extern void certstore_add ( struct x509_certificate *cert );
20
+extern void certstore_del ( struct x509_certificate *cert );
20 21
 
21 22
 #endif /* _IPXE_CERTSTORE_H */

Loading…
Cancel
Save