]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17caeac)
Report OpenSSL errors at each stage of OCSP failure
authorNick Porter <nick@portercomputing.co.uk>
Wed, 22 Jan 2025 12:30:10 +0000 (12:30 +0000)
committerNick Porter <nick@portercomputing.co.uk>
Wed, 22 Jan 2025 12:30:10 +0000 (12:30 +0000)
src/main/tls.c patch | blob | blame | history

diff --git a/src/main/tls.c b/src/main/tls.c
index 2c67a44325b1faf83e824b1acef390db9290d9de..6742a5ea650302f27b7f7e0d3eafa1665ed4ac2c 100644 (file)
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -2821,7 +2821,7 @@ static ocsp_status_t ocsp_check(REQUEST *request, X509_STORE *store, X509 *issue
        }
        bresp = OCSP_response_get1_basic(resp);
        if (!bresp) {
-               RDEBUG("ocsp: Failed parsing response");
+               tls_error_log(request, "ocsp: Failed parsing response");
                goto ocsp_end;
        }
 
@@ -2830,13 +2830,13 @@ static ocsp_status_t ocsp_check(REQUEST *request, X509_STORE *store, X509 *issue
                goto ocsp_end;
        }
        if (OCSP_basic_verify(bresp, untrusted, store, 0)!=1){
-               REDEBUG("ocsp: Couldn't verify OCSP basic response");
+               tls_error_log(request, "ocsp: Couldn't verify OCSP basic response");
                goto ocsp_end;
        }
 
        /*      Verify OCSP cert status */
        if (!OCSP_resp_find_status(bresp, certid, &status, &reason, &rev, &thisupd, &nextupd)) {
-               REDEBUG("ocsp: No Status found");
+               tls_error_log(request, "ocsp: No Status found");
                goto ocsp_end;
        }
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git