summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Brown2016-08-31 16:16:43 +0200
committerMichael Brown2016-08-31 16:17:31 +0200
commit534eae4d92ba6e9b2378db22c65992f136b499c6 (patch)
treedd208b1811540c5e92138e2b6c4090407643526c
parent[list] Add list_next_entry() and list_prev_entry() (diff)
downloadipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.tar.gz
ipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.tar.xz
ipxe-534eae4d92ba6e9b2378db22c65992f136b499c6.zip
[crypto] Expose certstore_del() to explicitly remove stored certificates
Signed-off-by: Michael Brown <mcb30@ipxe.org>
-rw-r--r--src/crypto/certstore.c19
-rw-r--r--src/include/ipxe/certstore.h1
2 files changed, 16 insertions, 4 deletions
diff --git a/src/crypto/certstore.c b/src/crypto/certstore.c
index e62d8330..9809413a 100644
--- a/src/crypto/certstore.c
+++ b/src/crypto/certstore.c
@@ -146,6 +146,20 @@ void certstore_add ( struct x509_certificate *cert ) {
}
/**
+ * Remove certificate from store
+ *
+ * @v cert X.509 certificate
+ */
+void certstore_del ( struct x509_certificate *cert ) {
+
+ /* Remove certificate from store */
+ DBGC ( &certstore, "CERTSTORE removed certificate %s\n",
+ x509_name ( cert ) );
+ list_del ( &cert->store.list );
+ x509_put ( cert );
+}
+
+/**
* Discard a stored certificate
*
* @ret discarded Number of cached items discarded
@@ -158,10 +172,7 @@ static unsigned int certstore_discard ( void ) {
*/
list_for_each_entry_reverse ( cert, &certstore.links, store.list ) {
if ( cert->refcnt.count == 0 ) {
- DBGC ( &certstore, "CERTSTORE discarded certificate "
- "%s\n", x509_name ( cert ) );
- list_del ( &cert->store.list );
- x509_put ( cert );
+ certstore_del ( cert );
return 1;
}
}
diff --git a/src/include/ipxe/certstore.h b/src/include/ipxe/certstore.h
index 49b3b512..e4c789cf 100644
--- a/src/include/ipxe/certstore.h
+++ b/src/include/ipxe/certstore.h
@@ -17,5 +17,6 @@ extern struct x509_chain certstore;
extern struct x509_certificate * certstore_find ( struct asn1_cursor *raw );
extern struct x509_certificate * certstore_find_key ( struct asn1_cursor *key );
extern void certstore_add ( struct x509_certificate *cert );
+extern void certstore_del ( struct x509_certificate *cert );
#endif /* _IPXE_CERTSTORE_H */