[x509] Clarify debug message for an untrusted X.509 issuer

We surface this debugging information in cases where a cert actually lacks an issuer, but also in cases where it *has* an issuer, but we cannot trust it (e.g. due to issues in establishing a trust chain). Signed-off-by: Josh McSavaney <me@mcsau.cc> Modified-by: Michael Brown <mcb30@ipxe.org> Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Josh McSavaney <me@mcsau.cc> 2020-09-28 22:23:16 -0400
committer: Michael Brown <mcb30@ipxe.org> 2020-12-28 18:18:58 +0000
commit: 68f1914aae67db0c61ca16e00765c2eecd1c05f2 (patch)
tree: 579609d1ac08e49486e4470f7a01ef71a6f19153 /src/crypto
parent: ce841946df7055afc99adfe9be449fe74de7d155 (diff)
download: ipxe-68f1914aae67db0c61ca16e00765c2eecd1c05f2.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/crypto/x509.c b/src/crypto/x509.c
index 892d8f8d5..17d8c7a43 100644
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
@@ -1392,7 +1392,7 @@ int x509_validate ( struct x509_certificate *cert,
 
 	/* Fail unless we have an issuer */
 	if ( ! issuer ) {
-		DBGC2 ( cert, "X509 %p \"%s\" has no issuer\n",
+		DBGC2 ( cert, "X509 %p \"%s\" has no trusted issuer\n",
 			cert, x509_name ( cert ) );
 		return -EACCES_UNTRUSTED;
 	}
author	Josh McSavaney <me@mcsau.cc>	2020-09-28 22:23:16 -0400
committer	Michael Brown <mcb30@ipxe.org>	2020-12-28 18:18:58 +0000
commit	68f1914aae67db0c61ca16e00765c2eecd1c05f2 (patch)
tree	579609d1ac08e49486e4470f7a01ef71a6f19153 /src/crypto
parent	ce841946df7055afc99adfe9be449fe74de7d155 (diff)
download	ipxe-68f1914aae67db0c61ca16e00765c2eecd1c05f2.tar.gz