{
X509 * current_cert= tmp_obj->data.x509;
X509_NAME_oneline(X509_get_subject_name(current_cert), CS name, sizeof(name));
+ txt[sizeof(name)-1] = '\0';
debug_printf(" %s\n", name);
}
}
#endif
X509_NAME_oneline(X509_get_subject_name(cert), CS txt, sizeof(txt));
+txt[sizeof(txt)-1] = '\0';
if (state == 0)
{
- log_write(0, LOG_MAIN, "SSL verify error: depth=%d error=%s cert=%s",
+ log_write(0, LOG_MAIN, "[%s] SSL verify error: depth=%d error=%s cert=%s",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address,
depth,
X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509ctx)),
txt);
tlsp->peercert = X509_dup(cert);
if ((yield = event_raise(ev, US"tls:cert", string_sprintf("%d", depth))))
{
- log_write(0, LOG_MAIN, "SSL verify denied by event-action: "
- "depth=%d cert=%s: %s", depth, txt, yield);
+ log_write(0, LOG_MAIN, "[%s] SSL verify denied by event-action: "
+ "depth=%d cert=%s: %s",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address,
+ depth, txt, yield);
*calledp = TRUE;
if (!*optionalp)
return 0; /* reject */
{
if (rc < 0)
{
- log_write(0, LOG_MAIN, "SSL verify error: internal error\n");
+ log_write(0, LOG_MAIN, "[%s] SSL verify error: internal error\n",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address);
name = NULL;
}
break;
if (!name)
{
log_write(0, LOG_MAIN,
- "SSL verify error: certificate name mismatch: \"%s\"\n", txt);
+ "[%s] SSL verify error: certificate name mismatch: \"%s\"\n",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address,
+ txt);
*calledp = TRUE;
if (!*optionalp)
return 0; /* reject */
if (!tls_is_name_for_cert(verify_cert_hostnames, cert))
{
log_write(0, LOG_MAIN,
- "SSL verify error: certificate name mismatch: \"%s\"\n", txt);
+ "[%s] SSL verify error: certificate name mismatch: \"%s\"\n",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address,
+ txt);
*calledp = TRUE;
if (!*optionalp)
return 0; /* reject */
if (ev)
if ((yield = event_raise(ev, US"tls:cert", US"0")))
{
- log_write(0, LOG_MAIN, "SSL verify denied by event-action: "
- "depth=0 cert=%s: %s", txt, yield);
+ log_write(0, LOG_MAIN, "[%s] SSL verify denied by event-action: "
+ "depth=0 cert=%s: %s",
+ tlsp == &tls_out ? deliver_host_address : sender_host_address,
+ txt, yield);
*calledp = TRUE;
if (!*optionalp)
return 0; /* reject */
#endif
X509_NAME_oneline(X509_get_subject_name(cert), CS txt, sizeof(txt));
+txt[sizeof(txt)-1] = '\0';
DEBUG(D_tls) debug_printf("verify_callback_client_dane: %s\n", txt);
tls_out.peerdn = txt;
{
tls_out.peerdn = US X509_NAME_oneline(X509_get_subject_name(server_cert),
CS txt, sizeof(txt));
+ txt[sizeof(txt)-1] = '\0';
tls_out.peerdn = txt; /*XXX a static buffer... */
}
else