int not_resumable;
/* The cert is the certificate used to establish this connection */
- struct cert_st /* CERT */ *cert;
+ struct cert_st /* CERT */ *sess_cert;
+ /* XXX should be struct sess_cert_st *sess_cert */
- /* This is the cert for the other end. On servers, it will be
- * the same as cert->x509 */
+ /* This is the cert for the other end.
+ * On clients, it will be the same as sess_cert->key->x509
+ * (the latter is not enough as sess_cert is not retained
+ * in the external representation of sessions, see ssl_asn1.c). */
X509 *peer;
int references;
/**/ char *app_verify_arg;
/* default values to use in SSL structures */
-/**/ struct cert_st /* CERT */ *default_cert;
+/**/ struct cert_st /* CERT */ *cert;
/**/ int read_ahead;
/**/ int verify_mode;
/**/ int verify_depth;
/* client cert? */
/* This is used to hold the server certificate used */
struct cert_st /* CERT */ *cert;
- /* XXX should be struct sess_cert_st *sess_cert */
/* the session_id_context is used to ensure sessions are only reused
* in the appropriate context */
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
#define SSL_F_SSL_BAD_METHOD 160
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+#define SSL_F_SSL_CERT_DUP 221
+#define SSL_F_SSL_CERT_INST 222
#define SSL_F_SSL_CERT_INSTANTIATE 214
#define SSL_F_SSL_CERT_NEW 162
#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
#define SSL_R_INVALID_CHALLENGE_LENGTH 158
#define SSL_R_LENGTH_MISMATCH 159
#define SSL_R_LENGTH_TOO_SHORT 160
+#define SSL_R_LIBRARY_BUG 274
#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
#define SSL_R_MISSING_DH_DSA_CERT 162
#define SSL_R_MISSING_DH_KEY 163