diff options
author | Nick Zitzmann <nickzman@gmail.com> | 2013-04-01 18:24:32 -0600 |
---|---|---|
committer | Nick Zitzmann <nickzman@gmail.com> | 2013-04-01 18:24:32 -0600 |
commit | 74467f8e7837f8a58ce08725efc391b189f37466 (patch) | |
tree | 71a6b0296749cf92663fa704cd103b182ba80b8a /lib | |
parent | cfb7e809913aa4fc5eeec3621273c75a729459b6 (diff) |
darwinssl: additional descriptive messages of SSL handshake errors
(This doesn't need to appear in the release notes.)
Diffstat (limited to 'lib')
-rw-r--r-- | lib/curl_darwinssl.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c index 5340c6142..4b3149db4 100644 --- a/lib/curl_darwinssl.c +++ b/lib/curl_darwinssl.c @@ -995,6 +995,10 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex) failf(data, "SSL certificate problem: Certificate chain had an " "expired certificate"); return CURLE_SSL_CACERT; + case errSSLBadCert: + failf(data, "SSL certificate problem: Couldn't understand the server " + "certificate format"); + return CURLE_SSL_CONNECT_ERROR; /* This error is raised if the server's cert didn't match the server's host name: */ @@ -1010,10 +1014,18 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex) case errSSLClosedAbort: failf(data, "Server aborted the SSL handshake"); return CURLE_SSL_CONNECT_ERROR; - case paramErr: /* if you're getting this, it could be a cipher problem */ + case errSSLNegotiation: + failf(data, "Could not negotiate an SSL cipher suite with the server"); + return CURLE_SSL_CONNECT_ERROR; + /* Sometimes paramErr happens with buggy ciphers: */ + case paramErr: case errSSLInternal: failf(data, "Internal SSL engine error encountered during the " "SSL handshake"); return CURLE_SSL_CONNECT_ERROR; + case errSSLFatalAlert: + failf(data, "Fatal SSL engine error encountered during the SSL " + "handshake"); + return CURLE_SSL_CONNECT_ERROR; default: failf(data, "Unknown SSL protocol error in connection to %s:%d", conn->host.name, err); |