From 8e1836f57e8bcdb228dd5baadc71dfbf30b544e0 Mon Sep 17 00:00:00 2001
From: Christian Fischbach <me@cfish.de>
Date: Thu, 9 Feb 2023 00:48:17 +0100
Subject: Get common name and subject alternative names of peer certificate
 (#1617)

Co-authored-by: Christian Fischbach <cfischbach@mac.com>
---
 docs/man/nng_tls_options.5.adoc | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

(limited to 'docs/man/nng_tls_options.5.adoc')

diff --git a/docs/man/nng_tls_options.5.adoc b/docs/man/nng_tls_options.5.adoc
index e2db237f..a06a600f 100644
--- a/docs/man/nng_tls_options.5.adoc
+++ b/docs/man/nng_tls_options.5.adoc
@@ -20,12 +20,14 @@ nng_tls_options - TLS-specific options
 ----
 #include <nng/nng.h>
 
-#define NNG_OPT_TLS_AUTH_MODE     "tls-authmode"
-#define NNG_OPT_TLS_CA_FILE       "tls-ca-file"
-#define NNG_OPT_TLS_CERT_KEY_FILE "tls-cert-key-file"
-#define NNG_OPT_TLS_CONFIG        "tls-config"
-#define NNG_OPT_TLS_SERVER_NAME   "tls-server-name"
-#define NNG_OPT_TLS_VERIFIED      "tls-verified"
+#define NNG_OPT_TLS_AUTH_MODE      "tls-authmode"
+#define NNG_OPT_TLS_CA_FILE        "tls-ca-file"
+#define NNG_OPT_TLS_CERT_KEY_FILE  "tls-cert-key-file"
+#define NNG_OPT_TLS_CONFIG         "tls-config"
+#define NNG_OPT_TLS_SERVER_NAME    "tls-server-name"
+#define NNG_OPT_TLS_VERIFIED       "tls-verified"
+#define NNG_OPT_TLS_PEER_CN        "tls-peer-cn"
+#define NNG_OPT_TLS_PEER_ALT_NAMES "tls-peer-alt-names"
 ----
 
 == DESCRIPTION
@@ -91,6 +93,16 @@ This read-only option indicates whether the remote peer has been properly verifi
 authentication.
 May return incorrect results if peer authentication is disabled.
 
+[[NNG_OPT_TLS_PEER_CN]]((`NNG_OPT_TLS_PEER_CN`))::
+(string)
+This read-only option returns the common name of the peer certificate.
+May return incorrect results if peer authentication is disabled.
+
+[[NNG_OPT_TLS_PEER_ALT_NAMES]]((`NNG_OPT_TLS_PEER_ALT_NAMES`))::
+(string)
+This read-only option returns string list with the subject alternative names of the
+peer certificate. May return incorrect results if peer authentication is disabled.
+
 === Inherited Options
 
 Generally, the following option values are also available for TLS objects,
-- 
cgit v1.2.3-70-g09d2