{
struct tm tm;
struct tm * tm_p = &tm;
- BOOL mod_tz;
+ BOOL mod_tz = TRUE;
uschar * tz = to_tz(US"GMT0"); /* need to call strptime with baseline TZ */
/* Parse OpenSSL ASN1_TIME_print output. A shame there seems to
}
}
- if (mod_tz);
+ if (mod_tz)
restore_tz(tz);
}
BIO_free(bp);
if (!bp) return badalloc();
if (X509_print_ex(bp, (X509 *)cert, 0,
- X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
- X509_FLAG_NO_SIGNAME | X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
- X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
+ X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
+ X509_FLAG_NO_SIGNAME | X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
+ X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
/* X509_FLAG_NO_SIGDUMP is the missing one */
X509_FLAG_NO_AUX) == 1)
{
if (!bp) return badalloc();
if (X509_print_ex(bp, (X509 *)cert, 0,
- X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
+ X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION | X509_FLAG_NO_SERIAL |
/* X509_FLAG_NO_SIGNAME is the missing one */
- X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
- X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
+ X509_FLAG_NO_ISSUER | X509_FLAG_NO_VALIDITY |
+ X509_FLAG_NO_SUBJECT | X509_FLAG_NO_PUBKEY | X509_FLAG_NO_EXTENSIONS |
X509_FLAG_NO_SIGDUMP | X509_FLAG_NO_AUX) == 1)
{
long len = BIO_get_mem_data(bp, &cp);
/*****************************************************
* Certificate operator routines
*****************************************************/
+uschar *
+tls_cert_der_b64(void * cert)
+{
+BIO * bp = BIO_new(BIO_s_mem());
+uschar * cp = NULL;
+
+if (!i2d_X509_bio(bp, (X509 *)cert))
+ log_write(0, LOG_MAIN, "TLS error in certificate export: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+else
+ {
+ long len = BIO_get_mem_data(bp, &cp);
+ cp = b64encode(cp, (int)len);
+ }
+
+BIO_free(bp);
+return cp;
+}
+
+
static uschar *
fingerprint(X509 * cert, const EVP_MD * fdig)
{
return(cp);
}
-uschar *
+uschar *
tls_cert_fprt_md5(void * cert)
{
return fingerprint((X509 *)cert, EVP_md5());
}
-uschar *
+uschar *
tls_cert_fprt_sha1(void * cert)
{
return fingerprint((X509 *)cert, EVP_sha1());
}
-uschar *
+uschar *
tls_cert_fprt_sha256(void * cert)
{
return fingerprint((X509 *)cert, EVP_sha256());