diff options
author | Michael Brown | 2016-08-31 16:16:43 +0200 |
---|---|---|
committer | Michael Brown | 2016-08-31 16:17:31 +0200 |
commit | 534eae4d92ba6e9b2378db22c65992f136b499c6 (patch) | |
tree | dd208b1811540c5e92138e2b6c4090407643526c | |
parent | [list] Add list_next_entry() and list_prev_entry() (diff) | |
download | ipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.tar.gz ipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.tar.xz ipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.zip |
[crypto] Expose certstore_del() to explicitly remove stored certificates
Signed-off-by: Michael Brown <mcb30@ipxe.org>
-rw-r--r-- | src/crypto/certstore.c | 19 | ||||
-rw-r--r-- | src/include/ipxe/certstore.h | 1 |
2 files changed, 16 insertions, 4 deletions
diff --git a/src/crypto/certstore.c b/src/crypto/certstore.c index e62d8330..9809413a 100644 --- a/src/crypto/certstore.c +++ b/src/crypto/certstore.c @@ -146,6 +146,20 @@ void certstore_add ( struct x509_certificate *cert ) { } /** + * Remove certificate from store + * + * @v cert X.509 certificate + */ +void certstore_del ( struct x509_certificate *cert ) { + + /* Remove certificate from store */ + DBGC ( &certstore, "CERTSTORE removed certificate %s\n", + x509_name ( cert ) ); + list_del ( &cert->store.list ); + x509_put ( cert ); +} + +/** * Discard a stored certificate * * @ret discarded Number of cached items discarded @@ -158,10 +172,7 @@ static unsigned int certstore_discard ( void ) { */ list_for_each_entry_reverse ( cert, &certstore.links, store.list ) { if ( cert->refcnt.count == 0 ) { - DBGC ( &certstore, "CERTSTORE discarded certificate " - "%s\n", x509_name ( cert ) ); - list_del ( &cert->store.list ); - x509_put ( cert ); + certstore_del ( cert ); return 1; } } diff --git a/src/include/ipxe/certstore.h b/src/include/ipxe/certstore.h index 49b3b512..e4c789cf 100644 --- a/src/include/ipxe/certstore.h +++ b/src/include/ipxe/certstore.h @@ -17,5 +17,6 @@ extern struct x509_chain certstore; extern struct x509_certificate * certstore_find ( struct asn1_cursor *raw ); extern struct x509_certificate * certstore_find_key ( struct asn1_cursor *key ); extern void certstore_add ( struct x509_certificate *cert ); +extern void certstore_del ( struct x509_certificate *cert ); #endif /* _IPXE_CERTSTORE_H */ |