Hook up a certificate verify callback so that we can set user friendly - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2016-12-26 16:20:58 +0000
committer	jsing <>	2016-12-26 16:20:58 +0000
commit	e42acf6ea18cc05e621978c53dbbb294bdb059c7 (patch)
tree	fbec04954e27c01c99531c149058fcede14efd69 /src/lib/libssl/s3_clnt.c
parent	14b2889eb360f84951861c14bd3a80c2fd701017 (diff)
download	openbsd-e42acf6ea18cc05e621978c53dbbb294bdb059c7.tar.gz openbsd-e42acf6ea18cc05e621978c53dbbb294bdb059c7.tar.bz2 openbsd-e42acf6ea18cc05e621978c53dbbb294bdb059c7.zip

Hook up a certificate verify callback so that we can set user friendly

error messages, instead of libssl error strings. This gives us messages like: certificate verification failed: certificate has expired Instead of: 14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed This also lets us always enable peer verification since the no verification case is now handled via the callback. Tested by tedu@ ok beck@

Diffstat (limited to 'src/lib/libssl/s3_clnt.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: