Add new "valid_flags" field to CERT_PKEY structure which determines what
[openssl.git] / ssl / ssl_cert.c
index 9d9b604..89a5131 100644 (file)
@@ -334,6 +334,7 @@ CERT *ssl_cert_dup(CERT *cert)
                                CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
                                }
                        }
+               rpk->valid_flags = 0;
                 if (cert->pkeys[i].authz != NULL)
                        {
                        /* Just copy everything. */
@@ -376,6 +377,8 @@ CERT *ssl_cert_dup(CERT *cert)
        /* Shared sigalgs also NULL */
        ret->shared_sigalgs = NULL;
 
+       ret->cert_flags = cert->cert_flags;
+
        return(ret);
        
 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
@@ -428,6 +431,7 @@ void ssl_cert_clear_certs(CERT *c)
                 if (cpk->authz != NULL)
                        OPENSSL_free(cpk->authz);
 #endif
+               cpk->valid_flags = 0;
                }
        }