if (ti->configured > 0) {
SU_DEBUG_1(("%s: invalid local certificate: %s\n",
"tls_init_context", ti->cert));
- tls_log_errors(1, "tls_init_context", 0);
+ tls_log_errors(3, "tls_init_context", 0);
#if require_client_certificate
errno = EIO;
return -1;
ti->key,
SSL_FILETYPE_PEM)) {
if (ti->configured > 0) {
- tls_log_errors(1, "tls_init_context", 0);
+ SU_DEBUG_1(("%s: invalid private key: %s\n",
+ "tls_init_context", ti->key));
+ tls_log_errors(3, "tls_init_context(key)", 0);
#if require_client_certificate
errno = EIO;
return -1;
if (!SSL_CTX_load_verify_locations(tls->ctx,
ti->CAfile,
ti->CApath)) {
+ SU_DEBUG_1(("%s: error loading CA list: %s\n",
+ "tls_init_context", ti->CAfile));
if (ti->configured > 0)
- tls_log_errors(1, "tls_init_context", 0);
+ tls_log_errors(3, "tls_init_context(CA)", 0);
errno = EIO;
return -1;
}
if (!SSL_CTX_set_cipher_list(tls->ctx, ti->cipher)) {
SU_DEBUG_1(("%s: error setting cipher list\n", "tls_init_context"));
- tls_log_errors(1, "tls_init_context", 0);
+ tls_log_errors(3, "tls_init_context", 0);
errno = EIO;
return -1;
}
su_home_zap(autohome);
if (!tlspri->tlspri_master) {
+ /*
if (!path || ti.configured) {
SU_DEBUG_1(("tls_init_master: %s\n", strerror(errno)));
}
else {
SU_DEBUG_5(("tls_init_master: %s\n", strerror(errno)));
}
+ */
return *return_culprit = "tls_init_master", -1;
+ } else {
+ char buf[TPORT_HOSTPORTSIZE];
+ su_sockaddr_t *sa = ai ? (void *)(ai->ai_addr) : NULL;
+ if (sa && tport_hostport(buf, sizeof(buf), sa, 2))
+ SU_DEBUG_5(("%s(%p): tls context initialized for %s\n", \
+ __func__, (void *)pri, buf));
}
if (tls_subjects)