additional debug line makes certificate status checking more understandable

author Andreas Steffen <andreas.steffen@strongswan.org>

Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)
author Andreas Steffen <andreas.steffen@strongswan.org>
Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)
diff --git a/src/charon/credentials/credential_manager.c b/src/charon/credentials/credential_manager.c

index 0523680..948cb3a 100644 (file)
--- a/src/charon/credentials/credential_manager.c
+++ b/src/charon/credentials/credential_manager.c
@@ -329,7 +329,7 @@ static certificate_t *fetch_ocsp(private_credential_manager_t *this, char *url,
         send = request->get_encoding(request);
         request->destroy(request);
  
-       DBG1(DBG_CFG, "requesting ocsp status from '%s' ...", url);
+       DBG1(DBG_CFG, "  requesting ocsp status from '%s' ...", url);
         /* TODO: unlock manager while fetching? */
         if (lib->fetcher->fetch(lib->fetcher, url, &receive, 
                                                         FETCH_REQUEST_DATA, send,
@@ -554,7 +554,7 @@ static certificate_t* fetch_crl(private_credential_manager_t *this, char *url)
         chunk_t chunk;
         
         /* TODO: unlock the manager while fetching? */
-       DBG1(DBG_CFG, "fetching crl from '%s' ...", url);
+       DBG1(DBG_CFG, "  fetching crl from '%s' ...", url);
         if (lib->fetcher->fetch(lib->fetcher, url, &chunk, FETCH_END) != SUCCESS)
         {
                 DBG1(DBG_CFG, "crl fetching failed");
@@ -692,7 +692,7 @@ static cert_validation_t check_crl(private_credential_manager_t *this,
                         best = get_better_crl(this, current, best, subject, issuer, &valid);
                         if (best && valid != VALIDATION_STALE)
                         {
-                               DBG1(DBG_CFG, "found cached crl");
+                               DBG1(DBG_CFG, "  using cached crl");
                                 break;
                         }
                 }
@@ -777,6 +777,11 @@ static bool check_certificate(private_credential_manager_t *this,
         if (issuer->get_type(issuer) == CERT_X509 &&
                 subject->get_type(subject) == CERT_X509)
         {
+               if (ocsp || crl)
+               {
+                       DBG1(DBG_CFG, "checking certificate status of \"%D\"",
+                                                  subject->get_subject(subject));
+               }
                 if (ocsp)
                 {
                         switch (check_ocsp(this, (x509_t*)subject, (x509_t*)issuer, auth))
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Wed, 2 Apr 2008 06:25:59 +0000 (06:25 -0000)