From bfe9434f3122323c5810bdd2c9bec21925cc3ac5 Mon Sep 17 00:00:00 2001
From: "Thierry FOURNIER / OZON.IO" <thierry.fournier@ozon.io>
Date: Sat, 8 Oct 2016 14:53:47 +0200
Subject: [PATCH 5/5] wip2

---
 src/dumpstats.c | 30 ++++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/src/dumpstats.c b/src/dumpstats.c
index 016c529..04b5ed0 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -6086,6 +6086,7 @@ static int stats_certs_list(struct stream_interface *si)
 	struct sni_ctx *sc;
 	X509_STORE *st;
 	X509 *crt;
+	X509 *cert;
 	X509_STORE_CTX st_ctx;
 	int disp;
 
@@ -6102,19 +6103,40 @@ static int stats_certs_list(struct stream_interface *si)
 			/* Display cert. */
 			sc = ebmb_entry(appctx->ctx.listener.node, struct sni_ctx, name);
 
+			/*
+			 *
+			 * list of certificates
+			 *
+			 */
+//			fprintf(stderr, "%p\n", sc->ctx->cert);
+//			fprintf(stderr, "%d\n", sc->ctx->max_cert_list);
+
+			/*
+			 *
+			 * certification chain
+			 *
+			 */
+//			STACK_OF(X509) *extra_certs
+			fprintf(stderr, "%p\n", sc->ctx->extra_certs);
+
 			st = SSL_CTX_get_cert_store(sc->ctx);
 			if (!st)
 				goto get_next_certificate;
 
-//			X509_STORE_CTX_init(&st_ctx, store, NULL, NULL);
+			cert = NULL;
+			X509_STORE_CTX_init(&st_ctx, st, cert, NULL);
 
-//			crt = X509_STORE_CTX_get_current_cert(st);
+//			X509_verify_cert(&st_ctx);
+//			crt = X509_STORE_CTX_get_current_cert(&st_ctx);
+//fprintf(stderr, "%p\n", crt);
 //			if (!crt)
 //				goto get_next_certificate;
 
 			chunk_reset(&trash);
-//			if (ssl_sock_get_serial(crt, &trash) != 1)
-//				goto get_next_certificate;
+			if (crt) {
+				if (ssl_sock_get_serial(crt, &trash) != 1)
+					goto get_next_certificate;
+			}
 
 			chunk_appendf(&trash, "%p %p %s %d\n", sc->ctx, st, sc->name.key, sc->order);
 			if (bi_putchk(si_ic(si), &trash) == -1) {
-- 
2.9.5