summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_locl.h
diff options
context:
space:
mode:
authorjsing <>2019-03-25 16:24:57 +0000
committerjsing <>2019-03-25 16:24:57 +0000
commitcbd40c552faece60c03861dd621cfc2a96dca55e (patch)
tree13375f607f621c75e951e8c9dfb3c880fd5fb6e6 /src/lib/libssl/ssl_locl.h
parent8ca8dfb7d8fb508ace2f84a8985558f5bd56cf97 (diff)
downloadopenbsd-cbd40c552faece60c03861dd621cfc2a96dca55e.tar.gz
openbsd-cbd40c552faece60c03861dd621cfc2a96dca55e.tar.bz2
openbsd-cbd40c552faece60c03861dd621cfc2a96dca55e.zip
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently remains in the x509 member of CERT_PKEY. Unfortunately we've got to contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf certificate while others include it... ok beck@ tb@
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_locl.h9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 82674121b4..509183a7fa 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.238 2019/02/25 19:40:05 tb Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.239 2019/03/25 16:24:57 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -961,6 +961,7 @@ typedef struct dtls1_state_internal_st {
961typedef struct cert_pkey_st { 961typedef struct cert_pkey_st {
962 X509 *x509; 962 X509 *x509;
963 EVP_PKEY *privatekey; 963 EVP_PKEY *privatekey;
964 STACK_OF(X509) *chain;
964 /* sigalg to use when signing */ 965 /* sigalg to use when signing */
965 const struct ssl_sigalg *sigalg; 966 const struct ssl_sigalg *sigalg;
966} CERT_PKEY; 967} CERT_PKEY;
@@ -1081,9 +1082,15 @@ void ssl_clear_cipher_state(SSL *s);
1081void ssl_clear_cipher_read_state(SSL *s); 1082void ssl_clear_cipher_read_state(SSL *s);
1082void ssl_clear_cipher_write_state(SSL *s); 1083void ssl_clear_cipher_write_state(SSL *s);
1083int ssl_clear_bad_session(SSL *s); 1084int ssl_clear_bad_session(SSL *s);
1085
1084CERT *ssl_cert_new(void); 1086CERT *ssl_cert_new(void);
1085CERT *ssl_cert_dup(CERT *cert); 1087CERT *ssl_cert_dup(CERT *cert);
1086void ssl_cert_free(CERT *c); 1088void ssl_cert_free(CERT *c);
1089int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain);
1090int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain);
1091int ssl_cert_add0_chain_cert(CERT *c, X509 *cert);
1092int ssl_cert_add1_chain_cert(CERT *c, X509 *cert);
1093
1087SESS_CERT *ssl_sess_cert_new(void); 1094SESS_CERT *ssl_sess_cert_new(void);
1088void ssl_sess_cert_free(SESS_CERT *sc); 1095void ssl_sess_cert_free(SESS_CERT *sc);
1089int ssl_get_new_session(SSL *s, int session); 1096int ssl_get_new_session(SSL *s, int session);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 19:59:41 +0000