[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 01/411: tls: provide the CApath verbose log on its own line
|
From: |
gnunet |
|
Subject: |
[gnurl] 01/411: tls: provide the CApath verbose log on its own line |
|
Date: |
Wed, 13 Jan 2021 01:16:56 +0100 |
This is an automated email from the git hooks/post-receive script.
nikita pushed a commit to branch master
in repository gnurl.
commit 80d73bcca22f098812db06c08bbf2807f19782c0
Author: Daniel Stenberg <daniel@haxx.se>
AuthorDate: Tue Aug 18 00:22:34 2020 +0200
tls: provide the CApath verbose log on its own line
... not newline separated from the previous line. This makes it output
asterisk prefixed properly like other verbose putput!
Reported-by: jmdavitt on github
Fixes #5826
Closes #5827
---
lib/vtls/mesalink.c | 15 ++++++---------
lib/vtls/nss.c | 5 ++---
lib/vtls/openssl.c | 15 ++++++---------
lib/vtls/wolfssl.c | 15 ++++++---------
4 files changed, 20 insertions(+), 30 deletions(-)
diff --git a/lib/vtls/mesalink.c b/lib/vtls/mesalink.c
index 7132bdfd2..17c64735e 100644
--- a/lib/vtls/mesalink.c
+++ b/lib/vtls/mesalink.c
@@ -158,8 +158,8 @@ mesalink_connect_step1(struct connectdata *conn, int
sockindex)
SSL_CONN_CONFIG(CApath))) {
if(SSL_CONN_CONFIG(verifypeer)) {
failf(data,
- "error setting certificate verify locations:\n"
- " CAfile: %s\n CApath: %s",
+ "error setting certificate verify locations: "
+ " CAfile: %s CApath: %s",
SSL_CONN_CONFIG(CAfile) ?
SSL_CONN_CONFIG(CAfile) : "none",
SSL_CONN_CONFIG(CApath) ?
@@ -173,13 +173,10 @@ mesalink_connect_step1(struct connectdata *conn, int
sockindex)
else {
infof(data, "successfully set certificate verify locations:\n");
}
- infof(data,
- " CAfile: %s\n"
- " CApath: %s\n",
- SSL_CONN_CONFIG(CAfile)?
- SSL_CONN_CONFIG(CAfile): "none",
- SSL_CONN_CONFIG(CApath)?
- SSL_CONN_CONFIG(CApath): "none");
+ infof(data, " CAfile: %s\n",
+ SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile): "none");
+ infof(data, " CApath: %s\n",
+ SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath): "none");
}
if(SSL_SET_OPTION(cert) && SSL_SET_OPTION(key)) {
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 0f0d1ee6c..f1ae98f98 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1631,9 +1631,8 @@ static CURLcode nss_load_ca_certificates(struct
connectdata *conn,
if(capath && !capath[0])
capath = NULL;
- infof(data, " CAfile: %s\n CApath: %s\n",
- cafile ? cafile : "none",
- capath ? capath : "none");
+ infof(data, " CAfile: %s\n", cafile ? cafile : "none");
+ infof(data, " CApath: %s\n", capath ? capath : "none");
/* load libnssckbi.so if no other trust roots were specified */
use_trust_module = !cafile && !capath;
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 1685a4aa4..4bfd040d3 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2978,7 +2978,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
/* Continue with a warning if no certificate verif is required. */
infof(data, "error setting certificate file, continuing anyway\n");
}
- infof(data, " CAfile: %s\n", ssl_cafile);
+ infof(data, " CAfile: %s\n", ssl_cafile);
}
if(ssl_capath) {
if(!SSL_CTX_load_verify_dir(backend->ctx, ssl_capath)) {
@@ -2990,7 +2990,7 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
/* Continue with a warning if no certificate verif is required. */
infof(data, "error setting certificate path, continuing anyway\n");
}
- infof(data, " CApath: %s\n", ssl_capath);
+ infof(data, " CApath: %s\n", ssl_capath);
}
}
#else
@@ -3000,8 +3000,8 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
