generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Revise ssl code to use a CERT_PKEY structure when outputting a

Browse Source 
certificate chain instead of an X509 structure.

This makes it easier to enhance code in future and the chain
output functions have access to the CERT_PKEY structure being
used.
This commit is contained in:
Dr. Stephen Henson
2012-01-26 16:00:34 +00:00
parent 4379d0e457
commit c526ed410c
9 changed files with 28 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/s3_srvr.c
View File

@@ -3362,12 +3362,12 @@ err:
int ssl3_send_server_certificate(SSL *s)
{
unsigned long l;
X509 *x;
CERT_PKEY *cpk;
if (s->state == SSL3_ST_SW_CERT_A)
{
x=ssl_get_server_send_cert(s);
if (x == NULL)
cpk=ssl_get_server_send_pkey(s);
if (cpk == NULL)
{
/* VRS: allow null cert if auth == KRB5 */
if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
@@ -3378,7 +3378,7 @@ int ssl3_send_server_certificate(SSL *s)
}
}
l=ssl3_output_cert_chain(s,x);
l=ssl3_output_cert_chain(s,cpk);
s->state=SSL3_ST_SW_CERT_B;
s->init_num=(int)l;
s->init_off=0;