Custom extension documentation.

[openssl.git] / ssl / ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 4e75a962839eb5f87d16db7a84bf1e1d8d4703e0..505a510bffbb9133e64d3767220e1fdd9a36dac6 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -423,6 +423,13 @@ CERT *ssl_cert_dup(CERT *cert)
        ret->sec_level = cert->sec_level;
        ret->sec_ex = cert->sec_ex;
 
+#ifndef OPENSSL_NO_TLSEXT
+       if (!custom_exts_copy(&ret->cli_ext, &cert->cli_ext))
+               goto err;
+       if (!custom_exts_copy(&ret->srv_ext, &cert->srv_ext))
+               goto err;
+#endif
+
        return(ret);
        
 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
@@ -441,6 +448,11 @@ err:
                EC_KEY_free(ret->ecdh_tmp);
 #endif
 
+#ifndef OPENSSL_NO_TLSEXT
+       custom_exts_free(&ret->cli_ext);
+       custom_exts_free(&ret->srv_ext);
+#endif
+
        ssl_cert_clear_certs(ret);
 
        return NULL;
@@ -531,6 +543,10 @@ void ssl_cert_free(CERT *c)
                X509_STORE_free(c->chain_store);
        if (c->ciphers_raw)
                OPENSSL_free(c->ciphers_raw);
+#ifndef OPENSSL_NO_TLSEXT
+       custom_exts_free(&c->cli_ext);
+       custom_exts_free(&c->srv_ext);
+#endif
        OPENSSL_free(c);
        }