romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-15 02:16:20 +03:00
Code Issues Projects Releases Packages Wiki Activity

openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer

Browse source 
Failure to extract the issuer name from the server certificate should
return a more specific error code like on other TLS backends.
This commit is contained in:
Han Han 2018-08-16 12:41:31 -07:00 committed by Daniel Stenberg
parent 5a3efb1dba
commit 59dc83379a
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/vtls/openssl.c
View file

@ -3210,7 +3210,7 @@ static CURLcode servercert(struct connectdata *conn,
ossl_strerror(ERR_get_error(), error_buffer,
sizeof(error_buffer)) );
BIO_free(mem);
return 0;
return CURLE_OUT_OF_MEMORY;
}
BACKEND->server_cert = SSL_get_peer_certificate(BACKEND->handle);
@ -3257,7 +3257,7 @@ static CURLcode servercert(struct connectdata *conn,
if(rc) {
if(strict)
failf(data, "SSL: couldn't get X509-issuer name!");
result = CURLE_SSL_CONNECT_ERROR;
result = CURLE_PEER_FAILED_VERIFICATION;
}
else {
infof(data, " issuer: %s\n", buffer);