if(verifypeer && !imported_native_ca) {
/* Fail if we insist on successfully verifying the server. */
- failf(data, "error setting certificate verify locations:\n"
- " CAfile: %s\n CApath: %s",
+ failf(data, "error setting certificate verify locations:"
+ " CAfile: %s CApath: %s",
ssl_cafile ? ssl_cafile : "none",
ssl_capath ? ssl_capath : "none");
return CURLE_SSL_CACERT_BADFILE;
@@ -3015,11 +3015,8 @@ static CURLcode ossl_connect_step1(struct connectdata
*conn, int sockindex)
/* Everything is fine. */
infof(data, "successfully set certificate verify locations:\n");
}
- infof(data,
- " CAfile: %s\n"
- " CApath: %s\n",
- ssl_cafile ? ssl_cafile : "none",
- ssl_capath ? ssl_capath : "none");
+ infof(data, " CAfile: %s\n", ssl_cafile ? ssl_cafile : "none");
+ infof(data, " CApath: %s\n", ssl_capath ? ssl_capath : "none");
}
#endif
diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c
index 7b2a124e4..1428032b6 100644
--- a/lib/vtls/wolfssl.c
+++ b/lib/vtls/wolfssl.c
@@ -353,8 +353,8 @@ wolfssl_connect_step1(struct connectdata *conn,
SSL_CONN_CONFIG(CApath))) {
if(SSL_CONN_CONFIG(verifypeer)) {
/* Fail if we insist on successfully verifying the server. */
- failf(data, "error setting certificate verify locations:\n"
- " CAfile: %s\n CApath: %s",
+ failf(data, "error setting certificate verify locations:"
+ " CAfile: %s CApath: %s",
SSL_CONN_CONFIG(CAfile)?
SSL_CONN_CONFIG(CAfile): "none",
SSL_CONN_CONFIG(CApath)?
@@ -372,13 +372,10 @@ wolfssl_connect_step1(struct connectdata *conn,
/* Everything is fine. */
infof(data, "successfully set certificate verify locations:\n");
}
- infof(data,
- " CAfile: %s\n"
- " CApath: %s\n",
- SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile):
- "none",
- SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath):
- "none");
+ infof(data, " CAfile: %s\n",
+ SSL_CONN_CONFIG(CAfile) ? SSL_CONN_CONFIG(CAfile) : "none");
+ infof(data, " CApath: %s\n",
+ SSL_CONN_CONFIG(CApath) ? SSL_CONN_CONFIG(CApath) : "none");
}
/* Load the client certificate, and private key */
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [gnurl] branch master updated (7bd28f373 -> 6fcba0825), gnunet, 2021/01/12
- [gnurl] 09/411: runtests: make cleardir() erase dot files too, gnunet, 2021/01/12
- [gnurl] 05/411: runtests: clear pid variables when failing to start a server, gnunet, 2021/01/12
- [gnurl] 02/411: RELEASE-NOTES: synced, gnunet, 2021/01/12
- [gnurl] 03/411: dist: add missing CMake Find modules to the distribution, gnunet, 2021/01/12
- [gnurl] 01/411: tls: provide the CApath verbose log on its own line,
gnunet <=
- [gnurl] 07/411: Makefile.m32: add ability to override zstd libs [ci skip], gnunet, 2021/01/12
- [gnurl] 06/411: runtests: avoid 'fail to start' repeated messages in attempt loops, gnunet, 2021/01/12
- [gnurl] 08/411: KNOWN_BUGS: 'no_proxy' string-matches IPv6 numerical addreses, gnunet, 2021/01/12
- [gnurl] 33/411: curl_get_line: build only if cookies or alt-svc are enabled, gnunet, 2021/01/12
- [gnurl] 04/411: TODO: Virtual external sockets, gnunet, 2021/01/12
- [gnurl] 25/411: multi: expand pre-check for socket readiness, gnunet, 2021/01/12
- [gnurl] 14/411: curl: support XDG_CONFIG_HOME to find .curlrc, gnunet, 2021/01/12
- [gnurl] 20/411: docs: --output-dir is added in 7.73.0, nothing else, gnunet, 2021/01/12
- [gnurl] 34/411: socketpair: allow CURL_DISABLE_SOCKETPAIR, gnunet, 2021/01/12
- [gnurl] 22/411: select: fix poll-based check not detecting connect failure, gnunet, 2021/01/12