From ce81cd21d3865270867d68935c9700dbaf5b5fcc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 3 Oct 2007 08:07:50 +0000 Subject: I renamed the CURLE_SSL_PEER_CERTIFICATE error code to CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made this return code get used by the previous SSH MD5 fingerprint check in case it fails. --- lib/ssluse.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/ssluse.c') diff --git a/lib/ssluse.c b/lib/ssluse.c index 55f6c8453..2ce701d06 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1121,13 +1121,13 @@ static CURLcode verifyhost(struct connectdata *conn, if (!peer_CN) { failf(data, "SSL: unable to obtain common name from peer certificate"); - return CURLE_SSL_PEER_CERTIFICATE; + return CURLE_PEER_FAILED_VERIFICATION; } else if(!cert_hostcheck((const char *)peer_CN, conn->host.name)) { if(data->set.ssl.verifyhost > 1) { failf(data, "SSL: certificate subject name '%s' does not match " "target host name '%s'", peer_CN, conn->host.dispname); - res = CURLE_SSL_PEER_CERTIFICATE; + res = CURLE_PEER_FAILED_VERIFICATION; } else infof(data, "\t common name: %s (does not match '%s')\n", @@ -1624,7 +1624,7 @@ Curl_ossl_connect_step3(struct connectdata *conn, connssl->server_cert = SSL_get_peer_certificate(connssl->handle); if(!connssl->server_cert) { failf(data, "SSL: couldn't get peer certificate!"); - return CURLE_SSL_PEER_CERTIFICATE; + return CURLE_PEER_FAILED_VERIFICATION; } infof (data, "Server certificate:\n"); @@ -1675,7 +1675,7 @@ Curl_ossl_connect_step3(struct connectdata *conn, and we return earlyer if verifypeer is set? */ failf(data, "SSL certificate verify result: %s (%ld)", X509_verify_cert_error_string(lerr), lerr); - retcode = CURLE_SSL_PEER_CERTIFICATE; + retcode = CURLE_PEER_FAILED_VERIFICATION; } else infof(data, "SSL certificate verify result: %s (%ld)," -- cgit v1.2.3