From 3aae045aac88fc8d8f1581a13f96eb7284f48d46 Mon Sep 17 00:00:00 2001
From: Daniel Mach <daniel.mach@suse.com>
Date: Tue, 11 Oct 2022 10:11:18 +0200
Subject: [PATCH] Fix the '9 - review the server certificate' option in cert
 trust prompt

---
 osc/oscssl.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/osc/oscssl.py b/osc/oscssl.py
index 73c79d47..b502bdca 100644
--- a/osc/oscssl.py
+++ b/osc/oscssl.py
@@ -2,6 +2,8 @@ import binascii
 import os
 import socket
 import ssl
+import subprocess
+import sys
 import tempfile
 import typing
 
@@ -159,4 +161,11 @@ Would you like to
                     self.trust_permanently(cert)
                     return
                 elif r == "9":
-                    print(cert.to_txt())
+                    # TODO: avoid calling openssl to convert pem to text
+                    pem = cert.public_bytes(encoding=serialization.Encoding.PEM).decode("utf-8")
+                    cmd = ["openssl", "x509", "-text"]
+                    try:
+                        cert_text = subprocess.check_output(cmd, input=pem, encoding="utf-8")
+                        print(cert_text)
+                    except FileNotFoundError:
+                        print("ERROR: Unable to display certificate because the 'openssl' executable is not available", file=sys.stderr)