Improving certificate verified report

diff --git a/lib/unitls.c b/lib/unitls.c
index 5d65b0e94c5157bff5d59b21b8d020622f8d752f..1f57e6801a1ba55e1d1921b271824344ff3691c8 100644 (file)
--- a/lib/unitls.c
+++ b/lib/unitls.c
@@ -133,6 +133,7 @@ static TLSTYP *freetls(TLSTYP *tls)
 {
 if (tls!=(TLSTYP *)0) {
   tls->peerip=rou_freestr(tls->peerip);
+  tls->peername=rou_freestr(tls->peername);
   tls->locip=rou_freestr(tls->locip);
   tls->locport=rou_freestr(tls->locport);
   if (tls->ssl!=(SSL *)0) {
@@ -328,6 +329,11 @@ while (proceed==true) {
           (void) strcpy(serv,"peer-Unknown");
           }
         tls->peerip=strdup(host); 
+        mode=NI_NAMEREQD|NI_NUMERICSERV;
+        status=getnameinfo(&connip,taille,host,sizeof(host),serv,sizeof(serv),mode);
+        if (status!=0) 
+          (void) strcpy(host,"Unknown");
+        tls->peername=strdup(host); 
         }
       break;
     default     :       //SAFE Guard
@@ -406,8 +412,8 @@ while (proceed==true) {
       verif=SSL_get_verify_result(tls->ssl);
       switch (verif) {
         case X509_V_OK  :
-          (void) rou_alert(0,"Peer [%s], %s; Remote certificate is verified",
-                                 tls->peerip,cn);
+          (void) rou_alert(0,"Peer is [%s]/%s",tls->peerip,tls->peername);
+          (void) rou_alert(0,"%s; Remote certificate is verified",cn);
           break;
         default         :
           (void) rou_alert(0,"%s Remote certificate status='%d'",OPEP,verif);

diff --git a/lib/unitls.h b/lib/unitls.h
index a797e772aca3ac74f6e7e996c4020313650d9437..2292beedde9ea52dbc26088fff87855ceb9af0ff 100644 (file)
--- a/lib/unitls.h
+++ b/lib/unitls.h
@@ -19,6 +19,7 @@ typedef struct  {
         BIO *bio;       //SSL Basic IO
         int handle;     //device handle
         char *peerip;   //Remote IP number
+        char *peername; //Remote reverse address
         char *locip;    //Local IP number
         char *locport;  //local Port number
         SSL_CTX *ctx;   //SSL context