moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-12 04:25:08 -05:00
Code Issues Releases Wiki Activity

PolarSSL: correct return code for CRL matches

Browse Source 
When a server certificate matches one in the given CRL file, the code
now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
This commit is contained in:
Daniel Stenberg 2012-04-06 15:10:59 +02:00
parent 118e73306d
commit 376b4d48fe
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/polarssl.c
View File

@ -291,8 +291,10 @@ polarssl_connect_step2(struct connectdata *conn,
if(ret & BADCERT_EXPIRED) if(ret & BADCERT_EXPIRED)
failf(data, "Cert verify failed: BADCERT_EXPIRED\n"); failf(data, "Cert verify failed: BADCERT_EXPIRED\n");
if(ret & BADCERT_REVOKED) if(ret & BADCERT_REVOKED) {
failf(data, "Cert verify failed: BADCERT_REVOKED"); failf(data, "Cert verify failed: BADCERT_REVOKED");
return CURLE_SSL_CACERT;
}
if(ret & BADCERT_CN_MISMATCH) if(ret & BADCERT_CN_MISMATCH)
failf(data, "Cert verify failed: BADCERT_CN_MISMATCH"); failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");