From: Jeremy Harris Date: Sun, 20 Oct 2019 14:30:47 +0000 (+0100) Subject: OpenSSL: clarify log line for nonreceived required stapling X-Git-Tag: exim-4.93-RC1~23 X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=140036346c238d6126ea0dea5b7133c77316937c OpenSSL: clarify log line for nonreceived required stapling --- diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 247da092f..1e3be6e32 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -1841,13 +1841,13 @@ OCSP_RESPONSE * rsp; OCSP_BASICRESP * bs; int i; -DEBUG(D_tls) debug_printf("Received TLS status response (OCSP stapling):\n"); +DEBUG(D_tls) debug_printf("Received TLS status callback (OCSP stapling):\n"); len = SSL_get_tlsext_status_ocsp_resp(s, &p); if(!p) { /* Expect this when we requested ocsp but got none */ if (cbinfo->u_ocsp.client.verify_required && LOGGING(tls_cipher)) - log_write(0, LOG_MAIN, "Received TLS status callback, null content"); + log_write(0, LOG_MAIN, "Required TLS certificate status not received"); else DEBUG(D_tls) debug_printf(" null\n"); return cbinfo->u_ocsp.client.verify_required ? 0 : 1; diff --git a/test/log/5601 b/test/log/5601 index e9a22fc75..93969ab65 100644 --- a/test/log/5601 +++ b/test/log/5601 @@ -8,7 +8,7 @@ 1999-03-02 09:44:33 10HmbB-0005vi-00 => CALLER@test.ex R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmbB-0005vi-00 Completed 1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss for CALLER@test.ex -1999-03-02 09:44:33 10HmbD-0005vi-00 Received TLS status callback, null content +1999-03-02 09:44:33 10HmbD-0005vi-00 Required TLS certificate status not received 1999-03-02 09:44:33 10HmbD-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <> 1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss for CALLER@test.ex 1999-03-02 09:44:33 10HmbE-0005vi-00 Server certificate revoked; reason: superseded diff --git a/test/log/5611 b/test/log/5611 index 1262992b9..5b8405aaf 100644 --- a/test/log/5611 +++ b/test/log/5611 @@ -8,7 +8,7 @@ 1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER@test.ex R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmbA-0005vi-00 Completed 1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss -1999-03-02 09:44:33 10HmbD-0005vi-00 Received TLS status callback, null content +1999-03-02 09:44:33 10HmbD-0005vi-00 Required TLS certificate status not received 1999-03-02 09:44:33 10HmbD-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <> 1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss 1999-03-02 09:44:33 10HmbE-0005vi-00 Server certificate revoked; reason: superseded diff --git a/test/log/5740 b/test/log/5740 index 621aefb14..5b74bfbd1 100644 --- a/test/log/5740 +++ b/test/log/5740 @@ -15,7 +15,7 @@ 1999-03-02 09:44:33 10HmbD-0005vi-00 client ocsp status: 4 (verified) 1999-03-02 09:44:33 10HmbD-0005vi-00 Completed 1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss for failrequire@test.ex -1999-03-02 09:44:33 10HmbF-0005vi-00 Received TLS status callback, null content +1999-03-02 09:44:33 10HmbF-0005vi-00 Required TLS certificate status not received 1999-03-02 09:44:33 10HmbF-0005vi-00 client ocsp status: 1 (notresp) 1999-03-02 09:44:33 10HmbF-0005vi-00 == failrequire@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <> 1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss for failrevoked@test.ex