My quick answer :
int iPos = X509_get_ext_by_NID( pCX509, NID_subject_alt_name, -1 );
if( iPos < 0 ) ...;
X509_EXTENSION* pE = X509_get_ext(pCX509, iPos );
pGNames = (GENERAL_NAMES*)X509V3_EXT_d2i( pE ); // (stack of
GENERAL_NAME)
for( ;; )
pGName = sk_GENERAL_NAME_value( pNames, i );
switch( pGName->type ) {
case GEN_EMAIL:
case GEN_URI:
case GEN_DNS:
case GEN_RID:
case GEN_IPADD:
case GEN_DIRNAME:
...
}
Look at crypto\X509\v3_genn.c
May be there is something new, more straightforward.
Hope it helps, it is very late in the night here.
Michel.
-----Message d'origine-----
De : openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] De la part de
Hal Murray
Envoyé : dimanche 17 avril 2022 00:02
À : openssl-users@xxxxxxxxxxx
Objet : Re: How does a client get the server's SAN/DNS strings
openssl-users@xxxxxxxxxxxx said:
> Can you explain *why* you want the list of DNS names?
> Is this just for logging..
Yes, just for logging.
--
These are my opinions. I hate spam.
