From f0259b9588bab116c7dfbc62524b98794c90aaef Mon Sep 17 00:00:00 2001
From: Daniel McCarney <daniel@binaryparadox.net>
Date: Fri, 5 May 2023 15:06:03 -0400
Subject: [PATCH] verify: break out build_chain recursion.

Crate-internal consumers of `build_chain` always pass `0` as the sub CA
count, only the `verify_cert.rs` internal recursion changes this
parameter.

This commit separates the external interface from the internal
recursion to remove one extra parameter from an already complicated
interface.
---
 src/end_entity.rs  | 2 --
 src/verify_cert.rs | 8 ++++++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/end_entity.rs b/src/end_entity.rs
index 0fabc2f0..ee4f9316 100644
--- a/src/end_entity.rs
+++ b/src/end_entity.rs
@@ -100,7 +100,6 @@ impl<'a> EndEntityCert<'a> {
             },
             &self.inner,
             time,
-            0,
         )
     }
 
@@ -131,7 +130,6 @@ impl<'a> EndEntityCert<'a> {
             },
             &self.inner,
             time,
-            0,
         )
     }
 
diff --git a/src/verify_cert.rs b/src/verify_cert.rs
index daba5303..86540f85 100644
--- a/src/verify_cert.rs
+++ b/src/verify_cert.rs
@@ -24,7 +24,11 @@ pub(crate) struct ChainOptions<'a> {
     pub(crate) intermediate_certs: &'a [&'a [u8]],
 }
 
-pub(crate) fn build_chain(
+pub(crate) fn build_chain(opts: &ChainOptions, cert: &Cert, time: time::Time) -> Result<(), Error> {
+    build_chain_inner(opts, cert, time, 0)
+}
+
+fn build_chain_inner(
     opts: &ChainOptions,
     cert: &Cert,
     time: time::Time,
@@ -128,7 +132,7 @@ pub(crate) fn build_chain(
             UsedAsCa::Yes => sub_ca_count + 1,
         };
 
-        build_chain(opts, &potential_issuer, time, next_sub_ca_count)
+        build_chain_inner(opts, &potential_issuer, time, next_sub_ca_count)
     })
 }