int respond_oom_internal(struct MHD_Connection *connection) {
+ const char *m = "Out of memory.\n";
+
struct MHD_Response *response;
- const char m[] = "Out of memory.\n";
int ret;
assert(connection);
- response = MHD_create_response_from_buffer(sizeof(m)-1, (char*) m, MHD_RESPMEM_PERSISTENT);
+ response = MHD_create_response_from_buffer(strlen(m), (char*) m, MHD_RESPMEM_PERSISTENT);
if (!response)
return MHD_NO;
return respond_oom(connection);
}
- log_debug("queing response %u: %s", code, m);
+ log_debug("Queing response %u: %s", code, m);
MHD_add_response_header(response, "Content-Type", "text/plain");
r = MHD_queue_response(connection, code, response);
MHD_destroy_response(response);
ci = MHD_get_connection_info(connection,
MHD_CONNECTION_INFO_GNUTLS_SESSION);
if (!ci) {
- log_error("MHD_get_connection_info failed");
- return -EINVAL;
+ log_error("MHD_get_connection_info failed: session is unencrypted");
+ *code = respond_error(connection, MHD_HTTP_FORBIDDEN,
+ "Encrypted connection is required");
+ return -EPERM;
}
session = ci->tls_session;
assert(session);
return -EPERM;
}
- log_info("Connection from %s", buf);
+ log_info("Connection from DN %s", buf);
r = verify_cert_authorized(session);
if (r < 0) {
- log_error("Client is not authorized");
+ log_warning("Client is not authorized");
*code = respond_error(connection, MHD_HTTP_UNAUTHORIZED,
"Client certificate not signed by recognized authority");
}