diff options
| -rw-r--r-- | src/pluto/ac.c | 4 | ||||
| -rw-r--r-- | src/pluto/certs.c | 8 | ||||
| -rw-r--r-- | src/pluto/crl.c | 1 | ||||
| -rw-r--r-- | src/pluto/plutomain.c | 6 | ||||
| -rw-r--r-- | testing/tests/ikev1/crl-from-cache/evaltest.dat | 4 | ||||
| -rw-r--r-- | testing/tests/ikev1/crl-ldap/evaltest.dat | 4 |
6 files changed, 15 insertions, 12 deletions
diff --git a/src/pluto/ac.c b/src/pluto/ac.c index ac95364af..0c36e5945 100644 --- a/src/pluto/ac.c +++ b/src/pluto/ac.c @@ -820,13 +820,15 @@ void load_acerts(void) { while (n--) { + char *filename = filelist[n]->d_name; x509acert_t *ac; ac = lib->creds->create(lib->creds, CRED_CERTIFICATE, - CERT_PLUTO_AC, BUILD_FROM_FILE, filelist[n]->d_name, + CERT_PLUTO_AC, BUILD_FROM_FILE, filename, BUILD_END); if (ac) { + plog(" loaded attribute certificate from '%s'", filename); add_acert(ac); } free(filelist[n]); diff --git a/src/pluto/certs.c b/src/pluto/certs.c index 7bdeb07bc..129b58cbf 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -144,7 +144,7 @@ private_key_t* load_private_key(char* filename, prompt_pass_t *pass, } if (key) { - plog(" loaded private key from file '%s'", filename); + plog(" loaded private key from '%s'", filename); } else { @@ -165,7 +165,7 @@ bool load_cert(char *filename, const char *label, cert_t *out) if (cert) { /* the API passes an empty cert_t, we move over and free the built one */ - plog(" loaded '%s' certificate from '%s'", label, filename); + plog(" loaded %s certificate from '%s'", label, filename); *out = *cert; free(cert); return TRUE; @@ -180,7 +180,7 @@ bool load_host_cert(char *filename, cert_t *cert) { char *path = concatenate_paths(HOST_CERT_PATH, filename); - return load_cert(path, "host cert", cert); + return load_cert(path, "host", cert); } /** @@ -190,7 +190,7 @@ bool load_ca_cert(char *filename, cert_t *cert) { char *path = concatenate_paths(CA_CERT_PATH, filename); - return load_cert(path, "CA cert", cert); + return load_cert(path, "CA", cert); } /** diff --git a/src/pluto/crl.c b/src/pluto/crl.c index 40c5d474c..549d0a7f7 100644 --- a/src/pluto/crl.c +++ b/src/pluto/crl.c @@ -350,6 +350,7 @@ void load_crls(void) { chunk_t crl_uri; + plog(" loaded crl from '%s'", filename); crl_uri.len = 7 + sizeof(CRL_PATH) + strlen(filename); crl_uri.ptr = malloc(crl_uri.len + 1); diff --git a/src/pluto/plutomain.c b/src/pluto/plutomain.c index a22b37097..b3d75e87a 100644 --- a/src/pluto/plutomain.c +++ b/src/pluto/plutomain.c @@ -717,11 +717,11 @@ int main(int argc, char **argv) #endif /* CAPABILITIES */ /* loading X.509 CA certificates */ - load_authcerts("CA cert", CA_CERT_PATH, AUTH_CA); + load_authcerts("CA", CA_CERT_PATH, AUTH_CA); /* loading X.509 AA certificates */ - load_authcerts("AA cert", AA_CERT_PATH, AUTH_AA); + load_authcerts("AA", AA_CERT_PATH, AUTH_AA); /* loading X.509 OCSP certificates */ - load_authcerts("OCSP cert", OCSP_CERT_PATH, AUTH_OCSP); + load_authcerts("OCSP", OCSP_CERT_PATH, AUTH_OCSP); /* loading X.509 CRLs */ load_crls(); /* loading attribute certificates (experimental) */ diff --git a/testing/tests/ikev1/crl-from-cache/evaltest.dat b/testing/tests/ikev1/crl-from-cache/evaltest.dat index dd200c8ef..bdceddb79 100644 --- a/testing/tests/ikev1/crl-from-cache/evaltest.dat +++ b/testing/tests/ikev1/crl-from-cache/evaltest.dat @@ -1,5 +1,5 @@ -moon::cat /var/log/auth.log::loaded crl file::YES -carol::cat /var/log/auth.log::loaded crl file::YES +moon::cat /var/log/auth.log::loaded crl from::YES +carol::cat /var/log/auth.log::loaded crl from::YES moon::cat /var/log/auth.log::X.509 certificate rejected::NO carol::cat /var/log/auth.log::X.509 certificate rejected::NO moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES diff --git a/testing/tests/ikev1/crl-ldap/evaltest.dat b/testing/tests/ikev1/crl-ldap/evaltest.dat index 730614c66..039cec346 100644 --- a/testing/tests/ikev1/crl-ldap/evaltest.dat +++ b/testing/tests/ikev1/crl-ldap/evaltest.dat @@ -1,5 +1,5 @@ -moon::cat /var/log/auth.log::loaded crl file::YES -carol::cat /var/log/auth.log::loaded crl file::YES +moon::cat /var/log/auth.log::loaded crl from::YES +carol::cat /var/log/auth.log::loaded crl from::YES moon::cat /var/log/auth.log::crl update is overdue::YES carol::cat /var/log/auth.log::crl update is overdue::YES moon::cat /var/log/auth.log::X.509 certificate rejected::YES |