projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Call OCSP Stapling callback after ciphersuite has been chosen, so the
[openssl.git]
/
ssl
/
ssl_lib.c
diff --git
a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
index 4289a745c9e45eca5037bdbb5cf270462773668e..5a639c1f49a21caaaefde08d695bde64d2d74f10 100644
(file)
--- a/
ssl/ssl_lib.c
+++ b/
ssl/ssl_lib.c
@@
-2336,7
+2336,7
@@
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
#endif
#endif
-static int ssl_get_server_cert_index(SSL *s)
+static int ssl_get_server_cert_index(
const
SSL *s)
{
int idx;
idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
{
int idx;
idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
@@
-2347,7
+2347,7
@@
static int ssl_get_server_cert_index(SSL *s)
return idx;
}
return idx;
}
-CERT_PKEY *ssl_get_server_send_pkey(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(
const
SSL *s)
{
CERT *c;
int i;
{
CERT *c;
int i;
@@
-2833,6
+2833,14
@@
void ssl_clear_cipher_ctx(SSL *s)
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
+ if (s->server)
+ {
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ if (certpkey && certpkey->x509)
+ return certpkey->x509;
+ }
+
if (s->cert != NULL)
return(s->cert->key->x509);
else
if (s->cert != NULL)
return(s->cert->key->x509);
else
projects / openssl.git / blobdiff