diff options
author | Ben Laurie <ben@openssl.org> | 2012-09-17 14:39:38 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2012-09-17 14:39:38 +0000 |
commit | 70d91d60bc68ade5d12cc9de6c9f3f10f319a5c5 (patch) | |
tree | 6f7f99154ad449ad5391d728723a21c7aa3f1cd1 /ssl/ssl_locl.h | |
parent | bc788830173a10023f567f959e434f74eceff694 (diff) | |
download | openssl-new-70d91d60bc68ade5d12cc9de6c9f3f10f319a5c5.tar.gz |
Call OCSP Stapling callback after ciphersuite has been chosen, so the
right response is stapled. Also change SSL_get_certificate() so it
returns the certificate actually sent.
See http://rt.openssl.org/Ticket/Display.html?id=2836.
Diffstat (limited to 'ssl/ssl_locl.h')
-rw-r--r-- | ssl/ssl_locl.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index d87fd51cfa..1fab632ddc 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -830,7 +830,7 @@ int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); int ssl_undefined_function(SSL *s); int ssl_undefined_void_function(void); int ssl_undefined_const_function(const SSL *s); -X509 *ssl_get_server_send_cert(SSL *); +X509 *ssl_get_server_send_cert(const SSL *); EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *c, const EVP_MD **pmd); int ssl_cert_type(X509 *x,EVP_PKEY *pkey); void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher); @@ -1088,7 +1088,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data, unsigned char *d, int n, int *al); int ssl_prepare_clienthello_tlsext(SSL *s); int ssl_prepare_serverhello_tlsext(SSL *s); -int ssl_check_clienthello_tlsext(SSL *s); +int ssl_check_clienthello_tlsext_early(SSL *s); +int ssl_check_clienthello_tlsext_late(SSL *s); int ssl_check_serverhello_tlsext(SSL *s); #ifndef OPENSSL_NO_HEARTBEATS |