Loading lib/ssluse.c +54 −0 Original line number Diff line number Diff line Loading @@ -472,6 +472,53 @@ static int Store_SSL_Session(struct connectdata *conn) return 0; } static int Curl_ASN1_UTCTIME_output(struct connectdata *conn, const char *prefix, ASN1_UTCTIME *tm) { char *asn1_string; int gmt=FALSE; int i; int year=0,month=0,day=0,hour=0,minute=0,second=0; struct SessionHandle *data = conn->data; if(!data->set.verbose) return 0; i=tm->length; asn1_string=(char *)tm->data; if (i < 10) return 1; if (asn1_string[i-1] == 'Z') gmt=TRUE; for (i=0; i<10; i++) if ((asn1_string[i] > '9') || (asn1_string[i] < '0')) return 2; year= (asn1_string[0]-'0')*10+(asn1_string[1]-'0'); if (year < 50) year+=100; month= (asn1_string[2]-'0')*10+(asn1_string[3]-'0'); if ((month > 12) || (month < 1)) return 3; day= (asn1_string[4]-'0')*10+(asn1_string[5]-'0'); hour= (asn1_string[6]-'0')*10+(asn1_string[7]-'0'); minute= (asn1_string[8]-'0')*10+(asn1_string[9]-'0'); if ( (asn1_string[10] >= '0') && (asn1_string[10] <= '9') && (asn1_string[11] >= '0') && (asn1_string[11] <= '9')) second= (asn1_string[10]-'0')*10+(asn1_string[11]-'0'); infof(data, "%s%04d-%02d-%02d %02d:%02d:%02d %s\n", prefix, year+1900, month, day, hour, minute, second, (gmt?"GMT":"")); return 0; } #endif /* ====================================================== */ Loading @@ -486,6 +533,7 @@ Curl_SSLConnect(struct connectdata *conn) char * str; SSL_METHOD *req_method; SSL_SESSION *ssl_sessionid=NULL; ASN1_TIME *certdate; /* mark this is being ssl enabled from here on out. */ conn->ssl.use = TRUE; Loading Loading @@ -596,6 +644,12 @@ Curl_SSLConnect(struct connectdata *conn) infof(data, "\t subject: %s\n", str); CRYPTO_free(str); certdate = X509_get_notBefore(conn->ssl.server_cert); Curl_ASN1_UTCTIME_output(conn, "\t start date: ", certdate); certdate = X509_get_notAfter(conn->ssl.server_cert); Curl_ASN1_UTCTIME_output(conn, "\t expire date: ", certdate); if (data->set.ssl.verifyhost) { char peer_CN[257]; if (X509_NAME_get_text_by_NID(X509_get_subject_name(conn->ssl.server_cert), NID_commonName, peer_CN, sizeof(peer_CN)) < 0) { Loading Loading
lib/ssluse.c +54 −0 Original line number Diff line number Diff line Loading @@ -472,6 +472,53 @@ static int Store_SSL_Session(struct connectdata *conn) return 0; } static int Curl_ASN1_UTCTIME_output(struct connectdata *conn, const char *prefix, ASN1_UTCTIME *tm) { char *asn1_string; int gmt=FALSE; int i; int year=0,month=0,day=0,hour=0,minute=0,second=0; struct SessionHandle *data = conn->data; if(!data->set.verbose) return 0; i=tm->length; asn1_string=(char *)tm->data; if (i < 10) return 1; if (asn1_string[i-1] == 'Z') gmt=TRUE; for (i=0; i<10; i++) if ((asn1_string[i] > '9') || (asn1_string[i] < '0')) return 2; year= (asn1_string[0]-'0')*10+(asn1_string[1]-'0'); if (year < 50) year+=100; month= (asn1_string[2]-'0')*10+(asn1_string[3]-'0'); if ((month > 12) || (month < 1)) return 3; day= (asn1_string[4]-'0')*10+(asn1_string[5]-'0'); hour= (asn1_string[6]-'0')*10+(asn1_string[7]-'0'); minute= (asn1_string[8]-'0')*10+(asn1_string[9]-'0'); if ( (asn1_string[10] >= '0') && (asn1_string[10] <= '9') && (asn1_string[11] >= '0') && (asn1_string[11] <= '9')) second= (asn1_string[10]-'0')*10+(asn1_string[11]-'0'); infof(data, "%s%04d-%02d-%02d %02d:%02d:%02d %s\n", prefix, year+1900, month, day, hour, minute, second, (gmt?"GMT":"")); return 0; } #endif /* ====================================================== */ Loading @@ -486,6 +533,7 @@ Curl_SSLConnect(struct connectdata *conn) char * str; SSL_METHOD *req_method; SSL_SESSION *ssl_sessionid=NULL; ASN1_TIME *certdate; /* mark this is being ssl enabled from here on out. */ conn->ssl.use = TRUE; Loading Loading @@ -596,6 +644,12 @@ Curl_SSLConnect(struct connectdata *conn) infof(data, "\t subject: %s\n", str); CRYPTO_free(str); certdate = X509_get_notBefore(conn->ssl.server_cert); Curl_ASN1_UTCTIME_output(conn, "\t start date: ", certdate); certdate = X509_get_notAfter(conn->ssl.server_cert); Curl_ASN1_UTCTIME_output(conn, "\t expire date: ", certdate); if (data->set.ssl.verifyhost) { char peer_CN[257]; if (X509_NAME_get_text_by_NID(X509_get_subject_name(conn->ssl.server_cert), NID_commonName, peer_CN, sizeof(peer_CN)) < 0) { Loading
