diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-02-21 19:42:03 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-02-21 19:44:09 +0000 |
commit | daddd9a950e491c31f9500d5e570bc7eb96b2823 (patch) | |
tree | d950a3844a63d949770eeeff0699057310b21e88 /doc/ssl | |
parent | 214368ffee5736836e2dbb80a16a4fbd85f0eaf9 (diff) |
Option to set current cert to server certificate.
Diffstat (limited to 'doc/ssl')
-rw-r--r-- | doc/ssl/SSL_CTX_add1_chain_cert.pod | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/ssl/SSL_CTX_add1_chain_cert.pod b/doc/ssl/SSL_CTX_add1_chain_cert.pod index 4e5a46d4bc..e294afe253 100644 --- a/doc/ssl/SSL_CTX_add1_chain_cert.pod +++ b/doc/ssl/SSL_CTX_add1_chain_cert.pod @@ -77,6 +77,14 @@ the first valid certificate or B<SSL_CERT_SET_NEXT> to set the next valid certificate after the current certificate. These two operations can be used to iterate over all certificates in an B<SSL_CTX> structure. +SSL_set_current_cert() also supports the option B<SSL_CERT_SET_SERVER>. +If B<ssl> is a server and has sent a certificate to a connected client +this option sets that certificate to the current certificate and returns 1. +If the negotiated ciphersuite is anonymous (and thus no certificate will +be sent) 2 is returned and the current certificate is unchanged. If B<ssl> +is not a server or a certificate has not been sent 0 is returned and +the current certificate is unchanged. + All these functions are implemented as macros. Those containing a B<1> increment the reference count of the supplied certificate or chain so it must be freed at some point after the operation. Those containing a B<0> do |