generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New ctrl to set current certificate.

Browse Source 
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
This commit is contained in:
Dr. Stephen Henson
2014-02-02 02:51:30 +00:00
parent 9f9ab1dc66
commit 0f78819c8c
6 changed files with 73 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
demos/bio/server-arg.c
View File

@@ -82,7 +82,24 @@ int main(int argc, char *argv[])
ERR_print_errors_fp(stderr);
goto err;
}
#if 0
/* Demo of how to iterate over all certificates in an SSL_CTX
* structure.
*/
{
X509 *x;
int rv;
rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);
while (rv)
{
X509 *x = SSL_CTX_get0_certificate(ctx);
X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0, XN_FLAG_ONELINE);
printf("\n");
rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);
}
fflush(stdout);
}
#endif
/* Setup server side SSL bio */
ssl_bio=BIO_new_ssl(ctx,0);