From 141e82e12880073cc9cc9d907bcd77dd140f934d Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 22 Dec 2022 07:30:30 -0500
Subject: [PATCH] login-common: Disconnect reason - clarify client sending
 untrusted cert

Changed the wording from "invalid cert" to "untrusted cert", which is
is a bit clearer in what the rejection reason usually is.
---
 src/login-common/client-common.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c
index 7369e10975..858e458f30 100644
--- a/src/login-common/client-common.c
+++ b/src/login-common/client-common.c
@@ -1136,7 +1136,7 @@ const char *client_get_extra_disconnect_reason(struct client *client)
 		if (client->ssl_iostream == NULL)
 			return "cert required, client didn't start TLS";
 		if (ssl_iostream_has_broken_client_cert(client->ssl_iostream))
-			return "client sent an invalid cert";
+			return "client sent an untrusted cert";
 		if (!ssl_iostream_has_valid_client_cert(client->ssl_iostream))
 			return "client didn't send a cert";
 	}
-- 
2.47.3