Get common name and subject alternative names of peer certificate (#1617)

Co-authored-by: Christian Fischbach <cfischbach@mac.com>

1 files changed, 41 insertions, 1 deletions

diff --git a/src/supplemental/tls/tls_common.c b/src/supplemental/tls/tls_common.c
index 357c8411..d05a289d 100644
--- a/src/supplemental/tls/tls_common.c
+++ b/src/supplemental/tls/tls_common.c
@@ -756,12 +756,52 @@ tls_get_verified(void *arg, void *buf, size_t *szp, nni_type t)
 	return (nni_copyout_bool(v, buf, szp, t));
 }
 
+static int
+tls_get_peer_cn(void *arg, void *buf, size_t *szp, nni_type t)
+{
+	NNI_ARG_UNUSED(szp);
+
+	if (t != NNI_TYPE_STRING) {
+		return (NNG_EBADTYPE);
+	}
+
+	tls_conn *conn = arg;
+	nni_mtx_lock(&conn->lock);
+	*(char **) buf = conn->ops.peer_cn((void *) (conn + 1));
+	nni_mtx_unlock(&conn->lock);
+	return (0);
+}
+
+static int
+tls_get_peer_alt_names(void *arg, void *buf, size_t *szp, nni_type t)
+{
+	NNI_ARG_UNUSED(szp);
+
+	if (t != NNI_TYPE_POINTER) {
+		return (NNG_EBADTYPE);
+	}
+
+	tls_conn *conn = arg;
+	nni_mtx_lock(&conn->lock);
+	*(char ***) buf = conn->ops.peer_alt_names((void *) (conn + 1));
+	nni_mtx_unlock(&conn->lock);
+	return (0);
+}
+
 static const nni_option tls_options[] = {
 	{
 	    .o_name = NNG_OPT_TLS_VERIFIED,
 	    .o_get  = tls_get_verified,
 	},
 	{
+	    .o_name = NNG_OPT_TLS_PEER_CN,
+	    .o_get  = tls_get_peer_cn,
+	},
+	{
+	    .o_name = NNG_OPT_TLS_PEER_ALT_NAMES,
+	    .o_get  = tls_get_peer_alt_names,
+	},
+	{
 	    .o_name = NULL,
 	},
 };
@@ -1680,4 +1720,4 @@ nni_tls_sys_fini(void)
 {
 }
 
-#endif // !NNG_SUPP_TLS
\ No newline at end of file
+#endif // !NNG_SUPP_TLS