OpenSSL 0.9.5 merge

*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs

1 files changed, 10 insertions, 1 deletions

diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
index 11a3d2012f..209cf53191 100644
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ b/src/lib/libcrypto/x509/x509_txt.c
@@ -59,7 +59,6 @@
 #include <stdio.h>
 #include <time.h>
 #include <errno.h>
-#include <sys/types.h>
 
 #include "cryptlib.h"
 #include <openssl/lhash.h>
@@ -121,6 +120,16 @@ const char *X509_verify_cert_error_string(long n)
                 return("certificate chain too long");
         case X509_V_ERR_CERT_REVOKED:
                 return("certificate revoked");
+        case X509_V_ERR_INVALID_CA:
+                return ("invalid CA certificate");
+        case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+                return ("path length constraint exceeded");
+        case X509_V_ERR_INVALID_PURPOSE:
+                return ("unsupported certificate purpose");
+        case X509_V_ERR_CERT_UNTRUSTED:
+                return ("certificate not trusted");
+        case X509_V_ERR_CERT_REJECTED:
+                return ("certificate rejected");
         case X509_V_ERR_APPLICATION_VERIFICATION:
                 return("application verification failure");
         default: