Show detailed information about the session/peer in debug builds:
$ wget https://letsencrypt.org
Alternate cert chain used
issuer : /C=US/O=Let's Encrypt/CN=R3
subject: /CN=lencr.org
altname = lencr.org
altname = letsencrypt.com
altname = letsencrypt.org
altname = www.lencr.org
altname = www.letsencrypt.com
altname = www.letsencrypt.org
serial number:03:4e:29:5a:d6:74:ae:fd:51:cd:0d:61:11:f9:e3:e3:bd:88
Certificate:
...snip...
our cert info: No Cert
Peer verify result = 39
SSL version is TLSv1.3
SSL cipher suite is TLS_AES_256_GCM_SHA384
SSL curve name is SECP256R1
Alternate cert chain used
As it makes debugging issues like #9283 easier.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
ADD_EXECUTABLE(ustream-example-client ustream-example-client.c)
TARGET_LINK_LIBRARIES(ustream-example-client ustream-ssl)
+TARGET_COMPILE_DEFINITIONS(ustream-ssl PRIVATE $<$<CONFIG:Debug>:DEBUG>)
+
INSTALL(FILES ustream-ssl.h
DESTINATION include/libubox
)
#include <openssl/x509v3.h>
#endif
+#if defined(HAVE_WOLFSSL) && defined(DEBUG)
+#include <wolfssl/test.h>
+#endif
+
/* Ciphersuite preference:
* - for server, no weak ciphers are used if you use an ECDSA key.
* - forward-secret (pfs), authenticated (AEAD) ciphers are at the top:
X509 *cert;
int res;
+#if defined(HAVE_WOLFSSL) && defined(DEBUG)
+ showPeer(ssl);
+#endif
+
res = SSL_get_verify_result(ssl);
if (res != X509_V_OK) {
if (us->notify_verify_error)
projects / project / ustream-ssl.git / commitdiff