From 11c483fffc93edc0a5e06ec37560ab3eaf23ff64 Mon Sep 17 00:00:00 2001 From: Perry Werneck Date: Mon, 14 Jan 2019 10:04:28 -0200 Subject: [PATCH] Adding ssl results to debug output. --- src/lib3270/ssl/negotiate.c | 10 ++++++++++ 1 file changed, 10 insertions(+), 0 deletions(-) diff --git a/src/lib3270/ssl/negotiate.c b/src/lib3270/ssl/negotiate.c index 310b491..877fb59 100644 --- a/src/lib3270/ssl/negotiate.c +++ b/src/lib3270/ssl/negotiate.c @@ -180,10 +180,15 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) { case X509_V_OK: peer = SSL_get_peer_certificate(hSession->ssl.con); + + debug("TLS/SSL negotiated connection complete. Peer certificate %s presented.", peer ? "was" : "was not"); trace_dsn(hSession,"TLS/SSL negotiated connection complete. Peer certificate %s presented.\n", peer ? "was" : "was not"); + break; case X509_V_ERR_UNABLE_TO_GET_CRL: + + debug("%s","The CRL of a certificate could not be found." ); trace_dsn(hSession,"%s","The CRL of a certificate could not be found.\n" ); ((struct ssl_error_message *) message)->title = _( "SSL error" ); @@ -193,7 +198,10 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) return -1; case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: + peer = SSL_get_peer_certificate(hSession->ssl.con); + + debug("%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain" ); trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); #ifdef SSL_ALLOW_SELF_SIGNED_CERT @@ -206,6 +214,8 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) #endif // SSL_ALLOW_SELF_SIGNED_CERT default: + + debug("Unexpected or invalid TLS/SSL verify result %d",rv); trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); } -- libgit2 0.21.2