moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

tls: provide the CApath verbose log on its own line

Browse Source 
... not newline separated from the previous line. This makes it output
asterisk prefixed properly like other verbose putput!

Reported-by: jmdavitt on github
Fixes #5826
Closes #5827
This commit is contained in:
Daniel Stenberg 2020-08-18 00:22:34 +02:00
parent 9d954e49bc
commit 80d73bcca2
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
4 changed files with 20 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/vtls/mesalink.c
View File

@ -158,8 +158,8 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
SSL_CONN_CONFIG(CApath))) { SSL_CONN_CONFIG(CApath))) {
if(SSL_CONN_CONFIG(verifypeer)) { if(SSL_CONN_CONFIG(verifypeer)) {
failf(data, failf(data,
"error setting certificate verify locations:\n" "error setting certificate verify locations: "
" CAfile: %s\n CApath: %s", " CAfile: %s CApath: %s",
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile) ?
SSL_CONN_CONFIG(CAfile) : "none", SSL_CONN_CONFIG(CAfile) : "none",
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath) ?
@ -173,13 +173,10 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
else { else {
infof(data, "successfully set certificate verify locations:\n"); infof(data, "successfully set certificate verify locations:\n");
} }
infof(data, infof(data, " CAfile: %s\n",
" CAfile: %s\n" SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile): "none");
" CApath: %s\n", infof(data, " CApath: %s\n",
SSL_CONN_CONFIG(CAfile)? SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath): "none");
SSL_CONN_CONFIG(CAfile): "none",
SSL_CONN_CONFIG(CApath)?
SSL_CONN_CONFIG(CApath): "none");
} }
if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) { if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {

5
lib/vtls/nss.c
View File

@ -1631,9 +1631,8 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn,
if(capath && !capath[0]) if(capath && !capath[0])
capath = NULL; capath = NULL;
infof(data, " CAfile: %s\n CApath: %s\n", infof(data, " CAfile: %s\n", cafile ? cafile : "none");
cafile ? cafile : "none", infof(data, " CApath: %s\n", capath ? capath : "none");
capath ? capath : "none");
/* load libnssckbi.so if no other trust roots were specified */ /* load libnssckbi.so if no other trust roots were specified */
use_trust_module = !cafile && !capath; use_trust_module = !cafile && !capath;

11
lib/vtls/openssl.c
View File

@ -3000,8 +3000,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) { if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
if(verifypeer && !imported_native_ca) { if(verifypeer && !imported_native_ca) {
/* Fail if we insist on successfully verifying the server. */ /* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:\n" failf(data, "error setting certificate verify locations:"
" CAfile: %s\n CApath: %s", " CAfile: %s CApath: %s",
ssl_cafile ? ssl_cafile : "none", ssl_cafile ? ssl_cafile : "none",
ssl_capath ? ssl_capath : "none"); ssl_capath ? ssl_capath : "none");
return CURLE_SSL_CACERT_BADFILE; return CURLE_SSL_CACERT_BADFILE;
@ -3015,11 +3015,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
/* Everything is fine. */ /* Everything is fine. */
infof(data, "successfully set certificate verify locations:\n"); infof(data, "successfully set certificate verify locations:\n");
} }
infof(data, infof(data, " CAfile: %s\n", ssl_cafile ? ssl_cafile : "none");
" CAfile: %s\n" infof(data, " CApath: %s\n", ssl_capath ? ssl_capath : "none");
" CApath: %s\n",
ssl_cafile ? ssl_cafile : "none",
ssl_capath ? ssl_capath : "none");
} }
#endif #endif

15
lib/vtls/wolfssl.c
View File

@ -353,8 +353,8 @@ wolfssl_connect_step1(struct connectdata *conn,
SSL_CONN_CONFIG(CApath))) { SSL_CONN_CONFIG(CApath))) {
if(SSL_CONN_CONFIG(verifypeer)) { if(SSL_CONN_CONFIG(verifypeer)) {
/* Fail if we insist on successfully verifying the server. */ /* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:\n" failf(data, "error setting certificate verify locations:"
" CAfile: %s\n CApath: %s", " CAfile: %s CApath: %s",
SSL_CONN_CONFIG(CAfile)? SSL_CONN_CONFIG(CAfile)?
SSL_CONN_CONFIG(CAfile): "none", SSL_CONN_CONFIG(CAfile): "none",
SSL_CONN_CONFIG(CApath)? SSL_CONN_CONFIG(CApath)?
@ -372,13 +372,10 @@ wolfssl_connect_step1(struct connectdata *conn,
/* Everything is fine. */ /* Everything is fine. */
infof(data, "successfully set certificate verify locations:\n"); infof(data, "successfully set certificate verify locations:\n");
} }
infof(data, infof(data, " CAfile: %s\n",
" CAfile: %s\n" SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile) : "none");
" CApath: %s\n", infof(data, " CApath: %s\n",
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile): SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath) : "none");
"none",
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath):
"none");
} }
/* Load the client certificate, and private key */ /* Load the client certificate, and private key */