Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Function to return peer cert as tor_tls_cert

Nick Mathewson 12 years ago
parent
a6fc5059cd
commit
e48e47fa03
2 changed files with 13 additions and 0 deletions
Split View Show Diff Stats
  1. 12 0
      src/common/tortls.c
  2. 1 0
      src/common/tortls.h

+ 12 - 0
src/common/tortls.c
View File 

@@ -1856,6 +1856,18 @@ tor_tls_peer_has_cert(tor_tls_t *tls)
 
   return 1;
 
 }
 
 
+/** Return the peer certificate, or NULL if there isn't one. */
 
+tor_cert_t *
 
+tor_tls_get_peer_cert(tor_tls_t *tls)
 
+{
 
+  X509 *cert;
 
+  cert = SSL_get_peer_certificate(tls->ssl);
 
+  tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE, "getting peer certificate");
 
+  if (!cert)
 
+    return NULL;
 
+  return tor_cert_new(cert);
 
+}
 
+
 
 /** Warn that a certificate lifetime extends through a certain range. */
 
 static void
 
 log_cert_lifetime(const X509 *cert, const char *problem)

+ 1 - 0
src/common/tortls.h
View File 

@@ -66,6 +66,7 @@ void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
 
 int tor_tls_is_server(tor_tls_t *tls);
 
 void tor_tls_free(tor_tls_t *tls);
 
 int tor_tls_peer_has_cert(tor_tls_t *tls);
 
+tor_cert_t *tor_tls_get_peer_cert(tor_tls_t *tls);
 
 int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity);
 
 int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance);
 
 int tor_tls_read(tor_tls_t *tls, char *cp, size_t len);