Change ssl_own_cert to work on ssl_config
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 069c60e..2df68fd 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1567,13 +1567,13 @@
* using ECDSA). However, on client, currently only the first
* certificate is used (subsequent calls have no effect).
*
- * \param ssl SSL context
+ * \param conf SSL configuration
* \param own_cert own public certificate chain
* \param pk_key own private key
*
* \return 0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED
*/
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6f6e74e..4406c1a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5336,11 +5336,11 @@
return( 0 );
}
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key )
{
- return( ssl_append_key_cert( &ssl->conf->key_cert, own_cert, pk_key ) );
+ return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
}
void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index e19ab80..5d1134c 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -216,7 +216,7 @@
#endif
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 494fa72..0f03a81 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1159,7 +1159,7 @@
if( strcmp( opt.crt_file, "none" ) != 0 &&
strcmp( opt.key_file, "none" ) != 0 )
{
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 6051181..2d03c8b 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -270,7 +270,7 @@
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 36bb927..f4f6b3b 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -617,7 +617,7 @@
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 3c69fbf..7b7138a 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -189,7 +189,7 @@
#endif
mbedtls_ssl_set_ca_chain( &conf, thread_info->ca_chain, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto thread_exit;
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index a8025b3..c1ad8ba 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -215,7 +215,7 @@
#endif
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 8cc3ac1..0b690b0 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1684,13 +1684,13 @@
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
}
if( key_cert_init )
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
if( key_cert_init2 )
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto exit;
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 1e5ef37..fb81287 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -423,7 +423,7 @@
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
goto ssl_exit;