From 8583c323a25fd65fb6e7fe47e3e8b69d23acb2d3 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Mon, 19 Mar 2012 23:04:05 +0000
Subject: [tls] Check certificate validity period against current date and time

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/include/ipxe/x509.h | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/include/ipxe/x509.h')

diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h
index f290a76e3..925e23f7d 100644
--- a/src/include/ipxe/x509.h
+++ b/src/include/ipxe/x509.h
@@ -204,17 +204,19 @@ struct x509_root {
 
 extern int x509_parse ( struct x509_certificate *cert,
 			const void *data, size_t len );
-extern int x509_validate ( struct x509_certificate *cert,
-			   struct x509_certificate *issuer );
+extern int x509_validate_issuer ( struct x509_certificate *cert,
+				  struct x509_certificate *issuer );
 extern void x509_fingerprint ( struct x509_certificate *cert,
 			       struct digest_algorithm *digest,
 			       void *fingerprint );
 extern int x509_validate_root ( struct x509_certificate *cert,
 				struct x509_root *root );
+extern int x509_validate_time ( struct x509_certificate *cert, time_t time );
 extern int x509_validate_chain ( int ( * parse_next )
 				 ( struct x509_certificate *cert,
 				   void *context ),
-				 void *context, struct x509_root *root,
+				 void *context, time_t time,
+				 struct x509_root *root,
 				 struct x509_certificate *first );
 
 #endif /* _IPXE_X509_H */
-- 
cgit v1.2.3-55-g7522