[crypto,tls] only print fingerprint in log

printing the whole PEM to log is too verbose, just use the fingerprint
instead.
This commit is contained in:
Armin Novak 2023-10-25 12:56:01 +02:00 committed by akallabeth
parent 687ed017d3
commit 32c65dbdfc

View File

@ -1590,7 +1590,11 @@ int tls_verify_certificate(rdpTls* tls, const rdpCertificate* cert, const char*
tls_print_certificate_name_mismatch_error(hostname, port, common_name,
dns_names, dns_names_count);
tls_print_new_certificate_warn(tls->certificate_store, hostname, port, pem);
{
char* efp = freerdp_certificate_get_fingerprint(cert);
tls_print_new_certificate_warn(tls->certificate_store, hostname, port, efp);
free(efp);
}
/* Automatically accept certificate on first use */
if (tls->settings->AutoAcceptCertificate)
@ -1652,8 +1656,12 @@ int tls_verify_certificate(rdpTls* tls, const rdpCertificate* cert, const char*
freerdp_certificate_store_load_data(tls->certificate_store, hostname, port);
/* entry was found in known_hosts file, but fingerprint does not match. ask user
* to use it */
{
char* efp = freerdp_certificate_get_fingerprint(cert);
tls_print_certificate_error(tls->certificate_store, stored_data, hostname, port,
pem);
efp);
free(efp);
}
if (!stored_data)
WLog_WARN(TAG, "Failed to get certificate entry for %s:%" PRIu16 "", hostname,