upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-01-03 05:19:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

debug printout certificate of ssl dns server.

Browse source 
git-svn-id: file:///svn/unbound/trunk@2531 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2011-10-31 14:56:48 +00:00
parent aa0536dcb5
commit 03c34b695f
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
testcode/streamtcp.c
View file

@ -52,6 +52,7 @@
#include "util/data/msgparse.h"
#include "util/data/msgreply.h"
#include "util/data/dname.h"
#include <openssl/err.h>
#ifndef PF_INET6
/** define in case streamtcp is compiled on legacy systems */
@ -281,6 +282,26 @@ send_em(const char* svr, int udp, int usessl, int noanswer, int num, char** qs)
if(!ctx) fatal_exit("cannot create ssl ctx");
ssl = outgoing_ssl_fd(ctx, fd);
if(!ssl) fatal_exit("cannot create ssl");
while(1) {
int r;
ERR_clear_error();
if( (r=SSL_do_handshake(ssl)) == 1)
break;
r = SSL_get_error(ssl, r);
if(r != SSL_ERROR_WANT_READ &&
r != SSL_ERROR_WANT_WRITE) {
log_crypto_err("could not ssl_handshake");
exit(1);
}
}
if(1) {
X509* x = SSL_get_peer_certificate(ssl);
if(!x) printf("SSL: no peer certificate\n");
else {
X509_print_fp(stdout, x);
X509_free(x);
}
}
}
for(i=0; i<num; i+=3) {
printf("\nNext query is %s %s %s\n", qs[i], qs[i+1], qs[i+2]);