34 lines
883 B
Diff
34 lines
883 B
Diff
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
|
|
index 6a33b9d..76a5f9e 100644
|
|
--- a/ssl/ssl_lib.c
|
|
+++ b/ssl/ssl_lib.c
|
|
@@ -3177,15 +3177,26 @@ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
|
|
|
|
SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
|
|
{
|
|
+ CERT *ocert = ssl->cert;
|
|
if (ssl->ctx == ctx)
|
|
return ssl->ctx;
|
|
#ifndef OPENSSL_NO_TLSEXT
|
|
if (ctx == NULL)
|
|
ctx = ssl->initial_ctx;
|
|
#endif
|
|
- if (ssl->cert != NULL)
|
|
- ssl_cert_free(ssl->cert);
|
|
ssl->cert = ssl_cert_dup(ctx->cert);
|
|
+ if (ocert)
|
|
+ {
|
|
+ int i;
|
|
+ /* Copy negotiated digests from original */
|
|
+ for (i = 0; i < SSL_PKEY_NUM; i++)
|
|
+ {
|
|
+ CERT_PKEY *cpk = ocert->pkeys + i;
|
|
+ CERT_PKEY *rpk = ssl->cert->pkeys + i;
|
|
+ rpk->digest = cpk->digest;
|
|
+ }
|
|
+ ssl_cert_free(ocert);
|
|
+ }
|
|
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
|
|
if (ssl->ctx != NULL)
|
|
SSL_CTX_free(ssl->ctx); /* decrement reference count */
|