From 14fcf5a1bc9e9ead55fe9f54ba5dcad5e1ce2efb Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Tue, 27 Nov 2007 16:57:12 +0000 Subject: [PATCH] * modules/ssl/ssl_engine_log.c (ssl_log_cxerror): Log the certificate serial number along with the subject and issuer names. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@598690 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_engine_log.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/modules/ssl/ssl_engine_log.c b/modules/ssl/ssl_engine_log.c index b3ca90df2e..71efc401df 100644 --- a/modules/ssl/ssl_engine_log.c +++ b/modules/ssl/ssl_engine_log.c @@ -114,7 +114,8 @@ void ssl_log_cxerror(const char *file, int line, int level, { va_list ap; char buf[HUGE_STRING_LEN]; - char *sname, *iname; + char *sname, *iname, *serial; + BIGNUM *bn; if (c->base_server->loglevel < level) { /* Bail early since the rest of this function is expensive. */ @@ -123,16 +124,19 @@ void ssl_log_cxerror(const char *file, int line, int level, sname = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0); iname = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0); + bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), NULL); + serial = bn && !BN_is_zero(bn) ? BN_bn2hex(bn) : NULL; va_start(ap, format); apr_vsnprintf(buf, sizeof buf, format, ap); va_end(ap); ap_log_cerror(file, line, level, rv, c, - "%s [peer subject: %s, issuer: %s]", + "%s [peer subject: %s, issuer: %s, serial: %s]", buf, sname ? sname : "-unknown-", - iname ? iname : "-unknown-"); + iname ? iname : "-unknown-", + serial ? serial : "-unknown-"); if (sname) { modssl_free(sname); @@ -141,4 +145,12 @@ void ssl_log_cxerror(const char *file, int line, int level, if (iname) { modssl_free(iname); } + + if (serial) { + modssl_free(serial); + } + + if (bn) { + BN_free(bn); + } } -- 2.40.0