diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2017-06-28 17:45:10 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-07-13 12:38:42 +0100 |
commit | c04cd72827a8a1eccaf75062403c301dd16892be (patch) | |
tree | e5a5783efc30f259102acd6203095a74413f4de7 /ssl/ssl_ciph.c | |
parent | 084f9a7046c9a4d352278e3639290316c8c30f38 (diff) |
Add certificate properties table.
Add certificate table giving properties of each certificate index:
specifically the NID associated with the index and the the auth mask
value for any cipher the certificate can be used with.
This will be used to generalise certificate handling instead of hard coding
algorithm specific cases.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3858)
Diffstat (limited to 'ssl/ssl_ciph.c')
-rw-r--r-- | ssl/ssl_ciph.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 64bb264b52..3fd16207c5 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1996,3 +1996,12 @@ int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead, return 1; } + +int ssl_cert_is_disabled(size_t idx) +{ + const SSL_CERT_LOOKUP *cl = ssl_cert_lookup_by_idx(idx); + + if (cl == NULL || (cl->amask & disabled_auth_mask) != 0) + return 1; + return 0; +} |