w3m

Unnamed repository; edit this file to name it for gitweb.
git clone https://logand.com/git/w3m.git/
Log | Files | Refs | README

commit be672569f079cc36c2815fc4c05adef66d746ba1
parent 8db8abb95406ca4cacaaa89a8550d4f25e8df172
Author: ukai <ukai>
Date:   Thu, 27 Dec 2001 02:28:17 +0000

[w3m-dev 02753]
From: Hironori Sakamoto <hsaka@mth.biglobe.ne.jp>

Diffstat:
MChangeLog | 6++++++
Murl.c | 79++-----------------------------------------------------------------------------
2 files changed, 8 insertions(+), 77 deletions(-)

diff --git a/ChangeLog b/ChangeLog @@ -1,3 +1,9 @@ +2001-12-27 Hironori Sakamoto <hsaka@mth.biglobe.ne.jp> + + * [w3m-dev 02753] + * url (ssl_verify_error_string): deleted + * url.c (openSSLHandle): use X509_verify_cert_error_string() + 2001-12-27 Fumitoshi UKAI <ukai@debian.or.jp> * [w3m-dev 02750] RFC2818 server identity check diff --git a/url.c b/url.c @@ -272,81 +272,6 @@ init_PRNG() } #endif /* SSLEAY_VERSION_NUMBER >= 0x00905100 */ - -#ifdef USE_SSL_VERIFY -static const char * -ssl_verify_error_string(unsigned long verr) -{ - /* see verify(1ssl) - we can't use ERR_error_string()? */ - switch (verr) { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - return "Unable to get issuer cert"; - case X509_V_ERR_UNABLE_TO_GET_CRL: - return "Unable to get CRL"; - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: - return "Unable to decrypt cert signature"; - case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: - return "Unable to decrypt CRL signature"; - case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: - return "Unable to decode issuer public key"; - case X509_V_ERR_CERT_SIGNATURE_FAILURE: - return "Certificate signature failture"; - case X509_V_ERR_CRL_SIGNATURE_FAILURE: - return "CRL signature failture"; - case X509_V_ERR_CERT_NOT_YET_VALID: - return "Certificate not yet valid"; - case X509_V_ERR_CERT_HAS_EXPIRED: - return "Certificate has expired"; - case X509_V_ERR_CRL_NOT_YET_VALID: - return "CRL not yet valid"; - case X509_V_ERR_CRL_HAS_EXPIRED: - return "CRL has expired"; - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - return "Error in certificate Not Before: field"; - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - return "Error in certificate Not After: field"; - case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: - return "Error in CRL Last Update: field"; - case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: - return "Error in CRL Next Update: field"; - case X509_V_ERR_OUT_OF_MEM: - return "Out of memory"; - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - return "Depth zero self signed certificate"; - case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: - return "Self signed certificate in chain"; - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: - return "Unable to get issuer certificate locally"; - case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: - return "Unable to verify leaf signature"; - case X509_V_ERR_CERT_CHAIN_TOO_LONG: - return "Certificate chain too long"; - case X509_V_ERR_CERT_REVOKED: - return "Certificate revoked"; - case X509_V_ERR_INVALID_CA: - return "Invalid CA"; - case X509_V_ERR_PATH_LENGTH_EXCEEDED: - return "Path length exceeded"; - case X509_V_ERR_INVALID_PURPOSE: - return "Invalid purpose"; - case X509_V_ERR_CERT_UNTRUSTED: - return "Certificate untrusted"; - case X509_V_ERR_CERT_REJECTED: - return "Certificate rejected"; - case X509_V_ERR_SUBJECT_ISSUER_MISMATCH: - return "Subject Issuer mismatch"; - case X509_V_ERR_AKID_SKID_MISMATCH: - return "akid skid mismatch"; - case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: - return "akid issuer serial mismatch"; - case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: - return "Keyusage no certsign"; - default: - return "unknown verification error"; - } -} -#endif - static SSL * openSSLHandle(int sock, char *hostname) { @@ -470,10 +395,10 @@ openSSLHandle(int sock, char *hostname) } } else { - unsigned long verr; + long verr; X509_free(x); if ((verr = SSL_get_verify_result(handle)) != X509_V_OK) { - const char *em = ssl_verify_error_string(verr); + const char *em = X509_verify_cert_error_string(verr); if (accept_this_site && strcasecmp(accept_this_site->ptr, hostname) == 0) ans = "y";