From 268c2102e34360ef9fba5b2b7d14e51b4e6cb4c3 Mon Sep 17 00:00:00 2001
From: "Ralf S. Engelschall" <rse@openssl.org>
Date: Mon, 12 Apr 1999 09:59:05 +0000
Subject: [PATCH] Make sure a corresponding plain text error message exists for
 the X509_V_ERR_CERT_REVOKED/23 error number which can occur when a verify
 callback function determined that a certificate was revoked.

---
 CHANGES                | 5 +++++
 crypto/x509/x509_txt.c | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/CHANGES b/CHANGES
index 163281cd36..2e420fa21d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,11 @@
 
  Changes between 0.9.2b and 0.9.3
 
+  *) Make sure a corresponding plain text error message exists for the
+     X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
+     verify callback function determined that a certificate was revoked.
+     [Ralf S. Engelschall]
+
   *) Bugfix: In test/testenc, don't test "openssl <cipher>" for
      ciphers that were excluded, e.g. by -DNO_IDEA.  Also, test
      all available cipers including rc5, which was forgotten until now.
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 871cc33637..de7550d9cd 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -120,6 +120,8 @@ long n;
 		return("unable to verify the first certificate");
 	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
 		return("certificate chain too long");
+	case X509_V_ERR_CERT_REVOKED:
+		return("certificate revoked");
 	case X509_V_ERR_APPLICATION_VERIFICATION:
 		return("application verification failure");
 	default:
-- 
GitLab