diff options
author | Michael Brown | 2012-03-21 17:48:08 +0100 |
---|---|---|
committer | Michael Brown | 2012-03-22 02:34:40 +0100 |
commit | 2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c (patch) | |
tree | 5d873fb6ac3e510a96b45b58eeaa4ba3ff962492 /src/crypto | |
parent | [crypto] Parse X.509 certificate serial number (diff) | |
download | ipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.tar.gz ipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.tar.xz ipxe-2d9d0adc4e7539c45a2a0f387bcf60a1f96ed79c.zip |
[crypto] Add previous certificate in chain as a parameter to parse_next()
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
-rw-r--r-- | src/crypto/x509.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/crypto/x509.c b/src/crypto/x509.c index 978fbd95..eb485522 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1143,8 +1143,10 @@ int x509_validate_time ( struct x509_certificate *cert, time_t time ) { * @v first Initial X.509 certificate to fill in, or NULL * @ret rc Return status code */ -int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert, - void *context ), +int x509_validate_chain ( int ( * parse_next ) + ( struct x509_certificate *cert, + const struct x509_certificate *previous, + void *context ), void *context, time_t time, struct x509_root *root, struct x509_certificate *first ) { struct x509_certificate temp[2]; @@ -1159,7 +1161,7 @@ int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert, root = &root_certificates; /* Get first certificate in chain */ - if ( ( rc = parse_next ( current, context ) ) != 0 ) { + if ( ( rc = parse_next ( current, NULL, context ) ) != 0 ) { DBGC ( context, "X509 chain %p could not get first " "certificate: %s\n", context, strerror ( rc ) ); return rc; @@ -1181,7 +1183,7 @@ int x509_validate_chain ( int ( * parse_next ) ( struct x509_certificate *cert, return 0; /* Get next certificate in chain */ - if ( ( rc = parse_next ( next, context ) ) != 0 ) { + if ( ( rc = parse_next ( next, current, context ) ) != 0 ) { DBGC ( context, "X509 chain %p could not get next " "certificate: %s\n", context, strerror ( rc ) ); return rc; |