@@ -1192,7 +1192,7 @@ + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
11921192 if (nil != c)
11931193 {
11941194 [c retain ];
1195- if (YES == debug)
1195+ if (debug)
11961196 {
11971197 NSLog (@" Re-used credentials %p for '%@ '"
11981198 }
@@ -1306,7 +1306,7 @@ + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
13061306 {
13071307 NSLog (@" No certificates processed from %@ "
13081308 }
1309- if (YES == debug)
1309+ if (debug)
13101310 {
13111311 NSLog (@" Trusted authorities (from %@ ): %d "
13121312 }
@@ -1330,7 +1330,7 @@ + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
13301330 }
13311331 else
13321332 {
1333- if (YES == debug)
1333+ if (debug)
13341334 {
13351335 NSLog (@" Default revocations (from %@ ): %d "
13361336 }
@@ -1358,7 +1358,7 @@ + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
13581358 {
13591359 NSLog (@" No revocations processed from %@ "
13601360 }
1361- if (YES == debug)
1361+ if (debug)
13621362 {
13631363 NSLog (@" Revocations (from %@ ): %d "
13641364 }
@@ -1418,7 +1418,7 @@ + (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
14181418*/
14191419 }
14201420
1421- if (YES == debug)
1421+ if (debug)
14221422 {
14231423 NSLog (@" %@ created credentials %p for '%@ '"
14241424 }
@@ -1725,7 +1725,7 @@ - (id) initWithOptions: (NSDictionary*)options
17251725 int ret;
17261726
17271727 ret = gnutls_server_name_set (session, GNUTLS_NAME_DNS, ptr, len);
1728- if (YES == debug)
1728+ if (debug)
17291729 {
17301730 if (ret < 0 )
17311731 {
@@ -1739,7 +1739,7 @@ - (id) initWithOptions: (NSDictionary*)options
17391739 }
17401740 }
17411741 }
1742- else if (YES == debug)
1742+ else if (debug)
17431743 {
17441744 NSLog (@" %p %@ : not set"
17451745 }
@@ -1922,7 +1922,7 @@ - (id) initWithOptions: (NSDictionary*)options
19221922 [credentials credentials ]);
19231923
19241924#if GNUTLS_VERSION_NUMBER >= 0x020C00
1925- if (YES == outgoing && YES == debug)
1925+ if (YES == outgoing && debug)
19261926 {
19271927 /* Set a callback to log handling of a request (from the server)
19281928 * for the client certificate. The callback always returns the
@@ -2000,7 +2000,7 @@ - (BOOL) handshake
20002000 p = [p stringByAppendingFormat: @" \n %@ "
20012001 }
20022002 ASSIGN (problem, p);
2003- if (YES == debug)
2003+ if (debug)
20042004 {
20052005 NSLog (@" %p in handshake: %@ "
20062006 }
@@ -2134,7 +2134,7 @@ - (NSInteger) read: (void*)buf length: (NSUInteger)len
21342134 {
21352135 p = [NSString stringWithFormat: @" %s " gnutls_strerror (result)];
21362136 ASSIGN (problem, p);
2137- if (YES == debug)
2137+ if (debug)
21382138 {
21392139 NSLog (@" %p in tls read: %@ "
21402140 }
@@ -2147,7 +2147,7 @@ - (NSInteger) read: (void*)buf length: (NSUInteger)len
21472147 {
21482148 if (GNUTLS_E_WARNING_ALERT_RECEIVED == result)
21492149 {
2150- if (YES == debug)
2150+ if (debug)
21512151 {
21522152 p = [NSString stringWithFormat: @" %s "
21532153 gnutls_alert_get_name (gnutls_alert_get (session))];
@@ -2192,7 +2192,7 @@ - (NSInteger) write: (const void*)buf length: (NSUInteger)len
21922192
21932193 p = [NSString stringWithFormat: @" %s " gnutls_strerror (result)];
21942194 ASSIGN (problem, p);
2195- if (YES == debug)
2195+ if (debug)
21962196 {
21972197 NSLog (@" %p in tls write: %@ "
21982198 }
@@ -2239,6 +2239,16 @@ - (NSString*) sessionInfo
22392239
22402240 str = [NSMutableString stringWithCapacity: 2000 ];
22412241
2242+ if (outgoing)
2243+ {
2244+ [str appendFormat: @" outgoing session %p to '%@ '\n "
2245+ self , [self hostName ]];
2246+ }
2247+ else
2248+ {
2249+ [str appendFormat: @" incoming session %p \n " self ];
2250+ }
2251+
22422252 /* get the key exchange's algorithm name
22432253 */
22442254 kx = gnutls_kx_get (session);
@@ -2433,35 +2443,44 @@ - (int) verify
24332443 str = [NSString stringWithFormat:
24342444 @" TLS verification: error %s " gnutls_strerror (ret)];
24352445 ASSIGN (problem, str);
2436- if (YES == debug) NSLog (@" %p %@ "
2446+ if (debug) NSLog (@" %p %@ "
24372447 return GNUTLS_E_CERTIFICATE_ERROR;
24382448 }
24392449
2440- if (YES == debug)
2441- {
2442- if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
2443- NSLog (@" %p TLS verification: certificate hasn't got a known issuer."
