trust: Print label of certificate when complaining about basic constraints

author Stef Walter <stefw@redhat.com>

Fri, 8 Aug 2014 06:47:23 +0000 (08:47 +0200)

committer Stef Walter <stef@thewalter.net>

Fri, 8 Aug 2014 16:44:51 +0000 (18:44 +0200)
author Stef Walter <stefw@redhat.com>
Fri, 8 Aug 2014 06:47:23 +0000 (08:47 +0200)
committer Stef Walter <stef@thewalter.net>
Fri, 8 Aug 2014 16:44:51 +0000 (18:44 +0200)
diff --git a/trust/builder.c b/trust/builder.c

index 18c09ade1797958ef06d3d5f318f3f3c457eb8ed..f7ea86acc2386778439bed0b1db08f0f7a68604a 100644 (file)
--- a/trust/builder.c
+++ b/trust/builder.c
@@ -551,6 +551,7 @@ calc_certificate_category (p11_builder *builder,
                             CK_ATTRIBUTE *public_key,
                             CK_ULONG *category)
  {
+       CK_ATTRIBUTE *label;
         unsigned char *ext;
         size_t ext_len;
         bool is_ca = 0;
@@ -570,7 +571,10 @@ calc_certificate_category (p11_builder *builder,
                 ret = p11_x509_parse_basic_constraints (builder->asn1_defs, ext, ext_len, &is_ca);
                 free (ext);
                 if (!ret) {
-                       p11_message ("invalid basic constraints certificate extension");
+                       label = p11_attrs_find_valid (cert, CKA_LABEL);
+                       p11_message ("%.*s: invalid basic constraints certificate extension",
+                                    label ? (int)label->ulValueLen : 7,
+                                    label ? (char *)label->pValue : "unknown");
                         return false;
                 }
author	Stef Walter <stefw@redhat.com>
	Fri, 8 Aug 2014 06:47:23 +0000 (08:47 +0200)
committer	Stef Walter <stef@thewalter.net>
	Fri, 8 Aug 2014 16:44:51 +0000 (18:44 +0200)