Ensure verify error is set when X509_verify_cert() fails

[oweals/openssl.git] / crypto / x509 / x509_txt.c

diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 293efcfb8e6733d6ab82c9b6f2db689ee3baa397..5341e796692f6ad6cee03781bcd5f6a05b035d0c 100644 (file)
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -161,6 +161,10 @@ const char *X509_verify_cert_error_string(long n)
         return ("CA certificate key too weak");
     case X509_V_ERR_CA_MD_TOO_WEAK:
         return ("CA signature digest algorithm too weak");
+    case X509_V_ERR_INVALID_CALL:
+        return ("Invalid certificate verification context");
+    case X509_V_ERR_STORE_LOOKUP:
+        return ("Issuer certificate lookup error");
 
     default:
         /* Printing an error number into a static buffer is not thread-safe */