New functions to retrieve certificate from SSL_CTX (2a1b7bd3) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

doc/ssl/ssl.pod

+5 −1

Original line number	Diff line number	Diff line
		@@ -374,6 +374,10 @@ session instead of a context.

		=item int B<SSL_CTX_use_certificate_file>(SSL_CTX ctx, char file, int type);

		=item X509 B<SSL_CTX_get0_certificate>(const SSL_CTX ctx);

		=item EVP_PKEY B<SSL_CTX_get0_privatekey>(const SSL_CTX ctx);

		=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX ctx, unsigned int (callback)(SSL ssl, const char hint, char identity, unsigned int max_identity_len, unsigned char psk, unsigned int max_psk_len));

		=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX ctx, const char hint);
		@@ -507,7 +511,7 @@ connection defined in the B<SSL> structure.

		=item X509 B<SSL_get_peer_certificate>(const SSL ssl);

		=item EVP_PKEY B<SSL_get_privatekey>(SSL ssl);
		=item EVP_PKEY B<SSL_get_privatekey>(const SSL ssl);

		=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);

+4 −1

Original line number	Diff line number	Diff line
		@@ -2326,7 +2326,10 @@ STACK_OF(X509_NAME) SSL_dup_CA_list(STACK_OF(X509_NAME) sk);
		SSL SSL_dup(SSL ssl);

		X509 SSL_get_certificate(const SSL ssl);
		/* EVP_PKEY / struct evp_pkey_st SSL_get_privatekey(SSL *ssl);
		/* EVP_PKEY / struct evp_pkey_st SSL_get_privatekey(const SSL *ssl);

		X509 SSL_CTX_get0_certificate(const SSL_CTX ctx);
		EVP_PKEY SSL_CTX_get0_privatekey(const SSL_CTX ctx);

		void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
		int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);

+17 −3

Original line number	Diff line number	Diff line
		@@ -3068,7 +3068,6 @@ void ssl_clear_cipher_ctx(SSL *s)
		#endif
		}

		/* Fix this function so that it takes an optional type parameter */
		X509 SSL_get_certificate(const SSL s)
		{
		if (s->cert != NULL)
		@@ -3077,8 +3076,7 @@ X509 SSL_get_certificate(const SSL s)
		return(NULL);
		}

		/* Fix this function so that it takes an optional type parameter */
		EVP_PKEY SSL_get_privatekey(SSL s)
		EVP_PKEY SSL_get_privatekey(const SSL s)
		{
		if (s->cert != NULL)
		return(s->cert->key->privatekey);
		@@ -3086,6 +3084,22 @@ EVP_PKEY SSL_get_privatekey(SSL s)
		return(NULL);
		}

		X509 SSL_CTX_get0_certificate(const SSL_CTX ctx)
		{
		if (ctx->cert != NULL)
		return ctx->cert->key->x509;
		else
		return NULL;
		}

		EVP_PKEY SSL_CTX_get0_privatekey(const SSL_CTX ctx)
		{
		if (ctx->cert != NULL)
		return ctx->cert->key->privatekey;
		else
		return NULL ;
		}

		const SSL_CIPHER SSL_get_current_cipher(const SSL s)
		{
		if ((s->session != NULL) && (s->session->cipher != NULL))

Original line number	Diff line number	Diff line
		@@ -374,6 +374,10 @@ session instead of a context.

		=item int B<SSL_CTX_use_certificate_file>(SSL_CTX ctx, char file, int type);

		=item X509 B<SSL_CTX_get0_certificate>(const SSL_CTX ctx);

		=item EVP_PKEY B<SSL_CTX_get0_privatekey>(const SSL_CTX ctx);

		=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX ctx, unsigned int (callback)(SSL ssl, const char hint, char identity, unsigned int max_identity_len, unsigned char psk, unsigned int max_psk_len));

		=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX ctx, const char hint);
		@@ -507,7 +511,7 @@ connection defined in the B<SSL> structure.

		=item X509 B<SSL_get_peer_certificate>(const SSL ssl);

		=item EVP_PKEY B<SSL_get_privatekey>(SSL ssl);
		=item EVP_PKEY B<SSL_get_privatekey>(const SSL ssl);

		=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);

Original line number	Diff line number	Diff line
		@@ -2326,7 +2326,10 @@ STACK_OF(X509_NAME) SSL_dup_CA_list(STACK_OF(X509_NAME) sk);
		SSL SSL_dup(SSL ssl);

		X509 SSL_get_certificate(const SSL ssl);
		/* EVP_PKEY / struct evp_pkey_st SSL_get_privatekey(SSL *ssl);
		/* EVP_PKEY / struct evp_pkey_st SSL_get_privatekey(const SSL *ssl);

		X509 SSL_CTX_get0_certificate(const SSL_CTX ctx);
		EVP_PKEY SSL_CTX_get0_privatekey(const SSL_CTX ctx);

		void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
		int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);