Revise ssl code to use a CERT_PKEY structure when outputting a

certificate chain instead of an X509 structure. This makes it easier to enhance code in future and the chain output functions have access to the CERT_PKEY structure being used.
author: Dr. Stephen Henson <steve@openssl.org> 2012-01-26 16:00:34 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-01-26 16:00:34 +0000
commit: c526ed410cdff6af4729e6abba658759ed19f753 (patch)
tree: f9c6dbff3549bd47fd57f97883bd966550d665fe /ssl/d1_srvr.c
parent: 4379d0e457ebd404f248d2e2c265ff11d25bfab4 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 6af53b2ff4..89f47ce97f 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1570,12 +1570,12 @@ err:
 int dtls1_send_server_certificate(SSL *s)
 	{
 	unsigned long l;
-	X509 *x;
+	CERT_PKEY *cpk;
 
 	if (s->state == SSL3_ST_SW_CERT_A)
 		{
-		x=ssl_get_server_send_cert(s);
-		if (x == NULL)
+		cpk=ssl_get_server_send_pkey(s);
+		if (cpk == NULL)
 			{
 			/* VRS: allow null cert if auth == KRB5 */
 			if ((s->s3->tmp.new_cipher->algorithm_mkey != SSL_kKRB5) ||
@@ -1586,7 +1586,7 @@ int dtls1_send_server_certificate(SSL *s)
 				}
 			}
 
-		l=dtls1_output_cert_chain(s,x);
+		l=dtls1_output_cert_chain(s,cpk);
 		s->state=SSL3_ST_SW_CERT_B;
 		s->init_num=(int)l;
 		s->init_off=0;
author	Dr. Stephen Henson <steve@openssl.org>	2012-01-26 16:00:34 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-01-26 16:00:34 +0000
commit	c526ed410cdff6af4729e6abba658759ed19f753 (patch)
tree	f9c6dbff3549bd47fd57f97883bd966550d665fe /ssl/d1_srvr.c
parent	4379d0e457ebd404f248d2e2c265ff11d25bfab4 (diff)