projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Make an explicit check during certificate validation to see that the
[openssl.git]
/
crypto
/
x509
/
x509_txt.c
diff --git
a/crypto/x509/x509_txt.c
b/crypto/x509/x509_txt.c
index ddc3b9b35578f21d7336eb94b8433727a23d30c9..57ff33dc1983963dfed8bd1ba85e4c59a0cb29bd 100644
(file)
--- a/
crypto/x509/x509_txt.c
+++ b/
crypto/x509/x509_txt.c
@@
-122,6
+122,8
@@
const char *X509_verify_cert_error_string(long n)
return("certificate revoked");
case X509_V_ERR_INVALID_CA:
return ("invalid CA certificate");
return("certificate revoked");
case X509_V_ERR_INVALID_CA:
return ("invalid CA certificate");
+ case X509_V_ERR_INVALID_NON_CA:
+ return ("invalid non-CA certificate (has CA markings)");
case X509_V_ERR_PATH_LENGTH_EXCEEDED:
return ("path length constraint exceeded");
case X509_V_ERR_INVALID_PURPOSE:
case X509_V_ERR_PATH_LENGTH_EXCEEDED:
return ("path length constraint exceeded");
case X509_V_ERR_INVALID_PURPOSE: