diff options
author | Daniel Stenberg <daniel@haxx.se> | 2006-10-21 11:32:05 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2006-10-21 11:32:05 +0000 |
commit | 4e717cdb300adeff3b259b3619b29a944c2960a8 (patch) | |
tree | fd732f563641810d5009fe9b2dda55842a24d2ad /lib/gtls.c | |
parent | 33acd6f041ad3f31a985da1cf54668d0e619535d (diff) |
Armel Asselin separated CA cert verification problems from problems with
reading the (local) CA cert file to let users easier pinpoint the actual
problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.
Diffstat (limited to 'lib/gtls.c')
-rw-r--r-- | lib/gtls.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/gtls.c b/lib/gtls.c index b202adfd4..02680d02b 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -234,9 +234,12 @@ Curl_gtls_connect(struct connectdata *conn, rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred, data->set.ssl.CAfile, GNUTLS_X509_FMT_PEM); - if(rc < 0) + if(rc < 0) { infof(data, "error reading ca cert file %s (%s)\n", data->set.ssl.CAfile, gnutls_strerror(rc)); + if (data->set.ssl.verifypeer) + return CURLE_SSL_CACERT_BADFILE; + } else infof(data, "found %d certificates in %s\n", rc, data->set.ssl.CAfile); |