diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-01-25 13:31:07 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-01-27 14:41:38 +0000 |
commit | ede90b1121b448395c8742166e19b2b475f14975 (patch) | |
tree | 08ed482f139d595d11ff9a91305357b3e8f18c71 /ssl/s3_clnt.c | |
parent | 5e7329d15663f81602fb0dfd61c64bfedecb79f1 (diff) |
Support retries in certificate callback
(cherry picked from commit 0ebc965b9ca4352e407bb7cfa65ac235942117f6)
Conflicts:
ssl/s3_srvr.c
ssl/ssl3.h
Diffstat (limited to 'ssl/s3_clnt.c')
-rw-r--r-- | ssl/s3_clnt.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 6aeab442e1..9e3c847de9 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3301,11 +3301,20 @@ int ssl3_send_client_certificate(SSL *s) if (s->state == SSL3_ST_CW_CERT_A) { /* Let cert callback update client certificates if required */ - if (s->cert->cert_cb - && s->cert->cert_cb(s, s->cert->cert_cb_arg) <= 0) + if (s->cert->cert_cb) { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR); - return 0; + i = s->cert->cert_cb(s, s->cert->cert_cb_arg); + if (i < 0) + { + s->rwstate=SSL_X509_LOOKUP; + return -1; + } + if (i == 0) + { + ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INTERNAL_ERROR); + return 0; + } + s->rwstate=SSL_NOTHING; } if (ssl3_check_client_certificate(s)) s->state=SSL3_ST_CW_CERT_C; |