generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Support retries in certificate callback

Browse Source 
(cherry picked from commit 0ebc965b9c)

Conflicts:

	ssl/s3_srvr.c
	ssl/ssl3.h
This commit is contained in:
Dr. Stephen Henson
2014-01-25 13:31:07 +00:00
parent 5e7329d156
commit ede90b1121
3 changed files with 36 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ssl/s3_clnt.c
View File

@@ -3301,11 +3301,20 @@ int ssl3_send_client_certificate(SSL *s)
if (s->state == SSL3_ST_CW_CERT_A)
{
/* Let cert callback update client certificates if required */
if (s->cert->cert_cb
&& s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0)
if (s->cert->cert_cb)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
return 0;
i = s->cert->cert_cb(s, s->cert->cert_cb_arg);
if (i < 0)
{
s->rwstate=SSL_X509_LOOKUP;
return -1;
}
if (i == 0)
{
ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR);
return 0;
}
s->rwstate=SSL_NOTHING;
}
if (ssl3_check_client_certificate(s))
s->state=SSL3_ST_CW_CERT_C;