From 534eae4d92ba6e9b2378db22c65992f136b499c6 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Wed, 31 Aug 2016 15:16:43 +0100
Subject: [crypto] Expose certstore_del() to explicitly remove stored
 certificates

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/crypto/certstore.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

(limited to 'src/crypto')

diff --git a/src/crypto/certstore.c b/src/crypto/certstore.c
index e62d8330..9809413a 100644
--- a/src/crypto/certstore.c
+++ b/src/crypto/certstore.c
@@ -145,6 +145,20 @@ void certstore_add ( struct x509_certificate *cert ) {
 	       x509_name ( cert ) );
 }
 
+/**
+ * Remove certificate from store
+ *
+ * @v cert		X.509 certificate
+ */
+void certstore_del ( struct x509_certificate *cert ) {
+
+	/* Remove certificate from store */
+	DBGC ( &certstore, "CERTSTORE removed certificate %s\n",
+	       x509_name ( cert ) );
+	list_del ( &cert->store.list );
+	x509_put ( cert );
+}
+
 /**
  * Discard a stored certificate
  *
@@ -158,10 +172,7 @@ static unsigned int certstore_discard ( void ) {
 	 */
 	list_for_each_entry_reverse ( cert, &certstore.links, store.list ) {
 		if ( cert->refcnt.count == 0 ) {
-			DBGC ( &certstore, "CERTSTORE discarded certificate "
-			       "%s\n", x509_name ( cert ) );
-			list_del ( &cert->store.list );
-			x509_put ( cert );
+			certstore_del ( cert );
 			return 1;
 		}
 	}
-- 
cgit v1.2.3-55-g7522