Parse TLS cert subject

1 files changed, 37 insertions, 4 deletions

diff --git a/src/event/server_events.c b/src/event/server_events.c
index db883dd2..176973ff 100644
--- a/src/event/server_events.c
+++ b/src/event/server_events.c
@@ -650,12 +650,45 @@ sv_ev_certfail(const char * const errormsg, const char * const certname, const c
     }
     prefs_free_trusted_certs(trusted);
 
+    char *domain = NULL;
+    char *org = NULL;
+    char *email = NULL;
+    gchar** fields = g_strsplit(certname, "/", 0);
+    int i = 0;
+    for (i = 0; i < g_strv_length(fields); i++) {
+        gchar** keyval = g_strsplit(fields[i], "=", 2);
+        if (g_strv_length(keyval) == 2) {
+            if (g_strcmp0(keyval[0], "CN") == 0) {
+                domain = strdup(keyval[1]);
+            }
+            if (g_strcmp0(keyval[0], "O") == 0) {
+                org = strdup(keyval[1]);
+            }
+            if (g_strcmp0(keyval[0], "emailAddress") == 0) {
+                email = strdup(keyval[1]);
+            }
+        }
+        g_strfreev(keyval);
+    }
+    g_strfreev(fields);
+
     cons_show("");
     cons_show_error("TLS certificate verification failed: %s", errormsg);
-    cons_show("  Subject     : %s", certname);
-    cons_show("  Fingerprint : %s", certfp);
-    cons_show("  Start       : %s", notbefore);
-    cons_show("  End         : %s", notafter);
+    if (domain) {
+        cons_show("  Domain       : %s", domain);
+        free(domain);
+    }
+    if (org) {
+        cons_show("  Organisation : %s", org);
+        free(org);
+    }
+    if (email) {
+        cons_show("  Email        : %s", email);
+        free(email);
+    }
+    cons_show("  Fingerprint  : %s", certfp);
+    cons_show("  Start        : %s", notbefore);
+    cons_show("  End          : %s", notafter);
     cons_show("");
     cons_show("Use '/tls allow' to accept this certificate");
     cons_show("Use '/tls always' to accept this certificate permanently");