From 364876b7da0bd3da2112053d6b46d37fafee389f Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 26 Aug 2021 11:25:34 +0200 Subject: [PATCH] wolfSSL: Implement tls_connection_get_peer_subject() This is needed for EAP-TEAP server implementation. Signed-off-by: Juliusz Sosinowicz --- src/crypto/tls_wolfssl.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index 56f5e4669..0e62aaae4 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -94,6 +94,7 @@ struct tls_connection { WOLFSSL_X509 *peer_cert; WOLFSSL_X509 *peer_issuer; WOLFSSL_X509 *peer_issuer_issuer; + char *peer_subject; /* peer subject info for authenticated peer */ }; @@ -336,6 +337,7 @@ void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn) os_free(conn->alt_subject_match); os_free(conn->suffix_match); os_free(conn->domain_match); + os_free(conn->peer_subject); /* self */ os_free(conn); @@ -1096,6 +1098,11 @@ static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx) context->event_cb(context->cb_ctx, TLS_CERT_CHAIN_SUCCESS, NULL); + if (depth == 0 && preverify_ok) { + os_free(conn->peer_subject); + conn->peer_subject = os_strdup(buf); + } + return preverify_ok; } @@ -2100,6 +2107,14 @@ void tls_connection_remove_session(struct tls_connection *conn) } +const char * tls_connection_get_peer_subject(struct tls_connection *conn) +{ + if (conn) + return conn->peer_subject; + return NULL; +} + + void tls_connection_set_success_data(struct tls_connection *conn, struct wpabuf *data) {