romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-23 15:12:17 +03:00
Code Issues Projects Releases Packages Wiki Activity

OpenSSL: use failf() when subjectAltName mismatches

Browse source 
Write to CURLOPT_ERRORBUFFER information about mismatch alternative
certificate subject names.

Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru>
This commit is contained in:
Andrej E Baranov 2013-10-13 01:02:03 +02:00 committed by Daniel Stenberg
parent 5df04bfafd
commit 39beaa5ffb
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/ssluse.c
View file

@ -1192,6 +1192,8 @@ static CURLcode verifyhost(struct connectdata *conn,
/* an alternative name field existed, but didn't match and then /* an alternative name field existed, but didn't match and then
we MUST fail */ we MUST fail */
infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname); infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname);
failf(data, "SSL: alternative certificate subject names does not match "
"target host name '%s'", conn->host.dispname);
res = CURLE_PEER_FAILED_VERIFICATION; res = CURLE_PEER_FAILED_VERIFICATION;
} }
else { else {