isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Include the cert or ca file in error messages where applicable.

Browse Source
This commit is contained in:
Todd C. Miller
2022-05-17 10:44:18 -06:00
parent a82fe9aa06
commit 69fa04f069
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
logsrvd/tls_init.c
View File

@@ -78,7 +78,7 @@ verify_cert_chain(SSL_CTX *ctx, const char *cert_file)
if (!SSL_CTX_get0_chain_certs(ctx, &chain_certs)) {
errstr = ERR_reason_error_string(ERR_get_error());
sudo_warnx("SSL_CTX_get0_chain_certs: %s",
sudo_warnx("SSL_CTX_get0_chain_certs: %s: %s", cert_file,
errstr ? errstr : strerror(errno));
goto done;
}
@@ -98,7 +98,7 @@ verify_cert_chain(SSL_CTX *ctx, const char *cert_file)
if (X509_verify_cert(store_ctx) <= 0) {
errstr =
X509_verify_cert_error_string(X509_STORE_CTX_get_error(store_ctx));
sudo_warnx("X509_verify_cert: %s", errstr);
sudo_warnx("X509_verify_cert: %s: %s", cert_file, errstr);
goto done;
}
@@ -304,7 +304,7 @@ init_tls_context(const char *ca_bundle_file, const char *cert_file,
if (SSL_CTX_load_verify_locations(ctx, ca_bundle_file, NULL) <= 0) {
errstr = ERR_reason_error_string(ERR_get_error());
sudo_warnx("SSL_CTX_load_verify_locations: %s",
sudo_warnx("SSL_CTX_load_verify_locations: %s: %s", ca_bundle_file,
errstr ? errstr : strerror(errno));
goto bad;
}