summaryrefslogtreecommitdiff
path: root/ext/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl')
-rw-r--r--ext/openssl/ossl_ssl.c26
-rw-r--r--ext/openssl/ossl_x509.h1
-rw-r--r--ext/openssl/ossl_x509ext.c10
-rw-r--r--ext/openssl/ossl_x509req.c10
4 files changed, 42 insertions, 5 deletions
diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c
index 4fe2fc8088..d243b78dbb 100644
--- a/ext/openssl/ossl_ssl.c
+++ b/ext/openssl/ossl_ssl.c
@@ -604,6 +604,31 @@ ossl_ssl_get_peer_cert(VALUE self)
}
static VALUE
+ossl_ssl_get_peer_cert_chain(VALUE self)
+{
+ SSL *ssl;
+ STACK_OF(X509) *chain;
+ X509 *cert;
+ VALUE ary;
+ int i, num;
+
+ Data_Get_Struct(self, SSL, ssl);
+ if(!ssl){
+ rb_warning("SSL session is not started yet.");
+ return Qnil;
+ }
+ chain = SSL_get_peer_cert_chain(ssl);
+ num = sk_num(chain);
+ ary = rb_ary_new2(num);
+ for (i = 0; i < num; i++){
+ cert = (X509*)sk_value(chain, i);
+ rb_ary_push(ary, ossl_x509_new(cert));
+ }
+
+ return ary;
+}
+
+static VALUE
ossl_ssl_get_cipher(VALUE self)
{
SSL *ssl;
@@ -674,6 +699,7 @@ Init_ossl_ssl()
rb_define_method(cSSLSocket, "sysclose", ossl_ssl_close, 0);
rb_define_method(cSSLSocket, "cert", ossl_ssl_get_cert, 0);
rb_define_method(cSSLSocket, "peer_cert", ossl_ssl_get_peer_cert, 0);
+ rb_define_method(cSSLSocket, "peer_cert_chain", ossl_ssl_get_peer_cert_chain, 0);
rb_define_method(cSSLSocket, "cipher", ossl_ssl_get_cipher, 0);
rb_define_method(cSSLSocket, "state", ossl_ssl_get_state, 0);
diff --git a/ext/openssl/ossl_x509.h b/ext/openssl/ossl_x509.h
index 196ce06848..1a43569073 100644
--- a/ext/openssl/ossl_x509.h
+++ b/ext/openssl/ossl_x509.h
@@ -80,6 +80,7 @@ extern VALUE cX509Req;
extern VALUE eX509ReqError;
VALUE ossl_x509req_new(X509_REQ *);
+X509_REQ *GetX509ReqPtr(VALUE);
X509_REQ *DupX509ReqPtr(VALUE);
void Init_ossl_x509req(void);
diff --git a/ext/openssl/ossl_x509ext.c b/ext/openssl/ossl_x509ext.c
index 23e768a9b5..d9ec846ac1 100644
--- a/ext/openssl/ossl_x509ext.c
+++ b/ext/openssl/ossl_x509ext.c
@@ -118,7 +118,7 @@ ossl_x509extfactory_set_issuer_cert(VALUE self, VALUE cert)
GetX509ExtFactory(self, ctx);
rb_iv_set(self, "@issuer_certificate", cert);
- ctx->issuer_cert = DupX509CertPtr(cert); /* DUP NEEDED */
+ ctx->issuer_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
return cert;
}
@@ -130,7 +130,7 @@ ossl_x509extfactory_set_subject_cert(VALUE self, VALUE cert)
GetX509ExtFactory(self, ctx);
rb_iv_set(self, "@subject_certificate", cert);
- ctx->subject_cert = DupX509CertPtr(cert); /* DUP NEEDED */
+ ctx->subject_cert = GetX509CertPtr(cert); /* NO DUP NEEDED */
return cert;
}
@@ -142,7 +142,7 @@ ossl_x509extfactory_set_subject_req(VALUE self, VALUE req)
GetX509ExtFactory(self, ctx);
rb_iv_set(self, "@subject_request", req);
- ctx->subject_req = DupX509ReqPtr(req);
+ ctx->subject_req = GetX509ReqPtr(req); /* NO DUP NEEDED */
return req;
}
@@ -154,7 +154,7 @@ ossl_x509extfactory_set_crl(VALUE self, VALUE crl)
GetX509ExtFactory(self, ctx);
rb_iv_set(self, "@crl", crl);
- ctx->crl = DupX509CRLPtr(crl);
+ ctx->crl = GetX509CRLPtr(crl); /* NO DUP NEEDED */
return crl;
}
@@ -168,7 +168,7 @@ ossl_x509extfactory_set_config(VALUE self, VALUE config)
GetX509ExtFactory(self, ctx);
rb_iv_set(self, "@config", config);
- conf = GetConfigPtr(config);
+ conf = GetConfigPtr(config); /* NO DUP NEEDED */
X509V3_set_nconf(ctx, conf);
return config;
diff --git a/ext/openssl/ossl_x509req.c b/ext/openssl/ossl_x509req.c
index b35bc2506e..3585b20859 100644
--- a/ext/openssl/ossl_x509req.c
+++ b/ext/openssl/ossl_x509req.c
@@ -56,6 +56,16 @@ ossl_x509req_new(X509_REQ *req)
}
X509_REQ *
+GetX509ReqPtr(VALUE obj)
+{
+ X509_REQ *req;
+
+ SafeGetX509Req(obj, req);
+
+ return req;
+}
+
+X509_REQ *
DupX509ReqPtr(VALUE obj)
{
X509_REQ *req, *new;