#include <openssl/x509v3.h>
#include <boost/optional.hpp>
-#include <dpl/log/wrt_log.h>
+#include <dpl/log/log.h>
#include <dpl/assert.h>
#include <dpl/foreach.h>
#include <dpl/scoped_free.h>
&cpath,
&use_ssl))
{
- WrtLogW("Error in OCSP_parse_url");
+ LogWarning("Error in OCSP_parse_url");
return SoupMessageSendBase::REQUEST_STATUS_CONNECTION_ERROR;
}
if (certs.size() < 2) {
// no certificates to verify, just return a error
- WrtLogW("No validation will be proceed. OCSP require at"
- " least 2 certificates in chain. Found only %d", certs.size());
+ LogWarning("No validation will be proceed. OCSP require at"
+ " least 2 certificates in chain. Found only " << certs.size());
statusSet.add(VERIFICATION_STATUS_ERROR);
return statusSet;
}
time_t minValidity = 0;
for (++parent; parent != certs.end(); ++iter, ++parent) {
- WrtLogD("Certificate validation (CN:%s)", (*iter)->getOneLine().c_str());
- WrtLogD("Parent certificate (CN:%s)", (*parent)->getOneLine().c_str());
+ LogDebug("Certificate validation (CN:" << (*iter)->getOneLine() << ")");
+ LogDebug("Parent certificate (CN:" << (*parent)->getOneLine() << ")");
statusSet.add(validateCertificate(*iter, *parent));
if ((0 == minValidity || minValidity > m_responseValidity) &&
m_responseValidity > 0)
VcoreThrowMsg(OCSPImpl::Exception::VerificationError,
"Default responder is not set");
}
- WrtLogW("Default responder will be used");
+ LogWarning("Default responder will be used");
uri = m_strResponderURI;
}
responseCont,
newRequest.ocspCertId);
} VcoreCatch(OCSPImpl::Exception::ConnectionError) {
- WrtLogW("OCSP: ConnectionError");
+ LogWarning("OCSP: ConnectionError");
return VERIFICATION_STATUS_CONNECTION_FAILED;
} VcoreCatch(OCSPImpl::Exception::CertificateRevoked) {
- WrtLogW("OCSP: Revoked");
+ LogWarning("OCSP: Revoked");
return VERIFICATION_STATUS_REVOKED;
} VcoreCatch(OCSPImpl::Exception::CertificateUnknown) {
- WrtLogW("OCSP: Unknown");
+ LogWarning("OCSP: Unknown");
return VERIFICATION_STATUS_UNKNOWN;
} VcoreCatch(OCSPImpl::Exception::VerificationError) {
- WrtLogW("OCSP: Verification error");
+ LogWarning("OCSP: Verification error");
return VERIFICATION_STATUS_VERIFICATION_ERROR;
} VcoreCatch(OCSPImpl::Exception::Base) {
- WrtLogW("OCSP: Error");
+ LogWarning("OCSP: Error");
return VERIFICATION_STATUS_ERROR;
}
- WrtLogW("OCSP: Good");
+ LogWarning("OCSP: Good");
return VERIFICATION_STATUS_GOOD;
}
OCSP_REQUEST* newRequest = OCSP_REQUEST_new();
if (!newRequest) {
- WrtLogW("OCSP: Failed to create a request");
+ LogWarning("OCSP: Failed to create a request");
return CreateRequestResult();
}
OCSP_CERTID* certId = addSerial(argCert, argIssuer);
if (!certId) {
- WrtLogW("OCSP: Unable to create a serial id");
+ LogWarning("OCSP: Unable to create a serial id");
return CreateRequestResult();
}
SSLSmartContainer <OCSP_CERTID> certIdCont(certId);
// Inserting certificate ID to request
if (!OCSP_request_add0_id(requestCont, certIdCont)) {
- WrtLogW("OCSP: Unable to create a certificate id");
+ LogWarning("OCSP: Unable to create a certificate id");
return CreateRequestResult();
}
if (m_bSignRequest) {
if (!m_pSignCert || !m_pSignKey) {
- WrtLogW("OCSP: Unable to sign request if "
+ LogWarning("OCSP: Unable to sign request if "
"SignCert or SignKey was not set");
return CreateRequestResult();
}
0,
0))
{
- WrtLogW("OCSP: Unable to sign request");
+ LogWarning("OCSP: Unable to sign request");
return CreateRequestResult();
}
}
if (NULL != foundAlg) {
m_pCertIdDigestAlg = foundAlg;
} else {
- WrtLogD("Request for unsupported CertId digest algorithm"
- "ignored!");
+ LogDebug("Request for unsupported CertId digest algorithm ignored!");
}
}
if (NULL != foundAlg) {
m_pRequestDigestAlg = foundAlg;
} else {
- WrtLogD("Request for unsupported OCSP request digest algorithm"
- "ignored!");
+ LogDebug("Request for unsupported OCSP request digest algorithm ignored!");
}
}
// verify ocsp response
int response = OCSP_basic_verify(basic, NULL, m_pTrustedStore, 0);
if (response <= 0) {
- WrtLogW("OCSP verification failed");
+ LogWarning("OCSP verification failed");
}
return response > 0;
asn1GeneralizedTimeToTimeT(nextUpdate,&m_responseValidity);
time_t now;
time(&now);
- WrtLogD("Time of next OCSP update got from server: %d", m_responseValidity);
- WrtLogD("Expires in: %d", (m_responseValidity - now));
- WrtLogD("Original: %d", nextUpdate->data);
+ LogDebug("Time of next OCSP update got from server: " << m_responseValidity);
+ LogDebug("Expires in: " << (m_responseValidity - now));
+ LogDebug("Original: " << nextUpdate->data);
}
switch (status) {
BIO_free_all(res_mem_bio);
if (!response) {
- WrtLogW("OCSP: Failed to convert OCSP Response to DER format");
+ LogWarning("OCSP: Failed to convert OCSP Response to DER format");
return std::make_pair(false, static_cast<OCSP_RESPONSE*>(NULL));
}
{
switch (result) {
case OCSP_RESPONSE_STATUS_MALFORMEDREQUEST:
- WrtLogW("OCSP: Server returns "
+ LogWarning("OCSP: Server returns "
"OCSP_RESPONSE_STATUS_MALFORMEDREQUEST status");
break;
case OCSP_RESPONSE_STATUS_INTERNALERROR:
- WrtLogW("OCSP: Server returns "
+ LogWarning("OCSP: Server returns "
"OCSP_RESPONSE_STATUS_INTERNALERROR status");
break;
case OCSP_RESPONSE_STATUS_TRYLATER:
- WrtLogW("OCSP: Server returns "
+ LogWarning("OCSP: Server returns "
"OCSP_RESPONSE_STATUS_TRYLATER status");
break;
case OCSP_RESPONSE_STATUS_SIGREQUIRED:
- WrtLogW("OCSP: Server returns "
+ LogWarning("OCSP: Server returns "
"OCSP_RESPONSE_STATUS_SIGREQUIRED status");
break;
case OCSP_RESPONSE_STATUS_UNAUTHORIZED:
- WrtLogW("OCSP: Server returns "
+ LogWarning("OCSP: Server returns "
"OCSP_RESPONSE_STATUS_UNAUTHORIZED status");
break;
default:
projects / platform / core / security / cert-svc.git / blobdiff