2000-09-21 00:55:26 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
SSL_get_peer_cert_chain - get the X509 certificate chain of the peer
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
2014-04-13 21:10:17 +08:00
|
|
|
STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
|
2000-09-21 00:55:26 +08:00
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
2014-04-13 21:10:17 +08:00
|
|
|
SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates
|
2000-09-21 00:55:26 +08:00
|
|
|
forming the certificate chain of the peer. If called on the client side,
|
|
|
|
the stack also contains the peer's certificate; if called on the server
|
2001-02-16 10:09:53 +08:00
|
|
|
side, the peer's certificate must be obtained separately using
|
2000-09-21 00:55:26 +08:00
|
|
|
L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
|
|
|
|
If the peer did not present a certificate, NULL is returned.
|
|
|
|
|
|
|
|
=head1 NOTES
|
|
|
|
|
|
|
|
The peer certificate chain is not necessarily available after reusing
|
|
|
|
a session, in which case a NULL pointer is returned.
|
|
|
|
|
2014-04-13 21:10:17 +08:00
|
|
|
The reference count of the STACK_OF(X509) object is not incremented.
|
2000-09-21 00:55:26 +08:00
|
|
|
If the corresponding session is freed, the pointer must not be used
|
|
|
|
any longer.
|
|
|
|
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
The following return values can occur:
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
=item NULL
|
|
|
|
|
|
|
|
No certificate was presented by the peer or no connection was established
|
|
|
|
or the certificate chain is no longer available when a session is reused.
|
|
|
|
|
2014-04-13 21:10:17 +08:00
|
|
|
=item Pointer to a STACK_OF(X509)
|
2000-09-21 00:55:26 +08:00
|
|
|
|
|
|
|
The return value points to the certificate chain presented by the peer.
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
L<ssl(3)|ssl(3)>, L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>
|
|
|
|
|
|
|
|
=cut
|