streamlined output from get_validity()

author: Andreas Steffen <andreas.steffen@strongswan.org> 2009-10-06 14:22:27 +0200
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2009-10-06 14:22:27 +0200
commit: cf85e1319b7072a3a166ad1949a047eab610a4a6 (patch)
tree: 57a4d07ad164a79365c5c1e0b2ffafcc4c53fd9f /src/pluto/ac.c
parent: afdaa9e5bf465848ba24f983f01f0320cecaac8b (diff)
download: strongswan-cf85e1319b7072a3a166ad1949a047eab610a4a6.tar.bz2
strongswan-cf85e1319b7072a3a166ad1949a047eab610a4a6.tar.xz
1 files changed, 4 insertions, 2 deletions
diff --git a/src/pluto/ac.c b/src/pluto/ac.c
index e35245845..14806c3cc 100644
--- a/src/pluto/ac.c
+++ b/src/pluto/ac.c
@@ -158,7 +158,7 @@ bool verify_x509acert(x509acert_t *x509ac, bool strict)
 	chunk_t issuer_dn = issuer->get_encoding(issuer);
 	chunk_t authKeyID = ac->get_authKeyIdentifier(ac);
 	x509cert_t *aacert;
-	time_t valid_until;
+	time_t notBefore, valid_until;
 
 	DBG(DBG_CONTROL,
 		DBG_log("holder: '%Y'", subject);
@@ -167,10 +167,12 @@ bool verify_x509acert(x509acert_t *x509ac, bool strict)
 
 	if (!cert_ac->get_validity(cert_ac, NULL, NULL, &valid_until))
 	{
+		plog("attribute certificate is invalid (valid from %T to %T)",
+			 &notBefore, FALSE, &valid_until, FALSE);
 		return FALSE;
 	}
 	DBG(DBG_CONTROL,
-		DBG_log("attribute certificate is valid until %T", &valid_until, TRUE)
+		DBG_log("attribute certificate is valid until %T", &valid_until, FALSE)
 	)
 
 	lock_authcert_list("verify_x509acert");
author	Andreas Steffen <andreas.steffen@strongswan.org>	2009-10-06 14:22:27 +0200
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2009-10-06 14:22:27 +0200
commit	cf85e1319b7072a3a166ad1949a047eab610a4a6 (patch)
tree	57a4d07ad164a79365c5c1e0b2ffafcc4c53fd9f /src/pluto/ac.c
parent	afdaa9e5bf465848ba24f983f01f0320cecaac8b (diff)
download	strongswan-cf85e1319b7072a3a166ad1949a047eab610a4a6.tar.bz2 strongswan-cf85e1319b7072a3a166ad1949a047eab610a4a6.tar.xz