]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 16e24da) | patch
tls_ctx_load_ca: Improve certificate error messages
authorKlee Dienes <klee@mit.edu>
Sat, 6 Jul 2013 21:00:02 +0000 (17:00 -0400)
committerGert Doering <gert@greenie.muc.de>
Fri, 15 Nov 2013 16:20:10 +0000 (17:20 +0100)
commit9927cdbd929bebbba0d15bb9a6b03453891a485b
treeb785a9600e58b69340a54a893be4bdfa2ffa8b80tree
parent16e24daaba4432e0a905478bab23b65f904be135commit | diff
tls_ctx_load_ca: Improve certificate error messages

If a CA certificate file includes intermediate certificates, and any
of them fail to verify, the current code will file with "Cannot load
CA certificate file".  Instead, generate a more specific error message
identifying the specific sub-certificate(s) which did not validate.

Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <CAK6ywbLVtSgRZEt4N+02fz+vQ0GNp==5KdsbqWtZ+fgUzrZq+g@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7837

Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpn/ssl_openssl.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git