diff options
| author | Andrej E Baranov <admin@andrej-andb.ru> | 2013-10-13 01:02:03 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2013-10-13 19:12:58 +0200 |
| commit | 39beaa5ffbccd5b36ae576d32cab2ba0ed3901de (patch) | |
| tree | a63a90d659ee1fab2a7abf8641fcd9fd330922d1 | |
| parent | 5df04bfafd13b641786892de95bd5c1f87059f1d (diff) | |
| download | gnurl-39beaa5ffbccd5b36ae576d32cab2ba0ed3901de.tar.gz gnurl-39beaa5ffbccd5b36ae576d32cab2ba0ed3901de.tar.bz2 gnurl-39beaa5ffbccd5b36ae576d32cab2ba0ed3901de.zip | |
OpenSSL: use failf() when subjectAltName mismatches
Write to CURLOPT_ERRORBUFFER information about mismatch alternative
certificate subject names.
Signed-off-by: Andrej E Baranov <admin@andrej-andb.ru>
| -rw-r--r-- | lib/ssluse.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c index 9974ac85e..ef0c88205 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1192,6 +1192,8 @@ static CURLcode verifyhost(struct connectdata *conn, /* an alternative name field existed, but didn't match and then we MUST fail */ infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname); + failf(data, "SSL: alternative certificate subject names does not match " + "target host name '%s'", conn->host.dispname); res = CURLE_PEER_FAILED_VERIFICATION; } else { |