If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit
6856b288a6e66edd23907b7fa264f42e05ac9fc7)
int ssl_cert_select_current(CERT *c, X509 *x)
{
int i;
+ if (x == NULL)
+ return 0;
for (i = 0; i < SSL_PKEY_NUM; i++)
{
if (c->pkeys[i].x509 == x)
return 1;
}
}
+
+ for (i = 0; i < SSL_PKEY_NUM; i++)
+ {
+ if (c->pkeys[i].x509 && !X509_cmp(c->pkeys[i].x509, x))
+ {
+ c->key = &c->pkeys[i];
+ return 1;
+ }
+ }
return 0;
}