aboutsummaryrefslogtreecommitdiffstats
path: root/istream.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--istream.c20
1 files changed, 17 insertions, 3 deletions
diff --git a/istream.c b/istream.c
index 086b826..5af392b 100644
--- a/istream.c
+++ b/istream.c
@@ -1,4 +1,4 @@
-/* $Id: istream.c,v 1.9 2001/12/26 18:46:33 ukai Exp $ */
+/* $Id: istream.c,v 1.10 2001/12/27 18:22:59 ukai Exp $ */
#include "fm.h"
#include "istream.h"
#include <signal.h>
@@ -370,9 +370,12 @@ ssl_get_certificate(InputStream stream)
{
BIO *bp;
X509 *x;
+ X509_NAME *xn;
char *p;
int len;
Str s;
+ char buf[2048];
+
if (stream == NULL)
return NULL;
if (IStype(stream) != IST_SSL)
@@ -381,13 +384,24 @@ ssl_get_certificate(InputStream stream)
return NULL;
x = SSL_get_peer_certificate(stream->ssl.handle->ssl);
if (x == NULL)
- return NULL;
+ return Strnew_charp("no peer certificate");
bp = BIO_new(BIO_s_mem());
X509_print(bp, x);
len = (int)BIO_ctrl(bp, BIO_CTRL_INFO, 0, (char *)&p);
s = ssl_certificate_validity ? Strdup(ssl_certificate_validity)
: Strnew_charp("valid certificate");
Strcat_charp(s, "\n");
+ xn = X509_get_subject_name(x);
+ if (X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf)) == -1)
+ Strcat_charp(s, " subject=<unknown>");
+ else
+ Strcat_m_charp(s, " subject=", buf, NULL);
+ xn = X509_get_issuer_name(x);
+ if (X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf)) == -1)
+ Strcat_charp(s, ": issuer=<unnown>");
+ else
+ Strcat_m_charp(s, ": issuer=", buf, NULL);
+ Strcat_charp(s, "\n\n");
Strcat_charp_n(s, p, len);
BIO_free_all(bp);
X509_free(x);
@@ -444,7 +458,7 @@ ssl_check_cert_ident(SSL * handle, char *hostname)
if (!seen_dnsname)
seen_dnsname = Strnew();
- Strcat_m_charp(seen_dnsname, sn, " ");
+ Strcat_m_charp(seen_dnsname, sn, " ", NULL);
/* Is this an exact match? */
if ((len1 == sl) && !strncasecmp(hostname, sn, len1))
break;