From 2ffca9ef617ca25d3718111a126dbb0d580dd018 Mon Sep 17 00:00:00 2001 From: beck <> Date: Wed, 5 Apr 2017 03:19:22 +0000 Subject: Add tls_peer_cert_chain_pem - To retreive the peer certificate and chain as PEM format. This allows for it to be used or examined with tools external to libtls bump minor ok jsing@ --- src/lib/libtls/tls_internal.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/lib/libtls/tls_internal.h') diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h index b1d53c8fa3..5bbcadf804 100644 --- a/src/lib/libtls/tls_internal.h +++ b/src/lib/libtls/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.54 2017/04/05 03:13:53 beck Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.55 2017/04/05 03:19:22 beck Exp $ */ /* * Copyright (c) 2014 Jeremie Courreges-Anglas * Copyright (c) 2014 Joel Sing @@ -110,6 +110,9 @@ struct tls_conninfo { char *issuer; char *subject; + u_int8_t *peer_cert; + size_t peer_cert_len; + time_t notbefore; time_t notafter; }; @@ -166,6 +169,7 @@ struct tls { struct tls_sni_ctx *sni_ctx; X509 *ssl_peer_cert; + STACK_OF(X509) *ssl_peer_chain; struct tls_conninfo *conninfo; @@ -237,6 +241,7 @@ struct tls_ocsp *tls_ocsp_setup_from_peer(struct tls *ctx); int tls_hex_string(const unsigned char *_in, size_t _inlen, char **_out, size_t *_outlen); int tls_cert_hash(X509 *_cert, char **_hash); +void tls_config_skip_private_key_check(struct tls_config *config); __END_HIDDEN_DECLS -- cgit v1.2.3-55-g6feb