[x509] Record root of trust used when validating a certificate
Record the root of trust used at the point that a certificate is validated, redefine validation as checking a certificate against a specific root of trust, and pass an explicit root of trust when creating a TLS connection. This allows a custom TLS connection to be used with a custom root of trust, without causing any validated certificates to be treated as valid for normal purposes. Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
+1
-1
@@ -46,7 +46,7 @@ FEATURE ( FEATURE_PROTOCOL, "HTTPS", DHCP_EB_FEATURE_HTTPS, 1 );
|
||||
*/
|
||||
static int https_filter ( struct http_connection *conn ) {
|
||||
|
||||
return add_tls ( &conn->socket, conn->uri->host );
|
||||
return add_tls ( &conn->socket, conn->uri->host, NULL );
|
||||
}
|
||||
|
||||
/** HTTPS URI opener */
|
||||
|
||||
Reference in New Issue
Block a user