diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 069c60e38..2df68fdbd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1567,13 +1567,13 @@ void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf, * using ECDSA). However, on client, currently only the first * certificate is used (subsequent calls have no effect). * - * \param ssl SSL context + * \param conf SSL configuration * \param own_cert own public certificate chain * \param pk_key own private key * * \return 0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED */ -int mbedtls_ssl_set_own_cert( mbedtls_ssl_context *ssl, +int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, mbedtls_pk_context *pk_key ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6f6e74e29..4406c1aaf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5336,11 +5336,11 @@ static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, return( 0 ); } -int mbedtls_ssl_set_own_cert( mbedtls_ssl_context *ssl, +int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, mbedtls_pk_context *pk_key ) { - return( ssl_append_key_cert( &ssl->conf->key_cert, own_cert, pk_key ) ); + return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); } void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf, diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index e19ab80a1..5d1134ce0 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -216,7 +216,7 @@ int main( void ) #endif mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 494fa72cd..0f03a81b6 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1159,7 +1159,7 @@ int main( int argc, char *argv[] ) if( strcmp( opt.crt_file, "none" ) != 0 && strcmp( opt.key_file, "none" ) != 0 ) { - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 6051181f5..2d03c8ba5 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -270,7 +270,7 @@ int main( void ) mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 36bb92768..f4f6b3b56 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -617,7 +617,7 @@ int main( int argc, char *argv[] ) mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); goto exit; } - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 3c69fbfbe..7b7138af1 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -189,7 +189,7 @@ static void *handle_ssl_connection( void *data ) #endif mbedtls_ssl_set_ca_chain( &conf, thread_info->ca_chain, NULL ); - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, thread_info->server_cert, thread_info->server_key ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto thread_exit; diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index a8025b37b..c1ad8baed 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -215,7 +215,7 @@ int main( void ) #endif mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 8cc3ac177..0b690b055 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1684,13 +1684,13 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL ); } if( key_cert_init ) - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; } if( key_cert_init2 ) - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto exit; diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 1e5ef377d..fb8128784 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -423,7 +423,7 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_dbg( &conf, my_debug, stdout ); mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); - if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 ) + if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret ); goto ssl_exit;