add get_subjectCN

2011-10-04 09:29:10 -07:00 · 2011-10-04 09:29:10 -07:00 · 290f94c8ad
parent 33701c0d17
commit 290f94c8ad
5 changed files with 24 additions and 4 deletions
--- a/configure.ac
+++ b/configure.ac
@ -428,7 +428,7 @@ AC_ARG_ENABLE(bump,

 if test "$ENABLED_BUMP" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN"
+    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DOPENSSL_EXTRA"
 fi

 # ECC 
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -932,6 +932,7 @@ struct CYASSL_X509 {
    CYASSL_X509_NAME subject;
    int              serialSz;
    byte             serial[EXTERNAL_SERIAL_SIZE];
+    char             subjectCN[ASN_NAME_MAX];        /* common name short cut */
 };


--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -658,6 +658,7 @@ CYASSL_API int  CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx,
                                unsigned char* buffer, int inLen, int* outLen);
 CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s);
 CYASSL_API int  CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*);
+CYASSL_API char*  CyaSSL_X509_get_subjectCN(CYASSL_X509*);

 /* connect enough to get peer cert */
 CYASSL_API int  CyaSSL_connect_cert(CYASSL* ssl);
--- a/src/internal.c
+++ b/src/internal.c
@ -1548,10 +1548,21 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
        XSTRNCPY(ssl->peerCert.subject.name, dCert.subject, ASN_NAME_MAX);
        XMEMCPY(ssl->peerCert.serial, dCert.serial, EXTERNAL_SERIAL_SIZE);
        ssl->peerCert.serialSz = dCert.serialSz;
+        if (dCert.subjectCNLen < ASN_NAME_MAX) {
+            XMEMCPY(ssl->peerCert.subjectCN,dCert.subjectCN,dCert.subjectCNLen);
+            ssl->peerCert.subjectCN[dCert.subjectCNLen] = '\0';
+        }
+        else
+            ssl->peerCert.subjectCN[0] = '\0';
 #endif    

-        XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen);
-        domain[dCert.subjectCNLen] = '\0';
+        /* store for callback use */
+        if (dCert.subjectCNLen < ASN_NAME_MAX) {
+            XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen);
+            domain[dCert.subjectCNLen] = '\0';
+        }
+        else
+            domain[0] = '\0';

        if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer)
            if (XSTRNCMP((char*)ssl->buffers.domainName.buffer,
--- a/src/ssl.c
+++ b/src/ssl.c
@ -3792,7 +3792,6 @@ int CyaSSL_set_compression(CYASSL* ssl)
    }


-
    int CyaSSL_ASN1_TIME_print(CYASSL_BIO* bio, const CYASSL_ASN1_TIME* asnTime)
    {
        (void)bio;
@ -4146,6 +4145,14 @@ int CyaSSL_set_compression(CYASSL* ssl)
        return 0;
    }

+    char*  CyaSSL_X509_get_subjectCN(CYASSL_X509* x509)
+    {
+        if (x509 == NULL)
+            return NULL;
+
+        return x509->subjectCN;
+    }
+
 #endif /* OPENSSL_EXTRA */