diff --git a/src/include/lib3270.h b/src/include/lib3270.h index 069554c..6113623 100644 --- a/src/include/lib3270.h +++ b/src/include/lib3270.h @@ -530,7 +530,9 @@ */ LIB3270_EXPORT const char * lib3270_get_ssl_state_description(H3270 *hSession); - LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession); + LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession); + LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession); + /** * @brief Get service or port for the connect/reconnect operations. diff --git a/src/lib3270/properties.c b/src/lib3270/properties.c index b84a59f..5eeb194 100644 --- a/src/lib3270/properties.c +++ b/src/lib3270/properties.c @@ -37,6 +37,9 @@ #include #include +#if defined(HAVE_LIBSSL) + #include +#endif static int lib3270_get_connection_state_as_int(H3270 *hSession) { @@ -634,7 +637,7 @@ LIB3270_EXPORT int lib3270_get_secure_host(H3270 *hSession) } -LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) +LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession) { #ifdef SSL_ENABLE_CRL_CHECK @@ -664,3 +667,32 @@ LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) return NULL; } + +LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession) +{ +#ifdef HAVE_LIBSSL + if(hSession->ssl.con) + { + X509 * peer = SSL_get_peer_certificate(hSession->ssl.con); + if(peer) + { + BIO * out = BIO_new(BIO_s_mem()); + unsigned char * data; + unsigned char * text; + int n; + + X509_print(out,peer); + + n = BIO_get_mem_data(out, &data); + text = (unsigned char *) lib3270_malloc(n+1); + text[n] ='\0'; + memcpy(text,data,n); + BIO_free(out); + + return (char *) text; + } + } +#endif // HAVE_LIBSSL + + return NULL; +} diff --git a/src/lib3270/ssl/ctx_init.c b/src/lib3270/ssl/ctx_init.c index 266f197..b9f53bf 100644 --- a/src/lib3270/ssl/ctx_init.c +++ b/src/lib3270/ssl/ctx_init.c @@ -135,7 +135,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message) if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) { - lib3270_autoptr(char) text = lib3270_get_crl_text(hSession); + lib3270_autoptr(char) text = lib3270_get_ssl_crl_text(hSession); if(text) trace_ssl(hSession,"\n%s\n",text); -- libgit2 0.21.2