}
/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(const SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
unsigned long alg,kalg;
CERT *c;
SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
return(NULL);
}
- if (c->pkeys[i].x509 == NULL) return(NULL);
- return(c->pkeys[i].x509);
+ return c->pkeys + i;
+ }
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+ {
+ CERT_PKEY *cpk;
+ cpk = ssl_get_server_send_pkey(s);
+ if (!cpk)
+ return NULL;
+ return cpk->x509;
}
EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
int ssl_undefined_function(SSL *s);
int ssl_undefined_void_function(void);
int ssl_undefined_const_function(const SSL *s);
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
X509 *ssl_get_server_send_cert(const SSL *);
EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
if (s->tlsext_status_type != -1 && s->ctx && s->ctx->tlsext_status_cb)
{
int r;
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ /* If no certificate can't return certificate status */
+ if (certpkey == NULL)
+ {
+ s->tlsext_status_expected = 0;
+ return 1;
+ }
+ /* Set current certificate to one we will use so
+ * SSL_get_certificate et al can pick it up.
+ */
+ s->cert->key = certpkey;
r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
switch (r)
{
projects / openssl.git / commitdiff