On Thu, Oct 15, 2015 at 10:30:18PM -0400, Rob Pierce wrote: > It looks like the subject and issuer variables are no longer used in > report_tls() since the recent libtls api change. Also a few whitespace
You're correct. while I'm at it how's this.. (I'll hit the whitespace too separately) Index: netcat.c =================================================================== RCS file: /cvs/src/usr.bin/nc/netcat.c,v retrieving revision 1.146 diff -u -p -u -p -r1.146 netcat.c --- netcat.c 8 Dec 2015 15:33:33 -0000 1.146 +++ netcat.c 16 Dec 2015 03:53:39 -0000 @@ -1466,7 +1466,7 @@ map_tls(char *s, int *val) void report_tls(struct tls * tls_ctx, char * host, char *tls_expectname) { - char *subject = NULL, *issuer = NULL; + time_t t; fprintf(stderr, "TLS handshake negotiated %s/%s with host %s\n", tls_conn_version(tls_ctx), tls_conn_cipher(tls_ctx), host); fprintf(stderr, "Peer name %s\n", @@ -1477,11 +1477,13 @@ report_tls(struct tls * tls_ctx, char * if (tls_peer_cert_issuer(tls_ctx)) fprintf(stderr, "Issuer: %s\n", tls_peer_cert_issuer(tls_ctx)); + if ((t = tls_peer_cert_notbefore(tls_ctx)) != -1) + fprintf(stderr, "Valid From: %s", ctime(&t)); + if ((t = tls_peer_cert_notafter(tls_ctx)) != -1) + fprintf(stderr, "Valid Until: %s", ctime(&t)); if (tls_peer_cert_hash(tls_ctx)) fprintf(stderr, "Cert Hash: %s\n", tls_peer_cert_hash(tls_ctx)); - free(subject); - free(issuer); } void report_connect(const struct sockaddr *sa, socklen_t salen)