[exim-cvs] GnuTLS: trim error messages

Inizio della pagina
Questo messaggio è parte di questo thread:
Mil thread completo ordinato per data
MExim Git Commits Mailing List at <-
 
Delete this message
Reply to this message
Autore: Exim Git Commits Mailing List
Data:  
To: exim-cvs
Oggetto: [exim-cvs] GnuTLS: trim error messages
Gitweb: https://git.exim.org/exim.git/commitdiff/806db4f5016cd54177138fe1234b5dfa450d9c49
Commit:     806db4f5016cd54177138fe1234b5dfa450d9c49
Parent:     7bae7cad680786b64d57e7799ccb7596e091b1bb
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Feb 10 19:48:57 2019 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sun Feb 10 20:05:24 2019 +0000


    GnuTLS: trim error messages
---
 src/src/tls-gnu.c | 15 +++++++--------
 test/log/2000     |  2 +-
 test/log/2001     |  4 ++--
 test/log/2012     |  6 +++---
 test/log/2033     |  2 +-
 test/log/5651     |  2 +-
 test/log/5710     |  2 +-
 test/log/5730     |  2 +-
 test/log/5820     |  4 ++--
 test/log/5881     |  4 ++--
 10 files changed, 21 insertions(+), 22 deletions(-)


diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 7d52369..76f7333 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -362,7 +362,7 @@ Argument:
   state    the current GnuTLS exim state container
   rc       the GnuTLS error code, or 0 if it's a local error
   when     text identifying read or write
-  text     local error text when ec is 0
+  text     local error text when rc is 0


Returns: nothing
*/
@@ -374,7 +374,7 @@ const uschar * msg;
uschar * errstr; 

 if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED)
-  msg = string_sprintf("%s: %s", US gnutls_strerror(rc),
+  msg = string_sprintf("A TLS fatal alert has been received: %s",
     US gnutls_alert_get_name(gnutls_alert_get(state->session)));
 else
   msg = US gnutls_strerror(rc);
@@ -1557,10 +1557,9 @@ if (!cert_list || cert_list_size == 0)
   return OK;
   }


-ct = gnutls_certificate_type_get(state->session);
-if (ct != GNUTLS_CRT_X509)
+if ((ct = gnutls_certificate_type_get(state->session)) != GNUTLS_CRT_X509)
   {
-  const uschar *ctn = US gnutls_certificate_type_get_name(ct);
+  const uschar * ctn = US gnutls_certificate_type_get_name(ct);
   DEBUG(D_tls)
     debug_printf("TLS: peer cert not X.509 but instead \"%s\"\n", ctn);
   if (state->verify_requirement >= VERIFY_REQUIRED)
@@ -1636,7 +1635,7 @@ if (state->verify_requirement == VERIFY_NONE)
 DEBUG(D_tls) debug_printf("TLS: checking peer certificate\n");
 *errstr = NULL;


-if ((rc = peer_status(state, errstr)) != OK)
+if ((rc = peer_status(state, errstr)) != OK || !state->peerdn)
{
verify = GNUTLS_CERT_INVALID;
*errstr = US"certificate not supplied";
@@ -2695,7 +2694,7 @@ else if (inbytes == 0)

else if (inbytes < 0)
{
- DEBUG(D_tls) debug_printf("%s: err from gnutls_record_recv(\n", __FUNCTION__);
+ DEBUG(D_tls) debug_printf("%s: err from gnutls_record_recv\n", __FUNCTION__);
record_io_error(state, (int) inbytes, US"recv", NULL);
state->xfer_error = TRUE;
return FALSE;
@@ -2828,7 +2827,7 @@ if (inbytes == 0)
}
else
{
- DEBUG(D_tls) debug_printf("%s: err from gnutls_record_recv(\n", __FUNCTION__);
+ DEBUG(D_tls) debug_printf("%s: err from gnutls_record_recv\n", __FUNCTION__);
record_io_error(state, (int)inbytes, US"recv", NULL);
}

diff --git a/test/log/2000 b/test/log/2000
index 616cf97..cf1865c 100644
--- a/test/log/2000
+++ b/test/log/2000
@@ -7,5 +7,5 @@

