Commit 80fb91ea authored by Sebastien Decugis's avatar Sebastien Decugis
Browse files

Added number of CA certificates for debug

parent 2e57ae8b
......@@ -129,7 +129,7 @@ void fd_conf_dump()
fd_log_debug(" TLS : - Certificate .. : %s\n", fd_g_config->cnf_sec_data.cert_file ?: "(NONE)");
fd_log_debug(" - Private key .. : %s\n", fd_g_config->cnf_sec_data.key_file ?: "(NONE)");
fd_log_debug(" - CA (trust) ... : %s\n", fd_g_config->cnf_sec_data.ca_file ?: "(none)");
fd_log_debug(" - CA (trust) ... : %s (%d certs)\n", fd_g_config->cnf_sec_data.ca_file ?: "(none)", fd_g_config->cnf_sec_data.ca_file_nr);
fd_log_debug(" - CRL .......... : %s\n", fd_g_config->cnf_sec_data.crl_file ?: "(none)");
fd_log_debug(" - Priority ..... : %s\n", fd_g_config->cnf_sec_data.prio_string ?: "(default: '" GNUTLS_DEFAULT_PRIORITY "')");
fd_log_debug(" - DH bits ...... : %d\n", fd_g_config->cnf_sec_data.dh_bits ?: GNUTLS_DEFAULT_DHBITS);
......
......@@ -455,7 +455,7 @@ tls_cred: TLS_CRED '=' QSTRING ',' QSTRING ';'
tls_ca: TLS_CA '=' QSTRING ';'
{
conf->cnf_sec_data.ca_file = $3;
CHECK_GNUTLS_DO( gnutls_certificate_set_x509_trust_file(
CHECK_GNUTLS_DO( conf->cnf_sec_data.ca_file_nr += gnutls_certificate_set_x509_trust_file(
conf->cnf_sec_data.credentials,
conf->cnf_sec_data.ca_file,
GNUTLS_X509_FMT_PEM),
......
......@@ -60,8 +60,9 @@ int main(int argc, char * argv[])
pthread_t sig_th;
sigset_t sig_all;
/* Block all signals */
memset(fd_g_config, 0, sizeof(struct fd_config));
/* Block all signals */
sigfillset(&sig_all);
CHECK_POSIX( pthread_sigmask(SIG_BLOCK, &sig_all, NULL) );
......
......@@ -94,6 +94,7 @@ struct fd_config {
char * key_file;
char * ca_file;
int ca_file_nr;
char * crl_file;
char * prio_string;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment