From 860d36b9d8f9dc7e290ceec6fad468ccf034c472 Mon Sep 17 00:00:00 2001
From: Paul Bakker
Date: Sun, 3 May 2009 17:29:56 +0000
Subject: [PATCH] - Updated ssl_cert_test to properly parse return values from
x509parse_verify().
---
programs/test/ssl_cert_test.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 00488bae4..eb9baf8c2 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -146,8 +146,18 @@ int main( void )
{
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
{
- if( flags == BADCERT_REVOKED )
+ if( flags & BADCERT_CN_MISMATCH )
+ printf( " CN_MISMATCH " );
+ if( flags & BADCERT_EXPIRED )
+ printf( " EXPIRED " );
+ if( flags & BADCERT_REVOKED )
printf( " REVOKED " );
+ if( flags & BADCERT_NOT_TRUSTED )
+ printf( " NOT_TRUSTED " );
+ if( flags & BADCRL_NOT_TRUSTED )
+ printf( " CRL_NOT_TRUSTED " );
+ if( flags & BADCRL_EXPIRED )
+ printf( " CRL_EXPIRED " );
} else {
printf( " failed\n ! x509parse_verify returned %d\n\n", ret );
goto exit;