# HG changeset patch
# User Tobias Markmann <tm@ayena.de>
# Date 1286568685 -3600
# Node ID 718837c61318bdde0279c8b54e68555d4e87bc6e
# Parent  bd2b1836f0ba2cfea815c2bfc6568f02c268ae3c
Add :getpeercertificate() method to get peer's certificate

diff -r bd2b1836f0ba -r 718837c61318 src/ssl.c
--- a/src/ssl.c	Fri Oct 08 21:09:39 2010 +0100
+++ b/src/ssl.c	Fri Oct 08 21:11:25 2010 +0100
@@ -372,6 +372,43 @@
     return 1;
   }
 }
+
+/**
+ * Return the peer certificate.
+ */
+static int meth_getpeercertificate(lua_State *L)
+{
+  X509 *peer;
+  p_ssl ssl = (p_ssl)luaL_checkudata(L, 1, "SSL:Connection");
+  peer = SSL_get_peer_certificate(ssl->ssl);
+  if (peer == NULL) {
+    /* No client certificate available */
+    lua_pushboolean(L, 0);
+    return 1;
+  } else {
+    char *buffer = NULL;
+    char length = 0;
+    BIO *bp = BIO_new(BIO_s_mem()); /* To memory */
+    i2d_X509_bio(bp, peer); /* as der */
+    if ((length = BIO_read(bp, 0, 0)) == 0) {
+      BIO_free(bp);
+      return 0;
+    }
+    if ((buffer = malloc(length)) == NULL) {
+      BIO_free(bp);
+      return 0;
+    }
+    if ((length = BIO_read(bp, buffer, length)) > length) {
+      free(buffer);
+      BIO_free(bp);
+      return 0;
+    }
+    lua_pushlstring(L, buffer, length);
+    free(buffer);
+    BIO_free(bp);
+    return 1;
+  }
+}
 /*---------------------------------------------------------------------------*/
 
 
@@ -388,6 +425,7 @@
   {"settimeout",        meth_settimeout},
   {"want",              meth_want},
   {"compression",       meth_compression},
+  {"getpeercertificate",meth_getpeercertificate},
   {NULL,                NULL}
 };