summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2015-04-20 12:45:56 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2015-04-20 12:46:14 +0200
commitca3ea05b9b6b45d151c6e80247387c1767afe633 (patch)
treef403e8fc353ca8183352b735d9b249f76e4a1f8e /src
parent09f63be30d61c557e7596664b1e3f39deca30bb6 (diff)
downloadgnutls-ca3ea05b9b6b45d151c6e80247387c1767afe633.tar.gz
gnutls-serv: print when the peer's certificate is not verified
Diffstat (limited to 'src')
-rw-r--r--src/serv.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/serv.c b/src/serv.c
index a1f9adfa8e..f29b0d8570 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -300,13 +300,17 @@ int ret;
if (!require_cert && gnutls_certificate_get_peers(session, &size) == NULL)
return 0;
- if ((require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) && cert_verify(session, NULL, NULL) == 0) {
- do {
- ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED);
- } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
+ if (require_cert || ENABLED_OPT(VERIFY_CLIENT_CERT)) {
+ if (cert_verify(session, NULL, NULL) == 0) {
+ do {
+ ret = gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_ACCESS_DENIED);
+ } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
- j->http_state = HTTP_STATE_CLOSING;
- return -1;
+ j->http_state = HTTP_STATE_CLOSING;
+ return -1;
+ }
+ } else {
+ printf("- Peer's certificate was NOT verified.\n");
}
}
return 0;