Function to return peer cert as tor_tls_cert

This commit is contained in:
Nick Mathewson 2011-09-22 11:01:14 -04:00
parent a6fc5059cd
commit e48e47fa03
2 changed files with 13 additions and 0 deletions

View File

@ -1856,6 +1856,18 @@ tor_tls_peer_has_cert(tor_tls_t *tls)
return 1;
}
/** Return the peer certificate, or NULL if there isn't one. */
tor_cert_t *
tor_tls_get_peer_cert(tor_tls_t *tls)
{
X509 *cert;
cert = SSL_get_peer_certificate(tls->ssl);
tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE, "getting peer certificate");
if (!cert)
return NULL;
return tor_cert_new(cert);
}
/** Warn that a certificate lifetime extends through a certain range. */
static void
log_cert_lifetime(const X509 *cert, const char *problem)

View File

@ -66,6 +66,7 @@ void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
int tor_tls_is_server(tor_tls_t *tls);
void tor_tls_free(tor_tls_t *tls);
int tor_tls_peer_has_cert(tor_tls_t *tls);
tor_cert_t *tor_tls_get_peer_cert(tor_tls_t *tls);
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity);
int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance);
int tor_tls_read(tor_tls_t *tls, char *cp, size_t len);