Merge commit '36adc36' into dtls

* commit '36adc36': Add support for getrandom() Use library default for trunc-hmac in ssl_client2 Make truncated hmac a runtime option server-side Fix portability issue in script Specific error for suites in common but none good Prefer SHA-1 certificates for pre-1.2 clients Some more refactoring/tuning. Minor refactoring Conflicts: include/polarssl/error.h include/polarssl/ssl.h library/error.c
2015-01-21 13:48:45 +00:00 · 2015-01-21 13:48:45 +00:00 · bfccdd3c92
commit bfccdd3c92
parent 0017c2be48 36adc3631c
11 changed files with 262 additions and 63 deletions
--- a/library/error.c
+++ b/library/error.c
@ -456,6 +456,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
            snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" );
        if( use_ret == -(POLARSSL_ERR_SSL_BUFFER_TOO_SMALL) )
            snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" );
+        if( use_ret == -(POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE) )
+            snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate)" );
 #endif /* POLARSSL_SSL_TLS_C */

 #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)