diff options
author | Bernhard Schmidt <berni@debian.org> | 2020-08-15 21:29:54 +0200 |
---|---|---|
committer | Bernhard Schmidt <berni@debian.org> | 2020-08-15 21:29:54 +0200 |
commit | 7c229d538824cb679351220ad8911f7b2daa7c23 (patch) | |
tree | 5c4d64b60da9018c7db3a9335a9787d326beade3 /src/openvpn/ssl_verify_mbedtls.c | |
parent | d3986a312f5fbcfd0e78e6b147eef419fb4e5f54 (diff) | |
parent | 1079962e4c06f88a54e50d997c1b7e84303d30b4 (diff) |
Update upstream source from tag 'upstream/2.5_beta1'
Update to upstream version '2.5~beta1'
with Debian dir d53f9a482ac24eb491a294b26c24bb1d87afad24
Diffstat (limited to 'src/openvpn/ssl_verify_mbedtls.c')
-rw-r--r-- | src/openvpn/ssl_verify_mbedtls.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index 2d019ab..9389103 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -34,7 +34,7 @@ #include "syshead.h" -#if defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_MBEDTLS) +#if defined(ENABLE_CRYPTO_MBEDTLS) #include "crypto_mbedtls.h" #include "ssl_verify.h" @@ -68,6 +68,7 @@ verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, int ret = 0; char errstr[512] = { 0 }; char *subject = x509_get_subject(cert, &gc); + char *serial = backend_x509_get_serial(cert, &gc); ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr)-1, "", *flags); if (ret <= 0 && !openvpn_snprintf(errstr, sizeof(errstr), @@ -82,8 +83,8 @@ verify_callback(void *session_obj, mbedtls_x509_crt *cert, int cert_depth, if (subject) { - msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, subject=%s: %s", - cert_depth, subject, errstr); + msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, subject=%s, serial=%s: %s", + cert_depth, subject, serial ? serial : "<not available>", errstr); } else { @@ -550,4 +551,4 @@ tls_verify_crl_missing(const struct tls_options *opt) return false; } -#endif /* #if defined(ENABLE_CRYPTO) && defined(ENABLE_CRYPTO_MBEDTLS) */ +#endif /* #if defined(ENABLE_CRYPTO_MBEDTLS) */ |