From 3deb31752378a4b6f19eb1a3e1fd05cdc753fd6a Mon Sep 17 00:00:00 2001
From: Marcel Poul <marcel.poul@cern.ch>
Date: Sun, 1 Jul 2012 21:58:34 +0000
Subject: [PATCH] more CANL_ERR_... codes to map onto their openssl
 correspondents

---
 emi.canl.canl-c/src/canl_ssl.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c
index 5346591..c640cbf 100644
--- a/emi.canl.canl-c/src/canl_ssl.c
+++ b/emi.canl.canl-c/src/canl_ssl.c
@@ -917,9 +917,35 @@ get_verify_result(unsigned long ssl_err, const SSL *ssl)
 
     result = SSL_get_verify_result(ssl);
     switch (result) {
+        case X509_V_OK:
+            return 0; 
         case X509_V_ERR_CERT_CHAIN_TOO_LONG:
             canl_err = CANL_ERR_pathLenghtExtended;
             break;
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+            canl_err = CANL_ERR_noIssuerPublicKey;
+            break;
+        case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+            canl_err = CANL_ERR_signatureNotVerified;
+            break;
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+            canl_err = CANL_ERR_certificateNotYetValid;
+            break;
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+            canl_err = CANL_ERR_certificateExpired;
+            break;
+        case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
+            canl_err = CANL_ERR_unknownCriticalExt;
+            break;
+        case X509_V_ERR_CERT_REVOKED:
+            canl_err = CANL_ERR_certRevoked;
+            break;
+        case X509_V_ERR_UNABLE_TO_GET_CRL:
+            canl_err = CANL_ERR_noValidCrlFound;
+            break;
+        case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
+            canl_err = CANL_ERR_proxyLength;
+            break;
         default:
             break;
     }
-- 
1.8.2.3