openssl: fix serial number output

The code extracting the cert serial number was broken and didn't display it properly. Bug: https://github.com/bagder/curl/issues/235 Reported-by: dkjjr89
author: Daniel Stenberg <daniel@haxx.se> 2015-04-26 16:36:19 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2015-04-26 16:36:19 +0200
commit: aff153f83afb4e4f255f13b40e081ecf5753664b (patch)
tree: a9fe52ab565c6b29de5cc9c433d1966efd71b08f
parent: 59f3f92ba6150e9a5a57f71b6e781802148916d0 (diff)
1 files changed, 8 insertions, 14 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index a5bd74ff1..b4c33d772 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2472,25 +2472,19 @@ static CURLcode get_cert_chain(struct connectdata *conn,
     Curl_ssl_push_certinfo(data, i, "Version", bufp); /* hex */
 
     num=X509_get_serialNumber(x);
-    if(num->length <= 4) {
-      value = ASN1_INTEGER_get(num);
-      infof(data, "   Serial Number: %ld (0x%lx)\n", value, value);
-      snprintf(bufp, CERTBUFFERSIZE, "%lx", value);
-    }
-    else {
+    {
       int left = CERTBUFFERSIZE;
 
       ptr = bufp;
-      *ptr++ = 0;
-      if(num->type == V_ASN1_NEG_INTEGER)
+      if(num->type == V_ASN1_NEG_INTEGER) {
         *ptr++='-';
+        left--;
+      }
 
-      for(j=0; (j<num->length) && (left>=4); j++) {
-        /* TODO: length restrictions */
-        snprintf(ptr, 3, "%02x%c",num->data[j],
-                 ((j+1 == num->length)?'\n':':'));
-        ptr += 3;
-        left-=4;
+      for(j=0; (j<num->length) && (left>=3); j++) {
+        snprintf(ptr, left, "%02x", num->data[j]);
+        ptr += 2;
+        left -= 2;
       }
       if(num->length)
         infof(data, "   Serial Number: %s\n", bufp);
author	Daniel Stenberg <daniel@haxx.se>	2015-04-26 16:36:19 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2015-04-26 16:36:19 +0200
commit	aff153f83afb4e4f255f13b40e081ecf5753664b (patch)
tree	a9fe52ab565c6b29de5cc9c433d1966efd71b08f
parent	59f3f92ba6150e9a5a57f71b6e781802148916d0 (diff)