diff options
| author | Michael Brown <mcb30@ipxe.org> | 2020-12-09 16:19:03 +0000 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2020-12-09 16:45:50 +0000 |
| commit | 3475f9162b84ce21327244ebce20ae29db6d7ac8 (patch) | |
| tree | 39f7a31165e66cf82d92f5d8d536e9b18b248c76 /src/net | |
| parent | e3eedb0be581b7f3df70e8150c7adfcf275506b8 (diff) | |
| download | ipxe-3475f9162b84ce21327244ebce20ae29db6d7ac8.tar.gz | |
[x509] Make root of trust a reference-counted structure
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/net')
| -rw-r--r-- | src/net/tls.c | 3 | ||||
| -rw-r--r-- | src/net/validator.c | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/src/net/tls.c b/src/net/tls.c index c04f0d557..f5459a2af 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -380,6 +380,7 @@ static void free_tls ( struct refcnt *refcnt ) { } x509_chain_put ( tls->certs ); x509_chain_put ( tls->chain ); + x509_root_put ( tls->root ); /* Drop reference to session */ assert ( list_empty ( &tls->list ) ); @@ -3163,7 +3164,7 @@ int add_tls ( struct interface *xfer, const char *name, intf_init ( &tls->validator, &tls_validator_desc, &tls->refcnt ); process_init_stopped ( &tls->process, &tls_process_desc, &tls->refcnt ); - tls->root = root; + tls->root = x509_root_get ( root ); tls->version = TLS_VERSION_TLS_1_2; tls_clear_cipher ( tls, &tls->tx_cipherspec ); tls_clear_cipher ( tls, &tls->tx_cipherspec_pending ); diff --git a/src/net/validator.c b/src/net/validator.c index c407a09b7..693d4464b 100644 --- a/src/net/validator.c +++ b/src/net/validator.c @@ -116,6 +116,7 @@ static void validator_free ( struct refcnt *refcnt ) { DBGC2 ( validator, "VALIDATOR %p \"%s\" freed\n", validator, validator_name ( validator ) ); + x509_root_put ( validator->root ); x509_chain_put ( validator->chain ); ocsp_put ( validator->ocsp ); xferbuf_free ( &validator->buffer ); @@ -650,7 +651,7 @@ int create_validator ( struct interface *job, struct x509_chain *chain, &validator->refcnt ); process_init ( &validator->process, &validator_process_desc, &validator->refcnt ); - validator->root = root; + validator->root = x509_root_get ( root ); validator->chain = x509_chain_get ( chain ); xferbuf_malloc_init ( &validator->buffer ); |