Merge pull request #2928 from akallabeth/non_verbose_VerifyX509Certificate

Silenced VerifyX509Certificate logging.
This commit is contained in:
Bernhard Miklautz 2015-12-11 12:09:33 +01:00
commit b02943ae98

View File

@ -67,12 +67,12 @@ static int bio_rdp_tls_write(BIO* bio, const char* buf, int size)
return 0; return 0;
BIO_clear_flags(bio, BIO_FLAGS_WRITE | BIO_FLAGS_READ | BIO_FLAGS_IO_SPECIAL); BIO_clear_flags(bio, BIO_FLAGS_WRITE | BIO_FLAGS_READ | BIO_FLAGS_IO_SPECIAL);
EnterCriticalSection(&tls->lock); EnterCriticalSection(&tls->lock);
status = SSL_write(tls->ssl, buf, size); status = SSL_write(tls->ssl, buf, size);
error = SSL_get_error(tls->ssl, status); error = SSL_get_error(tls->ssl, status);
LeaveCriticalSection(&tls->lock); LeaveCriticalSection(&tls->lock);
if (status <= 0) if (status <= 0)
@ -126,12 +126,12 @@ static int bio_rdp_tls_read(BIO* bio, char* buf, int size)
BIO_clear_flags(bio, BIO_FLAGS_WRITE | BIO_FLAGS_READ | BIO_FLAGS_IO_SPECIAL); BIO_clear_flags(bio, BIO_FLAGS_WRITE | BIO_FLAGS_READ | BIO_FLAGS_IO_SPECIAL);
EnterCriticalSection(&tls->lock); EnterCriticalSection(&tls->lock);
status = SSL_read(tls->ssl, buf, size); status = SSL_read(tls->ssl, buf, size);
error = SSL_get_error(tls->ssl, status); error = SSL_get_error(tls->ssl, status);
LeaveCriticalSection(&tls->lock); LeaveCriticalSection(&tls->lock);
if (status <= 0) if (status <= 0)
{ {
switch (error) switch (error)
@ -394,7 +394,7 @@ static int bio_rdp_tls_new(BIO* bio)
return 0; return 0;
bio->ptr = (void*) tls; bio->ptr = (void*) tls;
InitializeCriticalSectionAndSpinCount(&tls->lock, 4000); InitializeCriticalSectionAndSpinCount(&tls->lock, 4000);
return 1; return 1;
@ -425,7 +425,7 @@ static int bio_rdp_tls_free(BIO* bio)
} }
DeleteCriticalSection(&tls->lock); DeleteCriticalSection(&tls->lock);
free(tls); free(tls);
return 1; return 1;
@ -1105,17 +1105,19 @@ int tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname, int por
status = -1; status = -1;
if (instance->VerifyX509Certificate) if (instance->VerifyX509Certificate)
{
status = instance->VerifyX509Certificate(instance, pemCert, length, hostname, port, tls->isGatewayTransport); status = instance->VerifyX509Certificate(instance, pemCert, length, hostname, port, tls->isGatewayTransport);
} else
WLog_ERR(TAG, "No VerifyX509Certificate callback registered!");
WLog_ERR(TAG, "(length = %d) status: %d%s", length, status, pemCert);
free(pemCert); free(pemCert);
BIO_free(bio); BIO_free(bio);
if (status < 0) if (status < 0)
{
WLog_ERR(TAG, "VerifyX509Certificate failed: (length = %d) status: [%d] %s",
length, status, pemCert);
return -1; return -1;
}
return (status == 0) ? 0 : 1; return (status == 0) ? 0 : 1;
} }