diff options
Diffstat (limited to 'src/usr.bin/nc/netcat.c')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index 3af7d50374..64e77a8b52 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.163 2016/09/03 17:35:34 bcook Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.164 2016/11/02 15:18:42 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -1518,6 +1518,8 @@ void | |||
| 1518 | report_tls(struct tls * tls_ctx, char * host, char *tls_expectname) | 1518 | report_tls(struct tls * tls_ctx, char * host, char *tls_expectname) |
| 1519 | { | 1519 | { |
| 1520 | time_t t; | 1520 | time_t t; |
| 1521 | const char *ocsp_url; | ||
| 1522 | |||
| 1521 | fprintf(stderr, "TLS handshake negotiated %s/%s with host %s\n", | 1523 | fprintf(stderr, "TLS handshake negotiated %s/%s with host %s\n", |
| 1522 | tls_conn_version(tls_ctx), tls_conn_cipher(tls_ctx), host); | 1524 | tls_conn_version(tls_ctx), tls_conn_cipher(tls_ctx), host); |
| 1523 | fprintf(stderr, "Peer name: %s\n", | 1525 | fprintf(stderr, "Peer name: %s\n", |
| @@ -1535,6 +1537,40 @@ report_tls(struct tls * tls_ctx, char * host, char *tls_expectname) | |||
| 1535 | if (tls_peer_cert_hash(tls_ctx)) | 1537 | if (tls_peer_cert_hash(tls_ctx)) |
| 1536 | fprintf(stderr, "Cert Hash: %s\n", | 1538 | fprintf(stderr, "Cert Hash: %s\n", |
| 1537 | tls_peer_cert_hash(tls_ctx)); | 1539 | tls_peer_cert_hash(tls_ctx)); |
| 1540 | ocsp_url = tls_peer_ocsp_url(tls_ctx); | ||
| 1541 | fprintf(stderr, "OCSP URL: %s\n", ocsp_url == NULL ? "" : ocsp_url); | ||
| 1542 | fprintf(stderr, "OCSP Stapling:"); | ||
| 1543 | switch (tls_peer_ocsp_response_status(tls_ctx)) { | ||
| 1544 | case TLS_OCSP_RESPONSE_SUCCESSFUL: | ||
| 1545 | fprintf(stderr, " %s\n", | ||
| 1546 | tls_peer_ocsp_result(tls_ctx) == NULL ? "" : | ||
| 1547 | tls_peer_ocsp_result(tls_ctx)); | ||
| 1548 | fprintf(stderr, | ||
| 1549 | " response_status=%d cert_status=%d crl_reason=%d\n", | ||
| 1550 | tls_peer_ocsp_response_status(tls_ctx), | ||
| 1551 | tls_peer_ocsp_cert_status(tls_ctx), | ||
| 1552 | tls_peer_ocsp_crl_reason(tls_ctx)); | ||
| 1553 | t = tls_peer_ocsp_this_update(tls_ctx); | ||
| 1554 | fprintf(stderr, " this update: %s", | ||
| 1555 | t != -1 ? ctime(&t) : "\n"); | ||
| 1556 | t = tls_peer_ocsp_next_update(tls_ctx); | ||
| 1557 | fprintf(stderr, " next update: %s", | ||
| 1558 | t != -1 ? ctime(&t) : "\n"); | ||
| 1559 | t = tls_peer_ocsp_revocation_time(tls_ctx); | ||
| 1560 | fprintf(stderr, " revocation: %s", | ||
| 1561 | t != -1 ? ctime(&t) : "\n"); | ||
| 1562 | break; | ||
| 1563 | case -1: | ||
| 1564 | fprintf(stderr, "\n"); | ||
| 1565 | break; | ||
| 1566 | default: | ||
| 1567 | fprintf(stderr, " failure - response_status %d (%s)\n", | ||
| 1568 | tls_peer_ocsp_response_status(tls_ctx), | ||
| 1569 | tls_peer_ocsp_result(tls_ctx) == NULL ? "" : | ||
| 1570 | tls_peer_ocsp_result(tls_ctx)); | ||
| 1571 | break; | ||
| 1572 | |||
| 1573 | } | ||
| 1538 | } | 1574 | } |
| 1539 | 1575 | ||
| 1540 | void | 1576 | void |