+ return 0;
+}
+
+int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
+{
+#if ENABLE_SSL
+ if (cs && cs->type == ssl_type)
+ {
+ struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;
+ strncpy(sp->cert_fname, fname, sizeof(sp->cert_fname)-1);
+ sp->cert_fname[sizeof(sp->cert_fname)-1] = '\0';
+ return 1;
+ }
+#endif
+ return 0;
+}
+
+int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)
+{
+#if HAVE_OPENSSL_SSL_H
+ SSL *ssl = (SSL *) cs_get_ssl(cs);
+ if (ssl)
+ {
+ X509 *server_cert = SSL_get_peer_certificate(ssl);
+ if (server_cert)
+ {
+ BIO *bio = BIO_new(BIO_s_mem());
+ char *pem_buf;
+ /* get PEM buffer in memory */
+ PEM_write_bio_X509(bio, server_cert);
+ *len = BIO_get_mem_data(bio, &pem_buf);
+ *buf = (char *) xmalloc(*len);
+ memcpy(*buf, pem_buf, *len);
+ BIO_free(bio);
+ return 1;
+ }
+ }
+#endif
+ return 0;
+}
+
+static int tcpip_put_connect(COMSTACK h, char *buf, int size)
+{
+ struct tcpip_state *state = (struct tcpip_state *)h->cprivate;
+
+ int r = tcpip_put(h, state->connect_request_buf,
+ state->connect_request_len);
+ if (r == 0)
+ {
+ /* it's sent */
+ h->f_put = tcpip_put; /* switch to normal tcpip put */
+ r = tcpip_put(h, buf, size);
+ }
+ return r;
+}
+
+static int tcpip_get_connect(COMSTACK h, char **buf, int *bufsize)
+{
+ struct tcpip_state *state = (struct tcpip_state *)h->cprivate;
+ int r;
+
+ r = tcpip_get(h, &state->connect_response_buf,
+ &state->connect_response_len);
+ if (r < 1)
+ return r;
+ /* got the connect response completely */
+ state->complete = cs_complete_auto; /* switch to normal tcpip get */
+ h->f_get = tcpip_get;
+ return tcpip_get(h, buf, bufsize);
+}
+
+
+/*
+ * Local variables:
+ * c-basic-offset: 4
+ * c-file-style: "Stroustrup"
+ * indent-tabs-mode: nil
+ * End:
+ * vim: shiftwidth=4 tabstop=8 expandtab
+ */
+