openssl-1.0.1d upgrade
Change-Id: Ie980c8834cf2c843858182d98d1f60c65a2a9b70
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 4db0fef..c94ff26 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2321,7 +2321,7 @@
#endif
/* THIS NEEDS CLEANING UP */
-X509 *ssl_get_server_send_cert(SSL *s)
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
{
unsigned long alg_k,alg_a;
CERT *c;
@@ -2376,12 +2376,20 @@
i=SSL_PKEY_GOST01;
else /* if (alg_a & SSL_aNULL) */
{
- SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,ERR_R_INTERNAL_ERROR);
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY,ERR_R_INTERNAL_ERROR);
return(NULL);
}
- if (c->pkeys[i].x509 == NULL) return(NULL);
- return(c->pkeys[i].x509);
+ return c->pkeys + i;
+ }
+
+X509 *ssl_get_server_send_cert(const SSL *s)
+ {
+ CERT_PKEY *cpk;
+ cpk = ssl_get_server_send_pkey(s);
+ if (!cpk)
+ return NULL;
+ return cpk->x509;
}
EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher, const EVP_MD **pmd)
@@ -2642,7 +2650,7 @@
return("TLSv1.2");
else if (version == TLS1_1_VERSION)
return("TLSv1.1");
- if (version == TLS1_VERSION)
+ else if (version == TLS1_VERSION)
return("TLSv1");
else if (version == SSL3_VERSION)
return("SSLv3");
@@ -2837,7 +2845,9 @@
/* Fix this function so that it takes an optional type parameter */
X509 *SSL_get_certificate(const SSL *s)
{
- if (s->cert != NULL)
+ if (s->server)
+ return(ssl_get_server_send_cert(s));
+ else if (s->cert != NULL)
return(s->cert->key->x509);
else
return(NULL);