generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow match selecting of current certificate.

Browse Source 
If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit 6856b288a6e66edd23907b7fa264f42e05ac9fc7)
This commit is contained in:
Dr. Stephen Henson 2013-11-13 22:57:11 +00:00
parent dc4bdf592f
commit ff0bdbed85
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/ssl_cert.c
View File

@ -624,6 +624,8 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *x)
int ssl_cert_select_current(CERT *c, X509 *x)
{
int i;
if (x == NULL)
return 0;
for (i = 0; i < SSL_PKEY_NUM; i++)
{
if (c->pkeys[i].x509 == x)
@ -632,6 +634,15 @@ int ssl_cert_select_current(CERT *c, X509 *x)
return 1;
}
}
for (i = 0; i < SSL_PKEY_NUM; i++)
{
if (c->pkeys[i].x509 && !X509_cmp(c->pkeys[i].x509, x))
{
c->key = &c->pkeys[i];
return 1;
}
}
return 0;
}