diff options
author | Daniel Stenberg <daniel@haxx.se> | 2012-04-06 15:10:59 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2012-04-06 15:10:59 +0200 |
commit | 376b4d48feea9da98eda15ddf05c86729d9dc3f1 (patch) | |
tree | e142a9e3cf272b3d01afb99780ea13e639eb67db | |
parent | 118e73306d142a3146356ebf24e2446a65e9fe6f (diff) |
PolarSSL: correct return code for CRL matches
When a server certificate matches one in the given CRL file, the code
now returns CURLE_SSL_CACERT as test case 313 expects and verifies.
-rw-r--r-- | lib/polarssl.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/polarssl.c b/lib/polarssl.c index 15a3e15b5..39816baf0 100644 --- a/lib/polarssl.c +++ b/lib/polarssl.c @@ -291,8 +291,10 @@ polarssl_connect_step2(struct connectdata *conn, if(ret & BADCERT_EXPIRED) failf(data, "Cert verify failed: BADCERT_EXPIRED\n"); - if(ret & BADCERT_REVOKED) + if(ret & BADCERT_REVOKED) { failf(data, "Cert verify failed: BADCERT_REVOKED"); + return CURLE_SSL_CACERT; + } if(ret & BADCERT_CN_MISMATCH) failf(data, "Cert verify failed: BADCERT_CN_MISMATCH"); |