diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 02:51:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 23:12:06 +0000 |
commit | e2f06800bce44a87596534b9f23710becf51771a (patch) | |
tree | e3f390ae5845d6b655620c5aa7d8af54c0cceb57 /demos | |
parent | 1180833643d7310573366b7e3d36e70c7defba9c (diff) |
New ctrl to set current certificate.
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
(cherry picked from commit 0f78819c8ccb7c526edbe90d5b619281366ce75c)
Diffstat (limited to 'demos')
-rw-r--r-- | demos/bio/server-arg.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c index be35e6210b..0d432a4762 100644 --- a/demos/bio/server-arg.c +++ b/demos/bio/server-arg.c @@ -82,7 +82,24 @@ int main(int argc, char *argv[]) ERR_print_errors_fp(stderr); goto err; } - +#if 0 + /* Demo of how to iterate over all certificates in an SSL_CTX + * structure. + */ + { + X509 *x; + int rv; + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST); + while (rv) + { + X509 *x = SSL_CTX_get0_certificate(ctx); + X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0, XN_FLAG_ONELINE); + printf("\n"); + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT); + } + fflush(stdout); + } +#endif /* Setup server side SSL bio */ ssl_bio=BIO_new_ssl(ctx,0); |