zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tls: add logging of expected/received hashes on failures

Browse Source 
BUG=None

Change-Id: I8e9a4e69c520e1ee1edeb7f45f039f2cda400a50
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/265869
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#37268}
This commit is contained in:
Philipp Hancke
2022-06-17 14:14:55 +02:00
committed by WebRTC LUCI CQ
parent 6009ed95ec
commit 117e692a7d
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rtc_base/openssl_stream_adapter.cc
View File

@ -43,6 +43,7 @@
#include "rtc_base/openssl_utility.h"
#include "rtc_base/ssl_certificate.h"
#include "rtc_base/stream.h"
#include "rtc_base/string_encode.h"
#include "rtc_base/thread.h"
#include "rtc_base/time_utils.h"
#include "system_wrappers/include/field_trial.h"
@ -1131,7 +1132,10 @@ bool OpenSSLStreamAdapter::VerifyPeerCertificate() {
Buffer computed_digest(digest, digest_length);
if (computed_digest != peer_certificate_digest_value_) {
RTC_LOG(LS_WARNING)
<< "Rejected peer certificate due to mismatched digest.";
<< "Rejected peer certificate due to mismatched digest using "
<< peer_certificate_digest_algorithm_ << ". Expected "
<< rtc::hex_encode_with_delimiter(peer_certificate_digest_value_, ':')
<< " got " << rtc::hex_encode_with_delimiter(computed_digest, ':');
return false;
}
// Ignore any verification error if the digest matches, since there is no