From 47740707d585b275f08b4f0900f854cb87f0e825 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 16 Jun 2017 19:13:50 +0200
Subject: ssl: Try to make asn1 decode errors of certificates as specific as
 possible

---
 lib/ssl/src/ssl_handshake.erl | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 5110f2d271..b1661624b5 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -415,9 +415,11 @@ certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef,
 		path_validation_alert(Reason)
 	end
     catch
-	error:_ ->
+	error:{badmatch,{asn1, Asn1Reason}} ->
 	    %% ASN-1 decode of certificate somehow failed
-            ?ALERT_REC(?FATAL, ?CERTIFICATE_UNKNOWN, failed_to_decode_certificate)
+            ?ALERT_REC(?FATAL, ?CERTIFICATE_UNKNOWN, {failed_to_decode_certificate, Asn1Reason});
+        error:OtherReason ->
+            ?ALERT_REC(?FATAL, ?INTERNAL_ERROR, {unexpected_error, OtherReason})
     end.
 
 %%--------------------------------------------------------------------
-- 
cgit v1.2.3