Explorar o código

fix for displaying invalid cert when cert is actually valid

Bryan Heden %!s(int64=9) %!d(string=hai) anos
pai
achega
51a264813d
Modificáronse 2 ficheiros con 3 adicións e 3 borrados
  1. 1 1
      src/check_nrpe.c
  2. 2 2
      src/nrpe.c

+ 1 - 1
src/check_nrpe.c

@@ -1080,7 +1080,7 @@ int connect_to_remote()
 
 			if (peer) {
 				if (sslprm.log_opts & SSL_LogIfClientCert)
-					logit(LOG_NOTICE, "SSL %s has %s certificate", rem_host, SSL_get_verify_result(ssl) ? "a valid" : "an invalid");
+					logit(LOG_NOTICE, "SSL %s has %s certificate", rem_host, SSL_get_verify_result(ssl) == X509_V_OK ? "a valid" : "an invalid");
 
 				if (sslprm.log_opts & SSL_LogCertDetails) {
 					X509_NAME_oneline(X509_get_subject_name(peer), buffer, sizeof(buffer));

+ 2 - 2
src/nrpe.c

@@ -1947,8 +1947,8 @@ int handle_conn_ssl(int sock, void *ssl_ptr)
 
 		if (peer) {
 			if (sslprm.log_opts & SSL_LogIfClientCert)
-				logit(LOG_NOTICE, "SSL Client %s has %svalid certificate",
-					   remote_host, SSL_get_verify_result(ssl) ? "a " : "an in");
+				logit(LOG_NOTICE, "SSL Client %s has %s certificate",
+					   remote_host, SSL_get_verify_result(ssl) == X509_V_OK ? "a valid" : "an invalid");
 
 			if (sslprm.log_opts & SSL_LogCertDetails) {