diff options
| author | Michael Brown | 2012-03-22 11:55:13 +0100 |
|---|---|---|
| committer | Michael Brown | 2012-03-22 12:41:22 +0100 |
| commit | f2af64aba55fda84bd4c6dc6d3590049a637c03f (patch) | |
| tree | 9fa5e8b9847522daae32e8c79abc14fffa32d9ff /src/net/tls.c | |
| parent | [crypto] Shrink raw certificate data to fit certificate (diff) | |
| download | ipxe-f2af64aba55fda84bd4c6dc6d3590049a637c03f.tar.gz ipxe-f2af64aba55fda84bd4c6dc6d3590049a637c03f.tar.xz ipxe-f2af64aba55fda84bd4c6dc6d3590049a637c03f.zip | |
[crypto] Differentiate "untrusted root" and "incomplete chain" error cases
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/net/tls.c')
| -rw-r--r-- | src/net/tls.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/net/tls.c b/src/net/tls.c index 6475f78d..ce39da9a 100644 --- a/src/net/tls.c +++ b/src/net/tls.c @@ -46,10 +46,10 @@ FILE_LICENCE ( GPL2_OR_LATER ); #include <ipxe/tls.h> /* Disambiguate the various error causes */ -#define EACCES_UNTRUSTED \ - __einfo_error ( EINFO_EACCES_UNTRUSTED ) -#define EINFO_EACCES_UNTRUSTED \ - __einfo_uniqify ( EINFO_EACCES, 0x01, "Untrusted certificate chain" ) +#define EACCES_INCOMPLETE \ + __einfo_error ( EINFO_EACCES_INCOMPLETE ) +#define EINFO_EACCES_INCOMPLETE \ + __einfo_uniqify ( EINFO_EACCES, 0x01, "Incomplete certificate chain" ) #define EACCES_WRONG_NAME \ __einfo_error ( EINFO_EACCES_WRONG_NAME ) #define EINFO_EACCES_WRONG_NAME \ @@ -1302,7 +1302,7 @@ static int tls_parse_next ( struct x509_certificate *cert, /* Return error at end of chain */ if ( context->current >= context->end ) { DBGC ( tls, "TLS %p reached end of certificate chain\n", tls ); - return -EACCES_UNTRUSTED; + return -EACCES_INCOMPLETE; } /* Extract current certificate and update context */ |