summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_peer.c
diff options
context:
space:
mode:
authorbeck <>2015-10-07 23:33:38 +0000
committerbeck <>2015-10-07 23:33:38 +0000
commitb49e302bd49f7f927c92df560174bb439c2b2d88 (patch)
tree92254ea2710731c9a0faaf9eedfc6dd971a01640 /src/lib/libtls/tls_peer.c
parent1b2fcd3af52f5a520a8173eb1ed9bfece5963551 (diff)
downloadopenbsd-b49e302bd49f7f927c92df560174bb439c2b2d88.tar.gz
openbsd-b49e302bd49f7f927c92df560174bb439c2b2d88.tar.bz2
openbsd-b49e302bd49f7f927c92df560174bb439c2b2d88.zip
Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer certificate
validity times for tls connections. ok jsing@
Diffstat (limited to 'src/lib/libtls/tls_peer.c')
-rw-r--r--src/lib/libtls/tls_peer.c22
1 files changed, 21 insertions, 1 deletions
diff --git a/src/lib/libtls/tls_peer.c b/src/lib/libtls/tls_peer.c
index 3145e500c4..8a74613ef8 100644
--- a/src/lib/libtls/tls_peer.c
+++ b/src/lib/libtls/tls_peer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls_peer.c,v 1.4 2015/09/12 21:00:38 beck Exp $ */ 1/* $OpenBSD: tls_peer.c,v 1.5 2015/10/07 23:33:38 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2015 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
@@ -61,3 +61,23 @@ tls_peer_cert_contains_name(struct tls *ctx, const char *name)
61 return (tls_check_name(ctx, ctx->ssl_peer_cert, name) == 0); 61 return (tls_check_name(ctx, ctx->ssl_peer_cert, name) == 0);
62} 62}
63 63
64time_t
65tls_peer_cert_notbefore(struct tls *ctx)
66{
67 if (ctx->ssl_peer_cert == NULL)
68 return (-1);
69 if (ctx->conninfo == NULL)
70 return (-1);
71 return (ctx->conninfo->notbefore);
72}
73
74time_t
75tls_peer_cert_notafter(struct tls *ctx)
76{
77 if (ctx->ssl_peer_cert == NULL)
78 return (-1);
79 if (ctx->conninfo == NULL)
80 return (-1);
81 return (ctx->conninfo->notafter);
82}
83