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtp S=sss id=E10HmaX-0005vi-00@???
diff --git a/test/log/2001 b/test/log/2001
index 9671dd5..ca00ad5 100644
--- a/test/log/2001
+++ b/test/log/2001
@@ -8,5 +8,5 @@

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
diff --git a/test/log/2012 b/test/log/2012
index 49c32bd..9d46225 100644
--- a/test/log/2012
+++ b/test/log/2012
@@ -26,11 +26,11 @@

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received.: Certificate is bad
-1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaY-0005vi-00@???
1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@???
-1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-0005vi-00@???
1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbB-0005vi-00@???
1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbC-0005vi-00@???
diff --git a/test/log/2033 b/test/log/2033
index b273a32..cf0b230 100644
--- a/test/log/2033
+++ b/test/log/2033
@@ -13,7 +13,7 @@

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@???
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaY-0005vi-00@???
1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@???
diff --git a/test/log/5651 b/test/log/5651
index da0eb16..70e47fd 100644
--- a/test/log/5651
+++ b/test/log/5651
@@ -32,6 +32,6 @@
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated.
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated.
diff --git a/test/log/5710 b/test/log/5710
index ed0438c..6e9773c 100644
--- a/test/log/5710
+++ b/test/log/5710
@@ -44,7 +44,7 @@
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 [127.0.0.1] depth=0 CN=server2.example.com
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtp S=sss id=E10HmaX-0005vi-00@???
1999-03-02 09:44:33 [127.0.0.1] depth=0 CN=server2.example.com
1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server2.example.com" S=sss id=E10HmaY-0005vi-00@???
diff --git a/test/log/5730 b/test/log/5730
index 3f2da5f..d153f87 100644
--- a/test/log/5730
+++ b/test/log/5730
@@ -46,6 +46,6 @@
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated.
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated.
diff --git a/test/log/5820 b/test/log/5820
index 7cde6ac..6cfa689 100644
--- a/test/log/5820
+++ b/test/log/5820
@@ -104,7 +104,7 @@
1999-03-02 09:44:33 10HmbO-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbM-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmbO-0005vi-00 => :blackhole: <CALLER@???> R=server
1999-03-02 09:44:33 10HmbO-0005vi-00 Completed
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 "rcpt ACL"
1999-03-02 09:44:33 10HmbR-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: <CALLER@???> R=server
@@ -118,7 +118,7 @@
1999-03-02 09:44:33 10HmbX-0005vi-00 => :blackhole: <CALLER@???> R=server
1999-03-02 09:44:33 10HmbX-0005vi-00 Completed
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 "rcpt ACL"
1999-03-02 09:44:33 10HmcA-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmcA-0005vi-00 => :blackhole: <CALLER@???> R=server
diff --git a/test/log/5881 b/test/log/5881
index d23cb91..57b0ebf 100644
--- a/test/log/5881
+++ b/test/log/5881
@@ -82,7 +82,7 @@
1999-03-02 09:44:33 10HmbI-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbH-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmbI-0005vi-00 => :blackhole: <CALLER@???> R=server
1999-03-02 09:44:33 10HmbI-0005vi-00 Completed
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 "rcpt ACL"
1999-03-02 09:44:33 10HmbL-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmbL-0005vi-00 => :blackhole: <CALLER@???> R=server
@@ -92,7 +92,7 @@
1999-03-02 09:44:33 10HmbO-0005vi-00 => :blackhole: <CALLER@???> R=server
1999-03-02 09:44:33 10HmbO-0005vi-00 Completed
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received.: Certificate is bad
+1999-03-02 09:44:33 TLS error on connection from localhost [127.0.0.1] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 "rcpt ACL"
1999-03-02 09:44:33 10HmbS-0005vi-00 <= <> H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbR-0005vi-00@??? for CALLER@???
1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: <CALLER@???> R=server

Questo messaggio è stato inviato alle seguenti mailing lists:
exim-cvs
Informazioni sulla Mailing List | Messaggi correlati		<-[exim-cvs] Testsuite: munge for TLS1.3 under GnuTLS[exim-cvs] Testsuite: harden for TLS1.3 under GnuTLS->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)