Skip to content
Snippets Groups Projects
Commit 4511f7ac authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

SSL_get_verify_result() returns a long, so we receive the result in a long 

and not an int.
parent b9f76f11
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 5 deletions
lib/ssluse.c
+ 8
5
View file @ 4511f7ac
......@@ -1078,6 +1078,7 @@ Curl_SSLConnect(struct connectdata *conn,
#ifdef USE_SSLEAY
struct SessionHandle *data = conn->data;
int err;
long lerr;
int what;
char * str;
SSL_METHOD *req_method;
......@@ -1440,18 +1441,20 @@ Curl_SSLConnect(struct connectdata *conn,
/* We could do all sorts of certificate verification stuff here before
deallocating the certificate. */
err = data->set.ssl.certverifyresult=SSL_get_verify_result(connssl->handle);
lerr = data->set.ssl.certverifyresult=
SSL_get_verify_result(connssl->handle);
if(data->set.ssl.certverifyresult != X509_V_OK) {
if(data->set.ssl.verifypeer) {
/* We probably never reach this, because SSL_connect() will fail
and we return earlyer if verifypeer is set? */
failf(data, "SSL certificate verify result: %s (%d)",
X509_verify_cert_error_string(err), err);
failf(data, "SSL certificate verify result: %s (%ld)",
X509_verify_cert_error_string(lerr), lerr);
retcode = CURLE_SSL_PEER_CERTIFICATE;
}
else
infof(data, "SSL certificate verify result: %s (%d), continuing anyway.\n",
X509_verify_cert_error_string(err), err);
infof(data, "SSL certificate verify result: %s (%ld),"
" continuing anyway.\n",
X509_verify_cert_error_string(err), lerr);
}
else
infof(data, "SSL certificate verify ok.\n");
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment