The branch OpenSSL_1_1_1-stable has been updated via bb00b0404d05a268f8660ef3a74095419dfcbc4d (commit) from d00209a3b14b37a05fb91972f972b1fe8db6196f (commit)
- Log ----------------------------------------------------------------- commit bb00b0404d05a268f8660ef3a74095419dfcbc4d Author: Martin Ukrop <muk...@mail.muni.cz> Date: Mon Aug 5 14:14:54 2019 +0200 Fix reversed meaning of error codes The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were still reversed in the X509_STORE_CTX_get_error function documentation. This used to be the problem also in the verify application documentation, but was fixed on 2010-02-23 in 7d3d178. Reviewed-by: Shane Lontis <shane.lon...@oracle.com> Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9529) (cherry picked from commit 6d5aa88d74b67b1bc108e121dea687a4ca67e329) ----------------------------------------------------------------------- Summary of changes: doc/man3/X509_STORE_CTX_get_error.pod | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/man3/X509_STORE_CTX_get_error.pod b/doc/man3/X509_STORE_CTX_get_error.pod index f166b0832d..c88279bb19 100644 --- a/doc/man3/X509_STORE_CTX_get_error.pod +++ b/doc/man3/X509_STORE_CTX_get_error.pod @@ -101,8 +101,8 @@ the operation was successful. =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate> -the issuer certificate could not be found: this occurs if the issuer certificate -of an untrusted certificate cannot be found. +the issuer certificate of a locally looked up certificate could not be found. +This normally means the list of trusted certificates is not complete. =item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL> @@ -180,8 +180,8 @@ the root could not be found locally. =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate> -the issuer certificate of a locally looked up certificate could not be found. -This normally means the list of trusted certificates is not complete. +the issuer certificate could not be found: this occurs if the issuer certificate +of an untrusted certificate cannot be found. =item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>