diff options
| author | beck <> | 2017-04-05 03:19:22 +0000 |
|---|---|---|
| committer | beck <> | 2017-04-05 03:19:22 +0000 |
| commit | 2ffca9ef617ca25d3718111a126dbb0d580dd018 (patch) | |
| tree | 3c6a03473ecfe3397dd6444eb474c3ac576ab36d /src/lib/libtls/tls_internal.h | |
| parent | 9b1685fcc9e7e4061dec174430e3e4a4d525dbe4 (diff) | |
| download | openbsd-2ffca9ef617ca25d3718111a126dbb0d580dd018.tar.gz openbsd-2ffca9ef617ca25d3718111a126dbb0d580dd018.tar.bz2 openbsd-2ffca9ef617ca25d3718111a126dbb0d580dd018.zip | |
Add tls_peer_cert_chain_pem - To retreive the peer certificate and chain
as PEM format. This allows for it to be used or examined with tools
external to libtls
bump minor
ok jsing@
Diffstat (limited to 'src/lib/libtls/tls_internal.h')
| -rw-r--r-- | src/lib/libtls/tls_internal.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h index b1d53c8fa3..5bbcadf804 100644 --- a/src/lib/libtls/tls_internal.h +++ b/src/lib/libtls/tls_internal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_internal.h,v 1.54 2017/04/05 03:13:53 beck Exp $ */ | 1 | /* $OpenBSD: tls_internal.h,v 1.55 2017/04/05 03:19:22 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> | 3 | * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org> |
| 4 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| @@ -110,6 +110,9 @@ struct tls_conninfo { | |||
| 110 | char *issuer; | 110 | char *issuer; |
| 111 | char *subject; | 111 | char *subject; |
| 112 | 112 | ||
| 113 | u_int8_t *peer_cert; | ||
| 114 | size_t peer_cert_len; | ||
| 115 | |||
| 113 | time_t notbefore; | 116 | time_t notbefore; |
| 114 | time_t notafter; | 117 | time_t notafter; |
| 115 | }; | 118 | }; |
| @@ -166,6 +169,7 @@ struct tls { | |||
| 166 | struct tls_sni_ctx *sni_ctx; | 169 | struct tls_sni_ctx *sni_ctx; |
| 167 | 170 | ||
| 168 | X509 *ssl_peer_cert; | 171 | X509 *ssl_peer_cert; |
| 172 | STACK_OF(X509) *ssl_peer_chain; | ||
| 169 | 173 | ||
| 170 | struct tls_conninfo *conninfo; | 174 | struct tls_conninfo *conninfo; |
| 171 | 175 | ||
| @@ -237,6 +241,7 @@ struct tls_ocsp *tls_ocsp_setup_from_peer(struct tls *ctx); | |||
| 237 | int tls_hex_string(const unsigned char *_in, size_t _inlen, char **_out, | 241 | int tls_hex_string(const unsigned char *_in, size_t _inlen, char **_out, |
| 238 | size_t *_outlen); | 242 | size_t *_outlen); |
| 239 | int tls_cert_hash(X509 *_cert, char **_hash); | 243 | int tls_cert_hash(X509 *_cert, char **_hash); |
| 244 | void tls_config_skip_private_key_check(struct tls_config *config); | ||
| 240 | 245 | ||
| 241 | __END_HIDDEN_DECLS | 246 | __END_HIDDEN_DECLS |
| 242 | 247 | ||