From e7d8b244a9fb611c1b6233e20e9186de4541feba Mon Sep 17 00:00:00 2001
From: Přemysl Janouch <p.janouch@gmail.com>
Date: Sun, 21 Sep 2014 01:48:41 +0200
Subject: TLS transport: output some certificate information

---
 ponymap.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/ponymap.c b/ponymap.c
index 2d08d98..57aa882 100644
--- a/ponymap.c
+++ b/ponymap.c
@@ -1011,10 +1011,34 @@ transport_tls_init (struct unit *u)
 	return true;
 }
 
+static void
+transport_tls_add_certificate_info (struct unit *u, X509 *cert)
+{
+	char *subject = X509_NAME_oneline (X509_get_subject_name (cert), NULL, 0);
+	char *issuer  = X509_NAME_oneline (X509_get_issuer_name  (cert), NULL, 0);
+
+	str_vector_add_owned (&u->info, xstrdup_printf ("%s: %s",
+		"certificate subject", subject));
+	str_vector_add_owned (&u->info, xstrdup_printf ("%s: %s",
+		"certificate issuer", issuer));
+
+	free (subject);
+	free (issuer);
+}
+
 static void
 transport_tls_cleanup (struct unit *u)
 {
 	struct transport_tls_data *data = u->transport_data;
+	if (u->success)
+	{
+		X509 *cert = SSL_get_peer_certificate (data->ssl);
+		if (cert)
+		{
+			transport_tls_add_certificate_info (u, cert);
+			X509_free (cert);
+		}
+	}
 	SSL_free (data->ssl);
 	free (data);
 }
-- 
cgit v1.2.3-70-g09d2