openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer

Failure to extract the issuer name from the server certificate should return a more specific error code like on other TLS backends.
author: Han Han <hhan@thousandeyes.com> 2018-08-16 12:41:31 -0700
committer: Daniel Stenberg <daniel@haxx.se> 2018-09-06 08:27:15 +0200
commit: 59dc83379a239d20ed04e66b650b232ed1f780aa (patch)
tree: 63de37a057146205f67e3e7d3554b3749fadd9df
parent: 5a3efb1dba509b269953ff684f61e682fec14bf5 (diff)
download: curl-59dc83379a239d20ed04e66b650b232ed1f780aa.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index a487f553c..ce890fe3c 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3210,7 +3210,7 @@ static CURLcode servercert(struct connectdata *conn,
           ossl_strerror(ERR_get_error(), error_buffer,
                         sizeof(error_buffer)) );
     BIO_free(mem);
-    return 0;
+    return CURLE_OUT_OF_MEMORY;
   }
 
   BACKEND->server_cert = SSL_get_peer_certificate(BACKEND->handle);
@@ -3257,7 +3257,7 @@ static CURLcode servercert(struct connectdata *conn,
   if(rc) {
     if(strict)
       failf(data, "SSL: couldn't get X509-issuer name!");
-    result = CURLE_SSL_CONNECT_ERROR;
+    result = CURLE_PEER_FAILED_VERIFICATION;
   }
   else {
     infof(data, " issuer: %s\n", buffer);
author	Han Han <hhan@thousandeyes.com>	2018-08-16 12:41:31 -0700
committer	Daniel Stenberg <daniel@haxx.se>	2018-09-06 08:27:15 +0200
commit	59dc83379a239d20ed04e66b650b232ed1f780aa (patch)
tree	63de37a057146205f67e3e7d3554b3749fadd9df
parent	5a3efb1dba509b269953ff684f61e682fec14bf5 (diff)
download	curl-59dc83379a239d20ed04e66b650b232ed1f780aa.tar.gz