On Thu, Oct 15, 2015 at 10:30:18PM -0400, Rob Pierce wrote:
> It looks like the subject and issuer variables are no longer used in
> report_tls() since the recent libtls api change. Also a few whitespace
You're correct. while I'm at it how's this.. (I'll hit the whitespace too
separately)
Index: netcat.c
===================================================================
RCS file: /cvs/src/usr.bin/nc/netcat.c,v
retrieving revision 1.146
diff -u -p -u -p -r1.146 netcat.c
--- netcat.c 8 Dec 2015 15:33:33 -0000 1.146
+++ netcat.c 16 Dec 2015 03:53:39 -0000
@@ -1466,7 +1466,7 @@ map_tls(char *s, int *val)
void
report_tls(struct tls * tls_ctx, char * host, char *tls_expectname)
{
- char *subject = NULL, *issuer = NULL;
+ time_t t;
fprintf(stderr, "TLS handshake negotiated %s/%s with host %s\n",
tls_conn_version(tls_ctx), tls_conn_cipher(tls_ctx), host);
fprintf(stderr, "Peer name %s\n",
@@ -1477,11 +1477,13 @@ report_tls(struct tls * tls_ctx, char *
if (tls_peer_cert_issuer(tls_ctx))
fprintf(stderr, "Issuer: %s\n",
tls_peer_cert_issuer(tls_ctx));
+ if ((t = tls_peer_cert_notbefore(tls_ctx)) != -1)
+ fprintf(stderr, "Valid From: %s", ctime(&t));
+ if ((t = tls_peer_cert_notafter(tls_ctx)) != -1)
+ fprintf(stderr, "Valid Until: %s", ctime(&t));
if (tls_peer_cert_hash(tls_ctx))
fprintf(stderr, "Cert Hash: %s\n",
tls_peer_cert_hash(tls_ctx));
- free(subject);
- free(issuer);
}
void
report_connect(const struct sockaddr *sa, socklen_t salen)