New ctrl to set current certificate. New ctrl sets current certificate based on certain criteria. Currently two options: set the first valid certificate as current and set the next valid certificate as current. Using these an application can iterate over all certificates in an SSL_CTX or SSL structure.

commit: 0f78819c8ccb7c526edbe90d5b619281366ce75c [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Sun Feb 02 02:51:30 2014 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Sun Feb 02 22:58:19 2014 +0000
tree: 625a7524f36793e937c2390c7bad50211ea0791a
parent: 9f9ab1dc667186c533454c87f70295fcb67b4e8a [diff] [blame]
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 5c8aa13..ed50be1 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c

@@ -3431,6 +3431,9 @@
 	case SSL_CTRL_SELECT_CURRENT_CERT:
 		return ssl_cert_select_current(s->cert, (X509 *)parg);
 
+	case SSL_CTRL_SET_CURRENT_CERT:
+		return ssl_cert_set_current(s->cert, larg);
+
 #ifndef OPENSSL_NO_EC
 	case SSL_CTRL_GET_CURVES:
 		{
@@ -3937,6 +3940,9 @@
 	case SSL_CTRL_SELECT_CURRENT_CERT:
 		return ssl_cert_select_current(ctx->cert, (X509 *)parg);
 
+	case SSL_CTRL_SET_CURRENT_CERT:
+		return ssl_cert_set_current(ctx->cert, larg);
+
 	default:
 		return(0);
 		}
commit	0f78819c8ccb7c526edbe90d5b619281366ce75c	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Sun Feb 02 02:51:30 2014 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Sun Feb 02 22:58:19 2014 +0000
tree	625a7524f36793e937c2390c7bad50211ea0791a
parent	9f9ab1dc667186c533454c87f70295fcb67b4e8a [diff] [blame]