Better error message for validation failures.

svn path=/rcynic/rcynic.c; revision=3232
author: Rob Austein <sra@hactrn.net> 2010-04-30 21:46:34 +0000
committer: Rob Austein <sra@hactrn.net> 2010-04-30 21:46:34 +0000
commit: 663db1d4510f5cdfe42565fb39ca87097189f4dc (patch)
tree: eab40aa0b1eabdaa8a27394face06b4c74891100
parent: b350539a721519baf4bf7832f7820545806f363f (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/rcynic/rcynic.c b/rcynic/rcynic.c
index 76cb610c..b9f99e6d 100644
--- a/rcynic/rcynic.c
+++ b/rcynic/rcynic.c
@@ -1776,11 +1776,15 @@ static int check_x509_cb(int ok, X509_STORE_CTX *ctx)
   }
 
   if (!ok)
+    /*
+     * Something went wrong, log the (allegedly) human readable error
+     * message and the chain depth.
+     */
     logmsg(rctx->rc, log_data_err,
-	   "Callback depth %d error %d cert %p issuer %p crl %p: %s",
-	   ctx->error_depth, ctx->error, ctx->current_cert,
-	   ctx->current_issuer, ctx->current_crl,
+	   "Rejected %s due to validation failure at depth %d: %s",
+	   rctx->subj->uri, ctx->error_depth, 
 	   X509_verify_cert_error_string(ctx->error));
+
   return ok;
 }
author	Rob Austein <sra@hactrn.net>	2010-04-30 21:46:34 +0000
committer	Rob Austein <sra@hactrn.net>	2010-04-30 21:46:34 +0000
commit	663db1d4510f5cdfe42565fb39ca87097189f4dc (patch)
tree	eab40aa0b1eabdaa8a27394face06b4c74891100
parent	b350539a721519baf4bf7832f7820545806f363f (diff)