Adding ssl results to debug output.

Perry Werneck
1 parent 60fdc19c
Showing 1 changed file with 10 additions and 0 deletions Show diff stats
src/lib3270/ssl/negotiate.c
@@ -180,10 +180,15 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
 	{
 	case X509_V_OK:
 		peer = SSL_get_peer_certificate(hSession->ssl.con);
+
+		debug("TLS/SSL negotiated connection complete. Peer certificate %s presented.", peer ? "was" : "was not");
 		trace_dsn(hSession,"TLS/SSL negotiated connection complete. Peer certificate %s presented.\n", peer ? "was" : "was not");
+
 		break;
  
 	case X509_V_ERR_UNABLE_TO_GET_CRL:
+
+		debug("%s","The CRL of a certificate could not be found." );
 		trace_dsn(hSession,"%s","The CRL of a certificate could not be found.\n" );
  
 		((struct ssl_error_message *) message)->title = _( "SSL error" );
@@ -193,7 +198,10 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
 		return -1;
  
 	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+
 		peer = SSL_get_peer_certificate(hSession->ssl.con);
+
+		debug("%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain" );
 		trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" );
  
 #ifdef SSL_ALLOW_SELF_SIGNED_CERT
@@ -206,6 +214,8 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
 #endif // SSL_ALLOW_SELF_SIGNED_CERT
  
 	default:
+
+		debug("Unexpected or invalid TLS/SSL verify result %d",rv);
 		trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
 	}
...	...	@@ -180,10 +180,15 @@ static int background_ssl_negotiation(H3270 hSession, void message)
180	180	{
181	181	case X509_V_OK:
182	182	peer = SSL_get_peer_certificate(hSession->ssl.con);
	183	+
	184	+ debug("TLS/SSL negotiated connection complete. Peer certificate %s presented.", peer ? "was" : "was not");
183	185	trace_dsn(hSession,"TLS/SSL negotiated connection complete. Peer certificate %s presented.\n", peer ? "was" : "was not");
	186	+
184	187	break;
185	188
186	189	case X509_V_ERR_UNABLE_TO_GET_CRL:
	190	+
	191	+ debug("%s","The CRL of a certificate could not be found." );
187	192	trace_dsn(hSession,"%s","The CRL of a certificate could not be found.\n" );
188	193
189	194	((struct ssl_error_message *) message)->title = _( "SSL error" );
...	...	@@ -193,7 +198,10 @@ static int background_ssl_negotiation(H3270 hSession, void message)
193	198	return -1;
194	199
195	200	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
	201	+
196	202	peer = SSL_get_peer_certificate(hSession->ssl.con);
	203	+
	204	+ debug("%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain" );
197	205	trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" );
198	206
199	207	#ifdef SSL_ALLOW_SELF_SIGNED_CERT
...	...	@@ -206,6 +214,8 @@ static int background_ssl_negotiation(H3270 hSession, void message)
206	214	#endif // SSL_ALLOW_SELF_SIGNED_CERT
207	215
208	216	default:
	217	+
	218	+ debug("Unexpected or invalid TLS/SSL verify result %d",rv);
209	219	trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
210	220	}
211	221
...	...