diff options
author | Jeremy Lainé <jeremy.laine@m4x.org> | 2018-05-16 19:44:19 +0200 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-05-16 13:44:19 -0400 |
commit | 460a19d45425218c34dcb7d6fde478f80a987fea (patch) | |
tree | 27a774b3666b094b1677aee76539342a6ca1f5e2 /src/OpenSSL/SSL.py | |
parent | e7f334583541e1de98614e76a65b7d04e7be4979 (diff) | |
download | pyopenssl-460a19d45425218c34dcb7d6fde478f80a987fea.tar.gz |
Add Connection.get_certificate method (#733)
This makes it possible to retrieve the local certificate (if any)
for a Connection.
An example where this is useful is when negotiating a DTLS-SRTP
connection, the fingerprint of the local certificate needs to be
communicated to the remote party out-of-band via SDP.
Diffstat (limited to 'src/OpenSSL/SSL.py')
-rw-r--r-- | src/OpenSSL/SSL.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py index 4c708ba..e3eddae 100644 --- a/src/OpenSSL/SSL.py +++ b/src/OpenSSL/SSL.py @@ -2176,6 +2176,18 @@ class Connection(object): """ return self._socket.shutdown(*args, **kwargs) + def get_certificate(self): + """ + Retrieve the local certificate (if any) + + :return: The local certificate + """ + cert = _lib.SSL_get_certificate(self._ssl) + if cert != _ffi.NULL: + _lib.X509_up_ref(cert) + return X509._from_raw_x509_ptr(cert) + return None + def get_peer_certificate(self): """ Retrieve the other side's certificate (if any) |