projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Call OCSP Stapling callback after ciphersuite has been chosen, so the
[oweals/openssl.git]
/
ssl
/
ssl_lib.c
diff --git
a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
index 617526a66d46685ed95be940c3d31b400cd2ef03..555a630b1ba8da6e316c2e2ed5b6111c37135e8b 100644
(file)
--- a/
ssl/ssl_lib.c
+++ b/
ssl/ssl_lib.c
@@
-2320,7
+2320,7
@@
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
#endif
/* THIS NEEDS CLEANING UP */
#endif
/* THIS NEEDS CLEANING UP */
-static int ssl_get_server_cert_index(SSL *s)
+static int ssl_get_server_cert_index(
const
SSL *s)
{
unsigned long alg_k, alg_a;
{
unsigned long alg_k, alg_a;
@@
-2371,7
+2371,7
@@
static int ssl_get_server_cert_index(SSL *s)
}
}
}
}
-CERT_PKEY *ssl_get_server_send_pkey(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(
const
SSL *s)
{
CERT *c;
int i;
{
CERT *c;
int i;
@@
-2840,6
+2840,14
@@
void ssl_clear_cipher_ctx(SSL *s)
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
+ if (s->server)
+ {
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ if (certpkey && certpkey->x509)
+ return certpkey->x509;
+ }
+
if (s->cert != NULL)
return(s->cert->key->x509);
else
if (s->cert != NULL)
return(s->cert->key->x509);
else