[crypto] Allow passing a NULL certificate store to x509_find() et al

Allow passing a NULL value for the certificate list to all functions used for identifying an X.509 certificate from an existing set of certificates, and rename function parameters to indicate that this certificate list represents an unordered certificate store (rather than an ordered certificate chain). Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2024-08-13 12:25:25 +0100
committer: Michael Brown <mcb30@ipxe.org> 2024-08-13 12:26:31 +0100
commit: 96fb7a0a9395cec423a58069e1b49535e8ceceef (patch)
tree: b38ef6bbeb7f8eb938829864f4bd72c2c2b8078a /src/net/tls.c
parent: d85590b6584499569c19f7ee4a1e0c10d5132f70 (diff)
download: ipxe-96fb7a0a9395cec423a58069e1b49535e8ceceef.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/net/tls.c b/src/net/tls.c
index 98414e2b1..c08057103 100644
--- a/src/net/tls.c
+++ b/src/net/tls.c
@@ -2467,7 +2467,7 @@ static int tls_new_certificate_request ( struct tls_connection *tls,
 	tls->certs = NULL;
 
 	/* Determine client certificate to be sent */
-	cert = x509_find_key ( &certstore, tls->key );
+	cert = x509_find_key ( NULL, tls->key );
 	if ( ! cert ) {
 		DBGC ( tls, "TLS %p could not find certificate corresponding "
 		       "to private key\n", tls );
author	Michael Brown <mcb30@ipxe.org>	2024-08-13 12:25:25 +0100
committer	Michael Brown <mcb30@ipxe.org>	2024-08-13 12:26:31 +0100
commit	96fb7a0a9395cec423a58069e1b49535e8ceceef (patch)
tree	b38ef6bbeb7f8eb938829864f4bd72c2c2b8078a /src/net/tls.c
parent	d85590b6584499569c19f7ee4a1e0c10d5132f70 (diff)
download	ipxe-96fb7a0a9395cec423a58069e1b49535e8ceceef.tar.gz