diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2011-06-30 14:38:38 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2011-10-22 11:32:40 +0200 |
commit | 3e44ea55339429ede83857c9e79cc218d6bc297f (patch) | |
tree | ce4b372ba21e998abafd569eb719b732656b75d8 /ssl_verify_openssl.c | |
parent | 75c67073ed5d35b0efcd2a99492cf34339da08fb (diff) | |
download | openvpn-3e44ea55339429ede83857c9e79cc218d6bc297f.tar.gz openvpn-3e44ea55339429ede83857c9e79cc218d6bc297f.tar.xz openvpn-3e44ea55339429ede83857c9e79cc218d6bc297f.zip |
Refactored tls-verify script code
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
Diffstat (limited to 'ssl_verify_openssl.c')
-rw-r--r-- | ssl_verify_openssl.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/ssl_verify_openssl.c b/ssl_verify_openssl.c index a33b435..cde100c 100644 --- a/ssl_verify_openssl.c +++ b/ssl_verify_openssl.c @@ -489,4 +489,35 @@ verify_cert_eku (X509 *x509, const char * const expected_oid) return fFound; } +const char * +write_peer_cert(X509 *peercert, const char *tmp_dir, struct gc_arena *gc) +{ + FILE *peercert_file; + const char *peercert_filename=""; + + if(!tmp_dir) + return NULL; + + /* create tmp file to store peer cert */ + peercert_filename = create_temp_file (tmp_dir, "pcf", gc); + + /* write peer-cert in tmp-file */ + peercert_file = fopen(peercert_filename, "w+"); + if(!peercert_file) + { + msg (M_ERR, "Failed to open temporary file : %s", peercert_filename); + return NULL; + } + if(PEM_write_X509(peercert_file,peercert)<0) + { + msg (M_ERR, "Failed to write peer certificate in PEM format"); + fclose(peercert_file); + return NULL; + } + + fclose(peercert_file); + return peercert_filename; +} + #endif /* OPENSSL_VERSION_NUMBER */ + |