return (NULL);
}
+ ret->references = 1;
ret->key = &ret->pkeys[cert->key - cert->pkeys];
#ifndef OPENSSL_NO_RSA
}
}
- ret->references = 1;
/* Configured sigalgs copied across */
if (cert->conf_sigalgs) {
ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen);
goto err;
if (!custom_exts_copy(&ret->srv_ext, &cert->srv_ext))
goto err;
-
+#ifndef OPENSSL_NO_PSK
+ if (cert->psk_identity_hint) {
+ ret->psk_identity_hint = BUF_strdup(cert->psk_identity_hint);
+ if (ret->psk_identity_hint == NULL)
+ goto err;
+ }
+#endif
return (ret);
err:
X509_STORE_free(c->chain_store);
custom_exts_free(&c->cli_ext);
custom_exts_free(&c->srv_ext);
+#ifndef OPENSSL_NO_PSK
+ OPENSSL_free(c->psk_identity_hint);
+#endif
OPENSSL_free(c);
}
return (X509_NAME_cmp(*a, *b));
}
-#ifndef OPENSSL_NO_STDIO
/**
* Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
* it doesn't really have anything to do with clients (except that a common use
sk = sk_X509_NAME_new(xname_cmp);
- in = BIO_new(BIO_s_file_internal());
+ in = BIO_new(BIO_s_file());
if ((sk == NULL) || (in == NULL)) {
SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
ERR_clear_error();
return (ret);
}
-#endif
/**
* Add a file of certs to a stack.
oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
- in = BIO_new(BIO_s_file_internal());
+ in = BIO_new(BIO_s_file());
if (in == NULL) {
SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
if (sk_X509_num(chain) > 0) {
/* See if last cert is self signed */
x = sk_X509_value(chain, sk_X509_num(chain) - 1);
- X509_check_purpose(x, -1, 0);
- if (x->ex_flags & EXFLAG_SS) {
+ if (X509_get_extension_flags(x) & EXFLAG_SS) {
x = sk_X509_pop(chain);
X509_free(x);
}