lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Always print detailed cert errors in test programs

Browse Source 
Previously the client was only printing them on handshake success, and
the server was printing them on success and some but not all failures.

This makes ssl-opt.sh more consistent as we can always check for the
presence of the expected message in the output, regardless of whether
the failure is hard or soft.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2024-08-08 10:56:41 +02:00
parent ef41d8ccbe
commit 013d0798c0
3 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
programs/ssl/ssl_server2.c
View File

@ -3504,7 +3504,8 @@ handshake:
(unsigned int) -ret);
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ||
ret == MBEDTLS_ERR_SSL_BAD_CERTIFICATE) {
char vrfy_buf[512];
flags = mbedtls_ssl_get_verify_result(&ssl);