summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_ssl.c
diff options
context:
space:
mode:
authorgotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2003-11-01 09:24:55 +0000
committergotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2003-11-01 09:24:55 +0000
commitfc133b89979195d350d30abbc92b00eaa4f540cb (patch)
treed27bb5cdb264f9c1e72cfebb68ba8e6d6eeed273 /ext/openssl/ossl_ssl.c
parent09125ff3d000a48509372391b19637c4c9815a62 (diff)
* ext/openssl/ossl_ssl.c (ossl_ssl_peer_cert_chain): add new method
SSLSocket#peer_cert_chain. * ext/openssl/ossl_x509req.c (GetX509ReqPtr): new function which returns underlying X509_REQ. * ext/openssl/ossl_x509ext.c (ossl_x509extfactory_set_issuer_cert, ossl_x509extfactory_set_subject_cert, ossl_x509extfactory_set_crl, ossl_x509extfactory_set_subject_req, ossl_x509extfactory_set_config): use underlying C struct without duplication not to leak momory. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_ssl.c')
-rw-r--r--ext/openssl/ossl_ssl.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 4fe2fc8..d243b78 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -604,6 +604,31 @@ ossl_ssl_get_peer_cert(VALUE self)
}
static VALUE
+ossl_ssl_get_peer_cert_chain(VALUE self)
+{
+ SSL *ssl;
+ STACK_OF(X509) *chain;
+ X509 *cert;
+ VALUE ary;
+ int i, num;
+
+ Data_Get_Struct(self, SSL, ssl);
+ if(!ssl){
+ rb_warning("SSL session is not started yet.");
+ return Qnil;
+ }
+ chain = SSL_get_peer_cert_chain(ssl);
+ num = sk_num(chain);
+ ary = rb_ary_new2(num);
+ for (i = 0; i < num; i++){
+ cert = (X509*)sk_value(chain, i);
+ rb_ary_push(ary, ossl_x509_new(cert));
+ }
+
+ return ary;
+}
+
+static VALUE
ossl_ssl_get_cipher(VALUE self)
{
SSL *ssl;
@@ -674,6 +699,7 @@ Init_ossl_ssl()
rb_define_method(cSSLSocket, "sysclose", ossl_ssl_close, 0);
rb_define_method(cSSLSocket, "cert", ossl_ssl_get_cert, 0);
rb_define_method(cSSLSocket, "peer_cert", ossl_ssl_get_peer_cert, 0);
+ rb_define_method(cSSLSocket, "peer_cert_chain", ossl_ssl_get_peer_cert_chain, 0);
rb_define_method(cSSLSocket, "cipher", ossl_ssl_get_cipher, 0);
rb_define_method(cSSLSocket, "state", ossl_ssl_get_state, 0);