diff options
Diffstat (limited to 'ssl/statem/statem_lib.c')
-rw-r--r-- | ssl/statem/statem_lib.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index dc2bd20e93..95c22062ba 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -2287,10 +2287,24 @@ int parse_ca_names(SSL *s, PACKET *pkt) return 0; } -int construct_ca_names(SSL *s, WPACKET *pkt) +const STACK_OF(X509_NAME) *get_ca_names(SSL *s) { - const STACK_OF(X509_NAME) *ca_sk = SSL_get0_CA_list(s); + const STACK_OF(X509_NAME) *ca_sk = NULL;; + if (s->server) { + ca_sk = SSL_get_client_CA_list(s); + if (ca_sk != NULL && sk_X509_NAME_num(ca_sk) == 0) + ca_sk = NULL; + } + + if (ca_sk == NULL) + ca_sk = SSL_get0_CA_list(s); + + return ca_sk; +} + +int construct_ca_names(SSL *s, const STACK_OF(X509_NAME) *ca_sk, WPACKET *pkt) +{ /* Start sub-packet for client CA list */ if (!WPACKET_start_sub_packet_u16(pkt)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_CA_NAMES, |