aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/curl_darwinssl.c15
1 files changed, 11 insertions, 4 deletions
diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c
index e81e7a637..d660deb2d 100644
--- a/lib/curl_darwinssl.c
+++ b/lib/curl_darwinssl.c
@@ -940,17 +940,24 @@ darwinssl_connect_step2(struct connectdata *conn, int sockindex)
ssl_connect_2_writing : ssl_connect_2_reading;
return CURLE_OK;
-#if defined(__MAC_10_6) || defined(__IPHONE_5_0)
- case errSSLServerAuthCompleted:
+ /* The below is errSSLServerAuthCompleted; it's not defined in
+ Leopard's headers */
+ case -9841:
/* the documentation says we need to call SSLHandshake() again */
return darwinssl_connect_step2(conn, sockindex);
-#endif /* defined(__MAC_10_6) || defined(__IPHONE_5_0) */
case errSSLXCertChainInvalid:
+ failf(data, "SSL certificate problem: Invalid certificate chain");
+ return CURLE_SSL_CACERT;
case errSSLUnknownRootCert:
+ failf(data, "SSL certificate problem: Untrusted root certificate");
+ return CURLE_SSL_CACERT;
case errSSLNoRootCert:
+ failf(data, "SSL certificate problem: No root certificate");
+ return CURLE_SSL_CACERT;
case errSSLCertExpired:
- failf(data, "SSL certificate problem: OSStatus %d", err);
+ failf(data, "SSL certificate problem: Certificate chain had an "
+ "expired certificate");
return CURLE_SSL_CACERT;
case errSSLHostNameMismatch:
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 21:38:02 +0000