From ad0c491c326531fc293e5f0e8e0e91d7ac945327 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Sun, 3 May 2009 17:29:56 +0000
Subject: [PATCH]  - Updated ssl_cert_test to properly parse return values from
    x509parse_verify().

---
 programs/test/ssl_cert_test.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 00488bae4..eb9baf8c2 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -146,8 +146,18 @@ int main( void )
         {
             if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
             {
-                if( flags == BADCERT_REVOKED )
+                if( flags & BADCERT_CN_MISMATCH )
+                    printf( " CN_MISMATCH " );
+                if( flags & BADCERT_EXPIRED )
+                    printf( " EXPIRED " );
+                if( flags & BADCERT_REVOKED )
                     printf( " REVOKED " );
+                if( flags & BADCERT_NOT_TRUSTED )
+                    printf( " NOT_TRUSTED " );
+                if( flags & BADCRL_NOT_TRUSTED )
+                    printf( " CRL_NOT_TRUSTED " );
+                if( flags & BADCRL_EXPIRED )
+                    printf( " CRL_EXPIRED " );
             } else {
                 printf( " failed\n  !  x509parse_verify returned %d\n\n", ret );
                 goto exit;