generate debug output if ocsp response does not contain status information for a...
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 2 Apr 2008 14:28:17 +0000 (14:28 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 2 Apr 2008 14:28:17 +0000 (14:28 -0000)
src/charon/credentials/credential_manager.c
src/charon/sa/tasks/ike_cert_pre.c

index 948cb3a..1e01249 100644 (file)
@@ -426,6 +426,7 @@ static certificate_t *get_better_ocsp(private_credential_manager_t *this,
                default:
                case VALIDATION_FAILED:
                        /* candidate unusable, does not contain our cert */
+                       DBG1(DBG_CFG, "  ocsp response contains no status on our certificate");
                        cand->destroy(cand);
                        return best;
        }
@@ -479,12 +480,12 @@ static cert_validation_t check_ocsp(private_credential_manager_t *this,
                best = get_better_ocsp(this, current, best, subject, issuer, &valid);
                if (best && valid != VALIDATION_STALE)
                {
-                       DBG1(DBG_CFG, "found cached ocsp response");
+                       DBG1(DBG_CFG, "  using cached ocsp response");
                        break;
                }
        }
        enumerator->destroy(enumerator);
-       
+
        /* derive the authorityKeyIdentifier from the issuer's public key */
        current = &issuer->interface;
        public = current->get_public_key(current);
index 27d4870..643a842 100644 (file)
@@ -97,7 +97,7 @@ static void process_certreqs(private_ike_cert_pre_t *this, message_t *message)
                                else
                                {
                                        DBG1(DBG_IKE, "received cert request for unknown ca "
-                                                "\"%D\"", id);
+                                                                 "with keyid %D", id);
                                        auth->add_item(auth, AUTHN_CA_CERT_KEYID, id);
                                }
                                id->destroy(id);