sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-04-16 03:00:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

[crypto] Add x509_truncate() to truncate a certificate chain

Browse Source 
Downloading a cross-signed certificate chain to partially replace
(rather than simply extend) an existing chain will require the ability
to discard all certificates after a specified link in the chain.

Extract the relevant logic from x509_free_chain() and expose it
separately as x509_truncate().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2024-02-13 16:27:31 +00:00
parent e10dfe5dc7
commit 3e721e0c08
3 changed files with 37 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/include/ipxe/x509.h
+1
View File
@@ -391,6 +391,7 @@ extern int x509_append ( struct x509_chain *chain,
struct x509_certificate *cert );
extern int x509_append_raw ( struct x509_chain *chain, const void *data,
size_t len );
extern void x509_truncate ( struct x509_chain *chain, struct x509_link *link );
extern int x509_auto_append ( struct x509_chain *chain,
struct x509_chain *certs );
extern int x509_validate_chain ( struct x509_chain *chain, time_t time,