From 381a9b6e511099b71891ebcec48b131cf80f2c51 Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Mon, 13 Oct 2014 15:14:58 -0400
Subject: [PATCH 1/4] sys (and bn): make CRYPTO_free() take a *mut c_void
 insead of a *const c_char

CRYPTO_free() ends up being used for a variety of types of data, not just
c_char. And it essentially takes full ownership of the type, making
*mut appropriate.

With this change it also more closely (exactly) matches the C defintion:
	void CRYPTO_free(void *ptr);
---
 openssl-sys/src/lib.rs | 2 +-
 src/bn/mod.rs          | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index a482c357..649e269e 100755
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -295,7 +295,7 @@ extern "C" {
                                                            n: c_int,
                                                            file: *const c_char,
                                                            line: c_int));
-    pub fn CRYPTO_free(buf: *const c_char);
+    pub fn CRYPTO_free(buf: *mut c_void);
     pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void,
                          len: size_t) -> c_int;
 
diff --git a/src/bn/mod.rs b/src/bn/mod.rs
index b33f94ce..2536f8a5 100644
--- a/src/bn/mod.rs
+++ b/src/bn/mod.rs
@@ -1,4 +1,4 @@
-use libc::{c_int, c_ulong};
+use libc::{c_int, c_ulong, c_void};
 use std::{fmt, ptr};
 use std::c_str::CString;
 
@@ -348,7 +348,7 @@ impl BigNum {
             assert!(!buf.is_null());
             let c_str = CString::new(buf, false);
             let str = c_str.as_str().unwrap().to_string();
-            ffi::CRYPTO_free(buf);
+            ffi::CRYPTO_free(buf as *mut c_void);
             str
         }
     }

From 9951cb2bdacf2a313e0bff0c8f13d966610f1db3 Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Tue, 23 Sep 2014 15:28:00 -0400
Subject: [PATCH 2/4] sys: add some methods for dealing with x509 certs

---
 openssl-sys/src/lib.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index 649e269e..dec39b1b 100755
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -33,6 +33,7 @@ pub type X509 = c_void;
 pub type X509_CRL = c_void;
 pub type X509_EXTENSION = c_void;
 pub type X509_NAME = c_void;
+pub type X509_NAME_ENTRY = c_void;
 pub type X509_REQ = c_void;
 pub type X509_STORE_CTX = c_void;
 
@@ -455,6 +456,11 @@ extern "C" {
     pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION);
 
     pub fn X509_NAME_add_entry_by_txt(x: *mut X509, field: *const c_char, ty: c_int, bytes: *const c_char, len: c_int, loc: c_int, set: c_int) -> c_int;
+    pub fn X509_NAME_get_index_by_NID(n: *mut X509_NAME, nid: c_int, last_pos: c_int) ->c_int;
+    pub fn X509_NAME_get_entry(n: *mut X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY;
+    pub fn X509_NAME_ENTRY_get_data(ne: *mut X509_NAME_ENTRY) -> *mut ASN1_STRING;
+
+    pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_char, s: *mut ASN1_STRING) -> c_int;
 
     pub fn X509_STORE_CTX_get_current_cert(ct: *mut X509_STORE_CTX) -> *mut X509;
     pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;

From c6696eb02905bfc10f4cc7983f649ae5e9787466 Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Mon, 24 Nov 2014 15:40:48 -0500
Subject: [PATCH 3/4] sys: add SSL_get_peer_certificate()

---
 openssl-sys/src/lib.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index dec39b1b..3a92a8d4 100755
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -415,6 +415,7 @@ extern "C" {
     pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
     pub fn SSL_get_SSL_CTX(ssl: *mut SSL) -> *mut SSL_CTX;
     pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD;
+    pub fn SSL_get_peer_certificate(ssl: *mut SSL) -> *mut X509;
 
     pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;
 

From fd14cc77f37f4bec78d313106191fbebf72a9284 Mon Sep 17 00:00:00 2001
From: Cody P Schafer <dev@codyps.com>
Date: Mon, 24 Nov 2014 15:48:08 -0500
Subject: [PATCH 4/4] ssl: add get_peer_certificate()

---
 src/ssl/mod.rs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs
index 1f0599b4..8e035466 100644
--- a/src/ssl/mod.rs
+++ b/src/ssl/mod.rs
@@ -8,7 +8,7 @@ use sync::one::{Once, ONCE_INIT};
 use bio::{MemBio};
 use ffi;
 use ssl::error::{SslError, SslSessionClosed, StreamError};
-use x509::{X509StoreContext, X509FileType};
+use x509::{X509StoreContext, X509FileType, X509};
 
 pub mod error;
 #[cfg(test)]
@@ -370,6 +370,17 @@ impl Ssl {
         }
     }
 
+    pub fn get_peer_certificate(&self) -> Option<X509> {
+        unsafe {
+            let ptr = ffi::SSL_get_peer_certificate(self.ssl);
+            if ptr.is_null() {
+                None
+            } else {
+                Some(X509::new(ptr, true))
+            }
+        }
+    }
+
 }
 
 #[deriving(FromPrimitive)]