From ca8e5b9b8ad3c199943ad7850bf66bc03279c0b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Sun, 9 May 1999 20:12:44 +0000 Subject: Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying pointers. The cert_st handling is changed by this in various ways. Submitted by: Reviewed by: PR: --- ssl/ssl_locl.h | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'ssl/ssl_locl.h') diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 4f3d56f0d3..f1bfcf9519 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -255,7 +255,9 @@ typedef struct cert_st int cert_type; /* Current active set */ - CERT_PKEY *key; + CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array + * Probably it would make more sense to store + * an index, not a pointer. */ /* The following masks are for the key and auth * algorithms that are supported by the certs below */ @@ -275,7 +277,7 @@ typedef struct cert_st STACK_OF(X509) *cert_chain; /* XXX should only exist in sess_cert_st */ - int references; /* XXX should only exist in sess_cert_st */ + int references; /* XXX will finally always be 1 */ } CERT; @@ -345,7 +347,12 @@ SSL_METHOD *sslv3_base_method(void); void ssl_clear_cipher_ctx(SSL *s); int ssl_clear_bad_session(SSL *s); CERT *ssl_cert_new(void); +CERT *ssl_cert_dup(CERT *cert); +#if 1 +int ssl_cert_inst(CERT **o); +#else int ssl_cert_instantiate(CERT **o, CERT *d); +#endif void ssl_cert_free(CERT *c); int ssl_set_cert_type(CERT *c, int type); int ssl_get_new_session(SSL *s, int session); @@ -367,7 +374,7 @@ int ssl_undefined_function(SSL *s); X509 *ssl_get_server_send_cert(SSL *); EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); int ssl_cert_type(X509 *x,EVP_PKEY *pkey); -void ssl_set_cert_masks(CERT *c,CERT *default_cert,SSL_CIPHER *cipher); +void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher); STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); int ssl_verify_alarm_type(long type); -- cgit v1.2.3