Merge pull request #104 from jmesmon/sys

Add get_peer_certificate() and a few ffi methods
2014-11-24 16:05:10 -05:00 · 2014-11-24 16:05:10 -05:00 · e87639893d
parent b7c88101f5 fd14cc77f3
commit e87639893d
3 changed files with 22 additions and 4 deletions
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@ -33,6 +33,7 @@ pub type X509 = c_void;
 pub type X509_CRL = c_void;
 pub type X509_EXTENSION = c_void;
 pub type X509_NAME = c_void;
+pub type X509_NAME_ENTRY = c_void;
 pub type X509_REQ = c_void;
 pub type X509_STORE_CTX = c_void;

@ -295,7 +296,7 @@ extern "C" {
                                                           n: c_int,
                                                           file: *const c_char,
                                                           line: c_int));
-    pub fn CRYPTO_free(buf: *const c_char);
+    pub fn CRYPTO_free(buf: *mut c_void);
    pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void,
                         len: size_t) -> c_int;

@ -414,6 +415,7 @@ extern "C" {
    pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int;
    pub fn SSL_get_SSL_CTX(ssl: *mut SSL) -> *mut SSL_CTX;
    pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const COMP_METHOD;
+    pub fn SSL_get_peer_certificate(ssl: *mut SSL) -> *mut X509;

    pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char;

@ -455,6 +457,11 @@ extern "C" {
    pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION);

    pub fn X509_NAME_add_entry_by_txt(x: *mut X509, field: *const c_char, ty: c_int, bytes: *const c_char, len: c_int, loc: c_int, set: c_int) -> c_int;
+    pub fn X509_NAME_get_index_by_NID(n: *mut X509_NAME, nid: c_int, last_pos: c_int) ->c_int;
+    pub fn X509_NAME_get_entry(n: *mut X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY;
+    pub fn X509_NAME_ENTRY_get_data(ne: *mut X509_NAME_ENTRY) -> *mut ASN1_STRING;
+
+    pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_char, s: *mut ASN1_STRING) -> c_int;

    pub fn X509_STORE_CTX_get_current_cert(ct: *mut X509_STORE_CTX) -> *mut X509;
    pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;
--- a/src/bn/mod.rs
+++ b/src/bn/mod.rs
@ -1,4 +1,4 @@
-use libc::{c_int, c_ulong};
+use libc::{c_int, c_ulong, c_void};
 use std::{fmt, ptr};
 use std::c_str::CString;

@ -348,7 +348,7 @@ impl BigNum {
            assert!(!buf.is_null());
            let c_str = CString::new(buf, false);
            let str = c_str.as_str().unwrap().to_string();
-            ffi::CRYPTO_free(buf);
+            ffi::CRYPTO_free(buf as *mut c_void);
            str
        }
    }
--- a/src/ssl/mod.rs
+++ b/src/ssl/mod.rs
@ -8,7 +8,7 @@ use sync::one::{Once, ONCE_INIT};
 use bio::{MemBio};
 use ffi;
 use ssl::error::{SslError, SslSessionClosed, StreamError};
-use x509::{X509StoreContext, X509FileType};
+use x509::{X509StoreContext, X509FileType, X509};

 pub mod error;
 #[cfg(test)]
@ -370,6 +370,17 @@ impl Ssl {
        }
    }

+    pub fn get_peer_certificate(&self) -> Option<X509> {
+        unsafe {
+            let ptr = ffi::SSL_get_peer_certificate(self.ssl);
+            if ptr.is_null() {
+                None
+            } else {
+                Some(X509::new(ptr, true))
+            }
+        }
+    }
+
 }

 #[deriving(FromPrimitive)]