CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21137)
if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
return 1;
- /*
- * BAD we should have gotten an error. Normally if everything worked
- * X509_STORE_CTX_get_error(ctx) will still be set to
- * DEPTH_ZERO_SELF_....
- */
- if (ok) {
- BIO_printf(bio_err,
- "Error with certificate to be certified - should be self-signed\n");
- return 0;
- } else {
+ if (!ok) {
err_cert = X509_STORE_CTX_get_current_cert(ctx);
print_name(bio_err, "subject=", X509_get_subject_name(err_cert));
BIO_printf(bio_err,
X509_verify_cert_error_string(err));
return 1;
}
+
+ return 1;
}
static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)