diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-04-20 12:45:56 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-04-20 12:46:14 +0200 |
commit | ca3ea05b9b6b45d151c6e80247387c1767afe633 (patch) | |
tree | f403e8fc353ca8183352b735d9b249f76e4a1f8e /src | |
parent | 09f63be30d61c557e7596664b1e3f39deca30bb6 (diff) | |
download | gnutls-ca3ea05b9b6b45d151c6e80247387c1767afe633.tar.gz |
gnutls-serv: print when the peer's certificate is not verified
Diffstat (limited to 'src')
-rw-r--r-- | src/serv.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/serv.c b/src/serv.c index a1f9adfa8e..f29b0d8570 100644 --- a/src/serv.c +++ b/src/serv.c @@ -300,13 +300,17 @@ int ret; if (!require_cert && gnutls_certificate_get_peers(session, &size) == NULL) return 0; - if ((require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) && cert_verify(session, NULL, NULL) == 0) { - do { - ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED); - } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); + if (require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) { + if (cert_verify(session, NULL, NULL) == 0) { + do { + ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED); + } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN); - j->http_state = HTTP_STATE_CLOSING; - return -1; + j->http_state = HTTP_STATE_CLOSING; + return -1; + } + } else { + printf("- Peer's certificate was NOT verified.\n"); } } return 0; |