Hi, Attached an updated patch, which removes the stale 0 from %0x in the printf format string.
-Steffan
-----Original Message-----
From: Steffan Karger
Sent: maandag 18 maart 2013 17:38
To: openvpn-devel@lists.sourceforge.net
Cc: Steffan Karger
Subject: [PATCH 3/5] Improve verify_callback messages
From: Steffan Karger <steffan.kar...@fox-it.com>
Print the *flags argument, which - for PolarSSL-1.2 - contains the reasons that
the certificate failed (pre-)verification.
Signed-off-by: Joachim Schipper <joachim.schip...@fox-it.com>
---
src/openvpn/ssl_verify_polarssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_verify_polarssl.c
b/src/openvpn/ssl_verify_polarssl.c
index 653248f..e07f2b3 100644
--- a/src/openvpn/ssl_verify_polarssl.c
+++ b/src/openvpn/ssl_verify_polarssl.c
@@ -63,10 +63,10 @@ verify_callback (void *session_obj, x509_cert *cert, int
cert_depth,
char *subject = x509_get_subject(cert, &gc);
if (subject)
- msg (D_TLS_ERRORS, "VERIFY ERROR: depth=%d, %s", cert_depth, subject);
+ msg (D_TLS_ERRORS, "VERIFY ERROR: depth=%d, flags=%0x, %s",
+cert_depth, *flags, subject);
else
- msg (D_TLS_ERRORS, "VERIFY ERROR: depth=%d, could not extract X509 "
- "subject string from certificate", cert_depth);
+ msg (D_TLS_ERRORS, "VERIFY ERROR: depth=%d, flags=%0x, could not
extract X509 "
+ "subject string from certificate", *flags, cert_depth);
/* Leave flags set to non-zero to indicate that the cert is not ok */
}
--
1.7.9.5
0003-Improve-verify_callback-messages.patch
Description: 0003-Improve-verify_callback-messages.patch
