vici: Log certificate constraints for loaded configs
authorTobias Brunner <tobias@strongswan.org>
Fri, 29 Nov 2019 11:16:43 +0000 (12:16 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 6 Dec 2019 09:07:47 +0000 (10:07 +0100)
src/libcharon/plugins/vici/vici_config.c

index 1bbad13..eb67929 100644 (file)
@@ -347,6 +347,7 @@ static void log_auth(auth_cfg_t *auth)
        union {
                uintptr_t u;
                identification_t *id;
+               certificate_t *cert;
                char *str;
        } v;
 
@@ -388,6 +389,12 @@ static void log_auth(auth_cfg_t *auth)
                        case AUTH_RULE_GROUP:
                                DBG2(DBG_CFG, "   group = %Y", v.id);
                                break;
+                       case AUTH_RULE_SUBJECT_CERT:
+                               DBG2(DBG_CFG, "   cert = %Y", v.cert->get_subject(v.cert));
+                               break;
+                       case AUTH_RULE_CA_CERT:
+                               DBG2(DBG_CFG, "   cacert = %Y", v.cert->get_subject(v.cert));
+                               break;
                        default:
                                break;
                }