From: Kurt Zeilenga <kurt@openldap.org>
Date: Thu, 18 Jan 2001 00:40:58 +0000 (+0000)
Subject: Add ldap_pvt_tls_get_peer_dn() routine.  Returns peer as an LDAP DN.
X-Git-Tag: LDBM_PRE_GIANT_RWLOCK~1573
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=c0a06f25c2a64e3af374e3a64bd205987b3065f6;p=openldap

Add ldap_pvt_tls_get_peer_dn() routine.  Returns peer as an LDAP DN.
---

diff --git a/configure b/configure
index acd0b7c547..aa3ee5d897 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # $OpenLDAP$
-# from OpenLDAP: pkg/ldap/configure.in,v 1.346 2001/01/12 03:20:36 kurt Exp  
+# from OpenLDAP: pkg/ldap/configure.in,v 1.347 2001/01/16 21:18:42 kurt Exp  
 
 # Copyright 1998-2000 The OpenLDAP Foundation.  All Rights Reserved.
 # 
diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h
index 36b0e78a9b..79d22b5b99 100644
--- a/include/ldap_pvt.h
+++ b/include/ldap_pvt.h
@@ -174,7 +174,8 @@ LDAP_F (int) ldap_pvt_tls_connect LDAP_P(( struct ldap *ld, Sockbuf *sb, void *c
 LDAP_F (int) ldap_pvt_tls_accept LDAP_P(( Sockbuf *sb, void *ctx_arg ));
 LDAP_F (void *) ldap_pvt_tls_sb_handle LDAP_P(( Sockbuf *sb ));
 LDAP_F (void *) ldap_pvt_tls_get_handle LDAP_P(( struct ldap *ld ));
-LDAP_F (const char *) ldap_pvt_tls_get_peer LDAP_P(( void *handle ));
+LDAP_F (char *) ldap_pvt_tls_get_peer LDAP_P(( void *handle ));
+LDAP_F (char *) ldap_pvt_tls_get_peer_dn LDAP_P(( void *handle ));
 LDAP_F (int) ldap_pvt_tls_get_strength LDAP_P(( void *handle ));
 LDAP_F (int) ldap_pvt_tls_inplace LDAP_P(( Sockbuf *sb ));
 LDAP_F (int) ldap_pvt_tls_start LDAP_P(( struct ldap *ld, Sockbuf *sb, void *ctx_arg ));
diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 3c98a285e0..3e0d55e42b 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -679,7 +679,7 @@ ldap_pvt_tls_get_strength( void *s )
 }
 
 
-const char *
+char *
 ldap_pvt_tls_get_peer( void *s )
 {
     X509 *x;
@@ -697,12 +697,33 @@ ldap_pvt_tls_get_peer( void *s )
     return p;
 }
 
+char *
+ldap_pvt_tls_get_peer_dn( void *s )
+{
+	X509 *x;
+	X509_NAME *xn;
+	char buf[2048], *p, *dn;
+
+	x = SSL_get_peer_certificate((SSL *)s);
+
+	if (!x) return NULL;
+    
+	xn = X509_get_subject_name(x);
+	p = X509_NAME_oneline(xn, buf, sizeof(buf));
+
+	dn = ldap_dcedn2dn( p );
+
+	X509_free(x);
+	return dn;
+}
+
 char *
 ldap_pvt_tls_get_peer_hostname( void *s )
 {
 	X509 *x;
 	X509_NAME *xn;
 	char buf[2048], *p;
+	int ret;
 
 	x = SSL_get_peer_certificate((SSL *)s);
 
@@ -711,7 +732,8 @@ ldap_pvt_tls_get_peer_hostname( void *s )
 	
 	xn = X509_get_subject_name(x);
 
-	if ( X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf)) == -1 ) {
+	ret = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
+	if( ret == -1 ) {
 		X509_free(x);
 		return NULL;
 	}