2 files changed, 64 insertions, 10 deletions

diff --git a/src/common.c b/src/common.c
index f0fdf9e00d..01ecef9061 100644
--- a/src/common.c
+++ b/src/common.c
@@ -168,8 +168,8 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
 		return;
 	}
 
-	fprintf(out, "- Certificate type: X.509\n");
-	fprintf(out, "- Got a certificate list of %d certificates.\n",
+	log_msg(out, "- Certificate type: X.509\n");
+	log_msg(out, "- Got a certificate list of %d certificates.\n",
 	       cert_list_size);
 
 	for (j = 0; j < cert_list_size; j++) {
@@ -190,13 +190,13 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
 			return;
 		}
 
-		fprintf(out, "- Certificate[%d] info:\n - ", j);
+		log_msg(out, "- Certificate[%d] info:\n - ", j);
 		if (flag == GNUTLS_CRT_PRINT_COMPACT && j > 0)
 			flag = GNUTLS_CRT_PRINT_ONELINE;
 
 		ret = gnutls_x509_crt_print(crt, flag, &cinfo);
 		if (ret == 0) {
-			fprintf(out, "%s\n", cinfo.data);
+			log_msg(out, "%s\n", cinfo.data);
 			gnutls_free(cinfo.data);
 		}
 
@@ -212,9 +212,7 @@ print_x509_info(gnutls_session_t session, FILE *out, int flag, int print_cert, i
 				return;
 			}
 
-			fputs("\n", out);
-			fputs((char*)pem.data, out);
-			fputs("\n", out);
+			log_msg(out, "\n%s\n", (char*)pem.data);
 
 			gnutls_free(pem.data);
 		}
diff --git a/tests/logfile-option.sh b/tests/logfile-option.sh
index 64fa232c8b..1eb7a492f7 100755
--- a/tests/logfile-option.sh
+++ b/tests/logfile-option.sh
@@ -48,14 +48,16 @@ SERV="${SERV} -q"
 
 echo "Checking whether logfile option works."
 
-KEY1=${srcdir}/../doc/credentials/x509/key-rsa.pem
-CERT1=${srcdir}/../doc/credentials/x509/cert-rsa.pem
-OCSP1=${srcdir}/ocsp-tests/response1.der
+KEY1=${srcdir}/../doc/credentials/x509/example.com-key.pem
+CERT1=${srcdir}/../doc/credentials/x509/example.com-cert.pem
+CA1=${srcdir}/../doc/credentials/x509/ca.pem
 PSK=${srcdir}/psk.passwd
 
 TMPFILE1=save-data1.$$.tmp
 TMPFILE2=save-data2.$$.tmp
 
+OPTS="--sni-hostname example.com --verify-hostname example.com"
+
 eval "${GETPORT}"
 launch_server $$ --echo --priority NORMAL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=${PSK}
 PID=$!
@@ -110,4 +112,58 @@ else
 fi
 rm -f ${TMPFILE1} ${TMPFILE2}
 
+
+echo "x509 functionality test"
+eval "${GETPORT}"
+launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1}
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 ${OPTS} --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509cafile ${CA1}  </dev/null >${TMPFILE2}
+kill ${PID}
+wait
+
+if test -f ${TMPFILE1};then
+        echo "Logfile should not be created!"
+        exit 1
+fi
+if ! test -s ${TMPFILE2};then
+        echo "Stdout should not be empty!"
+        exit 1
+fi
+if grep -q "Handshake was completed" ${TMPFILE2};then
+        echo "Find the expected output!"
+else
+        echo "Cannot find the expected output!"
+        exit 1
+fi
+
+rm -f ${TMPFILE1} ${TMPFILE2}
+
+eval "${GETPORT}"
+launch_server $$ --echo --sni-hostname-fatal --sni-hostname example.com --x509keyfile ${KEY1} --x509certfile ${CERT1}
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 ${OPTS} --priority "NORMAL:-VERS-ALL:+VERS-TLS1.2" --x509cafile ${CA1} --logfile ${TMPFILE1} </dev/null >${TMPFILE2}
+kill ${PID}
+wait
+
+if ! test -f ${TMPFILE1};then
+       echo "Logfile shoule be created!"
+       exit 1
+fi
+if test -s ${TMPFILE2};then
+       echo "Stdout should be empty!"
+       exit 1
+fi
+
+if grep -q "Handshake was completed" ${TMPFILE1}; then
+       echo "Found the expected output!"
+else
+       echo "Cannot find the expected output!"
+       exit 1
+fi
+rm -f ${TMPFILE1} ${TMPFILE2}
+
 exit 0