From 860d36b9d8f9dc7e290ceec6fad468ccf034c472 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Sun, 3 May 2009 17:29:56 +0000 Subject: [PATCH] - Updated ssl_cert_test to properly parse return values from x509parse_verify(). --- programs/test/ssl_cert_test.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c index 00488bae4..eb9baf8c2 100644 --- a/programs/test/ssl_cert_test.c +++ b/programs/test/ssl_cert_test.c @@ -146,8 +146,18 @@ int main( void ) { if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) { - if( flags == BADCERT_REVOKED ) + if( flags & BADCERT_CN_MISMATCH ) + printf( " CN_MISMATCH " ); + if( flags & BADCERT_EXPIRED ) + printf( " EXPIRED " ); + if( flags & BADCERT_REVOKED ) printf( " REVOKED " ); + if( flags & BADCERT_NOT_TRUSTED ) + printf( " NOT_TRUSTED " ); + if( flags & BADCRL_NOT_TRUSTED ) + printf( " CRL_NOT_TRUSTED " ); + if( flags & BADCRL_EXPIRED ) + printf( " CRL_EXPIRED " ); } else { printf( " failed\n ! x509parse_verify returned %d\n\n", ret ); goto exit;