Add prototypes for functions to check whether the peer certificate is

valid (if it is present); and to get a public key from a peer
certificate (in order to identify the peer).

svn:r436

diff --git a/src/common/tortls.h b/src/common/tortls.h
index 93a65daa6d7b0464106c4370d3086a2f4bb61c57..295d1502c3531246a5ffebc41946ca00077fee4d 100644 (file)
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -20,15 +20,11 @@ int tor_tls_write_certificate(char *certfile, crypto_pk_env_t *rsa, char *nickna
 int tor_tls_context_new(char *certfile, crypto_pk_env_t *rsa, int isServer);
 tor_tls *tor_tls_new(int sock, int isServer);
 void tor_tls_free(tor_tls *tls);
+int tor_tls_peer_is_valid(tor_tls *tls);
+crypto_pk_env_t *tor_tls_get_peer_pk(tor_tls *tls);
 int tor_tls_read(tor_tls *tls, char *cp, int len);
 int tor_tls_write(tor_tls *tls, char *cp, int n);
 int tor_tls_handshake(tor_tls *tls);
-/* XXXX we need a function to check for validated, verified peer certs. */
-/* XXXX i would also very much like a function to tell me who i just
- * handshaked with. maybe a nickname, and from there i can look
- * up a router entry? and maybe one day a function to make sure the cert
- * doesn't disagree too much with the router entry.
- */
 int tor_tls_shutdown(tor_tls *tls);
 
 #endif