mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 16:48:49 -05:00
tls: provide the CApath verbose log on its own line
... not newline separated from the previous line. This makes it output asterisk prefixed properly like other verbose putput! Reported-by: jmdavitt on github Fixes #5826 Closes #5827
This commit is contained in:
parent
9d954e49bc
commit
80d73bcca2
@ -158,8 +158,8 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
SSL_CONN_CONFIG(CApath))) {
|
SSL_CONN_CONFIG(CApath))) {
|
||||||
if(SSL_CONN_CONFIG(verifypeer)) {
|
if(SSL_CONN_CONFIG(verifypeer)) {
|
||||||
failf(data,
|
failf(data,
|
||||||
"error setting certificate verify locations:\n"
|
"error setting certificate verify locations: "
|
||||||
" CAfile: %s\n CApath: %s",
|
" CAfile: %s CApath: %s",
|
||||||
SSL_CONN_CONFIG(CAfile) ?
|
SSL_CONN_CONFIG(CAfile) ?
|
||||||
SSL_CONN_CONFIG(CAfile) : "none",
|
SSL_CONN_CONFIG(CAfile) : "none",
|
||||||
SSL_CONN_CONFIG(CApath) ?
|
SSL_CONN_CONFIG(CApath) ?
|
||||||
@ -173,13 +173,10 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
else {
|
else {
|
||||||
infof(data, "successfully set certificate verify locations:\n");
|
infof(data, "successfully set certificate verify locations:\n");
|
||||||
}
|
}
|
||||||
infof(data,
|
infof(data, " CAfile: %s\n",
|
||||||
" CAfile: %s\n"
|
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile): "none");
|
||||||
" CApath: %s\n",
|
infof(data, " CApath: %s\n",
|
||||||
SSL_CONN_CONFIG(CAfile)?
|
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath): "none");
|
||||||
SSL_CONN_CONFIG(CAfile): "none",
|
|
||||||
SSL_CONN_CONFIG(CApath)?
|
|
||||||
SSL_CONN_CONFIG(CApath): "none");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {
|
if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {
|
||||||
|
@ -1631,9 +1631,8 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn,
|
|||||||
if(capath && !capath[0])
|
if(capath && !capath[0])
|
||||||
capath = NULL;
|
capath = NULL;
|
||||||
|
|
||||||
infof(data, " CAfile: %s\n CApath: %s\n",
|
infof(data, " CAfile: %s\n", cafile ? cafile : "none");
|
||||||
cafile ? cafile : "none",
|
infof(data, " CApath: %s\n", capath ? capath : "none");
|
||||||
capath ? capath : "none");
|
|
||||||
|
|
||||||
/* load libnssckbi.so if no other trust roots were specified */
|
/* load libnssckbi.so if no other trust roots were specified */
|
||||||
use_trust_module = !cafile && !capath;
|
use_trust_module = !cafile && !capath;
|
||||||
|
@ -2978,7 +2978,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
/* Continue with a warning if no certificate verif is required. */
|
/* Continue with a warning if no certificate verif is required. */
|
||||||
infof(data, "error setting certificate file, continuing anyway\n");
|
infof(data, "error setting certificate file, continuing anyway\n");
|
||||||
}
|
}
|
||||||
infof(data, " CAfile: %s\n", ssl_cafile);
|
infof(data, " CAfile: %s\n", ssl_cafile);
|
||||||
}
|
}
|
||||||
if(ssl_capath) {
|
if(ssl_capath) {
|
||||||
if(!SSL_CTX_load_verify_dir(backend->ctx, ssl_capath)) {
|
if(!SSL_CTX_load_verify_dir(backend->ctx, ssl_capath)) {
|
||||||
@ -2990,7 +2990,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
/* Continue with a warning if no certificate verif is required. */
|
/* Continue with a warning if no certificate verif is required. */
|
||||||
infof(data, "error setting certificate path, continuing anyway\n");
|
infof(data, "error setting certificate path, continuing anyway\n");
|
||||||
}
|
}
|
||||||
infof(data, " CApath: %s\n", ssl_capath);
|
infof(data, " CApath: %s\n", ssl_capath);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
@ -3000,8 +3000,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
|
if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
|
||||||
if(verifypeer && !imported_native_ca) {
|
if(verifypeer && !imported_native_ca) {
|
||||||
/* Fail if we insist on successfully verifying the server. */
|
/* Fail if we insist on successfully verifying the server. */
|
||||||
failf(data, "error setting certificate verify locations:\n"
|
failf(data, "error setting certificate verify locations:"
|
||||||
" CAfile: %s\n CApath: %s",
|
" CAfile: %s CApath: %s",
|
||||||
ssl_cafile ? ssl_cafile : "none",
|
ssl_cafile ? ssl_cafile : "none",
|
||||||
ssl_capath ? ssl_capath : "none");
|
ssl_capath ? ssl_capath : "none");
|
||||||
return CURLE_SSL_CACERT_BADFILE;
|
return CURLE_SSL_CACERT_BADFILE;
|
||||||
@ -3015,11 +3015,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
|||||||
/* Everything is fine. */
|
/* Everything is fine. */
|
||||||
infof(data, "successfully set certificate verify locations:\n");
|
infof(data, "successfully set certificate verify locations:\n");
|
||||||
}
|
}
|
||||||
infof(data,
|
infof(data, " CAfile: %s\n", ssl_cafile ? ssl_cafile : "none");
|
||||||
" CAfile: %s\n"
|
infof(data, " CApath: %s\n", ssl_capath ? ssl_capath : "none");
|
||||||
" CApath: %s\n",
|
|
||||||
ssl_cafile ? ssl_cafile : "none",
|
|
||||||
ssl_capath ? ssl_capath : "none");
|
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -353,8 +353,8 @@ wolfssl_connect_step1(struct connectdata *conn,
|
|||||||
SSL_CONN_CONFIG(CApath))) {
|
SSL_CONN_CONFIG(CApath))) {
|
||||||
if(SSL_CONN_CONFIG(verifypeer)) {
|
if(SSL_CONN_CONFIG(verifypeer)) {
|
||||||
/* Fail if we insist on successfully verifying the server. */
|
/* Fail if we insist on successfully verifying the server. */
|
||||||
failf(data, "error setting certificate verify locations:\n"
|
failf(data, "error setting certificate verify locations:"
|
||||||
" CAfile: %s\n CApath: %s",
|
" CAfile: %s CApath: %s",
|
||||||
SSL_CONN_CONFIG(CAfile)?
|
SSL_CONN_CONFIG(CAfile)?
|
||||||
SSL_CONN_CONFIG(CAfile): "none",
|
SSL_CONN_CONFIG(CAfile): "none",
|
||||||
SSL_CONN_CONFIG(CApath)?
|
SSL_CONN_CONFIG(CApath)?
|
||||||
@ -372,13 +372,10 @@ wolfssl_connect_step1(struct connectdata *conn,
|
|||||||
/* Everything is fine. */
|
/* Everything is fine. */
|
||||||
infof(data, "successfully set certificate verify locations:\n");
|
infof(data, "successfully set certificate verify locations:\n");
|
||||||
}
|
}
|
||||||
infof(data,
|
infof(data, " CAfile: %s\n",
|
||||||
" CAfile: %s\n"
|
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile) : "none");
|
||||||
" CApath: %s\n",
|
infof(data, " CApath: %s\n",
|
||||||
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
|
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath) : "none");
|
||||||
"none",
|
|
||||||
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath):
|
|
||||||
"none");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Load the client certificate, and private key */
|
/* Load the client certificate, and private key */
|
||||||
|
Loading…
Reference in New Issue
Block a user