Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #455 from dcooper16/unsupported_purpose

Browse Source 
Output correct error for unsupported certificate purpose
This commit is contained in:
Dirk Wetter 2016-08-29 17:39:00 +02:00 committed by GitHub
commit ba1ea6dcba
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
testssl.sh
View File

@ -3737,6 +3737,7 @@ verify_retcode_helper() {
case $retcode in
# codes from ./doc/apps/verify.pod | verify(1ssl)
26) out "(unsupported certificate purpose)" ;; # X509_V_ERR_INVALID_PURPOSE
24) out "(certificate unreadable)" ;; # X509_V_ERR_INVALID_CA
23) out "(certificate revoked)" ;; # X509_V_ERR_CERT_REVOKED
21) out "(chain incomplete, only 1 cert provided)" ;; # X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
@ -3819,8 +3820,8 @@ determine_trust() {
if ! $some_ok; then
# all failed (we assume with the same issue), we're displaying the reason
out " "
verify_retcode_helper "${verify_retcode[2]}"
fileout "${json_prefix}chain_of_trust" "NOT ok" "All certificate trust checks failed: $(verify_retcode_helper "${verify_retcode[2]}"). $addtl_warning"
verify_retcode_helper "${verify_retcode[1]}"
fileout "${json_prefix}chain_of_trust" "NOT ok" "All certificate trust checks failed: $(verify_retcode_helper "${verify_retcode[1]}"). $addtl_warning"
else
# is one ok and the others not ==> display the culprit store
if $some_ok ; then