From f864eaf14f4725aea640dd8020ec4809b4cae73b Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 27 Nov 2019 23:23:25 +0100
Subject: mod_s2s_auth_certs: Save chain validation errors for later use

---
 plugins/mod_s2s_auth_certs.lua | 1 +
 1 file changed, 1 insertion(+)

(limited to 'plugins')

diff --git a/plugins/mod_s2s_auth_certs.lua b/plugins/mod_s2s_auth_certs.lua
index 76e134a7..37519aa1 100644
--- a/plugins/mod_s2s_auth_certs.lua
+++ b/plugins/mod_s2s_auth_certs.lua
@@ -27,6 +27,7 @@ module:hook("s2s-check-certificate", function(event)
 			log("debug", "certificate error(s) at depth %d: %s", depth-1, table.concat(t, ", "))
 		end
 		session.cert_chain_status = "invalid";
+		session.cert_chain_errors = errors;
 	else
 		log("debug", "certificate chain validation result: valid");
 		session.cert_chain_status = "valid";
-- 
cgit v1.2.3