mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 16:48:49 -05:00
tls: provide the CApath verbose log on its own line
... not newline separated from the previous line. This makes it output asterisk prefixed properly like other verbose putput! Reported-by: jmdavitt on github Fixes #5826 Closes #5827
This commit is contained in:
parent
9d954e49bc
commit
80d73bcca2
@ -158,8 +158,8 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
|
||||
SSL_CONN_CONFIG(CApath))) {
|
||||
if(SSL_CONN_CONFIG(verifypeer)) {
|
||||
failf(data,
|
||||
"error setting certificate verify locations:\n"
|
||||
" CAfile: %s\n CApath: %s",
|
||||
"error setting certificate verify locations: "
|
||||
" CAfile: %s CApath: %s",
|
||||
SSL_CONN_CONFIG(CAfile) ?
|
||||
SSL_CONN_CONFIG(CAfile) : "none",
|
||||
SSL_CONN_CONFIG(CApath) ?
|
||||
@ -173,13 +173,10 @@ mesalink_connect_step1(struct connectdata *conn, int sockindex)
|
||||
else {
|
||||
infof(data, "successfully set certificate verify locations:\n");
|
||||
}
|
||||
infof(data,
|
||||
" CAfile: %s\n"
|
||||
" CApath: %s\n",
|
||||
SSL_CONN_CONFIG(CAfile)?
|
||||
SSL_CONN_CONFIG(CAfile): "none",
|
||||
SSL_CONN_CONFIG(CApath)?
|
||||
SSL_CONN_CONFIG(CApath): "none");
|
||||
infof(data, " CAfile: %s\n",
|
||||
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile): "none");
|
||||
infof(data, " CApath: %s\n",
|
||||
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath): "none");
|
||||
}
|
||||
|
||||
if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {
|
||||
|
@ -1631,9 +1631,8 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn,
|
||||
if(capath && !capath[0])
|
||||
capath = NULL;
|
||||
|
||||
infof(data, " CAfile: %s\n CApath: %s\n",
|
||||
cafile ? cafile : "none",
|
||||
capath ? capath : "none");
|
||||
infof(data, " CAfile: %s\n", cafile ? cafile : "none");
|
||||
infof(data, " CApath: %s\n", capath ? capath : "none");
|
||||
|
||||
/* load libnssckbi.so if no other trust roots were specified */
|
||||
use_trust_module = !cafile && !capath;
|
||||
|
@ -2978,7 +2978,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
||||
/* Continue with a warning if no certificate verif is required. */
|
||||
infof(data, "error setting certificate file, continuing anyway\n");
|
||||
}
|
||||
infof(data, " CAfile: %s\n", ssl_cafile);
|
||||
infof(data, " CAfile: %s\n", ssl_cafile);
|
||||
}
|
||||
if(ssl_capath) {
|
||||
if(!SSL_CTX_load_verify_dir(backend->ctx, ssl_capath)) {
|
||||
@ -2990,7 +2990,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
||||
/* Continue with a warning if no certificate verif is required. */
|
||||
infof(data, "error setting certificate path, continuing anyway\n");
|
||||
}
|
||||
infof(data, " CApath: %s\n", ssl_capath);
|
||||
infof(data, " CApath: %s\n", ssl_capath);
|
||||
}
|
||||
}
|
||||
#else
|
||||
@ -3000,8 +3000,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
||||
if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
|
||||
if(verifypeer && !imported_native_ca) {
|
||||
/* Fail if we insist on successfully verifying the server. */
|
||||
failf(data, "error setting certificate verify locations:\n"
|
||||
" CAfile: %s\n CApath: %s",
|
||||
failf(data, "error setting certificate verify locations:"
|
||||
" CAfile: %s CApath: %s",
|
||||
ssl_cafile ? ssl_cafile : "none",
|
||||
ssl_capath ? ssl_capath : "none");
|
||||
return CURLE_SSL_CACERT_BADFILE;
|
||||
@ -3015,11 +3015,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
||||
/* Everything is fine. */
|
||||
infof(data, "successfully set certificate verify locations:\n");
|
||||
}
|
||||
infof(data,
|
||||
" CAfile: %s\n"
|
||||
" CApath: %s\n",
|
||||
ssl_cafile ? ssl_cafile : "none",
|
||||
ssl_capath ? ssl_capath : "none");
|
||||
infof(data, " CAfile: %s\n", ssl_cafile ? ssl_cafile : "none");
|
||||
infof(data, " CApath: %s\n", ssl_capath ? ssl_capath : "none");
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -353,8 +353,8 @@ wolfssl_connect_step1(struct connectdata *conn,
|
||||
SSL_CONN_CONFIG(CApath))) {
|
||||
if(SSL_CONN_CONFIG(verifypeer)) {
|
||||
/* Fail if we insist on successfully verifying the server. */
|
||||
failf(data, "error setting certificate verify locations:\n"
|
||||
" CAfile: %s\n CApath: %s",
|
||||
failf(data, "error setting certificate verify locations:"
|
||||
" CAfile: %s CApath: %s",
|
||||
SSL_CONN_CONFIG(CAfile)?
|
||||
SSL_CONN_CONFIG(CAfile): "none",
|
||||
SSL_CONN_CONFIG(CApath)?
|
||||
@ -372,13 +372,10 @@ wolfssl_connect_step1(struct connectdata *conn,
|
||||
/* Everything is fine. */
|
||||
infof(data, "successfully set certificate verify locations:\n");
|
||||
}
|
||||
infof(data,
|
||||
" CAfile: %s\n"
|
||||
" CApath: %s\n",
|
||||
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
|
||||
"none",
|
||||
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath):
|
||||
"none");
|
||||
infof(data, " CAfile: %s\n",
|
||||
SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile) : "none");
|
||||
infof(data, " CApath: %s\n",
|
||||
SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath) : "none");
|
||||
}
|
||||
|
||||
/* Load the client certificate, and private key */
|
||||
|
Loading…
Reference in New Issue
Block a user