From 8c2bfd25129aea1b1f1b66ec753b21955f8ed523 Mon Sep 17 00:00:00 2001
From: Todd Short <tshort@akamai.com>
Date: Thu, 11 Apr 2019 10:47:13 -0400
Subject: Add SSL_get[01]_peer_certificate()

Deprecate SSL_get_peer_certificte() and replace with
SSL_get1_peer_certificate().
Add SSL_get0_peer_certificate.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8730)
---
 ssl/statem/statem_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ssl/statem/statem_lib.c')

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 36cdc1be58..de8212747f 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -537,7 +537,7 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
      * certificate after the CertVerify instead of when we get the
      * CertificateRequest. This is because in TLSv1.3 the CertificateRequest
      * comes *before* the Certificate message. In TLSv1.2 it comes after. We
-     * want to make sure that SSL_get_peer_certificate() will return the actual
+     * want to make sure that SSL_get1_peer_certificate() will return the actual
      * server certificate from the client_cert_cb callback.
      */
     if (!s->server && SSL_IS_TLS13(s) && s->s3.tmp.cert_req == 1)
-- 
cgit v1.2.3