diff options
| author | jsing <> | 2019-03-25 16:24:57 +0000 |
|---|---|---|
| committer | jsing <> | 2019-03-25 16:24:57 +0000 |
| commit | 491a1b9b73d1852fd706b6845c3635f5bd3d3834 (patch) | |
| tree | 13375f607f621c75e951e8c9dfb3c880fd5fb6e6 /src/lib/libssl/ssl_locl.h | |
| parent | ed1f555802549862bf6249547c85f53ce8b3cd41 (diff) | |
| download | openbsd-491a1b9b73d1852fd706b6845c3635f5bd3d3834.tar.gz openbsd-491a1b9b73d1852fd706b6845c3635f5bd3d3834.tar.bz2 openbsd-491a1b9b73d1852fd706b6845c3635f5bd3d3834.zip | |
Add a chain member to CERT_PKEY and provide functions for manipulating it.
Note that this is not the full chain, as the leaf certificate currently
remains in the x509 member of CERT_PKEY. Unfortunately we've got to
contend with the fact that some OpenSSL *_chain_* APIs exclude the leaf
certificate while others include it...
ok beck@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_locl.h')
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 82674121b4..509183a7fa 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.238 2019/02/25 19:40:05 tb Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.239 2019/03/25 16:24:57 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -961,6 +961,7 @@ typedef struct dtls1_state_internal_st { | |||
| 961 | typedef struct cert_pkey_st { | 961 | typedef struct cert_pkey_st { |
| 962 | X509 *x509; | 962 | X509 *x509; |
| 963 | EVP_PKEY *privatekey; | 963 | EVP_PKEY *privatekey; |
| 964 | STACK_OF(X509) *chain; | ||
| 964 | /* sigalg to use when signing */ | 965 | /* sigalg to use when signing */ |
| 965 | const struct ssl_sigalg *sigalg; | 966 | const struct ssl_sigalg *sigalg; |
| 966 | } CERT_PKEY; | 967 | } CERT_PKEY; |
| @@ -1081,9 +1082,15 @@ void ssl_clear_cipher_state(SSL *s); | |||
| 1081 | void ssl_clear_cipher_read_state(SSL *s); | 1082 | void ssl_clear_cipher_read_state(SSL *s); |
| 1082 | void ssl_clear_cipher_write_state(SSL *s); | 1083 | void ssl_clear_cipher_write_state(SSL *s); |
| 1083 | int ssl_clear_bad_session(SSL *s); | 1084 | int ssl_clear_bad_session(SSL *s); |
| 1085 | |||
| 1084 | CERT *ssl_cert_new(void); | 1086 | CERT *ssl_cert_new(void); |
| 1085 | CERT *ssl_cert_dup(CERT *cert); | 1087 | CERT *ssl_cert_dup(CERT *cert); |
| 1086 | void ssl_cert_free(CERT *c); | 1088 | void ssl_cert_free(CERT *c); |
| 1089 | int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain); | ||
| 1090 | int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain); | ||
| 1091 | int ssl_cert_add0_chain_cert(CERT *c, X509 *cert); | ||
| 1092 | int ssl_cert_add1_chain_cert(CERT *c, X509 *cert); | ||
| 1093 | |||
| 1087 | SESS_CERT *ssl_sess_cert_new(void); | 1094 | SESS_CERT *ssl_sess_cert_new(void); |
| 1088 | void ssl_sess_cert_free(SESS_CERT *sc); | 1095 | void ssl_sess_cert_free(SESS_CERT *sc); |
| 1089 | int ssl_get_new_session(SSL *s, int session); | 1096 | int ssl_get_new_session(SSL *s, int session); |