mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: ssl/cli: 'show ssl cert' displays the chain

Browse Source 
Display the subject of each certificate contained in the chain in the
output of "show ssl cert <filename>".
Each subjects are on a unique line prefixed by "Chain: "

Example:

Chain: /C=FR/ST=Paris/O=HAProxy Test Intermediate CA 2/CN=ca2.haproxy.local
Chain: /C=FR/ST=Paris/O=HAProxy Test Intermediate CA 1/CN=ca1.haproxy.local
This commit is contained in:
William Lallemand 2020-02-25 11:56:32 +01:00 committed by William Lallemand
parent 3380a4efd0
commit 35f4a9dd8c
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/ssl_sock.c
View File

@ -10641,6 +10641,7 @@ static int cli_io_handler_show_cert_detail(struct appctx *appctx)
unsigned int len = 0;
int write = -1;
BIO *bio = NULL;
int i;
if (!tmp || !out)
goto end;
@ -10714,10 +10715,23 @@ static int cli_io_handler_show_cert_detail(struct appctx *appctx)
chunk_appendf(out, "SHA1 FingerPrint: ");
if (X509_digest(ckchs->ckch->cert, EVP_sha1(), (unsigned char *) tmp->area, &len) == 0)
goto end;
tmp->data = len;
dump_binary(out, tmp->area, tmp->data);
chunk_appendf(out, "\n");
/* Displays subject of each certificate in the chain */
for (i = 0; i < sk_X509_num(ckchs->ckch->chain); i++) {
X509 *ca = sk_X509_value(ckchs->ckch->chain, i);
chunk_appendf(out, "Chain: ");
if ((name = X509_get_subject_name(ca)) == NULL)
goto end;
if ((ssl_sock_get_dn_oneline(name, tmp)) == -1)
goto end;
*(tmp->area + tmp->data) = '\0';
chunk_appendf(out, "%s\n", tmp->area);
}
}
if (ci_putchk(si_ic(si), out) == -1) {