diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-19 15:32:09 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-20 09:24:28 +0100 |
commit | a50d440e7984ed40361b58e962f2975531c01d83 (patch) | |
tree | 686ad6be2744457bfb36b1eb89f109a650d606a4 | |
parent | 81236f5f2295a25e43ef762ace01fc83af2207c6 (diff) | |
download | gnutls-a50d440e7984ed40361b58e962f2975531c01d83.tar.gz |
don't be so verbose about the OCSP nonce; it is universally unsupported
-rw-r--r-- | src/cli.c | 2 | ||||
-rw-r--r-- | src/ocsptool-common.c | 5 | ||||
-rw-r--r-- | src/ocsptool-common.h | 3 |
3 files changed, 6 insertions, 4 deletions
@@ -1781,7 +1781,7 @@ static int cert_verify_ocsp(gnutls_session_t session) } /* verify and check the response for revoked cert */ - ret = check_ocsp_response(cert, issuer, &resp, &nonce); + ret = check_ocsp_response(cert, issuer, &resp, &nonce, verbose); if (ret == 1) ok++; else diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c index c3af577f87..e880c41017 100644 --- a/src/ocsptool-common.c +++ b/src/ocsptool-common.c @@ -314,7 +314,7 @@ void print_ocsp_verify_res(unsigned int output) int check_ocsp_response(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, gnutls_datum_t * data, - gnutls_datum_t * nonce) + gnutls_datum_t * nonce, int verbose) { gnutls_ocsp_resp_t resp; int ret; @@ -409,7 +409,8 @@ check_ocsp_response(gnutls_x509_crt_t cert, ret = gnutls_ocsp_resp_get_nonce(resp, NULL, &rnonce); if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { - fprintf(stderr, "*** The OCSP reply did not include the requested nonce.\n"); + if (verbose) + fprintf(stderr, "*** The OCSP reply did not include the requested nonce.\n"); goto finish_ok; } diff --git a/src/ocsptool-common.h b/src/ocsptool-common.h index 5922cb0ae5..c8b130e479 100644 --- a/src/ocsptool-common.h +++ b/src/ocsptool-common.h @@ -42,6 +42,7 @@ void print_ocsp_verify_res(unsigned int output); int check_ocsp_response(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - gnutls_datum_t * data, gnutls_datum_t *nonce); + gnutls_datum_t * data, gnutls_datum_t *nonce, + int verbose); #endif |