[sr-dev] git:master:b3f77460: tls: get local/remote issuer line via $tls(key)

Thu Nov 25 09:56:34 CET 2021

Module: kamailio
Branch: master
Commit: b3f77460ff78f4d38542ca79bb13398180cd7710
URL: https://github.com/kamailio/kamailio/commit/b3f77460ff78f4d38542ca79bb13398180cd7710

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2021-11-25T09:55:31+01:00

tls: get local/remote issuer line via $tls(key)

- new keys: m_issuer_line, p_issuer_line

---

Modified: src/modules/tls/tls_select.c

---

Diff:  https://github.com/kamailio/kamailio/commit/b3f77460ff78f4d38542ca79bb13398180cd7710.diff
Patch: https://github.com/kamailio/kamailio/commit/b3f77460ff78f4d38542ca79bb13398180cd7710.patch

---

diff --git a/src/modules/tls/tls_select.c b/src/modules/tls/tls_select.c
index 9a1f6b94b3..985e6dcec1 100644
--- a/src/modules/tls/tls_select.c
+++ b/src/modules/tls/tls_select.c
@@ -1263,6 +1263,13 @@ int pv_parse_tls_name(pv_spec_p sp, str *in)
 		return -1;
 
 	switch(in->len) {
+		case 13:
+			if(strncmp(in->s, "m_issuer_line", 13)==0)
+				sp->pvp.pvn.u.isname.name.n = 1001;
+			else if(strncmp(in->s, "p_issuer_line", 13)==0)
+				sp->pvp.pvn.u.isname.name.n = 5001;
+			else goto error;
+		break;
 		case 14:
 			if(strncmp(in->s, "m_subject_line", 14)==0)
 				sp->pvp.pvn.u.isname.name.n = 1000;
@@ -1309,9 +1316,9 @@ int pv_get_tls(struct sip_msg *msg, pv_param_t *param,
 					: SSL_get_peer_certificate(ssl);
 	if (cert == NULL) {
 		if (param->pvn.u.isname.name.n < 5000) {
-			LM_ERR("Unable to retrieve my TLS certificate from SSL structure\n");
+			LM_ERR("failed to retrieve my TLS certificate from SSL structure\n");
 		} else {
-			LM_ERR("Unable to retrieve peer TLS certificate from SSL structure\n");
+			LM_ERR("failed to retrieve peer TLS certificate from SSL structure\n");
 		}
 		goto error;
 	}
@@ -1325,8 +1332,21 @@ int pv_get_tls(struct sip_msg *msg, pv_param_t *param,
 			if(X509_NAME_oneline(X509_get_subject_name(cert), sv.s, sv.len)==NULL) {
 				goto error;
 			}
+			tcpconn_put(c);
+			return pv_get_strzval(msg, param, res, sv.s);
+		break;
+
+		case 1001:
+		case 5001:
+			sv.s = pv_get_buffer();
+			sv.len = pv_get_buffer_size() - 1;
+			if(X509_NAME_oneline(X509_get_issuer_name(cert), sv.s, sv.len)==NULL) {
+				goto error;
+			}
+			tcpconn_put(c);
 			return pv_get_strzval(msg, param, res, sv.s);
 		break;
+
 		default:
 			goto error;
 	}


