+
+#if HAVE_OPENSSL_SSL_H
+int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
+{
+ struct tcpip_state *sp;
+ if (!cs || cs->type != ssl_type)
+ return 0;
+ sp = (struct tcpip_state *) cs->cprivate;
+ if (sp->ctx_alloc)
+ return 0;
+ sp->ctx = (SSL_CTX *) ctx;
+ return 1;
+}
+
+void *cs_get_ssl(COMSTACK cs)
+{
+ struct tcpip_state *sp;
+ if (!cs || cs->type != ssl_type)
+ return 0;
+ sp = (struct tcpip_state *) cs->cprivate;
+ return sp->ssl;
+}
+
+int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
+{
+ struct tcpip_state *sp;
+ if (!cs || cs->type != ssl_type)
+ return 0;
+ sp = (struct tcpip_state *) cs->cprivate;
+ strncpy(sp->cert_fname, fname, sizeof(sp->cert_fname)-1);
+ sp->cert_fname[sizeof(sp->cert_fname)-1] = '\0';
+ return 1;
+}
+
+int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)
+{
+ SSL *ssl = (SSL *) cs_get_ssl(cs);
+ if (ssl)
+ {
+ X509 *server_cert = SSL_get_peer_certificate (ssl);
+ if (server_cert)
+ {
+ BIO *bio = BIO_new(BIO_s_mem());
+ char *pem_buf;
+ /* get PEM buffer in memory */
+ PEM_write_bio_X509(bio, server_cert);
+ *len = BIO_get_mem_data(bio, &pem_buf);
+ *buf = (char *) xmalloc(*len);
+ memcpy(*buf, pem_buf, *len);
+ BIO_free(bio);
+ return 1;
+ }
+ }
+ return 0;
+}
+#else
+int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
+{
+ return 0;
+}
+
+void *cs_get_ssl(COMSTACK cs)
+{
+ return 0;
+}
+
+int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)
+{
+ return 0;
+}
+
+int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
+{
+ return 0;
+}
+#endif
+
+/*
+ * Local variables:
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ * vim: shiftwidth=4 tabstop=8 expandtab
+ */
+