/* * Dump information on a certificate to the debug log. */ static void pxy_debug_crt(X509 *crt) { char *sj = ssl_x509_subject(crt); if (sj) { log_dbg_printf("Subject DN: %s\n", sj); free(sj); } char *names = ssl_x509_names_to_str(crt); if (names) { log_dbg_printf("Common Names: %s\n", names); free(names); } unsigned char fpr[SSL_X509_FPRSZ]; if (ssl_x509_fingerprint_sha1(crt, fpr) == -1) { log_err_printf("Warning: Error generating X509 fingerprint\n"); } else { log_dbg_printf("Fingerprint: " "%02x:%02x:%02x:%02x:" "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:" "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n", fpr[0], fpr[1], fpr[2], fpr[3], fpr[4], fpr[5], fpr[6], fpr[7], fpr[8], fpr[9], fpr[10], fpr[11], fpr[12], fpr[13], fpr[14], fpr[15], fpr[16], fpr[17], fpr[18], fpr[19]); } #ifdef DEBUG_CERTIFICATE /* dump certificate */ log_dbg_print_free(ssl_x509_to_str(crt)); log_dbg_print_free(ssl_x509_to_pem(crt)); #endif /* DEBUG_CERTIFICATE */ }
END_TEST START_TEST(ssl_x509_names_to_str_02) { X509 *c; char *names; c = ssl_x509_load(TESTCERT2); fail_unless(!!c, "loading certificate failed"); names = ssl_x509_names_to_str(c); fail_unless(!!names, "no string"); fail_unless(!strcmp(names, "SSLsplit Root CA"), "wrong name string"); X509_free(c); }
END_TEST START_TEST(ssl_x509_names_to_str_01) { X509 *c; char *names; c = ssl_x509_load(TESTCERT); fail_unless(!!c, "loading certificate failed"); names = ssl_x509_names_to_str(c); fail_unless(!!names, "no string"); fail_unless(!strcmp(names, "daniel.roe.ch/daniel.roe.ch/www.roe.ch/*.roe.ch"), "wrong name string"); X509_free(c); }