projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Call OCSP Stapling callback after ciphersuite has been chosen, so the
[oweals/openssl.git]
/
ssl
/
ssl_lib.c
diff --git
a/ssl/ssl_lib.c
b/ssl/ssl_lib.c
index 78009e88cde3c13f0b51a5276ce58cde802a4ab6..555a630b1ba8da6e316c2e2ed5b6111c37135e8b 100644
(file)
--- a/
ssl/ssl_lib.c
+++ b/
ssl/ssl_lib.c
@@
-2320,7
+2320,7
@@
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
#endif
/* THIS NEEDS CLEANING UP */
#endif
/* THIS NEEDS CLEANING UP */
-static int ssl_get_server_cert_index(SSL *s)
+static int ssl_get_server_cert_index(
const
SSL *s)
{
unsigned long alg_k, alg_a;
{
unsigned long alg_k, alg_a;
@@
-2371,7
+2371,7
@@
static int ssl_get_server_cert_index(SSL *s)
}
}
}
}
-CERT_PKEY *ssl_get_server_send_pkey(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(
const
SSL *s)
{
CERT *c;
int i;
{
CERT *c;
int i;
@@
-2668,7
+2668,7
@@
const char *SSL_get_version(const SSL *s)
return("TLSv1.2");
else if (s->version == TLS1_1_VERSION)
return("TLSv1.1");
return("TLSv1.2");
else if (s->version == TLS1_1_VERSION)
return("TLSv1.1");
- if (s->version == TLS1_VERSION)
+
else
if (s->version == TLS1_VERSION)
return("TLSv1");
else if (s->version == SSL3_VERSION)
return("SSLv3");
return("TLSv1");
else if (s->version == SSL3_VERSION)
return("SSLv3");
@@
-2840,6
+2840,14
@@
void ssl_clear_cipher_ctx(SSL *s)
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
+ if (s->server)
+ {
+ CERT_PKEY *certpkey;
+ certpkey = ssl_get_server_send_pkey(s);
+ if (certpkey && certpkey->x509)
+ return certpkey->x509;
+ }
+
if (s->cert != NULL)
return(s->cert->key->x509);
else
if (s->cert != NULL)
return(s->cert->key->x509);
else