Make sure a corresponding plain text error message exists for the
X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
verify callback function determined that a certificate was revoked.
diff --git a/CHANGES b/CHANGES
index 163281c..2e420fa 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,11 @@
Changes between 0.9.2b and 0.9.3
+ *) Make sure a corresponding plain text error message exists for the
+ X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
+ verify callback function determined that a certificate was revoked.
+ [Ralf S. Engelschall]
+
*) Bugfix: In test/testenc, don't test "openssl <cipher>" for
ciphers that were excluded, e.g. by -DNO_IDEA. Also, test
all available cipers including rc5, which was forgotten until now.
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 871cc33..de7550d 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -120,6 +120,8 @@
return("unable to verify the first certificate");
case X509_V_ERR_CERT_CHAIN_TOO_LONG:
return("certificate chain too long");
+ case X509_V_ERR_CERT_REVOKED:
+ return("certificate revoked");
case X509_V_ERR_APPLICATION_VERIFICATION:
return("application verification failure");
default:
