projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add SSL_get0_verified_chain() to return verified chain of peer
[openssl.git]
/
ssl
/
ssl_lib.c
diff --git
a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
index 1154b71ab6480d1e9e1f3561f58d9d7df04aa6df..197a37cd0d46b511ece256542fddf67bbd61b9d6 100644
(file)
--- a/
ssl/ssl_lib.c
+++ b/
ssl/ssl_lib.c
@@
-715,6
+715,7
@@
SSL *SSL_new(SSL_CTX *ctx)
s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
}
s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
}
+ s->verified_chain = NULL;
s->verify_result = X509_V_OK;
s->default_passwd_callback = ctx->default_passwd_callback;
s->verify_result = X509_V_OK;
s->default_passwd_callback = ctx->default_passwd_callback;
@@
-1052,6
+1053,8
@@
void SSL_free(SSL *s)
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+ sk_X509_pop_free(s->verified_chain, X509_free);
+
if (s->method != NULL)
s->method->ssl_free(s);
if (s->method != NULL)
s->method->ssl_free(s);
@@
-3822,4
+3825,9
@@
unsigned long SSL_clear_options(SSL *s, unsigned long op)
return s->options &= ~op;
}
return s->options &= ~op;
}
+STACK_OF(X509) *SSL_get0_verified_chain(const SSL *s)
+{
+ return s->verified_chain;
+}
+
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);