[Spice-commits] 2 commits - server/reds.c
Christophe Fergau
teuf at kemper.freedesktop.org
Mon Mar 5 01:25:16 PST 2012
server/reds.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
New commits:
commit 15808ea7f5f1246e738b9fce064aeabe45851c0e
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Thu Mar 1 19:10:04 2012 +0100
server: more logging about certificates used
This commit adds some log messages indicating which certificates
could be loaded (or not).
Fixes rhbz#787678
diff --git a/server/reds.c b/server/reds.c
index 3a98456..9d7521a 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -3086,7 +3086,9 @@ static void reds_init_ssl(void)
/* Load our keys and certificates*/
return_code = SSL_CTX_use_certificate_chain_file(reds->ctx, ssl_parameters.certs_file);
- if (return_code != 1) {
+ if (return_code == 1) {
+ red_printf("Loaded certificates from %s", ssl_parameters.certs_file);
+ } else {
red_error("Could not load certificates from %s", ssl_parameters.certs_file);
}
@@ -3094,14 +3096,18 @@ static void reds_init_ssl(void)
return_code = SSL_CTX_use_PrivateKey_file(reds->ctx, ssl_parameters.private_key_file,
SSL_FILETYPE_PEM);
- if (return_code != 1) {
+ if (return_code == 1) {
+ red_printf("Using private key from %s", ssl_parameters.private_key_file);
+ } else {
red_error("Could not use private key file");
}
/* Load the CAs we trust*/
return_code = SSL_CTX_load_verify_locations(reds->ctx, ssl_parameters.ca_certificate_file, 0);
- if (return_code != 1) {
- red_error("Could not use ca file");
+ if (return_code == 1) {
+ red_printf("Loaded CA certificates from %s", ssl_parameters.ca_certificate_file);
+ } else {
+ red_error("Could not use CA file %s", ssl_parameters.ca_certificate_file);
}
#if (OPENSSL_VERSION_NUMBER < 0x00905100L)
commit 8f8e73986ba051e1fb10f4d73ef3f0445b399186
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Thu Mar 1 18:46:24 2012 +0100
Add log for invalid/expired tickets
Currently, when a ticket has already expired, or is invalid, there is
no qemu log to tell what went wrong. This commit adds such a log.
Fixes rhbz#787669
diff --git a/server/reds.c b/server/reds.c
index 797d9d5..3a98456 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -1860,6 +1860,11 @@ static void reds_handle_ticket(void *opaque)
}
if (expired || strncmp(password, taTicket.password, SPICE_MAX_PASSWORD_LENGTH) != 0) {
+ if (expired) {
+ red_printf("Ticket has expired");
+ } else {
+ red_printf("Invalid password");
+ }
reds_send_link_result(link, SPICE_LINK_ERR_PERMISSION_DENIED);
reds_link_free(link);
return;
More information about the Spice-commits
mailing list