There may be multiple intermediate certs.

author Alexander Chernikov <me@mpls.ie>

Sat, 6 Jul 2024 21:12:58 +0000 (17:12 -0400)

committer Alan T. DeKok <aland@freeradius.org>

Sat, 6 Jul 2024 21:14:02 +0000 (17:14 -0400)
author Alexander Chernikov <me@mpls.ie>
Sat, 6 Jul 2024 21:12:58 +0000 (17:12 -0400)
committer Alan T. DeKok <aland@freeradius.org>
Sat, 6 Jul 2024 21:14:02 +0000 (17:14 -0400)
diff --git a/src/main/tls.c b/src/main/tls.c

index 5f16ca39bfb1595d51c007ff5403bce1878ddc98..36750b4eb21f705e70bfb933e5378c149a6dc281 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -2906,10 +2906,6 @@ static char const *cert_attr_names[9][2] = {
  #define FR_TLS_SAN_UPN          (7)
  #define FR_TLS_VALID_SINCE     (8)
  
-static const char *cert_names[2] = {
-       "client", "server",
-};
-
  /*
   *     Before trusting a certificate, you must make sure that the
   *     certificate is 'valid'. There are several steps that your
@@ -3006,7 +3002,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
         buf[0] = '\0';
         sn = X509_get_serialNumber(client_cert);
  
-       RDEBUG2("(TLS) Creating attributes from %s certificate", cert_names[lookup]);
+       RDEBUG2("(TLS) Creating attributes from %d certificate in chain", lookup + 1);
         RINDENT();
  
         /*
author	Alexander Chernikov <me@mpls.ie>
	Sat, 6 Jul 2024 21:12:58 +0000 (17:12 -0400)
committer	Alan T. DeKok <aland@freeradius.org>
	Sat, 6 Jul 2024 21:14:02 +0000 (17:14 -0400)