diff options
author | Michael Bridgen <mikeb@rabbitmq.com> | 2012-05-15 15:01:03 +0100 |
---|---|---|
committer | Michael Bridgen <mikeb@rabbitmq.com> | 2012-05-15 15:01:03 +0100 |
commit | 8ef7cb50c31f1c5122256934eed0b3050efa87c7 (patch) | |
tree | 5994f5983f6178cdd62a0342cc90f450e40be957 | |
parent | acc7cf59caeb23f18daae9f633ffdf491d3c7b74 (diff) | |
download | rabbitmq-server-bug24831.tar.gz |
Flatten API for getting the SSL peer namebug24831
-rw-r--r-- | src/rabbit_ssl.erl | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/src/rabbit_ssl.erl b/src/rabbit_ssl.erl index fd5fec39..1851a0a1 100644 --- a/src/rabbit_ssl.erl +++ b/src/rabbit_ssl.erl @@ -21,7 +21,7 @@ -include_lib("public_key/include/public_key.hrl"). -export([peer_cert_issuer/1, peer_cert_subject/1, peer_cert_validity/1]). --export([peer_cert_subject_items/2, peer_cert_auth_name/2]). +-export([peer_cert_subject_items/2, peer_cert_auth_name/1]). %%-------------------------------------------------------------------------- @@ -36,8 +36,8 @@ -spec(peer_cert_validity/1 :: (certificate()) -> string()). -spec(peer_cert_subject_items/2 :: (certificate(), tuple()) -> [string()] | 'not_found'). --spec(peer_cert_auth_name/2 :: - (certificate(), #ssl_socket{}) -> binary() | 'not_found' | 'unsafe'). +-spec(peer_cert_auth_name/1 :: + (rabbit_net:socket()) -> binary() | 'nossl' | 'no_peercert' | 'not_found' | 'unsafe'). -endif. @@ -79,9 +79,18 @@ peer_cert_validity(Cert) -> end, Cert). %% Extract a username from the certificate -peer_cert_auth_name(Cert, Sock = #ssl_socket{}) -> - {ok, Mode} = application:get_env(rabbit, ssl_cert_login_from), - peer_cert_auth_name(Mode, Cert, Sock). +peer_cert_auth_name(Sock = #ssl_socket{}) -> + case rabbit_net:peercert(Sock) of + {ok, Cert} -> + {ok, Mode} = application:get_env(rabbit, ssl_cert_login_from), + peer_cert_auth_name(Mode, Cert, Sock); + {error, no_peercert} -> + no_peercert; + nossl -> + nossl + end; +peer_cert_auth_name(_Sock) -> + nossl. peer_cert_auth_name(distinguished_name, Cert, Sock) -> case auth_config_sane(Sock) of |