Record failure when we can't even parse a trust anchor, much less

check it (eg, recent AfriNIC incident). Fixes #187. svn path=/trunk/; revision=4382
author: Rob Austein <sra@hactrn.net> 2012-03-01 15:40:02 +0000
committer: Rob Austein <sra@hactrn.net> 2012-03-01 15:40:02 +0000
commit: 7d29acdd7ff4e737a66a4bd9d010146cbf6caa95 (patch)
tree: d7d6ea30f058428a022779cbfd3492683579a373 /rcynic
parent: 209270fdb7641c3e28b47a144bdb2d785ab30a9c (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/rcynic/rcynic.c b/rcynic/rcynic.c
index 2990ff75..4d5ce037 100644
--- a/rcynic/rcynic.c
+++ b/rcynic/rcynic.c
@@ -4591,6 +4591,7 @@ static X509 *read_ta(rcynic_ctx_t *rc,
   EVP_PKEY_free(xpkey);
   if (match)
     return x;
+  log_validation_status(rc, uri, object_rejected, generation);
   X509_free(x);
   return NULL;
 }
author	Rob Austein <sra@hactrn.net>	2012-03-01 15:40:02 +0000
committer	Rob Austein <sra@hactrn.net>	2012-03-01 15:40:02 +0000
commit	7d29acdd7ff4e737a66a4bd9d010146cbf6caa95 (patch)
tree	d7d6ea30f058428a022779cbfd3492683579a373 /rcynic
parent	209270fdb7641c3e28b47a144bdb2d785ab30a9c (diff)