Loading ssl/s3_clnt.c +1 −1 Original line number Diff line number Diff line Loading @@ -1329,7 +1329,7 @@ int ssl3_get_server_certificate(SSL *s) ssl_sess_cert_free(s->session->sess_cert); s->session->sess_cert = sc; sc->cert_chain = sk; s->session->peer_chain = sk; /* * Inconsistency alert: cert_chain does include the peer's certificate, * which we don't include in s3_srvr.c Loading ssl/s3_srvr.c +2 −2 Original line number Diff line number Diff line Loading @@ -3206,8 +3206,8 @@ int ssl3_get_client_certificate(SSL *s) goto done; } } sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free); s->session->sess_cert->cert_chain = sk; sk_X509_pop_free(s->session->peer_chain, X509_free); s->session->peer_chain = sk; /* * Inconsistency alert: cert_chain does *not* include the peer's own * certificate, while we do include it in s3_clnt.c Loading ssl/ssl_cert.c +0 −1 Original line number Diff line number Diff line Loading @@ -556,7 +556,6 @@ void ssl_sess_cert_free(SESS_CERT *sc) #endif /* i == 0 */ sk_X509_pop_free(sc->cert_chain, X509_free); OPENSSL_free(sc); } Loading ssl/ssl_lib.c +2 −3 Original line number Diff line number Diff line Loading @@ -834,11 +834,10 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) { STACK_OF(X509) *r; if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL)) if ((s == NULL) || (s->session == NULL)) r = NULL; else r = s->session->sess_cert->cert_chain; r = s->session->peer_chain; /* * If we are a client, cert_chain includes the peer's own certificate; if Loading ssl/ssl_locl.h +2 −1 Original line number Diff line number Diff line Loading @@ -629,6 +629,8 @@ struct ssl_session_st { /* This is the cert and type for the other end. */ X509 *peer; int peer_type; /* Certificate chain of peer */ STACK_OF(X509) *peer_chain; /* * when app_verify_callback accepts a session where the peer's * certificate is not ok, we must remember the error for session reuse: Loading Loading @@ -1587,7 +1589,6 @@ typedef struct cert_st { } CERT; typedef struct sess_cert_st { STACK_OF(X509) *cert_chain; /* as received from peer */ int references; /* actually always 1 at the moment */ } SESS_CERT; /* Structure containing decoded values of signature algorithms extension */ Loading Loading
ssl/s3_clnt.c +1 −1 Original line number Diff line number Diff line Loading @@ -1329,7 +1329,7 @@ int ssl3_get_server_certificate(SSL *s) ssl_sess_cert_free(s->session->sess_cert); s->session->sess_cert = sc; sc->cert_chain = sk; s->session->peer_chain = sk; /* * Inconsistency alert: cert_chain does include the peer's certificate, * which we don't include in s3_srvr.c Loading
ssl/s3_srvr.c +2 −2 Original line number Diff line number Diff line Loading @@ -3206,8 +3206,8 @@ int ssl3_get_client_certificate(SSL *s) goto done; } } sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free); s->session->sess_cert->cert_chain = sk; sk_X509_pop_free(s->session->peer_chain, X509_free); s->session->peer_chain = sk; /* * Inconsistency alert: cert_chain does *not* include the peer's own * certificate, while we do include it in s3_clnt.c Loading
ssl/ssl_cert.c +0 −1 Original line number Diff line number Diff line Loading @@ -556,7 +556,6 @@ void ssl_sess_cert_free(SESS_CERT *sc) #endif /* i == 0 */ sk_X509_pop_free(sc->cert_chain, X509_free); OPENSSL_free(sc); } Loading
ssl/ssl_lib.c +2 −3 Original line number Diff line number Diff line Loading @@ -834,11 +834,10 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) { STACK_OF(X509) *r; if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL)) if ((s == NULL) || (s->session == NULL)) r = NULL; else r = s->session->sess_cert->cert_chain; r = s->session->peer_chain; /* * If we are a client, cert_chain includes the peer's own certificate; if Loading
ssl/ssl_locl.h +2 −1 Original line number Diff line number Diff line Loading @@ -629,6 +629,8 @@ struct ssl_session_st { /* This is the cert and type for the other end. */ X509 *peer; int peer_type; /* Certificate chain of peer */ STACK_OF(X509) *peer_chain; /* * when app_verify_callback accepts a session where the peer's * certificate is not ok, we must remember the error for session reuse: Loading Loading @@ -1587,7 +1589,6 @@ typedef struct cert_st { } CERT; typedef struct sess_cert_st { STACK_OF(X509) *cert_chain; /* as received from peer */ int references; /* actually always 1 at the moment */ } SESS_CERT; /* Structure containing decoded values of signature algorithms extension */ Loading
Richard Levitte <levitte@openssl.org>Richard Levitte <levitte@openssl.org>