1 files changed, 79 insertions, 0 deletions
diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go
index 6dc51b8922..74c34b4064 100644
--- a/src/regress/lib/libtls/gotls/tls.go
+++ b/src/regress/lib/libtls/gotls/tls.go
@@ -15,6 +15,7 @@ import "C"
 import (
        "errors"
        "fmt"
+        "time"
        "unsafe"
 )
@@ -115,6 +116,84 @@ func (t *TLS) Error() string {
        return ""
 }
+// PeerCertProvided returns whether the peer provided a certificate.
+func (t *TLS) PeerCertProvided() bool {
+        return C.tls_peer_cert_provided(t.ctx) == 1
+}
+// PeerCertContainsName checks whether the peer certificate contains
+// the specified name.
+func (t *TLS) PeerCertContainsName(name string) bool {
+        n := C.CString(name)
+        defer C.free(unsafe.Pointer(n))
+        return C.tls_peer_cert_contains_name(t.ctx, n) == 1
+}
+// PeerCertIssuer returns the issuer of the peer certificate.
+func (t *TLS) PeerCertIssuer() (string, error) {
+        issuer := C.tls_peer_cert_issuer(t.ctx)
+        if issuer == nil {
+                return "", errors.New("no issuer returned")
+        }
+        return C.GoString(issuer), nil
+}
+// PeerCertSubject returns the subject of the peer certificate.
+func (t *TLS) PeerCertSubject() (string, error) {
+        subject := C.tls_peer_cert_subject(t.ctx)
+        if subject == nil {
+                return "", errors.New("no subject returned")
+        }
+        return C.GoString(subject), nil
+}
+// PeerCertHash returns a hash of the peer certificate.
+func (t *TLS) PeerCertHash() (string, error) {
+        hash := C.tls_peer_cert_hash(t.ctx)
+        if hash == nil {
+                return "", errors.New("no hash returned")
+        }
+        return C.GoString(hash), nil
+}
+// PeerCertNotBefore returns the notBefore time from the peer
+// certificate.
+func (t *TLS) PeerCertNotBefore() (time.Time, error) {
+        notBefore := C.tls_peer_cert_notbefore(t.ctx)
+        if notBefore == -1 {
+                return time.Time{}, errors.New("no notBefore time returned")
+        }
+        return time.Unix(int64(notBefore), 0), nil
+}
+// PeerCertNotAfter returns the notAfter time from the peer
+// certificate.
+func (t *TLS) PeerCertNotAfter() (time.Time, error) {
+        notAfter := C.tls_peer_cert_notafter(t.ctx)
+        if notAfter == -1 {
+                return time.Time{}, errors.New("no notAfter time")
+        }
+        return time.Unix(int64(notAfter), 0), nil
+}
+// ConnVersion returns the protocol version of the connection.
+func (t *TLS) ConnVersion() (string, error) {
+        ver := C.tls_conn_version(t.ctx)
+        if ver == nil {
+                return "", errors.New("no connection version")
+        }
+        return C.GoString(ver), nil
+}
+// ConnCipher returns the cipher suite used for the connection.
+func (t *TLS) ConnCipher() (string, error) {
+        cipher := C.tls_conn_cipher(t.ctx)
+        if cipher == nil {
+                return "", errors.New("no connection cipher")
+        }
+        return C.GoString(cipher), nil
+}
 // Connect attempts to establish an TLS connection to the specified host on
 // the given port. The host may optionally contain a colon separated port
 // value if the port string is specified as an empty string.

diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go index 6dc51b8922..74c34b4064 100644 --- a/src/regress/lib/libtls/gotls/tls.go +++ b/src/regress/lib/libtls/gotls/tls.go
@@ -15,6 +15,7 @@ import "C"
15	import (	15	import (
16	"errors"	16	"errors"
17	"fmt"	17	"fmt"
		18	"time"
18	"unsafe"	19	"unsafe"
19	)	20	)
20		21
@@ -115,6 +116,84 @@ func (t *TLS) Error() string {
115	return ""	116	return ""
116	}	117	}
117		118
		119	// PeerCertProvided returns whether the peer provided a certificate.
		120	func (t *TLS) PeerCertProvided() bool {
		121	return C.tls_peer_cert_provided(t.ctx) == 1
		122	}
		123
		124	// PeerCertContainsName checks whether the peer certificate contains
		125	// the specified name.
		126	func (t *TLS) PeerCertContainsName(name string) bool {
		127	n := C.CString(name)
		128	defer C.free(unsafe.Pointer(n))
		129	return C.tls_peer_cert_contains_name(t.ctx, n) == 1
		130	}
		131
		132	// PeerCertIssuer returns the issuer of the peer certificate.
		133	func (t *TLS) PeerCertIssuer() (string, error) {
		134	issuer := C.tls_peer_cert_issuer(t.ctx)
		135	if issuer == nil {
		136	return "", errors.New("no issuer returned")
		137	}
		138	return C.GoString(issuer), nil
		139	}
		140
		141	// PeerCertSubject returns the subject of the peer certificate.
		142	func (t *TLS) PeerCertSubject() (string, error) {
		143	subject := C.tls_peer_cert_subject(t.ctx)
		144	if subject == nil {
		145	return "", errors.New("no subject returned")
		146	}
		147	return C.GoString(subject), nil
		148	}
		149
		150	// PeerCertHash returns a hash of the peer certificate.
		151	func (t *TLS) PeerCertHash() (string, error) {
		152	hash := C.tls_peer_cert_hash(t.ctx)
		153	if hash == nil {
		154	return "", errors.New("no hash returned")
		155	}
		156	return C.GoString(hash), nil
		157	}
		158
		159	// PeerCertNotBefore returns the notBefore time from the peer
		160	// certificate.
		161	func (t *TLS) PeerCertNotBefore() (time.Time, error) {
		162	notBefore := C.tls_peer_cert_notbefore(t.ctx)
		163	if notBefore == -1 {
		164	return time.Time{}, errors.New("no notBefore time returned")
		165	}
		166	return time.Unix(int64(notBefore), 0), nil
		167	}
		168
		169	// PeerCertNotAfter returns the notAfter time from the peer
		170	// certificate.
		171	func (t *TLS) PeerCertNotAfter() (time.Time, error) {
		172	notAfter := C.tls_peer_cert_notafter(t.ctx)
		173	if notAfter == -1 {
		174	return time.Time{}, errors.New("no notAfter time")
		175	}
		176	return time.Unix(int64(notAfter), 0), nil
		177	}
		178
		179	// ConnVersion returns the protocol version of the connection.
		180	func (t *TLS) ConnVersion() (string, error) {
		181	ver := C.tls_conn_version(t.ctx)
		182	if ver == nil {
		183	return "", errors.New("no connection version")
		184	}
		185	return C.GoString(ver), nil
		186	}
		187
		188	// ConnCipher returns the cipher suite used for the connection.
		189	func (t *TLS) ConnCipher() (string, error) {
		190	cipher := C.tls_conn_cipher(t.ctx)
		191	if cipher == nil {
		192	return "", errors.New("no connection cipher")
		193	}
		194	return C.GoString(cipher), nil
		195	}
		196
118	// Connect attempts to establish an TLS connection to the specified host on	197	// Connect attempts to establish an TLS connection to the specified host on
119	// the given port. The host may optionally contain a colon separated port	198	// the given port. The host may optionally contain a colon separated port
120	// value if the port string is specified as an empty string.	199	// value if the port string is specified as an empty string.