2444- handle);
2450+ str = @" "
2451+ if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
2452+ str = [str stringByAppendingString:
2453+ @" , certificate hasn't got a known issuer"
24452454
2446- if (status & GNUTLS_CERT_REVOKED)
2447- NSLog (@" %p TLS verification: certificate has been revoked."
2455+ if (status & GNUTLS_CERT_REVOKED)
2456+ str = [str stringByAppendingString:
2457+ @" , certificate has been revoked"
24482458
24492459#if defined(GNUTLS_CERT_EXPIRED)
2450- if (status & GNUTLS_CERT_EXPIRED)
2451- NSLog (@" %p TLS verification: certificate has expired"
2460+ if (status & GNUTLS_CERT_EXPIRED)
2461+ str = [str stringByAppendingString:
2462+ @" , certificate has expired"
24522463#endif
24532464
24542465#if defined(GNUTLS_CERT_NOT_ACTIVATED)
2455- if (status & GNUTLS_CERT_NOT_ACTIVATED)
2456- NSLog (@" %p TLS verification: certificate is not yet activated"
2466+ if (status & GNUTLS_CERT_NOT_ACTIVATED)
2467+ str = [str stringByAppendingString:
2468+ @" , certificate is not yet activated"
24572469#endif
2458- }
24592470
24602471 if (status & GNUTLS_CERT_INVALID)
24612472 {
2462- ASSIGN (problem,
2463- @" TLS verification: remote certificate is not trusted."
2464- if (YES == debug) NSLog (@" %p %@ "
2473+ if ([str length ])
2474+ {
2475+ str = [NSString stringWithFormat:
2476+ @" TLS verification: remote certificate is not trusted%@ ."
2477+ }
2478+ else
2479+ {
2480+ str = @" TLS verification: remote certificate is not trusted."
2481+ }
2482+ ASSIGN (problem, str);
2483+ if (debug) NSLog (@" %p %@ "
24652484 return GNUTLS_E_CERTIFICATE_ERROR;
24662485 }
24672486
@@ -2473,15 +2492,15 @@ - (int) verify
24732492 {
24742493 ASSIGN (problem,
24752494 @" TLS verification: remote certificate not of the X509 type."
2476- if (YES == debug) NSLog (@" %p %@ "
2495+ if (debug) NSLog (@" %p %@ "
24772496 return GNUTLS_E_CERTIFICATE_ERROR;
24782497 }
24792498
24802499 if (gnutls_x509_crt_init (&cert) < 0 )
24812500 {
24822501 ASSIGN (problem, @" TLS verification: error in certificate initialization"
24832502 gnutls_x509_crt_deinit (cert);
2484- if (YES == debug) NSLog (@" %p %@ "
2503+ if (debug) NSLog (@" %p %@ "
24852504 return GNUTLS_E_CERTIFICATE_ERROR;
24862505 }
24872506
@@ -2490,15 +2509,15 @@ - (int) verify
24902509 {
24912510 ASSIGN (problem, @" TLS verification: no certificate from remote end!"
24922511 gnutls_x509_crt_deinit (cert);
2493- if (YES == debug) NSLog (@" %p %@ "
2512+ if (debug) NSLog (@" %p %@ "
24942513 return GNUTLS_E_CERTIFICATE_ERROR;
24952514 }
24962515
24972516 if (gnutls_x509_crt_import (cert, &cert_list[0 ], GNUTLS_X509_FMT_DER) < 0 )
24982517 {
24992518 ASSIGN (problem, @" TLS verification: error parsing certificate"
25002519 gnutls_x509_crt_deinit (cert);
2501- if (YES == debug) NSLog (@" %p %@ "
2520+ if (debug) NSLog (@" %p %@ "
25022521 return GNUTLS_E_CERTIFICATE_ERROR;
25032522 }
25042523 else
@@ -2586,7 +2605,7 @@ - (int) verify
25862605 nameList, ci];
25872606 ASSIGN (problem, str);
25882607 gnutls_x509_crt_deinit (cert);
2589- if (YES == debug) NSLog (@" %p %@ "
2608+ if (debug) NSLog (@" %p %@ "
25902609 return GNUTLS_E_CERTIFICATE_ERROR;
25912610 }
25922611 }
@@ -2601,7 +2620,7 @@ - (int) verify
26012620 names, ci];
26022621 ASSIGN (problem, str);
26032622 gnutls_x509_crt_deinit (cert);
2604- if (YES == debug) NSLog (@" %p %@ "
2623+ if (debug) NSLog (@" %p %@ "
26052624 return GNUTLS_E_CERTIFICATE_ERROR;
26062625 }
26072626 }
@@ -2616,7 +2635,7 @@ - (int) verify
26162635 names, ci];
26172636 ASSIGN (problem, str);
26182637 gnutls_x509_crt_deinit (cert);
2619- if (YES == debug) NSLog (@" %p %@ "
2638+ if (debug) NSLog (@" %p %@ "
26202639 return GNUTLS_E_CERTIFICATE_ERROR;
26212640 }
26222641 }
0 commit comments