Commit ecc334123ee0e8e24c630a49efd18568d2fe6531
1 parent
ad9b3856
Exists in
master
and in
3 other branches
Adding method to get the presented peer certificate as text.
Showing
3 changed files
with
37 additions
and
3 deletions
Show diff stats
src/include/lib3270.h
| ... | ... | @@ -530,7 +530,9 @@ |
| 530 | 530 | */ |
| 531 | 531 | LIB3270_EXPORT const char * lib3270_get_ssl_state_description(H3270 *hSession); |
| 532 | 532 | |
| 533 | - LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession); | |
| 533 | + LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession); | |
| 534 | + LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession); | |
| 535 | + | |
| 534 | 536 | |
| 535 | 537 | /** |
| 536 | 538 | * @brief Get service or port for the connect/reconnect operations. | ... | ... |
src/lib3270/properties.c
| ... | ... | @@ -37,6 +37,9 @@ |
| 37 | 37 | #include <lib3270.h> |
| 38 | 38 | #include <lib3270/properties.h> |
| 39 | 39 | |
| 40 | +#if defined(HAVE_LIBSSL) | |
| 41 | + #include <openssl/ssl.h> | |
| 42 | +#endif | |
| 40 | 43 | |
| 41 | 44 | static int lib3270_get_connection_state_as_int(H3270 *hSession) |
| 42 | 45 | { |
| ... | ... | @@ -634,7 +637,7 @@ LIB3270_EXPORT int lib3270_get_secure_host(H3270 *hSession) |
| 634 | 637 | |
| 635 | 638 | } |
| 636 | 639 | |
| 637 | -LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) | |
| 640 | +LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession) | |
| 638 | 641 | { |
| 639 | 642 | #ifdef SSL_ENABLE_CRL_CHECK |
| 640 | 643 | |
| ... | ... | @@ -664,3 +667,32 @@ LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) |
| 664 | 667 | |
| 665 | 668 | return NULL; |
| 666 | 669 | } |
| 670 | + | |
| 671 | +LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession) | |
| 672 | +{ | |
| 673 | +#ifdef HAVE_LIBSSL | |
| 674 | + if(hSession->ssl.con) | |
| 675 | + { | |
| 676 | + X509 * peer = SSL_get_peer_certificate(hSession->ssl.con); | |
| 677 | + if(peer) | |
| 678 | + { | |
| 679 | + BIO * out = BIO_new(BIO_s_mem()); | |
| 680 | + unsigned char * data; | |
| 681 | + unsigned char * text; | |
| 682 | + int n; | |
| 683 | + | |
| 684 | + X509_print(out,peer); | |
| 685 | + | |
| 686 | + n = BIO_get_mem_data(out, &data); | |
| 687 | + text = (unsigned char *) lib3270_malloc(n+1); | |
| 688 | + text[n] ='\0'; | |
| 689 | + memcpy(text,data,n); | |
| 690 | + BIO_free(out); | |
| 691 | + | |
| 692 | + return (char *) text; | |
| 693 | + } | |
| 694 | + } | |
| 695 | +#endif // HAVE_LIBSSL | |
| 696 | + | |
| 697 | + return NULL; | |
| 698 | +} | ... | ... |
src/lib3270/ssl/ctx_init.c
| ... | ... | @@ -135,7 +135,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message) |
| 135 | 135 | |
| 136 | 136 | if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) |
| 137 | 137 | { |
| 138 | - lib3270_autoptr(char) text = lib3270_get_crl_text(hSession); | |
| 138 | + lib3270_autoptr(char) text = lib3270_get_ssl_crl_text(hSession); | |
| 139 | 139 | |
| 140 | 140 | if(text) |
| 141 | 141 | trace_ssl(hSession,"\n%s\n",text); | ... | ... |