diff options
| author | Simon Josefsson <simon@josefsson.org> | 2007-02-12 10:50:06 +0000 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2007-02-12 10:50:06 +0000 |
| commit | 395ea1ba69bf24728be9fea547b2c2fc92530515 (patch) | |
| tree | 36aee49a7c49e51e641a3c6c98258c1e873c586b | |
| parent | 2d0acefed8b18a4f683bc3707c5b95ea344898bd (diff) | |
| download | gnutls-395ea1ba69bf24728be9fea547b2c2fc92530515.tar.gz | |
Print X.509 client cert info.
| -rw-r--r-- | src/serv.c | 57 |
1 files changed, 54 insertions, 3 deletions
diff --git a/src/serv.c b/src/serv.c index e84d0f7fda..97c056389c 100644 --- a/src/serv.c +++ b/src/serv.c @@ -421,6 +421,8 @@ initialize_session (void) return session; } +#include <gnutls/x509.h> + static const char DEFAULT_DATA[] = "This is the default message reported by the GnuTLS implementation. " "For more information please visit " @@ -435,13 +437,17 @@ peer_print_info (gnutls_session session, int *ret_length, const char *header) const char *tmp; unsigned char sesid[32]; size_t i, sesid_size; - char *http_buffer = malloc (5 * 1024 + strlen (header)); + char *http_buffer; gnutls_kx_algorithm kx_alg; + size_t len = 5 * 1024 + strlen (header); + char *crtinfo = NULL; + size_t ncrtinfo = 0; - if (http_buffer == NULL) - return NULL; if (verbose != 0) { + http_buffer = malloc (len); + if (http_buffer == NULL) + return NULL; strcpy (http_buffer, HTTP_BEGIN); strcpy (&http_buffer[sizeof (HTTP_BEGIN) - 1], DEFAULT_DATA); @@ -453,6 +459,44 @@ peer_print_info (gnutls_session session, int *ret_length, const char *header) } + if (gnutls_certificate_type_get (session) == GNUTLS_CRT_X509) + { + const gnutls_datum_t *cert_list; + unsigned int cert_list_size = 0; + size_t i; + + cert_list = gnutls_certificate_get_peers (session, &cert_list_size); + + for (i = 0; i < cert_list_size; i++) + { + gnutls_x509_crt_t cert; + gnutls_datum_t info; + + if (gnutls_x509_crt_init (&cert) == 0 && + gnutls_x509_crt_import (cert, &cert_list[i], + GNUTLS_X509_FMT_DER) == 0 && + gnutls_x509_crt_print (cert, GNUTLS_X509_CRT_FULL, &info) == 0) + { + const char *post = "</PRE><P><PRE>"; + + crtinfo = realloc (crtinfo, ncrtinfo + info.size + + strlen (post) + 1); + if (crtinfo == NULL) + return NULL; + memcpy (crtinfo + ncrtinfo, info.data, info.size); + ncrtinfo += info.size; + memcpy (crtinfo + ncrtinfo, post, strlen (post)); + ncrtinfo += strlen (post); + crtinfo[ncrtinfo] = '\0'; + gnutls_free (info.data); + } + } + } + + http_buffer = malloc (len); + if (http_buffer == NULL) + return NULL; + strcpy (http_buffer, HTTP_BEGIN); /* print session_id */ @@ -563,6 +607,13 @@ peer_print_info (gnutls_session session, int *ret_length, const char *header) sprintf (tmp2, "<TR><TD>Ciphersuite</TD><TD>%s</TD></TR></p></TABLE>\n", tmp); + if (crtinfo) + { + strcat (http_buffer, "<hr><PRE>"); + strcat (http_buffer, crtinfo); + strcat (http_buffer, "\n</PRE>\n"); + } + strcat (http_buffer, "<hr><P>Your HTTP header was:<PRE>"); strcat (http_buffer, header); strcat (http_buffer, "</PRE></P>"); |