Set next version.

[oweals/openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 23de3151bf632ce783a6b567d36da620204510e9..8b6b601cabd88da639489dad0443abc02f3f92da 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1943,7 +1943,7 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
        }
 
 /* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
        {
        unsigned long alg,kalg;
        CERT *c;
@@ -1993,12 +1993,20 @@ X509 *ssl_get_server_send_cert(SSL *s)
                }
        else /* if (kalg & SSL_aNULL) */
                {
-               SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
+               SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
                return(NULL);
                }
-       if (c->pkeys[i].x509 == NULL) return(NULL);
 
-       return(c->pkeys[i].x509);
+       return c->pkeys + i;
+       }
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+       {
+       CERT_PKEY *cpk;
+       cpk = ssl_get_server_send_pkey(s);
+       if (!cpk)
+               return NULL;
+       return cpk->x509;
        }
 
 EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
@@ -2420,7 +2428,9 @@ void ssl_clear_cipher_ctx(SSL *s)
 /* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
        {
-       if (s->cert != NULL)
+       if (s->server)
+               return(ssl_get_server_send_cert(s));
+       else if (s->cert != NULL)
                return(s->cert->key->x509);
        else
                return(NULL);