mod_s2s: Log certificate errors, for troubleshooting goodness

author: Paul Aurich <paul@darkrain42.org> 2012-04-28 08:35:34 -0700
committer: Paul Aurich <paul@darkrain42.org> 2012-04-28 08:35:34 -0700
commit: 449813a79ee6aeb2f0a3c239b3e9c09df0634f0d (patch)
tree: 3805eddbc146fc2328aa0d74ad1f3488e1a4ce41
parent: 21fc89249c3d2683cb09b7440d6a78a3503ef529 (diff)
download: prosody-449813a79ee6aeb2f0a3c239b3e9c09df0634f0d.tar.gz
prosody-449813a79ee6aeb2f0a3c239b3e9c09df0634f0d.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/s2s/mod_s2s.lua b/plugins/s2s/mod_s2s.lua
index f44ab43d..cee7d6f6 100644
--- a/plugins/s2s/mod_s2s.lua
+++ b/plugins/s2s/mod_s2s.lua
@@ -134,6 +134,9 @@ local function check_cert_status(session)
 		-- Is there any interest in printing out all/the number of errors here?
 		if not chain_valid then
 			(session.log or log)("debug", "certificate chain validation result: invalid");
+			for depth, t in ipairs(errors) do
+				(session.log or log)("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
+			end
 			session.cert_chain_status = "invalid";
 		else
 			(session.log or log)("debug", "certificate chain validation result: valid");
author	Paul Aurich <paul@darkrain42.org>	2012-04-28 08:35:34 -0700
committer	Paul Aurich <paul@darkrain42.org>	2012-04-28 08:35:34 -0700
commit	449813a79ee6aeb2f0a3c239b3e9c09df0634f0d (patch)
tree	3805eddbc146fc2328aa0d74ad1f3488e1a4ce41
parent	21fc89249c3d2683cb09b7440d6a78a3503ef529 (diff)
download	prosody-449813a79ee6aeb2f0a3c239b3e9c09df0634f0d.tar.gz prosody-449813a79ee6aeb2f0a3c239b3e9c09df0634f0d.zip