OLD | NEW |
---|---|
1 /*! \file ssl/ssl_cert.c */ | 1 /*! \file ssl/ssl_cert.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 642 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
653 int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) | 653 int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) |
654 { | 654 { |
655 return(add_client_CA(&(ctx->client_CA),x)); | 655 return(add_client_CA(&(ctx->client_CA),x)); |
656 } | 656 } |
657 | 657 |
658 static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) | 658 static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) |
659 { | 659 { |
660 return(X509_NAME_cmp(*a,*b)); | 660 return(X509_NAME_cmp(*a,*b)); |
661 } | 661 } |
662 | 662 |
663 void SSL_get_client_certificate_types(SSL *s, char **ctype, size_t *ctype_num) | |
664 { | |
665 /* Nothing to return for the server or SSL2. */ | |
666 if (s->type != SSL_ST_CONNECT || | |
agl
2014/04/25 01:03:35
Maybe:
if (s->server ||
davidben
2014/04/25 17:03:34
Done.
| |
667 ((s->version >> 8) != SSL3_VERSION_MAJOR) || | |
agl
2014/04/25 01:03:35
s->version > SSL3_VERSION && s->version != DTLS1_B
davidben
2014/04/25 17:03:34
Do you mean < SSL3_VERSION? Did that version. (Oww
| |
668 (s->s3 == NULL)) | |
669 { | |
670 *ctype = NULL; | |
671 *ctype_num = 0; | |
672 return; | |
673 } | |
674 | |
675 *ctype = s->s3->tmp.ctype; | |
676 *ctype_num = s->s3->tmp.ctype_num; | |
677 } | |
678 | |
663 #ifndef OPENSSL_NO_STDIO | 679 #ifndef OPENSSL_NO_STDIO |
664 /*! | 680 /*! |
665 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; | 681 * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; |
666 * it doesn't really have anything to do with clients (except that a common use | 682 * it doesn't really have anything to do with clients (except that a common use |
667 * for a stack of CAs is to send it to the client). Actually, it doesn't have | 683 * for a stack of CAs is to send it to the client). Actually, it doesn't have |
668 * much to do with CAs, either, since it will load any old cert. | 684 * much to do with CAs, either, since it will load any old cert. |
669 * \param file the file containing one or more certs. | 685 * \param file the file containing one or more certs. |
670 * \return a ::STACK containing the certs. | 686 * \return a ::STACK containing the certs. |
671 */ | 687 */ |
672 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) | 688 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) |
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
844 } | 860 } |
845 | 861 |
846 ret = 1; | 862 ret = 1; |
847 | 863 |
848 err: | 864 err: |
849 if (d) OPENSSL_DIR_end(&d); | 865 if (d) OPENSSL_DIR_end(&d); |
850 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); | 866 CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); |
851 return ret; | 867 return ret; |
852 } | 868 } |
853 | 869 |
OLD | NEW |