bugfix: TSG-8003 预防证书链投毒

* 中间证书缓存openssl rebuild trust chain中可惜的中间证书, 不缓存服务端发送证书链中的证书

platform/src/ssl_utils.cpp

@@ -2395,3 +2395,45 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len,
 	}
 }
 
+void ssl_chain_dump(const char *sni, const char *chain_type, STACK_OF(X509) *chain)
+{
+	int j = 0;
+	char *subj = NULL;
+	char *issuer = NULL;
+	char *fingerprint = NULL;
+	X509 *cert = NULL;
+
+	if (chain == NULL)
+	{
+		return;
+	}
+
+	for (j = 0; j < sk_X509_num(chain); j++)
+	{
+		cert = sk_X509_value(chain, j);
+		if (cert == NULL)
+			continue;
+
+		subj = ssl_x509_subject(cert);
+		issuer = ssl_x509_issuer(cert);
+		fingerprint = ssl_x509_fingerprint(cert, 0);
+
+		TFE_LOG_DEBUG(g_default_logger, "sni:%s chain_type:%s depth=%d: subject:%s issuer:%s fingerprint:%s",
+			sni ? sni : "null", chain_type, j, subj ? subj : "null", issuer ? issuer : "null", fingerprint ? fingerprint : "null");
+		if (subj)
+		{
+			free(subj);
+			subj = NULL;
+		}
+		if (issuer)
+		{
+			free(issuer);
+			issuer = NULL;
+		}
+		if (fingerprint)
+		{
+			free(fingerprint);
+			fingerprint = NULL;
+		}
+	}
+}