From 9a1a42f2830ac797070cb6f807869872d7e7c19a Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Thu, 25 Aug 2016 15:38:58 +0100
Subject: [crypto] Allow certificates to be marked as having been added
 explicitly

Allow certificates to be marked as having been added explicitly at run
time.  Such certificates will not be discarded via the certificate
store cache discarder.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/include/ipxe/x509.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/include')

diff --git a/src/include/ipxe/x509.h b/src/include/ipxe/x509.h
index 58f91c01f..78eeafbfb 100644
--- a/src/include/ipxe/x509.h
+++ b/src/include/ipxe/x509.h
@@ -220,6 +220,10 @@ struct x509_certificate {
 enum x509_flags {
 	/** Certificate has been validated */
 	X509_FL_VALIDATED = 0x0001,
+	/** Certificate was added at build time */
+	X509_FL_PERMANENT = 0x0002,
+	/** Certificate was added explicitly at run time */
+	X509_FL_EXPLICIT = 0x0004,
 };
 
 /**
-- 
cgit v1.2.3-55-g7522