dovecot-2.2: lib-ssl-iostream: Give better error message if CA s...

Fri Sep 20 04:01:25 EEST 2013

details:   http://hg.dovecot.org/dovecot-2.2/rev/ac832f051b49
changeset: 16782:ac832f051b49
user:      Timo Sirainen <tss at iki.fi>
date:      Fri Sep 20 04:01:10 2013 +0300
description:
lib-ssl-iostream: Give better error message if CA settings are missing.

diffstat:

 src/lib-ssl-iostream/iostream-openssl-context.c |  4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diffs (14 lines):

diff -r 98702a45784c -r ac832f051b49 src/lib-ssl-iostream/iostream-openssl-context.c

--- a/src/lib-ssl-iostream/iostream-openssl-context.c	Fri Sep 20 03:54:31 2013 +0300
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c	Fri Sep 20 04:01:10 2013 +0300
@@ -349,7 +349,9 @@
 	}
 
 	if (!have_ca) {
-		*error_r = "Can't verify remote certs without CA";
+		*error_r = !ctx->client_ctx ?
+			"Can't verify remote client certs without CA (ssl_ca setting)" :
+			"Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)";
 		return -1;
 	}
 	return 0;
