From 7a3b9bfb9a685d493f9ac4520d30e47296b11273 Mon Sep 17 00:00:00 2001
From: Shobhit Adlakha <ShobhitAd@users.noreply.github.com>
Date: Fri, 11 Mar 2022 14:08:54 -0500
Subject: Add additional case to openssl_to_internal_error for local issuer
 certificate (#3875)

---
 src/components/protocol_handler/src/handshake_handler.cc               | 2 +-
 src/components/security_manager/src/ssl_context_impl.cc                | 1 +
 src/components/security_manager/test/ssl_certificate_handshake_test.cc | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/components/protocol_handler/src/handshake_handler.cc b/src/components/protocol_handler/src/handshake_handler.cc
index 87369c0793..6f86738ebe 100644
--- a/src/components/protocol_handler/src/handshake_handler.cc
+++ b/src/components/protocol_handler/src/handshake_handler.cc
@@ -154,7 +154,7 @@ bool HandshakeHandler::OnHandshakeDone(
           case security_manager::SSLContext::Handshake_Result_Fail:
             return "";
           default:
-            return "";
+            return "Unknown handshake result";
         }
       };
 
diff --git a/src/components/security_manager/src/ssl_context_impl.cc b/src/components/security_manager/src/ssl_context_impl.cc
index 1c8b009097..78e4d1d463 100644
--- a/src/components/security_manager/src/ssl_context_impl.cc
+++ b/src/components/security_manager/src/ssl_context_impl.cc
@@ -628,6 +628,7 @@ CryptoManagerImpl::SSLContextImpl::openssl_error_convert_to_internal(
     case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
     case X509_V_ERR_CERT_SIGNATURE_FAILURE:
     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
     case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
       return Handshake_Result_CertNotSigned;
     default:
diff --git a/src/components/security_manager/test/ssl_certificate_handshake_test.cc b/src/components/security_manager/test/ssl_certificate_handshake_test.cc
index 9c21fba0bb..4d09e03883 100644
--- a/src/components/security_manager/test/ssl_certificate_handshake_test.cc
+++ b/src/components/security_manager/test/ssl_certificate_handshake_test.cc
@@ -450,7 +450,7 @@ TEST_P(SSLHandshakeTest, CAVerification_ClientSide_NoCACertificate) {
       << client_manager_->LastError();
 
   GTEST_TRACE(HandshakeProcedure_ClientSideFail(
-      security_manager::SSLContext::Handshake_Result_Fail));
+      security_manager::SSLContext::Handshake_Result_CertNotSigned));
 
   ASSERT_TRUE(InitClientManagers(GetParam().client_protocol,
                                  client_certificate,
-- 
cgit v1.2.1