sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

auth-cfg: Improve log message for identity constraint mismatch error

Browse Source 
Closes strongswan/strongswan#2088
This commit is contained in:
Florian Bezannier 2024-02-01 16:43:35 +01:00 committed by Tobias Brunner
parent 0d61efdf02
commit e6176bf19c
1 changed files with 24 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/libstrongswan/credentials/auth_cfg.c
View File

@ -956,13 +956,34 @@ METHOD(auth_cfg_t, complies, bool,
{
break;
}
}
success = FALSE;
if (log_error)
{
DBG1(DBG_CFG, "constraint check failed: certificate"
" does not confirm identity '%Y' (%N)",
id1, id_type_names, id1->get_type(id1));
}
success = FALSE;
break;
}
success = FALSE;
if (!log_error)
{
break;
}
if (id2)
{
DBG1(DBG_CFG, "constraint check failed: %sidentity '%Y'"
" required ", t1 == AUTH_RULE_IDENTITY ? "" :
"EAP ", id1);
" (%N) required, not matched by '%Y' (%N)",
t1 == AUTH_RULE_IDENTITY ? "" : "EAP ",
id1, id_type_names, id1->get_type(id1),
id2, id_type_names, id2->get_type(id2));
}
else
{
DBG1(DBG_CFG, "constraint check failed: %sidentity '%Y'"
" (%N) required",
t1 == AUTH_RULE_IDENTITY ? "" : "EAP ",
id1, id_type_names, id1->get_type(id1));
}
}
break;