[glib-networking/mcatanzaro/base-rebase] openssl: handle SSL_R_CERTIFICATE_VERIFY_FAILED

[Ignacio Casal Quinteiro <icq src gnome org>]

commit f17e1899a168157fa07776fd1e9fdf88d400c71c
Author: Ignacio Casal Quinteiro <qignacio amazon com>
Date:   Tue May 14 16:37:30 2019 +0200

    openssl: handle SSL_R_CERTIFICATE_VERIFY_FAILED

 tls/openssl/gtlsconnection-openssl.c | 8 ++++++++
 1 file changed, 8 insertions(+)
---
diff --git a/tls/openssl/gtlsconnection-openssl.c b/tls/openssl/gtlsconnection-openssl.c
index 5b7f979..30cf058 100644
--- a/tls/openssl/gtlsconnection-openssl.c
+++ b/tls/openssl/gtlsconnection-openssl.c
@@ -158,6 +158,14 @@ end_openssl_io (GTlsConnectionOpenssl  *openssl,
       return status;
     }
 
+  if (reason == SSL_R_CERTIFICATE_VERIFY_FAILED)
+    {
+      g_clear_error (&my_error);
+      g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
+                   _("Unacceptable TLS certificate"));
+      return G_TLS_CONNECTION_BASE_ERROR;
+    }
+
   if (err_lib == ERR_LIB_RSA && reason == RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY)
     {
       g_clear_error (&my_error);