Changeset 3106 for pjproject/trunk/pjlib/src/pj/ssl_sock_common.c
- Timestamp:
- Feb 24, 2010 5:43:34 AM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjlib/src/pj/ssl_sock_common.c
r2998 r3106 18 18 */ 19 19 #include <pj/ssl_sock.h> 20 #include <pj/assert.h> 20 21 #include <pj/errno.h> 21 22 #include <pj/string.h> … … 129 130 130 131 132 /* Get cipher name string */ 131 133 PJ_DEF(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher) 132 134 { … … 141 143 return NULL; 142 144 } 145 146 147 148 149 PJ_DEF(pj_status_t) pj_ssl_cert_verify_error_st(pj_uint32_t verify_status, 150 const char *error_strings[], 151 unsigned *count) 152 { 153 unsigned i = 0, shift_idx = 0; 154 unsigned unknown = 0; 155 pj_uint32_t errs; 156 157 PJ_ASSERT_RETURN(error_strings && count, PJ_EINVAL); 158 159 if (verify_status == PJ_SSL_CERT_ESUCCESS && *count) { 160 error_strings[0] = "OK"; 161 *count = 1; 162 return PJ_SUCCESS; 163 } 164 165 errs = verify_status; 166 167 while (errs && i < *count) { 168 pj_uint32_t err; 169 const char *p = NULL; 170 171 if ((errs & 1) == 0) { 172 shift_idx++; 173 errs >>= 1; 174 continue; 175 } 176 177 err = (1 << shift_idx); 178 179 switch (err) { 180 case PJ_SSL_CERT_EISSUER_NOT_FOUND: 181 p = "The issuer certificate cannot be found"; 182 break; 183 case PJ_SSL_CERT_EUNTRUSTED: 184 p = "The certificate is untrusted"; 185 break; 186 case PJ_SSL_CERT_EVALIDITY_PERIOD: 187 p = "The certificate has expired or not yet valid"; 188 break; 189 case PJ_SSL_CERT_EINVALID_FORMAT: 190 p = "One or more fields of the certificate cannot be decoded " 191 "due to invalid format"; 192 break; 193 case PJ_SSL_CERT_EISSUER_MISMATCH: 194 p = "The issuer info in the certificate does not match to the " 195 "(candidate) issuer certificate"; 196 break; 197 case PJ_SSL_CERT_ECRL_FAILURE: 198 p = "The CRL certificate cannot be found or cannot be read " 199 "properly"; 200 break; 201 case PJ_SSL_CERT_EREVOKED: 202 p = "The certificate has been revoked"; 203 break; 204 case PJ_SSL_CERT_EINVALID_PURPOSE: 205 p = "The certificate or CA certificate cannot be used for the " 206 "specified purpose"; 207 break; 208 case PJ_SSL_CERT_ECHAIN_TOO_LONG: 209 p = "The certificate chain length is too long"; 210 break; 211 case PJ_SSL_CERT_EIDENTITY_NOT_MATCH: 212 p = "The server identity does not match to any identities " 213 "specified in the certificate"; 214 break; 215 case PJ_SSL_CERT_EUNKNOWN: 216 default: 217 unknown++; 218 break; 219 } 220 221 /* Set error string */ 222 if (p) 223 error_strings[i++] = p; 224 225 /* Next */ 226 shift_idx++; 227 errs >>= 1; 228 } 229 230 /* Unknown error */ 231 if (unknown && i < *count) 232 error_strings[i++] = "Unknown verification error"; 233 234 *count = i; 235 236 return PJ_SUCCESS; 237 }
Note: See TracChangeset
for help on using the changeset viewer.