From 4cf65783f1c6b21cfe2fbbf29c6cc322613e6711 Mon Sep 17 00:00:00 2001
From: perry.werneck@gmail.com <perry.werneck@gmail.com@d25448e0-c022-0410-b998-a785f7053de0>
Date: Tue, 8 Jan 2013 10:37:55 +0000
Subject: [PATCH] Incluindo dump do certificado no trace de comunicação para facilitar o debug de SSL

---
 src/lib3270/telnet.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+), 0 deletions(-)

diff --git a/src/lib3270/telnet.c b/src/lib3270/telnet.c
index 1b1abf0..abec4b3 100644
--- a/src/lib3270/telnet.c
+++ b/src/lib3270/telnet.c
@@ -776,6 +776,7 @@ static void ssl_negotiate(H3270 *hSession)
 		char				  buffer[4096];
 		int 				  alg_bits		= 0;
 		const SSL_CIPHER	* cipher		= SSL_get_current_cipher(hSession->ssl_con);
+		X509				* peer			= SSL_get_peer_certificate(hSession->ssl_con);
 
 		trace_dsn(hSession,"TLS/SSL negotiated connection complete. Connection is now secure.\n");
 
@@ -786,6 +787,28 @@ static void ssl_negotiate(H3270 *hSession)
 						SSL_CIPHER_get_version(cipher),
 						alg_bits,
 						SSL_get_verify_result(hSession->ssl_con));
+
+		if(peer)
+		{
+			BIO				* out	= BIO_new(BIO_s_mem());
+			unsigned char	* data;
+			unsigned char	* text;
+			int				  n;
+
+			X509_print(out,peer);
+
+			n		= BIO_get_mem_data(out, &data);
+			text	= (unsigned char *) malloc (n+1);
+			text[n]	='\0';
+			memcpy(text,data,n);
+
+			trace_dsn(hSession,"TLS/SSL peer certificate:\n%s\n",text);
+
+			free(text);
+			BIO_free(out);
+			X509_free(peer);
+
+		}
 	}
 
 	if(!SSL_get_verify_result(hSession->ssl_con))
--
libgit2 0.21.2