diff options
Diffstat (limited to 'src/libtls/tls_peer.c')
| -rw-r--r-- | src/libtls/tls_peer.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index 622df4035..b429da300 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -665,6 +665,8 @@ METHOD(tls_handshake_t, process, status_t, { return process_certreq(this, reader); } + /* no cert request, server does not want to authenticate us */ + DESTROY_IF(this->peer); this->peer = NULL; /* fall through since TLS_CERTIFICATE_REQUEST is optional */ case STATE_CERTREQ_RECEIVED: @@ -850,6 +852,7 @@ static status_t send_certificate(private_tls_peer_t *this, { DBG1(DBG_TLS, "no TLS peer certificate found for '%Y', " "skipping client authentication", this->peer); + this->peer->destroy(this->peer); this->peer = NULL; } @@ -1132,11 +1135,25 @@ METHOD(tls_handshake_t, finished, bool, return this->state == STATE_FINISHED_RECEIVED; } +METHOD(tls_handshake_t, get_peer_id, identification_t*, + private_tls_peer_t *this) +{ + return this->peer; +} + +METHOD(tls_handshake_t, get_server_id, identification_t*, + private_tls_peer_t *this) +{ + return this->server; +} + METHOD(tls_handshake_t, destroy, void, private_tls_peer_t *this) { DESTROY_IF(this->private); DESTROY_IF(this->dh); + DESTROY_IF(this->peer); + this->server->destroy(this->server); this->peer_auth->destroy(this->peer_auth); this->server_auth->destroy(this->server_auth); free(this->hashsig.ptr); @@ -1161,6 +1178,8 @@ tls_peer_t *tls_peer_create(tls_t *tls, tls_crypto_t *crypto, tls_alert_t *alert .cipherspec_changed = _cipherspec_changed, .change_cipherspec = _change_cipherspec, .finished = _finished, + .get_peer_id = _get_peer_id, + .get_server_id = _get_server_id, .destroy = _destroy, }, }, @@ -1168,8 +1187,8 @@ tls_peer_t *tls_peer_create(tls_t *tls, tls_crypto_t *crypto, tls_alert_t *alert .tls = tls, .crypto = crypto, .alert = alert, - .peer = peer, - .server = server, + .peer = peer ? peer->clone(peer) : NULL, + .server = server->clone(server), .peer_auth = auth_cfg_create(), .server_auth = auth_cfg_create(), ); |