From 128e566656de82fd2fff9fc4b65f3fb5f0b7d426 Mon Sep 17 00:00:00 2001 From: "Jean-Marc Pigeon (Delson)" Date: Mon, 5 May 2025 07:29:10 -0400 Subject: [PATCH] Improving certificate verified report --- lib/unitls.c | 10 ++++++++-- lib/unitls.h | 1 + 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/unitls.c b/lib/unitls.c index 5d65b0e..1f57e68 100644 --- a/lib/unitls.c +++ b/lib/unitls.c @@ -133,6 +133,7 @@ static TLSTYP *freetls(TLSTYP *tls) { if (tls!=(TLSTYP *)0) { tls->peerip=rou_freestr(tls->peerip); + tls->peername=rou_freestr(tls->peername); tls->locip=rou_freestr(tls->locip); tls->locport=rou_freestr(tls->locport); if (tls->ssl!=(SSL *)0) { @@ -328,6 +329,11 @@ while (proceed==true) { (void) strcpy(serv,"peer-Unknown"); } tls->peerip=strdup(host); + mode=NI_NAMEREQD|NI_NUMERICSERV; + status=getnameinfo(&connip,taille,host,sizeof(host),serv,sizeof(serv),mode); + if (status!=0) + (void) strcpy(host,"Unknown"); + tls->peername=strdup(host); } break; default : //SAFE Guard @@ -406,8 +412,8 @@ while (proceed==true) { verif=SSL_get_verify_result(tls->ssl); switch (verif) { case X509_V_OK : - (void) rou_alert(0,"Peer [%s], %s; Remote certificate is verified", - tls->peerip,cn); + (void) rou_alert(0,"Peer is [%s]/%s",tls->peerip,tls->peername); + (void) rou_alert(0,"%s; Remote certificate is verified",cn); break; default : (void) rou_alert(0,"%s Remote certificate status='%d'",OPEP,verif); diff --git a/lib/unitls.h b/lib/unitls.h index a797e77..2292bee 100644 --- a/lib/unitls.h +++ b/lib/unitls.h @@ -19,6 +19,7 @@ typedef struct { BIO *bio; //SSL Basic IO int handle; //device handle char *peerip; //Remote IP number + char *peername; //Remote reverse address char *locip; //Local IP number char *locport; //local Port number SSL_CTX *ctx; //SSL context -- 2.47.3