From 0c34d06494afe217ace7460c66df800d457dd2e8 Mon Sep 17 00:00:00 2001
From: Vincent Sanders <vince@kyllikki.org>
Date: Sun, 23 Feb 2020 16:06:52 +0000
Subject: Keep the complete certificate chain from a fetch

Instead of extracting information from the X509 certificate chain in
the fetcher the entire chain is propagated in Distinguished Encoding
Rules (DER) format.

This allows all the information contained in a certificate chain to be
retained which can subsequently be presented to the user
---
 content/content.h | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'content/content.h')

diff --git a/content/content.h b/content/content.h
index 144a698c1..f8f8d32f1 100644
--- a/content/content.h
+++ b/content/content.h
@@ -44,7 +44,7 @@ struct object_params;
 struct rect;
 struct redraw_context;
 struct llcache_query_msg;
-struct ssl_cert_info;
+struct cert_chain;
 
 /** Status of a content */
 typedef enum {
@@ -118,10 +118,7 @@ union content_msg_data {
 	 * CONTENT_MSG_SSL_CERTS - The certificate chain from the
 	 *   underlying fetch
 	 */
-	struct {
-		const struct ssl_cert_info *certs; /**< The chain */
-		size_t num; /**< The number of certs in the chain */
-	} certs;
+	const struct cert_chain *chain;
 
 	/**
 	 * CONTENT_MSG_ERROR - Error from content or underlying fetch
-- 
cgit v1.2.3