Google Git
Sign in
flutter/third_party/openssl/a70da5b3ecc3160368529677006801c58cb369db^!/./apps/x509.c
commit
a70da5b3ecc3160368529677006801c58cb369db
[log]
author
Dr. Stephen Henson <steve@openssl.org>
Mon Oct 08 15:10:07 2012 +0000
committer
Dr. Stephen Henson <steve@openssl.org>
Mon Oct 08 15:10:07 2012 +0000
tree
1d6ddfa96a05ff50c05aca002ab884e428a45e8e
parent
c5f6da54fc64fb544028a547c9f6835f3f392428 [diff] [blame]
New functions to check a hostname email or IP address against a
certificate. Add options to s_client, s_server and x509 utilities
to print results of checks.

diff --git a/apps/x509.c b/apps/x509.c
index e9f1163..788eb7b 100644
--- a/apps/x509.c
+++ b/apps/x509.c

@@ -208,6 +208,8 @@
 	int need_rand = 0;
 	int checkend=0,checkoffset=0;
 	unsigned long nmflag = 0, certflag = 0;
+	unsigned char *checkhost = NULL, *checkemail = NULL;
+	char *checkip = NULL;
 #ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
 #endif
@@ -456,6 +458,21 @@
 			checkoffset=atoi(*(++argv));
 			checkend=1;
 			}
+		else if (strcmp(*argv,"-checkhost") == 0)
+			{
+			if (--argc < 1) goto bad;
+			checkhost=(unsigned char *)*(++argv);
+			}
+		else if (strcmp(*argv,"-checkemail") == 0)
+			{
+			if (--argc < 1) goto bad;
+			checkemail=(unsigned char *)*(++argv);
+			}
+		else if (strcmp(*argv,"-checkip") == 0)
+			{
+			if (--argc < 1) goto bad;
+			checkip=*(++argv);
+			}
 		else if (strcmp(*argv,"-noout") == 0)
 			noout= ++num;
 		else if (strcmp(*argv,"-trustout") == 0)
@@ -1061,6 +1078,8 @@
 		goto end;
 		}
 
+	print_cert_checks(STDout, x, checkhost, checkemail, checkip);
+
 	if (noout)
 		{
 		ret=0;