*/
static void
-info_callback(SSL * s, int where, int ret)
+info_callback(const SSL * s, int where, int ret)
{
DEBUG(D_tls)
{
uschar * name;
int rc;
while ((name = string_nextinlist(&list, &sep, NULL, 0)))
+ {
+ DEBUG(D_tls|D_lookup) debug_printf_indent("%s suitable for cert, per OpenSSL?", name);
if ((rc = X509_check_host(cert, CCS name, 0,
X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS
| X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS,
tlsp == &tls_out ? deliver_host_address : sender_host_address);
name = NULL;
}
+ DEBUG(D_tls|D_lookup) debug_printf_indent(" yes\n");
break;
}
+ else DEBUG(D_tls|D_lookup) debug_printf_indent(" no\n");
+ }
if (!name)
#else
if (!tls_is_name_for_cert(verify_cert_hostnames, cert))
DEBUG(D_tls)
{
- SSL_CTX_set_info_callback(ctx, (void (*)())info_callback);
+ SSL_CTX_set_info_callback(ctx, info_callback);
#if defined(EXIM_HAVE_OPESSL_TRACE) && !defined(OPENSSL_NO_SSL_TRACE)
/* this needs a debug build of OpenSSL */
- SSL_CTX_set_msg_callback(ctx, (void (*)())SSL_trace);
+ SSL_CTX_set_msg_callback(ctx, SSL_trace);
#endif
#ifdef OPENSSL_HAVE_KEYLOG_CB
- SSL_CTX_set_keylog_callback(ctx, (void (*)())keylog_callback);
+ SSL_CTX_set_keylog_callback(ctx, keylog_callback);
#endif
}
if (pos + 1 + siz > inlen) siz = inlen - pos - 1;
g = string_append_listele_n(g, ':', in + pos + 1, siz);
}
-log_write(0, LOG_MAIN, "TLS ALPN (%s) rejected", string_from_gstring(g));
+log_write(0, LOG_MAIN, "TLS ALPN (%Y) rejected", g);
gstring_release_unused(g);
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
projects / user / henk / code / exim.git / blobdiff