aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2003-04-14 12:53:29 +0000
committerDaniel Stenberg <daniel@haxx.se>2003-04-14 12:53:29 +0000
commit21873b52e94ba2f08f2337756cd0c52a326a0559 (patch)
tree863f3711f11391621fe4234ecd19aa3993318551
parent0aa8b828711e5c1f58442f25521557be8388f132 (diff)
Restored the SSL error codes since they was broken in the 7.10.4 release,
also now attempt to detect and return the specific CACERT error code.
-rw-r--r--lib/ssluse.c32
1 files changed, 24 insertions, 8 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 89fca51bf..c374d7905 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -900,14 +900,30 @@ Curl_SSLConnect(struct connectdata *conn)
/* untreated error */
char error_buffer[120]; /* OpenSSL documents that this must be at least
120 bytes long. */
- /* detail is already set to the SSL error above */
- failf(data, "SSL: %s", ERR_error_string(detail, error_buffer));
-
- /* OpenSSL 0.9.6 and later has a function named
- ERRO_error_string_n() that takes the size of the buffer as a third
- argument, and we should possibly switch to using that one in the
- future. */
- return CURLE_SSL_CONNECT_ERROR;
+
+ detail = ERR_get_error(); /* Gets the earliest error code from the
+ thread's error queue and removes the
+ entry. */
+
+
+ if(0x14090086 == detail) {
+ /* 14090086:
+ SSL routines:
+ SSL3_GET_SERVER_CERTIFICATE:
+ certificate verify failed */
+ failf(data,
+ "SSL certificate problem, verify that the CA cert is OK");
+ return CURLE_SSL_CACERT;
+ }
+ else {
+ /* detail is already set to the SSL error above */
+ failf(data, "SSL: %s", ERR_error_string(detail, error_buffer));
+ /* OpenSSL 0.9.6 and later has a function named
+ ERRO_error_string_n() that takes the size of the buffer as a third
+ argument, and we should possibly switch to using that one in the
+ future. */
+ return CURLE_SSL_CONNECT_ERROR;
+ }
}
}
else