Commit 11c483fffc93edc0a5e06ec37560ab3eaf23ff64
1 parent
60fdc19c
Exists in
master
and in
3 other branches
Adding ssl results to debug output.
Showing
1 changed file
with
10 additions
and
0 deletions
Show diff stats
src/lib3270/ssl/negotiate.c
| @@ -180,10 +180,15 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | @@ -180,10 +180,15 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | ||
| 180 | { | 180 | { |
| 181 | case X509_V_OK: | 181 | case X509_V_OK: |
| 182 | peer = SSL_get_peer_certificate(hSession->ssl.con); | 182 | peer = SSL_get_peer_certificate(hSession->ssl.con); |
| 183 | + | ||
| 184 | + debug("TLS/SSL negotiated connection complete. Peer certificate %s presented.", peer ? "was" : "was not"); | ||
| 183 | trace_dsn(hSession,"TLS/SSL negotiated connection complete. Peer certificate %s presented.\n", peer ? "was" : "was not"); | 185 | trace_dsn(hSession,"TLS/SSL negotiated connection complete. Peer certificate %s presented.\n", peer ? "was" : "was not"); |
| 186 | + | ||
| 184 | break; | 187 | break; |
| 185 | 188 | ||
| 186 | case X509_V_ERR_UNABLE_TO_GET_CRL: | 189 | case X509_V_ERR_UNABLE_TO_GET_CRL: |
| 190 | + | ||
| 191 | + debug("%s","The CRL of a certificate could not be found." ); | ||
| 187 | trace_dsn(hSession,"%s","The CRL of a certificate could not be found.\n" ); | 192 | trace_dsn(hSession,"%s","The CRL of a certificate could not be found.\n" ); |
| 188 | 193 | ||
| 189 | ((struct ssl_error_message *) message)->title = _( "SSL error" ); | 194 | ((struct ssl_error_message *) message)->title = _( "SSL error" ); |
| @@ -193,7 +198,10 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | @@ -193,7 +198,10 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | ||
| 193 | return -1; | 198 | return -1; |
| 194 | 199 | ||
| 195 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: | 200 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: |
| 201 | + | ||
| 196 | peer = SSL_get_peer_certificate(hSession->ssl.con); | 202 | peer = SSL_get_peer_certificate(hSession->ssl.con); |
| 203 | + | ||
| 204 | + debug("%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain" ); | ||
| 197 | trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); | 205 | trace_dsn(hSession,"%s","TLS/SSL negotiated connection complete with self signed certificate in certificate chain\n" ); |
| 198 | 206 | ||
| 199 | #ifdef SSL_ALLOW_SELF_SIGNED_CERT | 207 | #ifdef SSL_ALLOW_SELF_SIGNED_CERT |
| @@ -206,6 +214,8 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | @@ -206,6 +214,8 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) | ||
| 206 | #endif // SSL_ALLOW_SELF_SIGNED_CERT | 214 | #endif // SSL_ALLOW_SELF_SIGNED_CERT |
| 207 | 215 | ||
| 208 | default: | 216 | default: |
| 217 | + | ||
| 218 | + debug("Unexpected or invalid TLS/SSL verify result %d",rv); | ||
| 209 | trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); | 219 | trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv); |
| 210 | } | 220 | } |
| 211 | 221 |