forked from mirrors/kore
Add kore_tls_x509_data().
Use it in the Python code, which requires it.
This commit is contained in:
Joris Vink
parent
169a4e7c5d
commit
feb90208ef
|
|
@ -824,6 +824,7 @@ void kore_tls_domain_setup(struct kore_domain *,
|
|||
void *kore_tls_rsakey_load(const char *);
|
||||
void *kore_tls_rsakey_generate(const char *);
|
||||
|
||||
int kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
|
||||
void *kore_tls_x509_issuer_name(struct connection *);
|
||||
void *kore_tls_x509_subject_name(struct connection *);
|
||||
int kore_tls_x509name_foreach(void *, int, void *,
|
||||
|
|
|
|||
36
src/python.c
36
src/python.c
|
|
@ -29,6 +29,7 @@
|
|||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <stdarg.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#include "kore.h"
|
||||
#include "http.h"
|
||||
|
|
@ -2904,25 +2905,17 @@ pyconnection_get_addr(struct pyconnection *pyc, void *closure)
|
|||
static PyObject *
|
||||
pyconnection_get_peer_x509(struct pyconnection *pyc, void *closure)
|
||||
{
|
||||
int len;
|
||||
PyObject *bytes;
|
||||
u_int8_t *der, *pp;
|
||||
size_t len;
|
||||
u_int8_t *der;
|
||||
PyObject *bytes;
|
||||
|
||||
if (pyc->c->cert == NULL) {
|
||||
Py_RETURN_NONE;
|
||||
}
|
||||
|
||||
if ((len = i2d_X509(pyc->c->cert, NULL)) <= 0) {
|
||||
PyErr_SetString(PyExc_RuntimeError, "i2d_X509 failed");
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
der = kore_calloc(1, len);
|
||||
pp = der;
|
||||
|
||||
if (i2d_X509(pyc->c->cert, &pp) <= 0) {
|
||||
kore_free(der);
|
||||
PyErr_SetString(PyExc_RuntimeError, "i2d_X509 failed");
|
||||
if (!kore_tls_x509_data(pyc->c, &der, &len)) {
|
||||
PyErr_SetString(PyExc_RuntimeError,
|
||||
"failed to obtain certificate data");
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
|
|
@ -2935,7 +2928,7 @@ pyconnection_get_peer_x509(struct pyconnection *pyc, void *closure)
|
|||
static PyObject *
|
||||
pyconnection_get_peer_x509dict(struct pyconnection *pyc, void *closure)
|
||||
{
|
||||
X509_NAME *name;
|
||||
void *name;
|
||||
PyObject *dict, *issuer, *subject, *ret;
|
||||
|
||||
ret = NULL;
|
||||
|
|
@ -2963,13 +2956,13 @@ pyconnection_get_peer_x509dict(struct pyconnection *pyc, void *closure)
|
|||
|
||||
PyErr_Clear();
|
||||
|
||||
if ((name = X509_get_issuer_name(pyc->c->cert)) == NULL) {
|
||||
if ((name = kore_tls_x509_subject_name(pyc->c->cert)) == NULL) {
|
||||
PyErr_Format(PyExc_RuntimeError,
|
||||
"X509_get_issuer_name: %s", ssl_errno_s);
|
||||
"failed to obtain x509 subjectName");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!kore_x509name_foreach(name, 0, issuer, pyconnection_x509_cb)) {
|
||||
if (!kore_tls_x509name_foreach(name, 0, issuer, pyconnection_x509_cb)) {
|
||||
if (PyErr_Occurred() == NULL) {
|
||||
PyErr_Format(PyExc_RuntimeError,
|
||||
"failed to add issuer name to dictionary");
|
||||
|
|
@ -2977,13 +2970,14 @@ pyconnection_get_peer_x509dict(struct pyconnection *pyc, void *closure)
|
|||
goto out;
|
||||
}
|
||||
|
||||
if ((name = X509_get_subject_name(pyc->c->cert)) == NULL) {
|
||||
if ((name = kore_tls_x509_issuer_name(pyc->c->cert)) == NULL) {
|
||||
PyErr_Format(PyExc_RuntimeError,
|
||||
"X509_get_subject_name: %s", ssl_errno_s);
|
||||
"failed to obtain x509 issuerName");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!kore_x509name_foreach(name, 0, subject, pyconnection_x509_cb)) {
|
||||
if (!kore_tls_x509name_foreach(name, 0, subject,
|
||||
pyconnection_x509_cb)) {
|
||||
if (PyErr_Occurred() == NULL) {
|
||||
PyErr_Format(PyExc_RuntimeError,
|
||||
"failed to add subject name to dictionary");
|
||||
|
|
|
|||
|
|
@ -159,3 +159,9 @@ kore_tls_x509name_foreach(void *name, int flags, void *udata,
|
|||
{
|
||||
fatal("%s: not supported", __func__);
|
||||
}
|
||||
|
||||
int
|
||||
kore_tls_x509_data(struct connection *c, u_int8_t **ptr, size_t *olen)
|
||||
{
|
||||
fatal("%s: not supported", __func__);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -654,13 +654,23 @@ kore_tls_rsakey_generate(const char *path)
|
|||
void *
|
||||
kore_tls_x509_subject_name(struct connection *c)
|
||||
{
|
||||
return (X509_get_subject_name(c->cert));
|
||||
X509_NAME *name;
|
||||
|
||||
if ((name = X509_get_subject_name(c->cert)) == NULL)
|
||||
kore_log(LOG_NOTICE, "X509_get_subject_name: %s", ssl_errno_s);
|
||||
|
||||
return (name);
|
||||
}
|
||||
|
||||
void *
|
||||
kore_tls_x509_issuer_name(struct connection *c)
|
||||
{
|
||||
return (X509_get_issuer_name(c->cert));
|
||||
X509_NAME *name;
|
||||
|
||||
if ((name = X509_get_issuer_name(c->cert)) == NULL)
|
||||
kore_log(LOG_NOTICE, "X509_get_issuer_name: %s", ssl_errno_s);
|
||||
|
||||
return (name);
|
||||
}
|
||||
|
||||
int
|
||||
|
|
@ -724,6 +734,32 @@ cleanup:
|
|||
return (ret);
|
||||
}
|
||||
|
||||
int
|
||||
kore_tls_x509_data(struct connection *c, u_int8_t **ptr, size_t *olen)
|
||||
{
|
||||
int len;
|
||||
u_int8_t *der, *pp;
|
||||
|
||||
if ((len = i2d_X509(c->cert, NULL)) <= 0) {
|
||||
kore_log(LOG_NOTICE, "i2d_X509: %s", ssl_errno_s);
|
||||
return (KORE_RESULT_ERROR);
|
||||
}
|
||||
|
||||
der = kore_calloc(1, len);
|
||||
pp = der;
|
||||
|
||||
if (i2d_X509(c->cert, &pp) <= 0) {
|
||||
kore_free(der);
|
||||
kore_log(LOG_NOTICE, "i2d_X509: %s", ssl_errno_s);
|
||||
return (KORE_RESULT_ERROR);
|
||||
}
|
||||
|
||||
*ptr = der;
|
||||
*olen = len;
|
||||
|
||||
return (KORE_RESULT_OK);
|
||||
}
|
||||
|
||||
void
|
||||
kore_tls_seed(const void *data, size_t len)
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue