Add a const getter for X509 used in handshake (server-side)

Summary:
Similar to other getters such as getSSLCertSize, but returns a const X509*.
This may be useful to get cert parameters after handshake is complete
(or in error).

Reviewed By: yfeldblum

Differential Revision: D3636598

fbshipit-source-id: 98f0e2987de53d6343541ef0ed588f9ad18390cd

folly/io/async/AsyncSSLSocket.cpp

@@ -880,6 +880,10 @@ int AsyncSSLSocket::getSSLCertSize() const {
   return certSize;
 }
 
+const X509* AsyncSSLSocket::getSelfCert() const {
+  return (ssl_ != nullptr) ? SSL_get_certificate(ssl_) : nullptr;
+}
+
 bool AsyncSSLSocket::willBlock(int ret,
                                int* sslErrorOut,
                                unsigned long* errErrorOut) noexcept {

folly/io/async/AsyncSSLSocket.h

@@ -457,6 +457,11 @@ class AsyncSSLSocket : public virtual AsyncSocket {
    */
   int getSSLCertSize() const;
 
+  /**
+   * Get the certificate used for this SSL connection. May be null
+   */
+  virtual const X509* getSelfCert() const override;
+
   virtual void attachEventBase(EventBase* eventBase) override {
     AsyncSocket::attachEventBase(eventBase);
     handshakeTimeout_.attachEventBase(eventBase);

folly/io/async/AsyncTransport.h

@@ -326,6 +326,13 @@ class AsyncTransport : public DelayedDestruction, public AsyncSocketBase {
    */
   virtual ssl::X509UniquePtr getPeerCert() const { return nullptr; }
 
+  /**
+   * The local certificate used for this connection. May be null
+   */
+  virtual const X509* getSelfCert() const {
+    return nullptr;
+  }
+
   /**
    * @return True iff end of record tracking is enabled
    */