|
 |
7a8c6d |
From 6627c9d346b887016afa92664f690a0310d4ce00 Mon Sep 17 00:00:00 2001
|
|
|
7a8c6d |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
7a8c6d |
Date: Mon, 2 Apr 2018 13:31:32 -0400
|
|
|
7a8c6d |
Subject: [PATCH 21/25] On PKCS#7 verify failures log the PKCS#7 file, fix
|
|
|
7a8c6d |
variable used
|
|
|
7a8c6d |
|
|
|
7a8c6d |
results was being used in place of results2.
|
|
|
7a8c6d |
|
|
|
7a8c6d |
In practice it would be the result of GetCACaps which means it would
|
|
|
7a8c6d |
log _something_, just not the failed PKCS#7 file.
|
|
|
7a8c6d |
---
|
|
|
7a8c6d |
src/scep.c | 7 +++++--
|
|
|
7a8c6d |
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
7a8c6d |
|
|
|
7a8c6d |
diff --git a/src/scep.c b/src/scep.c
|
|
|
7a8c6d |
index 0dbdcd7..5dd362d 100644
|
|
|
7a8c6d |
--- a/src/scep.c
|
|
|
7a8c6d |
+++ b/src/scep.c
|
|
|
7a8c6d |
@@ -920,15 +920,18 @@ main(int argc, const char **argv)
|
|
|
7a8c6d |
if (i != 0) {
|
|
|
7a8c6d |
printf(_("Error: failed to verify signature on "
|
|
|
7a8c6d |
"server response.\n"));
|
|
|
7a8c6d |
+ cm_log(1, "Error: failed to verify signature on "
|
|
|
7a8c6d |
+ "server response.\n");
|
|
|
7a8c6d |
while ((error = ERR_get_error()) != 0) {
|
|
|
7a8c6d |
memset(buf, '\0', sizeof(buf));
|
|
|
7a8c6d |
ERR_error_string_n(error, buf, sizeof(buf));
|
|
|
7a8c6d |
cm_log(1, "%s\n", buf);
|
|
|
7a8c6d |
}
|
|
|
7a8c6d |
- s = cm_store_base64_from_bin(ctx, (unsigned char *) results,
|
|
|
7a8c6d |
- results_length);
|
|
|
7a8c6d |
+ s = cm_store_base64_from_bin(ctx, (unsigned char *) results2,
|
|
|
7a8c6d |
+ results_length2);
|
|
|
7a8c6d |
s = cm_submit_u_pem_from_base64("PKCS7", 0, s);
|
|
|
7a8c6d |
fprintf(stderr, "%s", s);
|
|
|
7a8c6d |
+ cm_log(1, "%s", s);
|
|
|
7a8c6d |
free(s);
|
|
|
7a8c6d |
return CM_SUBMIT_STATUS_UNREACHABLE;
|
|
|
7a8c6d |
}
|
|
|
7a8c6d |
--
|
|
|
7a8c6d |
1.8.3.1
|
|
|
7a8c6d |
|