diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 02:51:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 23:12:06 +0000 |
commit | e2f06800bce44a87596534b9f23710becf51771a (patch) | |
tree | e3f390ae5845d6b655620c5aa7d8af54c0cceb57 /ssl/ssl_cert.c | |
parent | 1180833643d7310573366b7e3d36e70c7defba9c (diff) |
New ctrl to set current certificate.
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
(cherry picked from commit 0f78819c8ccb7c526edbe90d5b619281366ce75c)
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index e6234eba88..b771105785 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -646,6 +646,32 @@ int ssl_cert_select_current(CERT *c, X509 *x) return 0; } +int ssl_cert_set_current(CERT *c, long op) + { + int i, idx; + if (!c) + return 0; + if (op == SSL_CERT_SET_FIRST) + idx = 0; + else if (op == SSL_CERT_SET_NEXT) + { + idx = (int)(c->key - c->pkeys + 1); + if (idx >= SSL_PKEY_NUM) + return 0; + } + else + return 0; + for (i = idx; i < SSL_PKEY_NUM; i++) + { + if (c->pkeys[i].x509) + { + c->key = &c->pkeys[i]; + return 1; + } + } + return 0; + } + void ssl_cert_set_cert_cb(CERT *c, int (*cb)(SSL *ssl, void *arg), void *arg) { c->cert_cb = cb; |