summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2022-11-29 07:23:03 +0000
committertb <>2022-11-29 07:23:03 +0000
commit257bc3cb573f59bc93215ad4acbaad2524329309 (patch)
treee07a9927468a10b577a7b08fc016bb12a503d531 /src
parent95494980645428cbe0f13384bc837bc145eef580 (diff)
downloadopenbsd-257bc3cb573f59bc93215ad4acbaad2524329309.tar.gz
openbsd-257bc3cb573f59bc93215ad4acbaad2524329309.tar.bz2
openbsd-257bc3cb573f59bc93215ad4acbaad2524329309.zip
Sort a few outliers by increasing error number to match x509_vfy.h
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/x509/x509_txt.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
index 3ac1fd427d..461d1399c2 100644
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ b/src/lib/libcrypto/x509/x509_txt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_txt.c,v 1.25 2022/11/29 07:12:17 tb Exp $ */ 1/* $OpenBSD: x509_txt.c,v 1.26 2022/11/29 07:23:03 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -82,10 +82,10 @@ X509_verify_cert_error_string(long n)
82 return "CRL signature failure"; 82 return "CRL signature failure";
83 case X509_V_ERR_CERT_NOT_YET_VALID: 83 case X509_V_ERR_CERT_NOT_YET_VALID:
84 return "certificate is not yet valid"; 84 return "certificate is not yet valid";
85 case X509_V_ERR_CRL_NOT_YET_VALID:
86 return "CRL is not yet valid";
87 case X509_V_ERR_CERT_HAS_EXPIRED: 85 case X509_V_ERR_CERT_HAS_EXPIRED:
88 return "certificate has expired"; 86 return "certificate has expired";
87 case X509_V_ERR_CRL_NOT_YET_VALID:
88 return "CRL is not yet valid";
89 case X509_V_ERR_CRL_HAS_EXPIRED: 89 case X509_V_ERR_CRL_HAS_EXPIRED:
90 return "CRL has expired"; 90 return "CRL has expired";
91 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 91 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
@@ -112,22 +112,14 @@ X509_verify_cert_error_string(long n)
112 return "certificate revoked"; 112 return "certificate revoked";
113 case X509_V_ERR_INVALID_CA: 113 case X509_V_ERR_INVALID_CA:
114 return "invalid CA certificate"; 114 return "invalid CA certificate";
115 case X509_V_ERR_INVALID_NON_CA:
116 return "invalid non-CA certificate (has CA markings)";
117 case X509_V_ERR_PATH_LENGTH_EXCEEDED: 115 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
118 return "path length constraint exceeded"; 116 return "path length constraint exceeded";
119 case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
120 return "proxy path length constraint exceeded";
121 case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
122 return "proxy certificates not allowed, please set the appropriate flag";
123 case X509_V_ERR_INVALID_PURPOSE: 117 case X509_V_ERR_INVALID_PURPOSE:
124 return "unsupported certificate purpose"; 118 return "unsupported certificate purpose";
125 case X509_V_ERR_CERT_UNTRUSTED: 119 case X509_V_ERR_CERT_UNTRUSTED:
126 return "certificate not trusted"; 120 return "certificate not trusted";
127 case X509_V_ERR_CERT_REJECTED: 121 case X509_V_ERR_CERT_REJECTED:
128 return "certificate rejected"; 122 return "certificate rejected";
129 case X509_V_ERR_APPLICATION_VERIFICATION:
130 return "application verification failure";
131 case X509_V_ERR_SUBJECT_ISSUER_MISMATCH: 123 case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
132 return "subject issuer mismatch"; 124 return "subject issuer mismatch";
133 case X509_V_ERR_AKID_SKID_MISMATCH: 125 case X509_V_ERR_AKID_SKID_MISMATCH:
@@ -142,10 +134,16 @@ X509_verify_cert_error_string(long n)
142 return "unhandled critical extension"; 134 return "unhandled critical extension";
143 case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: 135 case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
144 return "key usage does not include CRL signing"; 136 return "key usage does not include CRL signing";
145 case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
146 return "key usage does not include digital signature";
147 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: 137 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
148 return "unhandled critical CRL extension"; 138 return "unhandled critical CRL extension";
139 case X509_V_ERR_INVALID_NON_CA:
140 return "invalid non-CA certificate (has CA markings)";
141 case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
142 return "proxy path length constraint exceeded";
143 case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
144 return "key usage does not include digital signature";
145 case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
146 return "proxy certificates not allowed, please set the appropriate flag";
149 case X509_V_ERR_INVALID_EXTENSION: 147 case X509_V_ERR_INVALID_EXTENSION:
150 return "invalid or inconsistent certificate extension"; 148 return "invalid or inconsistent certificate extension";
151 case X509_V_ERR_INVALID_POLICY_EXTENSION: 149 case X509_V_ERR_INVALID_POLICY_EXTENSION:
@@ -172,6 +170,8 @@ X509_verify_cert_error_string(long n)
172 return "unsupported or invalid name syntax"; 170 return "unsupported or invalid name syntax";
173 case X509_V_ERR_CRL_PATH_VALIDATION_ERROR: 171 case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
174 return "CRL path validation error"; 172 return "CRL path validation error";
173 case X509_V_ERR_APPLICATION_VERIFICATION:
174 return "application verification failure";
175 case X509_V_ERR_HOSTNAME_MISMATCH: 175 case X509_V_ERR_HOSTNAME_MISMATCH:
176 return "Hostname mismatch"; 176 return "Hostname mismatch";
177 case X509_V_ERR_EMAIL_MISMATCH: 177 case X509_V_ERR_EMAIL_MISMATCH:
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-29 07:03:10 +0000