Show full issuer and subject distinguished names

CAs like Let's Encrypt do not put O and OU into the Subject's DN.
Similarly, O and OU are often used to indicate Domain Validated or
Organization Validation as opposed to the actual OU.

Issuer CN often contains the issuer's server or as an indication of
Extended Validation certificate as opposed to the actual issuer
organization.

The Hostname part as extracted from the Subject is also confusing, as
in the case of a hostname mismatch, the Subject's CN, which
`nsm-format-certificate' naively calls the Hostname, will not actually
match the hostname in the problem preamble.

* lisp/net/nsm.el (nsm-format-certificate): Show full DN of Issuer and
  Subject.  Remove Hostname.
  (nsm-certificate-part, nsm-parse-subject): Removed.

diff --git a/lisp/net/nsm.el b/lisp/net/nsm.el
index a1798a899561784a0a521b29edb42b1dbe7dd1b8..b59ea07d8a17d80bc996348b56980f9804f1ce70 100644 (file)
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@@ -1002,13 +1002,9 @@ protocol."
         (insert
         (propertize "Certificate information" 'face 'underline) "\n"
         "  Issued by:"
-        (nsm-certificate-part (plist-get cert :issuer) "CN" t) "\n"
+         (plist-get cert :issuer) "\n"
         "  Issued to:"
-        (or (nsm-certificate-part (plist-get cert :subject) "O")
-            (nsm-certificate-part (plist-get cert :subject) "OU" t))
-        "\n"
-        "  Hostname:"
-        (nsm-certificate-part (plist-get cert :subject) "CN" t) "\n")
+        (plist-get cert :subject) "\n")
        (when (and (plist-get cert :public-key-algorithm)
                   (plist-get cert :signature-algorithm))
          (insert "  Public key:" (plist-get cert :public-key-algorithm) "\n")
@@ -1037,37 +1033,6 @@ protocol."
          (insert (make-string (- 22 (current-column)) ? )))
        (buffer-string)))))
 
-(defun nsm-certificate-part (string part &optional full)
-  (let ((part (cadr (assoc part (nsm-parse-subject string)))))
-    (cond
-     (part part)
-     (full string)
-     (t nil))))
-
-(defun nsm-parse-subject (string)
-  (with-temp-buffer
-    (insert string)
-    (goto-char (point-min))
-    (let ((start (point))
-         (result nil))
-      (while (not (eobp))
-       (push (replace-regexp-in-string
-              "[\\]\\(.\\)" "\\1"
-              (buffer-substring start
-                                (if (re-search-forward "[^\\]," nil 'move)
-                                    (1- (point))
-                                  (point))))
-             result)
-       (setq start (point)))
-      (mapcar
-       (lambda (elem)
-        (let ((pos (cl-position ?= elem)))
-          (if pos
-              (list (substring elem 0 pos)
-                    (substring elem (1+ pos)))
-            elem)))
-       (nreverse result)))))
-
 (defun nsm-level (symbol)
   "Return a numerical level for SYMBOL for easier comparison."
   (cond