diff options
| -rwxr-xr-x | vchat-tls.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/vchat-tls.c b/vchat-tls.c index e43cc97..7b0f1fa 100755 --- a/vchat-tls.c +++ b/vchat-tls.c | |||
| @@ -410,6 +410,7 @@ void vc_tls_cleanup() { | |||
| 410 | #include <mbedtls/md.h> | 410 | #include <mbedtls/md.h> |
| 411 | #include <mbedtls/debug.h> | 411 | #include <mbedtls/debug.h> |
| 412 | #include "mbedtls/error.h" | 412 | #include "mbedtls/error.h" |
| 413 | #include "mbedtls/version.h" | ||
| 413 | 414 | ||
| 414 | #include <sys/socket.h> | 415 | #include <sys/socket.h> |
| 415 | 416 | ||
| @@ -582,12 +583,12 @@ int vc_tls_connect( int serverfd, vc_x509store_t *vc_store ) | |||
| 582 | return -1; | 583 | return -1; |
| 583 | } | 584 | } |
| 584 | 585 | ||
| 585 | writecf(FS_SERV,"[TSL HANDSHAKE DONE ]"); | 586 | writecf(FS_SERV,"[TLS HANDSHAKE DONE ]"); |
| 586 | snprintf(tmpstr, TMPSTRSIZE, "[TSL CIPHER LIST ] %s", mbedtls_ssl_get_ciphersuite(ssl)); | 587 | snprintf(tmpstr, TMPSTRSIZE, "[TLS CIPHER SUITE ] %s", mbedtls_ssl_get_ciphersuite(ssl)); |
| 587 | writecf(FS_SERV, tmpstr); | 588 | writecf(FS_SERV, tmpstr); |
| 588 | 589 | ||
| 589 | const mbedtls_x509_crt* peer_cert = mbedtls_ssl_get_peer_cert(ssl); | 590 | const mbedtls_x509_crt* peer_cert = mbedtls_ssl_get_peer_cert(ssl); |
| 590 | mbedtls_x509_crt_info(tmpstr, sizeof(tmpstr), "[TSL PEER INFO ] ", peer_cert); | 591 | mbedtls_x509_crt_info(tmpstr, sizeof(tmpstr), "[TLS PEER INFO ] ", peer_cert); |
| 591 | 592 | ||
| 592 | for (token = strtok(tmpstr, "\n"); token; token = strtok(NULL, "\n")) | 593 | for (token = strtok(tmpstr, "\n"); token; token = strtok(NULL, "\n")) |
| 593 | writecf(FS_SERV, token); | 594 | writecf(FS_SERV, token); |
| @@ -608,7 +609,7 @@ int vc_tls_connect( int serverfd, vc_x509store_t *vc_store ) | |||
| 608 | fp += sprintf(fp, "%02X:", digest[j]); | 609 | fp += sprintf(fp, "%02X:", digest[j]); |
| 609 | assert ( fp > fingerprint ); | 610 | assert ( fp > fingerprint ); |
| 610 | fp[-1] = 0; | 611 | fp[-1] = 0; |
| 611 | snprintf(tmpstr, TMPSTRSIZE, "[TSL FINGERPRINT ] %s (from server)", fingerprint); | 612 | snprintf(tmpstr, TMPSTRSIZE, "[TLS FINGERPRINT ] %s (from server)", fingerprint); |
| 612 | writecf(FS_SERV, tmpstr); | 613 | writecf(FS_SERV, tmpstr); |
| 613 | 614 | ||
| 614 | if (getintoption(CF_PINFINGER) && verify_or_store_fingerprint(fingerprint)) | 615 | if (getintoption(CF_PINFINGER) && verify_or_store_fingerprint(fingerprint)) |
| @@ -624,10 +625,10 @@ int vc_tls_connect( int serverfd, vc_x509store_t *vc_store ) | |||
| 624 | ret = mbedtls_ssl_get_verify_result(ssl); | 625 | ret = mbedtls_ssl_get_verify_result(ssl); |
| 625 | switch (ret) { | 626 | switch (ret) { |
| 626 | case 0: | 627 | case 0: |
| 627 | writecf(FS_SERV, "[TSL HANDSHAKE OK ]"); | 628 | writecf(FS_SERV, "[TLS HANDSHAKE OK ]"); |
| 628 | break; | 629 | break; |
| 629 | case -1: | 630 | case -1: |
| 630 | writecf(FS_ERR, "Error: TSL verify for an unknown reason"); | 631 | writecf(FS_ERR, "Error: TLS verify for an unknown reason"); |
| 631 | return -1; | 632 | return -1; |
| 632 | case MBEDTLS_X509_BADCERT_SKIP_VERIFY: | 633 | case MBEDTLS_X509_BADCERT_SKIP_VERIFY: |
| 633 | case MBEDTLS_X509_BADCERT_NOT_TRUSTED: | 634 | case MBEDTLS_X509_BADCERT_NOT_TRUSTED: |