Add dumping of alt name to the GnuTLS version.

author: Sam Varshavchik 2019-02-03 17:12:49 -0500
committer: Sam Varshavchik 2019-02-03 17:12:49 -0500
commit: 6ec22ca5750d5f6936c558491776fc7532b2b759 (patch)
tree: 36ab6b5090a7d1756a5a999475f63a7c6955738c /tcpd
parent: 7dab8cfd4e751ff4f8d505bc4a5f6b4ec157406a (diff)
download: courier-libs-6ec22ca5750d5f6936c558491776fc7532b2b759.tar.bz2
1 files changed, 25 insertions, 0 deletions
diff --git a/tcpd/libcouriergnutls.c b/tcpd/libcouriergnutls.c
index 5a9ff63..6bc35e7 100644
--- a/tcpd/libcouriergnutls.c
+++ b/tcpd/libcouriergnutls.c
@@ -1874,6 +1874,8 @@ static void tls_dump_connection_info_x509(ssl_handle ssl,
 		{
 			time_t notbefore;
 			time_t notafter;
+			char buffer[256];
+			unsigned j;
 
 			(*dump_func)("Subject:\n", -1, dump_arg);
 
@@ -1883,6 +1885,29 @@ static void tls_dump_connection_info_x509(ssl_handle ssl,
 				dump_func, dump_arg);
 			(*dump_func)("\n", 1, dump_arg);
 
+			for (j=0; ; ++j)
+			{
+				size_t s=sizeof(buffer);
+				enum gnutls_x509_subject_alt_name_t t;
+
+				t=gnutls_x509_crt_get_subject_alt_name
+					(cert[i], j, buffer, &s, 0);
+
+				if (t == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+					break;
+
+				if (t != GNUTLS_SAN_DNSNAME)
+					continue;
+
+				if (s == sizeof(buffer))
+					--s; /* The API is not clear */
+
+				buffer[s]=0;
+				(*dump_func)("Subject-Alt-Name-DNS: ", -1,
+					     dump_arg);
+				(*dump_func)(buffer, -1, dump_arg);
+				(*dump_func)("\n", -1, dump_arg);
+			}
 
 #if 0
 			(*dump_func)("Issuer:\n", -1, dump_arg);
author	Sam Varshavchik	2019-02-03 17:12:49 -0500
committer	Sam Varshavchik	2019-02-03 17:12:49 -0500
commit	6ec22ca5750d5f6936c558491776fc7532b2b759 (patch)
tree	36ab6b5090a7d1756a5a999475f63a7c6955738c /tcpd
parent	7dab8cfd4e751ff4f8d505bc4a5f6b4ec157406a (diff)
download	courier-libs-6ec22ca5750d5f6936c558491776fc7532b2b759.tar.bz2