diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 03:51:30 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-02-02 23:58:19 +0100 |
| commit | 0f78819c8ccb7c526edbe90d5b619281366ce75c (patch) | |
| tree | 625a7524f36793e937c2390c7bad50211ea0791a /demos/bio | |
| parent | Demo of use of errors in applications. (diff) | |
| download | openssl-0f78819c8ccb7c526edbe90d5b619281366ce75c.tar.xz openssl-0f78819c8ccb7c526edbe90d5b619281366ce75c.zip | |
New ctrl to set current certificate.
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
Diffstat (limited to 'demos/bio')
| -rw-r--r-- | demos/bio/server-arg.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/demos/bio/server-arg.c b/demos/bio/server-arg.c index be35e6210b..0d432a4762 100644 --- a/demos/bio/server-arg.c +++ b/demos/bio/server-arg.c @@ -82,7 +82,24 @@ int main(int argc, char *argv[]) ERR_print_errors_fp(stderr); goto err; } - +#if 0 + /* Demo of how to iterate over all certificates in an SSL_CTX + * structure. + */ + { + X509 *x; + int rv; + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST); + while (rv) + { + X509 *x = SSL_CTX_get0_certificate(ctx); + X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0, XN_FLAG_ONELINE); + printf("\n"); + rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT); + } + fflush(stdout); + } +#endif /* Setup server side SSL bio */ ssl_bio=BIO_new_ssl(ctx,0); |