You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 lines
883 B
33 lines
883 B
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c |
|
index 6a33b9d..76a5f9e 100644 |
|
--- a/ssl/ssl_lib.c |
|
+++ b/ssl/ssl_lib.c |
|
@@ -3177,15 +3177,26 @@ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) |
|
|
|
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx) |
|
{ |
|
+ CERT *ocert = ssl->cert; |
|
if (ssl->ctx == ctx) |
|
return ssl->ctx; |
|
#ifndef OPENSSL_NO_TLSEXT |
|
if (ctx == NULL) |
|
ctx = ssl->initial_ctx; |
|
#endif |
|
- if (ssl->cert != NULL) |
|
- ssl_cert_free(ssl->cert); |
|
ssl->cert = ssl_cert_dup(ctx->cert); |
|
+ if (ocert) |
|
+ { |
|
+ int i; |
|
+ /* Copy negotiated digests from original */ |
|
+ for (i = 0; i < SSL_PKEY_NUM; i++) |
|
+ { |
|
+ CERT_PKEY *cpk = ocert->pkeys + i; |
|
+ CERT_PKEY *rpk = ssl->cert->pkeys + i; |
|
+ rpk->digest = cpk->digest; |
|
+ } |
|
+ ssl_cert_free(ocert); |
|
+ } |
|
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); |
|
if (ssl->ctx != NULL) |
|
SSL_CTX_free(ssl->ctx); /* decrement reference count */
|
|
|