commit c431c2bf723aa53aa5df6f8c4f7d712082b447bf
parent 6d78ae04b4f3b9cd7eeba77b7ec7f69303c140d1
Author: Joris Vink <joris@coders.se>
Date: Wed, 28 Nov 2018 11:28:07 +0100
Add support to obtain peer certificate from Python
This will return the DER encoded bytes representing the peer certificate.
Diffstat:
2 files changed, 40 insertions(+), 0 deletions(-)
diff --git a/include/kore/python_methods.h b/include/kore/python_methods.h
@@ -480,9 +480,16 @@ static PyMethodDef pyconnection_methods[] = {
static PyObject *pyconnection_get_fd(struct pyconnection *, void *);
static PyObject *pyconnection_get_addr(struct pyconnection *, void *);
+#if !defined(KORE_NO_TLS)
+static PyObject *pyconnection_get_peer_x509(struct pyconnection *, void *);
+#endif
+
static PyGetSetDef pyconnection_getset[] = {
GETTER("fd", pyconnection_get_fd),
GETTER("addr", pyconnection_get_addr),
+#if !defined(KORE_NO_TLS)
+ GETTER("x509", pyconnection_get_peer_x509),
+#endif
GETTER(NULL, NULL),
};
diff --git a/src/python.c b/src/python.c
@@ -1409,6 +1409,39 @@ pyconnection_get_addr(struct pyconnection *pyc, void *closure)
return (result);
}
+#if !defined(KORE_NO_TLS)
+static PyObject *
+pyconnection_get_peer_x509(struct pyconnection *pyc, void *closure)
+{
+ int len;
+ PyObject *bytes;
+ u_int8_t *der, *pp;
+
+ if (pyc->c->cert == NULL) {
+ Py_RETURN_NONE;
+ }
+
+ if ((len = i2d_X509(pyc->c->cert, NULL)) <= 0) {
+ PyErr_SetString(PyExc_RuntimeError, "i2d_X509 failed");
+ return (NULL);
+ }
+
+ der = kore_calloc(1, len);
+ pp = der;
+
+ if (i2d_X509(pyc->c->cert, &pp) <= 0) {
+ kore_free(der);
+ PyErr_SetString(PyExc_RuntimeError, "i2d_X509 failed");
+ return (NULL);
+ }
+
+ bytes = PyBytes_FromStringAndSize((char *)der, len);
+ kore_free(der);
+
+ return (bytes);
+}
+#endif
+
static void
pytimer_run(void *arg, u_int64_t now)
{
