diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-11-13 22:57:11 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-11-13 23:47:49 +0000 |
commit | ff0bdbed85bc8df4a05c34298a03444e215fd05c (patch) | |
tree | 44bc5e370e009baef049d70b94b93efd85bdbbfe /ssl/ssl_cert.c | |
parent | dc4bdf592f2865197312ebf7aee2c1d0a1e30b4f (diff) |
Allow match selecting of current certificate.
If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit 6856b288a6e66edd23907b7fa264f42e05ac9fc7)
Diffstat (limited to 'ssl/ssl_cert.c')
-rw-r--r-- | ssl/ssl_cert.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index a4550ed2d3..e6234eba88 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -624,6 +624,8 @@ int ssl_cert_add1_chain_cert(CERT *c, X509 *x) int ssl_cert_select_current(CERT *c, X509 *x) { int i; + if (x == NULL) + return 0; for (i = 0; i < SSL_PKEY_NUM; i++) { if (c->pkeys[i].x509 == x) @@ -632,6 +634,15 @@ int ssl_cert_select_current(CERT *c, X509 *x) return 1; } } + + for (i = 0; i < SSL_PKEY_NUM; i++) + { + if (c->pkeys[i].x509 && !X509_cmp(c->pkeys[i].x509, x)) + { + c->key = &c->pkeys[i]; + return 1; + } + } return 0; } |