[x509] Record root of trust used when validating a certificate

Record the root of trust used at the point that a certificate is validated, redefine validation as checking a certificate against a specific root of trust, and pass an explicit root of trust when creating a TLS connection. This allows a custom TLS connection to be used with a custom root of trust, without causing any validated certificates to be treated as valid for normal purposes. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2020-12-08 14:58:46 +0000
committer: Michael Brown <mcb30@ipxe.org> 2020-12-08 15:04:28 +0000
commit: 39f5293492f351a274940d0ba2624ecb242b3c9b (patch)
tree: ead79747a5ab15d5db6dd4a236acdc9f224c7590 /src/net/tcp/syslogs.c
parent: 6e92d6213d20329d8b84431f00d8cbe7d63bb379 (diff)
download: ipxe-39f5293492f351a274940d0ba2624ecb242b3c9b.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/net/tcp/syslogs.c b/src/net/tcp/syslogs.c
index b37605272..f91864a44 100644
--- a/src/net/tcp/syslogs.c
+++ b/src/net/tcp/syslogs.c
@@ -246,7 +246,7 @@ static int apply_syslogs_settings ( void ) {
 	}
 
 	/* Add TLS filter */
-	if ( ( rc = add_tls ( &syslogs, server ) ) != 0 ) {
+	if ( ( rc = add_tls ( &syslogs, server, NULL ) ) != 0 ) {
 		DBG ( "SYSLOGS cannot create TLS filter: %s\n",
 		      strerror ( rc ) );
 		goto err_add_tls;
author	Michael Brown <mcb30@ipxe.org>	2020-12-08 14:58:46 +0000
committer	Michael Brown <mcb30@ipxe.org>	2020-12-08 15:04:28 +0000
commit	39f5293492f351a274940d0ba2624ecb242b3c9b (patch)
tree	ead79747a5ab15d5db6dd4a236acdc9f224c7590 /src/net/tcp/syslogs.c
parent	6e92d6213d20329d8b84431f00d8cbe7d63bb379 (diff)
download	ipxe-39f5293492f351a274940d0ba2624ecb242b3c9b.tar.gz