]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3fdf09a) | patch
Improve PKINIT OpenSSL error reporting 324/head
authorGreg Hudson <ghudson@mit.edu>
Mon, 7 Sep 2015 18:32:06 +0000 (14:32 -0400)
committerGreg Hudson <ghudson@mit.edu>
Thu, 10 Sep 2015 16:15:45 +0000 (12:15 -0400)
commit7621d2f9a87214327ca3b2594e34dc7cea84596b
tree023d6207575ca5498d5967cc0f12080983f3b44atree
parent3fdf09ac9a36581b47f40c9d177e463cc12687ffcommit | diff
Improve PKINIT OpenSSL error reporting

When a non-trivial OpenSSL function fails during PKINIT processing,
try to ensure that the error message includes an indication of the
what PKINIT was doing and the reason for the first queued OpenSSL
error, and flush all queued OpenSSL errors to the trace log.  For
certificate verification failures, also include the higher-level error
from the cert store.  Add new helper functions oerr() and oerr_cert()
to minimize the amount of code needed to handle each error.

ticket: 8242 (new)
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c diff | blob | blame | history
src/plugins/preauth/pkinit/pkinit_trace.h diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git