Return per-certificate chain if extra chain is NULL.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 5 Feb 2014 16:56:58 +0000 (16:56 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 5 Feb 2014 17:05:01 +0000 (17:05 +0000)
commita51f767645c117667d337f77fe1dd9c0a66d8410
tree45c6d7c262aa7617a5751389844a73b2b9cc06e9
parent5a42c8f07f2062b6a964bb8d38b0cfe3a8fb0775
Return per-certificate chain if extra chain is NULL.

If an application calls the macro SSL_CTX_get_extra_chain_certs
return either the old "shared" extra certificates or those associated
with the current certificate.

This means applications which call SSL_CTX_use_certificate_chain_file
and retrieve the additional chain using SSL_CTX_get_extra_chain_certs
will still work. An application which only wants to check the shared
extra certificates can call the new macro
SSL_CTX_get_extra_chain_certs_only
ssl/s3_lib.c
ssl/ssl.h