summaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorMichael Brown2012-03-21 17:48:08 +0100
committerMichael Brown2012-03-22 02:34:40 +0100
commit2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c (patch)
tree5d873fb6ac3e510a96b45b58eeaa4ba3ff962492 /src/crypto
parent[crypto] Parse X.509 certificate serial number (diff)
downloadipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.tar.gz
ipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.tar.xz
ipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.zip
[crypto] Add previous certificate in chain as a parameter to parse_next()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/x509.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/crypto/x509.c b/src/crypto/x509.c
index 978fbd95..eb485522 100644
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
@@ -1143,8 +1143,10 @@ int x509_validate_time ( struct x509_certificate *cert, time_t time ) {
* @v first Initial X.509 certificate to fill in, or NULL
* @ret rc Return status code
*/
-int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert,
- void *context ),
+int x509_validate_chain ( int ( * parse_next )
+ ( struct x509_certificate *cert,
+ const struct x509_certificate *previous,
+ void *context ),
void *context, time_t time, struct x509_root *root,
struct x509_certificate *first ) {
struct x509_certificate temp[2];
@@ -1159,7 +1161,7 @@ int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert,
root = &root_certificates;
/* Get first certificate in chain */
- if ( ( rc = parse_next ( current, context ) ) != 0 ) {
+ if ( ( rc = parse_next ( current, NULL, context ) ) != 0 ) {
DBGC ( context, "X509 chain %p could not get first "
"certificate: %s\n", context, strerror ( rc ) );
return rc;
@@ -1181,7 +1183,7 @@ int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert,
return 0;
/* Get next certificate in chain */
- if ( ( rc = parse_next ( next, context ) ) != 0 ) {
+ if ( ( rc = parse_next ( next, current, context ) ) != 0 ) {
DBGC ( context, "X509 chain %p could not get next "
"certificate: %s\n", context, strerror ( rc ) );
return rc;