Option to set current cert to server certificate.

[openssl.git] / ssl / ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index d442e5418f3d85339364621cb00fd8de312be712..47c8b8659f4c666d5cbc0b922f0a9bf4d62ddec6 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -599,6 +599,57 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *x)
        return 1;
        }
 
        return 1;
        }
 

+int ssl_cert_select_current(CERT *c, X509 *x)
+       {
+       int i;
+       if (x == NULL)
+               return 0;
+       for (i = 0; i < SSL_PKEY_NUM; i++)
+               {
+               if (c->pkeys[i].x509 == x)
+                       {
+                       c->key = &c->pkeys[i];
+                       return 1;
+                       }
+               }
+
+       for (i = 0; i < SSL_PKEY_NUM; i++)
+               {
+               if (c->pkeys[i].x509 && !X509_cmp(c->pkeys[i].x509, x))
+                       {
+                       c->key = &c->pkeys[i];
+                       return 1;
+                       }
+               }
+       return 0;
+       }
+
+int ssl_cert_set_current(CERT *c, long op)
+       {
+       int i, idx;
+       if (!c)
+               return 0;
+       if (op == SSL_CERT_SET_FIRST)
+               idx = 0;
+       else if (op == SSL_CERT_SET_NEXT)
+               {
+               idx = (int)(c->key - c->pkeys + 1);
+               if (idx >= SSL_PKEY_NUM)
+                       return 0;
+               }
+       else
+               return 0;
+       for (i = idx; i < SSL_PKEY_NUM; i++)
+               {
+               if (c->pkeys[i].x509)
+                       {
+                       c->key = &c->pkeys[i];
+                       return 1;
+                       }
+               }
+       return 0;
+       }
+

 void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg)
        {
        c->cert_cb = cb;
 void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg)
        {
        c->cert_cb = cb;