Loading ssl/ssl_lib.c +11 −3 Original line number Diff line number Diff line Loading @@ -1943,7 +1943,7 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs) } /* THIS NEEDS CLEANING UP */ X509 *ssl_get_server_send_cert(const SSL *s) CERT_PKEY *ssl_get_server_send_pkey(const SSL *s) { unsigned long alg,kalg; CERT *c; Loading Loading @@ -1996,9 +1996,17 @@ X509 *ssl_get_server_send_cert(const SSL *s) SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR); return(NULL); } if (c->pkeys[i].x509 == NULL) return(NULL); return(c->pkeys[i].x509); return c->pkeys + i; } X509 *ssl_get_server_send_cert(const SSL *s) { CERT_PKEY *cpk; cpk = ssl_get_server_send_pkey(s); if (!cpk) return NULL; return cpk->x509; } EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher) Loading ssl/ssl_locl.h +1 −0 Original line number Diff line number Diff line Loading @@ -740,6 +740,7 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); int ssl_undefined_function(SSL *s); int ssl_undefined_void_function(void); int ssl_undefined_const_function(const SSL *s); CERT_PKEY *ssl_get_server_send_pkey(const SSL *s); X509 *ssl_get_server_send_cert(const SSL *); EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); int ssl_cert_type(X509 *x,EVP_PKEY *pkey); Loading ssl/t1_lib.c +12 −0 Original line number Diff line number Diff line Loading @@ -786,6 +786,18 @@ int ssl_check_clienthello_tlsext_late(SSL *s) if (s->tlsext_status_type != -1 && s->ctx && s->ctx->tlsext_status_cb) { int r; CERT_PKEY *certpkey; certpkey = ssl_get_server_send_pkey(s); /* If no certificate can't return certificate status */ if (certpkey == NULL) { s->tlsext_status_expected = 0; return 1; } /* Set current certificate to one we will use so * SSL_get_certificate et al can pick it up. */ s->cert->key = certpkey; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); switch (r) { Loading Loading
ssl/ssl_lib.c +11 −3 Original line number Diff line number Diff line Loading @@ -1943,7 +1943,7 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs) } /* THIS NEEDS CLEANING UP */ X509 *ssl_get_server_send_cert(const SSL *s) CERT_PKEY *ssl_get_server_send_pkey(const SSL *s) { unsigned long alg,kalg; CERT *c; Loading Loading @@ -1996,9 +1996,17 @@ X509 *ssl_get_server_send_cert(const SSL *s) SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR); return(NULL); } if (c->pkeys[i].x509 == NULL) return(NULL); return(c->pkeys[i].x509); return c->pkeys + i; } X509 *ssl_get_server_send_cert(const SSL *s) { CERT_PKEY *cpk; cpk = ssl_get_server_send_pkey(s); if (!cpk) return NULL; return cpk->x509; } EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher) Loading
ssl/ssl_locl.h +1 −0 Original line number Diff line number Diff line Loading @@ -740,6 +740,7 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); int ssl_undefined_function(SSL *s); int ssl_undefined_void_function(void); int ssl_undefined_const_function(const SSL *s); CERT_PKEY *ssl_get_server_send_pkey(const SSL *s); X509 *ssl_get_server_send_cert(const SSL *); EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); int ssl_cert_type(X509 *x,EVP_PKEY *pkey); Loading
ssl/t1_lib.c +12 −0 Original line number Diff line number Diff line Loading @@ -786,6 +786,18 @@ int ssl_check_clienthello_tlsext_late(SSL *s) if (s->tlsext_status_type != -1 && s->ctx && s->ctx->tlsext_status_cb) { int r; CERT_PKEY *certpkey; certpkey = ssl_get_server_send_pkey(s); /* If no certificate can't return certificate status */ if (certpkey == NULL) { s->tlsext_status_expected = 0; return 1; } /* Set current certificate to one we will use so * SSL_get_certificate et al can pick it up. */ s->cert->key = certpkey; r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg); switch (r) { Loading
