Project

General

Profile

Feature #4481 ยป ssl_client_ca.diff

ohai (Ippei Obayashi), 03/08/2011 02:56 AM

View differences:

ext/openssl/ossl.c
117 117
}
118 118
OSSL_IMPL_SK2ARY(x509, X509)
119 119
OSSL_IMPL_SK2ARY(x509crl, X509_CRL)
120
OSSL_IMPL_SK2ARY(x509name, X509_NAME)
120 121

  
121 122
static VALUE
122 123
ossl_str_new(int size)
ext/openssl/ossl.h
123 123
STACK_OF(X509) *ossl_protect_x509_ary2sk(VALUE,int*);
124 124
VALUE ossl_x509_sk2ary(STACK_OF(X509) *certs);
125 125
VALUE ossl_x509crl_sk2ary(STACK_OF(X509_CRL) *crl);
126
VALUE ossl_x509name_sk2ary(STACK_OF(X509_NAME) *names);
126 127
VALUE ossl_buf2str(char *buf, int len);
127 128
#define ossl_str_adjust(str, p) \
128 129
do{\
ext/openssl/ossl_ssl.c
1622 1622
    return INT2FIX(SSL_get_verify_result(ssl));
1623 1623
}
1624 1624

  
1625
/*
1626
 * call-seq:
1627
 *    ssl.client_ca => [x509name, ...]
1628
 *
1629
 * Returns the list of client CAs.
1630
 *
1631
 * In server mode, returns the list set by SSLContext#client_ca=.
1632
 * In client mode, returns the list of client CAs sent from the server.
1633
 */
1634
static VALUE
1635
ossl_ssl_get_client_ca_list(VALUE self)
1636
{
1637
    SSL *ssl;
1638
    STACK_OF(X509_NAME) *ca;
1639
    
1640
    Data_Get_Struct(self, SSL, ssl);
1641
    if (!ssl) {
1642
	rb_warning("SSL session is not started yet.");
1643
	return Qnil;
1644
    }
1645

  
1646
    ca = SSL_get_client_CA_list(ssl);
1647
    return ossl_x509name_sk2ary(ca);
1648
}
1649

  
1625 1650
void
1626 1651
Init_ossl_ssl()
1627 1652
{
......
1909 1934
    rb_define_method(cSSLSocket, "session_reused?",    ossl_ssl_session_reused, 0);
1910 1935
    rb_define_method(cSSLSocket, "session=",    ossl_ssl_set_session, 1);
1911 1936
    rb_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0);
1912

  
1937
    rb_define_method(cSSLSocket, "client_ca", ossl_ssl_get_client_ca_list, 0);
1938
    
1913 1939
#define ossl_ssl_def_const(x) rb_define_const(mSSL, #x, INT2NUM(SSL_##x))
1914 1940

  
1915 1941
    ossl_ssl_def_const(VERIFY_NONE);