commit 1af6c8500b75f65c65200ba67184a738282696da
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Sun May 10 23:10:37 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon May 11 14:35:41 2015 +0200
tree 8cb348d0cac1012695f949cf883b173e7e2fe2c6
parent 8f618a8e657700cca3e5721c34fdf37ecd434b8e

Add ssl_set_hs_own_cert()

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 695b233..069c60e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1707,6 +1707,22 @@
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
 /**
+ * \brief          Set own certificate and key for the current handshake
+ *
+ * \note           Same as \c mbedtls_ssl_set_own_cert() but for use within
+ *                 the SNI callback.
+ *
+ * \param ssl      SSL context
+ * \param own_cert own public certificate chain
+ * \param pk_key   own private key
+ *
+ * \return         0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED
+ */
+int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
+                                 mbedtls_x509_crt *own_cert,
+                                 mbedtls_pk_context *pk_key );
+
+/**
  * \brief          Set server side ServerName TLS extension callback
  *                 (optional, server-side only).
  *
@@ -1716,8 +1732,8 @@
  *                 following parameters: (void *parameter, mbedtls_ssl_context *ssl,
  *                 const unsigned char *hostname, size_t len). If a suitable
  *                 certificate is found, the callback should set the
- *                 certificate and key to use with mbedtls_ssl_set_own_cert() (and
- *                 possibly adjust the CA chain as well) and return 0. The
+ *                 certificate and key to use with mbedtls_ssl_set_hs_own_cert() (and
+ *                 possibly adjust the CA chain as well TODO: broken) and return 0. The
  *                 callback should return -1 to abort the handshake at this
  *                 point.
  *