Commit 17b973ba authored by Alex Landau's avatar Alex Landau Committed by facebook-github-bot-1

thrift-tls: Expose client common name in connection context

Summary: Server can find out client's common name through
Cpp2ConnContext::getPeerCommonName

Reviewed By: @siyengar

Differential Revision: D2469588
parent 68b39c30
...@@ -80,6 +80,7 @@ class SSLException: public folly::AsyncSocketException { ...@@ -80,6 +80,7 @@ class SSLException: public folly::AsyncSocketException {
class AsyncSSLSocket : public virtual AsyncSocket { class AsyncSSLSocket : public virtual AsyncSocket {
public: public:
typedef std::unique_ptr<AsyncSSLSocket, Destructor> UniquePtr; typedef std::unique_ptr<AsyncSSLSocket, Destructor> UniquePtr;
using X509_deleter = folly::static_function_deleter<X509, &X509_free>;
class HandshakeCB { class HandshakeCB {
public: public:
...@@ -730,6 +731,18 @@ class AsyncSSLSocket : public virtual AsyncSocket { ...@@ -730,6 +731,18 @@ class AsyncSSLSocket : public virtual AsyncSocket {
void setReadCB(ReadCallback* callback) override; void setReadCB(ReadCallback* callback) override;
/**
* Returns the peer certificate, or nullptr if no peer certificate received.
*/
std::unique_ptr<X509, X509_deleter> getPeerCert() const {
if (!ssl_) {
return nullptr;
}
X509* cert = SSL_get_peer_certificate(ssl_);
return std::unique_ptr<X509, X509_deleter>(cert);
}
private: private:
void init(); void init();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment