修复cmake中curl的依赖错误。

platform/src/ssl_stream.cpp

@@ -598,9 +598,9 @@ error_out:
 	return NULL;
 }
 
-int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl)
+int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl, const char** error_string)
 {
-	int ret = 0;
+	int ret = 0, err_code=0;
 	STACK_OF(X509) * cert_chain = SSL_get_peer_cert_chain(ssl);
 	if (cert_chain == NULL)
 	{
@@ -614,6 +614,11 @@ int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl)
 
 	//If a complete chain can be built and validated this function returns 1, otherwise it return zero or negtive code.
 	ret = X509_verify_cert(ctx);
+	if(ret!=1)
+	{
+		err_code=X509_STORE_CTX_get_error(ctx);
+		*error_string=X509_verify_cert_error_string(err_code);
+	}
 	X509_STORE_CTX_free(ctx);
 	return (ret == 1);
 }
@@ -949,6 +954,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 	struct ssl_stream * s_stream = ctx->s_stream;
 	struct ssl_mgr* mgr=s_stream->mgr;
 	SSL_SESSION * ssl_sess = NULL;
+	const char* error_string=NULL;
 
 	if (events & BEV_EVENT_ERROR)
 	{
@@ -973,7 +979,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 
 		if(!SSL_session_reused(s_stream->ssl))
 		{
-			s_stream->is_peer_cert_verify_passed = ssl_conn_verify_cert(s_stream->mgr->trust_CA_store, s_stream->ssl);
+			s_stream->is_peer_cert_verify_passed = ssl_conn_verify_cert(s_stream->mgr->trust_CA_store, s_stream->ssl, &error_string);
 			if(s_stream->is_peer_cert_verify_passed)
 			{
 				//ONLY verified session is cacheable.
@@ -986,7 +992,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
 			{
 				ATOMIC_INC(&(mgr->stat_val[SSL_FAKE_CRT]));
 				char* addr_str=tfe_string_addr_create_by_fd(ctx->fd_upstream, CONN_DIR_UPSTREAM);
-				TFE_LOG_INFO(mgr->logger, "Fake Cert %s %s", addr_str, ctx->s_stream->client_hello->sni);
+				TFE_LOG_INFO(mgr->logger, "Fake Cert %s %s : %s", addr_str, ctx->s_stream->client_hello->sni, error_string);
 				free(addr_str);
 			}
 		}