diff options
| author | Rich Salz <rsalz@akamai.com> | 2019-10-12 17:45:56 -0400 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2020-01-23 23:18:33 +0100 |
| commit | 21d08b9ee9c0f7fabcad27b5d0b0c8c16f7dd1e9 (patch) | |
| tree | 41077d218df34536e5b057a8e8f5c984e4c9f66f /crypto/x509 | |
| parent | cf0843c09101fa7a1718c4423543358b7fe1876a (diff) | |
Update man3/verify documentation, error text
Move the x509_V_ERR_xxx definitions from openssl-verify to
X509_STORE_CTX_get_error.pod. Add some missing ones. Consistently
start with a lowercase letter, unless it's an acronym.
Fix some markup mistakes in X509_verify_cert.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10132)
Diffstat (limited to 'crypto/x509')
| -rw-r--r-- | crypto/x509/x509_txt.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c index 767d33b48a..2c82f8648b 100644 --- a/crypto/x509/x509_txt.c +++ b/crypto/x509/x509_txt.c @@ -111,9 +111,9 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_NO_EXPLICIT_POLICY: return "no explicit policy"; case X509_V_ERR_DIFFERENT_CRL_SCOPE: - return "Different CRL scope"; + return "different CRL scope"; case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: - return "Unsupported extension feature"; + return "unsupported extension feature"; case X509_V_ERR_UNNESTED_RESOURCE: return "RFC 3779 resource not subset of parent's resources"; case X509_V_ERR_PERMITTED_VIOLATION: @@ -133,7 +133,7 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_CRL_PATH_VALIDATION_ERROR: return "CRL path validation error"; case X509_V_ERR_PATH_LOOP: - return "Path Loop"; + return "path loop"; case X509_V_ERR_SUITE_B_INVALID_VERSION: return "Suite B: certificate version invalid"; case X509_V_ERR_SUITE_B_INVALID_ALGORITHM: @@ -147,13 +147,13 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: return "Suite B: cannot sign P-384 with P-256"; case X509_V_ERR_HOSTNAME_MISMATCH: - return "Hostname mismatch"; + return "hostname mismatch"; case X509_V_ERR_EMAIL_MISMATCH: - return "Email address mismatch"; + return "email address mismatch"; case X509_V_ERR_IP_ADDRESS_MISMATCH: return "IP address mismatch"; case X509_V_ERR_DANE_NO_MATCH: - return "No matching DANE TLSA records"; + return "no matching DANE TLSA records"; case X509_V_ERR_EE_KEY_TOO_SMALL: return "EE certificate key too weak"; case X509_V_ERR_CA_KEY_TOO_SMALL: @@ -161,9 +161,9 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_CA_MD_TOO_WEAK: return "CA signature digest algorithm too weak"; case X509_V_ERR_INVALID_CALL: - return "Invalid certificate verification context"; + return "invalid certificate verification context"; case X509_V_ERR_STORE_LOOKUP: - return "Issuer certificate lookup error"; + return "issuer certificate lookup error"; case X509_V_ERR_NO_VALID_SCTS: return "Certificate Transparency required, but no valid SCTs found"; case X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: @@ -175,10 +175,9 @@ const char *X509_verify_cert_error_string(long n) case X509_V_ERR_OCSP_CERT_UNKNOWN: return "OCSP unknown cert"; case X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH: - return "Subject signature algorithm and issuer public key algorithm mismatch"; + return "subject signature algorithm and issuer public key algorithm mismatch"; case X509_V_ERR_NO_ISSUER_PUBLIC_KEY: - return "Issuer certificate doesn't have a public key"; - + return "issuer certificate doesn't have a public key"; default: /* Printing an error number into a static buffer is not thread-safe */ return "unknown certificate verification error"; |