Armel Asselin separated CA cert verification problems from problems with

reading the (local) CA cert file to let users easier pinpoint the actual problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
author: Daniel Stenberg <daniel@haxx.se> 2006-10-21 11:32:05 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2006-10-21 11:32:05 +0000
commit: 4e717cdb300adeff3b259b3619b29a944c2960a8 (patch)
tree: fd732f563641810d5009fe9b2dda55842a24d2ad /lib/gtls.c
parent: 33acd6f041ad3f31a985da1cf54668d0e619535d (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/gtls.c b/lib/gtls.c
index b202adfd4..02680d02b 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -234,9 +234,12 @@ Curl_gtls_connect(struct connectdata *conn,
     rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
                                                 data->set.ssl.CAfile,
                                                 GNUTLS_X509_FMT_PEM);
-    if(rc < 0)
+    if(rc < 0) {
       infof(data, "error reading ca cert file %s (%s)\n",
             data->set.ssl.CAfile, gnutls_strerror(rc));
+      if (data->set.ssl.verifypeer)
+        return CURLE_SSL_CACERT_BADFILE;
+    }
     else
       infof(data, "found %d certificates in %s\n",
             rc, data->set.ssl.CAfile);
author	Daniel Stenberg <daniel@haxx.se>	2006-10-21 11:32:05 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2006-10-21 11:32:05 +0000
commit	4e717cdb300adeff3b259b3619b29a944c2960a8 (patch)
tree	fd732f563641810d5009fe9b2dda55842a24d2ad /lib/gtls.c
parent	33acd6f041ad3f31a985da1cf54668d0e619535d (diff)