SSL_get_verify_result dup X509_V_OK =
[ drop ] [ verify-message certificate-verify-error ] if ;
-: common-name ( certificate -- host )
- X509_get_subject_name
+: x509name>string ( x509name -- string )
NID_commonName 256 <byte-array>
[ 256 X509_NAME_get_text_by_NID ] keep
swap -1 = [ drop f ] [ latin1 alien>string ] if ;
+: common-name ( certificate -- host )
+ X509_get_subject_name x509name>string ;
+
+: issuer-name ( certificate -- issuer )
+ X509_get_issuer_name x509name>string ;
+
: common-names-match? ( expected actual -- ? )
[ >lower ] bi@ "*." ?head [ tail? ] [ = ] if ;
CONSTANT: SSL_CTRL_SET_TMP_RSA_CB 4
CONSTANT: SSL_CTRL_SET_TMP_DH_CB 5
-CONSTANT: SSL_CTRL_GET_SESSION_REUSED 6
-CONSTANT: SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
-CONSTANT: SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
-CONSTANT: SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
+CONSTANT: SSL_CTRL_GET_SESSION_REUSED 6
+CONSTANT: SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
+CONSTANT: SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
+CONSTANT: SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
CONSTANT: SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
CONSTANT: SSL_CTRL_GET_FLAGS 11
CONSTANT: SSL_CTRL_EXTRA_CHAIN_CERT 12
C-TYPE: X509
FUNCTION: int X509_NAME_get_text_by_NID ( X509_NAME* name, int nid, void* buf, int len ) ;
+FUNCTION: X509_NAME* X509_get_issuer_name ( X509* a ) ;
FUNCTION: X509_NAME* X509_get_subject_name ( X509* a ) ;
! ===============================================