From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 11 Feb 2013 18:24:03 +0000 (+0000)
Subject: Fix for SSL_get_certificate
X-Git-Tag: OpenSSL_1_0_0l~38
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=243dac0af0f7d8dec181ba0db6b32c8fbc6fbc31;p=openssl

Fix for SSL_get_certificate

Now we set the current certificate to the one used by a server
there is no need to call ssl_get_server_send_cert which will
fail if we haven't sent a certificate yet.
(cherry picked from commit 147dbb2fe3bead7a10e2f280261b661ce7af7adc)
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 25573e43e2..b3c21ea068 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2601,9 +2601,7 @@ void ssl_clear_cipher_ctx(SSL *s)
 /* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
 	{
-	if (s->server)
-		return(ssl_get_server_send_cert(s));
-	else if (s->cert != NULL)
+	if (s->cert != NULL)
 		return(s->cert->key->x509);
 	else
 		return(NULL);