Add SSL_CTX_set1_cert_store()

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3347191f171ca943c6c50d8f4dcf48a0105f10d3..8bf872beec09ea6fd1de0f5dddaf0d8486a1fb23 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3553,6 +3553,13 @@ void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
     ctx->cert_store = store;
 }
 
+void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store)
+{
+    if (store != NULL)
+        X509_STORE_up_ref(store);
+    SSL_CTX_set_cert_store(ctx, store);
+}
+
 int SSL_want(const SSL *s)
 {
     return (s->rwstate);
@@ -3931,7 +3938,7 @@ static int ct_move_scts(STACK_OF(SCT) **dst, STACK_OF(SCT) *src,
 
 /*
  * Look for data collected during ServerHello and parse if found.
- * Return 1 on success, 0 on failure.
+ * Returns the number of SCTs extracted.
  */
 static int ct_extract_tls_extension_scts(SSL *s)
 {