pkcs11: simplify trusted module loading state

That is always utilize the same flags (GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)
to determine whether to initialize trusted modules only or
proceed with general initialization.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 5 insertions, 9 deletions

diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index d36935b84c..e1aa64f191 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -3255,11 +3255,7 @@ gnutls_pkcs11_obj_list_import_url4(gnutls_pkcs11_obj_t ** p_list,
 	int ret;
 	struct find_obj_data_st priv;
 
-	if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) {
-		PKCS11_CHECK_INIT_TRUSTED;
-	} else {
-		PKCS11_CHECK_INIT;
-	}
+	PKCS11_CHECK_INIT_FLAGS(flags);
 
 	memset(&priv, 0, sizeof(priv));
 
@@ -4000,7 +3996,7 @@ int gnutls_pkcs11_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
 	size_t id_size;
 	struct p11_kit_uri *info = NULL;
 
-	PKCS11_CHECK_INIT;
+	PKCS11_CHECK_INIT_FLAGS(flags);
 
 	memset(&priv, 0, sizeof(priv));
 
@@ -4092,7 +4088,7 @@ int gnutls_pkcs11_get_raw_issuer_by_dn (const char *url, const gnutls_datum_t *d
 	struct find_cert_st priv;
 	struct p11_kit_uri *info = NULL;
 
-	PKCS11_CHECK_INIT;
+	PKCS11_CHECK_INIT_FLAGS(flags);
 
 	memset(&priv, 0, sizeof(priv));
 
@@ -4179,7 +4175,7 @@ int gnutls_pkcs11_get_raw_issuer_by_subject_key_id (const char *url,
 	struct find_cert_st priv;
 	struct p11_kit_uri *info = NULL;
 
-	PKCS11_CHECK_INIT;
+	PKCS11_CHECK_INIT_FLAGS(flags);
 
 	memset(&priv, 0, sizeof(priv));
 
@@ -4273,7 +4269,7 @@ unsigned gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert,
 	size_t serial_size;
 	struct p11_kit_uri *info = NULL;
 
-	PKCS11_CHECK_INIT_RET(0);
+	PKCS11_CHECK_INIT_FLAGS_RET(flags, 0);
 
 	memset(&priv, 0, sizeof(priv));