generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New ctrl to set current certificate.

Browse Source 
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
This commit is contained in:
Dr. Stephen Henson
2014-02-02 02:51:30 +00:00
parent 9f9ab1dc66
commit 0f78819c8c
6 changed files with 73 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
ssl/ssl_cert.c
View File

@@ -624,6 +624,32 @@ int ssl_cert_select_current(CERT *c, X509 *x)
return 0;
}
int ssl_cert_set_current(CERT *c, long op)
{
int i, idx;
if (!c)
return 0;
if (op == SSL_CERT_SET_FIRST)
idx = 0;
else if (op == SSL_CERT_SET_NEXT)
{
idx = (int)(c->key - c->pkeys + 1);
if (idx >= SSL_PKEY_NUM)
return 0;
}
else
return 0;
for (i = idx; i < SSL_PKEY_NUM; i++)
{
if (c->pkeys[i].x509)
{
c->key = &c->pkeys[i];
return 1;
}
}
return 0;
}
void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg)
{
c->cert_cb = cb;