diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-09-22 11:01:14 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-10-10 23:14:16 -0400 |
| commit | e48e47fa03fa09d89527c1bbfaee4c9d7d3eee6e (patch) | |
| tree | 624bcdfae51f53df37d419cabb1157c37c529e8e | |
| parent | a6fc5059cdb3263c0053ac76c39bef43a61269cc (diff) | |
| download | tor-e48e47fa03fa09d89527c1bbfaee4c9d7d3eee6e.tar.gz tor-e48e47fa03fa09d89527c1bbfaee4c9d7d3eee6e.zip | |
Function to return peer cert as tor_tls_cert
| -rw-r--r-- | src/common/tortls.c | 12 | ||||
| -rw-r--r-- | src/common/tortls.h | 1 |
2 files changed, 13 insertions, 0 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index e275307114..aa90f1828d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1856,6 +1856,18 @@ tor_tls_peer_has_cert(tor_tls_t *tls) return 1; } +/** Return the peer certificate, or NULL if there isn't one. */ +tor_cert_t * +tor_tls_get_peer_cert(tor_tls_t *tls) +{ + X509 *cert; + cert = SSL_get_peer_certificate(tls->ssl); + tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE, "getting peer certificate"); + if (!cert) + return NULL; + return tor_cert_new(cert); +} + /** Warn that a certificate lifetime extends through a certain range. */ static void log_cert_lifetime(const X509 *cert, const char *problem) diff --git a/src/common/tortls.h b/src/common/tortls.h index b522dd112a..00bf4066d2 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -66,6 +66,7 @@ void tor_tls_set_renegotiate_callback(tor_tls_t *tls, int tor_tls_is_server(tor_tls_t *tls); void tor_tls_free(tor_tls_t *tls); int tor_tls_peer_has_cert(tor_tls_t *tls); +tor_cert_t *tor_tls_get_peer_cert(tor_tls_t *tls); int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity); int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance); int tor_tls_read(tor_tls_t *tls, char *cp, size_t len); |