add docs for openssl additions

collects/openssl/mzssl.rkt

@@ -148,8 +148,6 @@
   (define-ssl SSL_get_verify_result (_SSL* -> _long))
   (define-ssl SSL_get_peer_certificate (_SSL* -> _X509*))
   
-  
-  
   (define-crypto X509_get_subject_name ( _X509* -> _X509_NAME*))
   (define-crypto X509_get_issuer_name ( _X509* -> _X509_NAME*))
   (define-crypto X509_NAME_oneline (_X509_NAME* _bytes _int -> _bytes))

collects/openssl/openssl.scrbl

@@ -363,6 +363,28 @@ You can use the file @filepath{test.pem} of the @filepath{openssl}
 collection for testing purposes where the peer identifies itself using
 @filepath{test.pem}.}
 
+@; ----------------------------------------------------------------------
+@section[#:tag "peer-verif"]{Peer Verification}
+
+@defproc[(ssl-peer-verified? [p ssl-port?]) boolean?]{
+
+Returns @racket[#t] if the peer of SSL port @racket[p] has presented a
+valid and verified certificate, @racket[#f] otherwise.}
+
+@defproc[(ssl-peer-subject-name [p ssl-port?]) (or/c bytes? #f)]{
+
+If @racket[ssl-peer-verified?] would return @racket[#t] for
+@racket[p], the result is a byte string for the subject field of
+the certificate presented by the SSL port's peer, otherwise the result
+is @racket[#f].}
+
+@defproc[(ssl-peer-issuer-name [p ssl-port?]) (or/c bytes? #f)]{
+
+If @racket[ssl-peer-verified?] would return @racket[#t] for
+@racket[p], the result is a byte string for the issuer field of
+the certificate presented by the SSL port's peer, otherwise the result
+is @racket[#f].}
+
 @; ----------------------------------------------------------------------
 
 @section{SHA-1 Hashing}