]> git.netwichtig.de Git - user/henk/code/exim.git/blobdiff - src/src/tlscert-openssl.c
projects / user / henk / code / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SRS: fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS
[user/henk/code/exim.git] / src / src / tlscert-openssl.c
diff --git a/src/src/tlscert-openssl.c b/src/src/tlscert-openssl.c
index 19db0408f37acfd675931846ea7b0ac26c01fd1c..4d45ad9f91b7dd127fcba16085fadf3075bac9fd 100644 (file)
--- a/src/src/tlscert-openssl.c
+++ b/src/src/tlscert-openssl.c
@@ -241,9 +241,9 @@ BIO * bp = BIO_new(BIO_s_mem());
 if (!bp) return badalloc();
 
 if (X509_print_ex(bp, (X509 *)cert, 0,
-  X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL | 
-  X509_FLAG_NO_SIGNAME | X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY | 
-  X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS | 
+  X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
+  X509_FLAG_NO_SIGNAME | X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
+  X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
   /* X509_FLAG_NO_SIGDUMP is the missing one */
   X509_FLAG_NO_AUX) == 1)
   {
@@ -267,10 +267,10 @@ BIO * bp = BIO_new(BIO_s_mem());
 if (!bp) return badalloc();
 
 if (X509_print_ex(bp, (X509 *)cert, 0,
-  X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL | 
+  X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
   /* X509_FLAG_NO_SIGNAME is the missing one */
-  X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY | 
-  X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS | 
+  X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
+  X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
   X509_FLAG_NO_SIGDUMP | X509_FLAG_NO_AUX) == 1)
   {
   long len = BIO_get_mem_data(bp, &cp);
@@ -464,6 +464,26 @@ return list;
 /*****************************************************
 *  Certificate operator routines
 *****************************************************/
+uschar *
+tls_cert_der_b64(void * cert)
+{
+BIO * bp = BIO_new(BIO_s_mem());
+uschar * cp = NULL;
+
+if (!i2d_X509_bio(bp, (X509 *)cert))
+  log_write(0, LOG_MAIN, "TLS error in certificate export: %s",
+    ERR_error_string(ERR_get_error(), NULL));
+else
+  {
+  long len = BIO_get_mem_data(bp, &cp);
+  cp = b64encode(cp, (int)len);
+  }
+
+BIO_free(bp);
+return cp;
+}
+
+
 static uschar *
 fingerprint(X509 * cert, const EVP_MD * fdig)
 {
@@ -482,19 +502,19 @@ for (j = 0; j < (int)n; j++) sprintf(CS cp+2*j, "%02X", md[j]);
 return(cp);
 }
 
-uschar * 
+uschar *
 tls_cert_fprt_md5(void * cert)
 {
 return fingerprint((X509 *)cert, EVP_md5());
 }
 
-uschar * 
+uschar *
 tls_cert_fprt_sha1(void * cert)
 {
 return fingerprint((X509 *)cert, EVP_sha1());
 }
 
-uschar * 
+uschar *
 tls_cert_fprt_sha256(void * cert)
 {
 return fingerprint((X509 *)cert, EVP_sha256());