PolarSSL: correct return code for CRL matches

When a server certificate matches one in the given CRL file, the code now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
author: Daniel Stenberg <daniel@haxx.se> 2012-04-06 15:10:59 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2012-04-06 15:10:59 +0200
commit: 376b4d48feea9da98eda15ddf05c86729d9dc3f1 (patch)
tree: e142a9e3cf272b3d01afb99780ea13e639eb67db
parent: 118e73306d142a3146356ebf24e2446a65e9fe6f (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/polarssl.c b/lib/polarssl.c
index 15a3e15b5..39816baf0 100644
--- a/lib/polarssl.c
+++ b/lib/polarssl.c
@@ -291,8 +291,10 @@ polarssl_connect_step2(struct connectdata *conn,
     if(ret & BADCERT_EXPIRED)
       failf(data, "Cert verify failed: BADCERT_EXPIRED\n");
 
-    if(ret & BADCERT_REVOKED)
+    if(ret & BADCERT_REVOKED) {
       failf(data, "Cert verify failed: BADCERT_REVOKED");
+      return CURLE_SSL_CACERT;
+    }
 
     if(ret & BADCERT_CN_MISMATCH)
       failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");
author	Daniel Stenberg <daniel@haxx.se>	2012-04-06 15:10:59 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2012-04-06 15:10:59 +0200
commit	376b4d48feea9da98eda15ddf05c86729d9dc3f1 (patch)
tree	e142a9e3cf272b3d01afb99780ea13e639eb67db
parent	118e73306d142a3146356ebf24e2446a65e9fe6f (diff)