summaryrefslogtreecommitdiffstats
path: root/src/ssl/internal.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/internal.h')
-rw-r--r--src/ssl/internal.h18
1 files changed, 8 insertions, 10 deletions
diff --git a/src/ssl/internal.h b/src/ssl/internal.h
index 7d9a5ad..4d70431 100644
--- a/src/ssl/internal.h
+++ b/src/ssl/internal.h
@@ -581,15 +581,13 @@ typedef struct cert_st {
} CERT;
typedef struct sess_cert_st {
- STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+ /* cert_chain is the certificate chain sent by the peer. NOTE: for a client,
+ * this does includes the server's leaf certificate, but, for a server, this
+ * does NOT include the client's leaf. */
+ STACK_OF(X509) *cert_chain;
- /* The 'peer_...' members are used only by clients. */
- int peer_cert_type;
-
- CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
- CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
- /* Obviously we don't have the private keys of these,
- * so maybe we shouldn't even use the CERT_PKEY type here. */
+ /* peer_cert, on a client, is the leaf certificate of the peer. */
+ X509 *peer_cert;
DH *peer_dh_tmp;
EC_KEY *peer_ecdh_tmp;
@@ -799,8 +797,8 @@ CERT *ssl_cert_dup(CERT *cert);
void ssl_cert_clear_certs(CERT *c);
void ssl_cert_free(CERT *c);
SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_set_peer_cert_type(SESS_CERT *c, int type);
+SESS_CERT *ssl_sess_cert_dup(const SESS_CERT *sess_cert);
+void ssl_sess_cert_free(SESS_CERT *sess_cert);
int ssl_get_new_session(SSL *s, int session);
int ssl_get_prev_session(SSL *s, const struct ssl_early_callback_ctx *ctx);
STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const CBS *cbs);