diff --git a/components/openssl/include/internal/ssl_types.h b/components/openssl/include/internal/ssl_types.h index 6f2fb5a2f..7a0bd0d76 100644 --- a/components/openssl/include/internal/ssl_types.h +++ b/components/openssl/include/internal/ssl_types.h @@ -144,6 +144,8 @@ struct ssl_session_st { long timeout; long time; + + X509 *peer; }; struct X509_VERIFY_PARAM_st { diff --git a/components/openssl/library/ssl_pkey.c b/components/openssl/library/ssl_pkey.c index 15c4977b0..7278287a6 100644 --- a/components/openssl/library/ssl_pkey.c +++ b/components/openssl/library/ssl_pkey.c @@ -177,7 +177,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, if (!ret) SSL_RET(failed2, "SSL_CTX_use_PrivateKey\n"); - ctx->cert->pkey->ref++; + ctx->cert->pkey->ref = 1; return 1; @@ -216,7 +216,7 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, if (!ret) SSL_RET(failed2, "SSL_CTX_use_PrivateKey\n"); - ssl->cert->pkey->ref++; + ssl->cert->pkey->ref = 1; return 1; diff --git a/components/openssl/library/ssl_x509.c b/components/openssl/library/ssl_x509.c index 6e249eef5..19c94c3ec 100644 --- a/components/openssl/library/ssl_x509.c +++ b/components/openssl/library/ssl_x509.c @@ -218,7 +218,6 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, { int ret; X509 *cert; - const unsigned char *pbuf; cert = d2i_X509(&ctx->cert->x509, d, len); if (!cert) @@ -228,7 +227,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, if (!ret) SSL_RET(failed2, "SSL_CTX_use_certificate\n"); - ctx->cert->x509->ref++; + ctx->cert->x509->ref = 1; return 1; @@ -266,7 +265,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, int len, if (!ret) SSL_RET(failed2, "SSL_use_certificate\n"); - ssl->cert->x509->ref++; + ssl->cert->x509->ref = 1; return 1; @@ -307,3 +306,17 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) { return 0; } + +/* + * SSL_get_peer_certificate - get peer certification + * + * @param ssl - SSL point + * + * @return certification + */ +X509 *SSL_get_peer_certificate(const SSL *ssl) +{ + SSL_ASSERT(ssl); + + return ssl->session.peer; +} diff --git a/components/openssl/platform/ssl_pm.c b/components/openssl/platform/ssl_pm.c index d4ed2ecec..1ddd1f30d 100644 --- a/components/openssl/platform/ssl_pm.c +++ b/components/openssl/platform/ssl_pm.c @@ -74,7 +74,6 @@ int ssl_pm_new(SSL *ssl) int mode; int version; - SSL_CTX *ctx = ssl->ctx; const SSL_METHOD *method = ssl->method; struct x509_pm *x509_pm; @@ -185,9 +184,9 @@ int ssl_pm_handshake(SSL *ssl) } ssl_speed_up_exit(); - if (!mbed_ret) + if (!mbed_ret) { ret = 1; - else { + } else { ret = 0; SSL_DEBUG(1, "mbedtls_ssl_handshake [-0x%x]\n", -mbed_ret); }