On 09/09/2019 16:21, Viktor Dukhovni wrote: > One of the "CHANGES" entries for 1.0.1d reads: > > *) Call OCSP Stapling callback after ciphersuite has been chosen, so > the right response is stapled. Also change SSL_get_certificate() > so it returns the certificate actually sent. > See http://rt.openssl.org/Ticket/Display.html?id=2836. > [Rob Stradling <rob.stradling@xxxxxxxxxx>] > > Consequently 1.0.1d and later had the expected behaviour. However, > in commits this was updated: > > dc144417571735c82853421a8845ef603d828a0b (1.0.2-beta1) > e5db9c3b67deb80e274f66e3832a9cfba931670c (also master, at the time 1.1.0-dev) > > Minor enhancement to PR#2836 fix. Instead of modifying SSL_get_certificate > change the current certificate (in s->cert->key) to the one used and then > SSL_get_certificate and SSL_get_privatekey will automatically work. > > The code for "change the current certificate" was: > But it only runs if there's a "tlsext_status_cb" callback, which may > not cover all the expected use-cases. I think this merits a new > issue on Github. Thanks. Fortunately it covers mine; I "just" need to work out how to match up an OCSP resp to the cert. Could we also get SSL_get_certificate documented? It doesn't seem to be currently, despite https://www.openssl.org/docs/manmaster/man3/SSL_get_tlsext_status_ocsp_resp.html saying the server should use it. Another reason for wanting this will be for TLS1.3 with whole-chain stapling. I wonder whether the library could provide more built-in support for stapling - attaching the status (chain)(s) to the server certificate chain(s) before SSL_accept() rather than doing (multiple) callbacks on seeing the client status-request. -- Cheers, Jeremy
