add max chain depth unique error, increase depth to 6

cyassl/error.h

@@ -100,6 +100,7 @@ enum CyaSSL_ErrorCodes {
     OCSP_NEED_URL          = -265,            /* OCSP need an URL for lookup */
     OCSP_CERT_UNKNOWN      = -266,            /* OCSP responder doesn't know */
     OCSP_LOOKUP_FAIL       = -267,            /* OCSP lookup not successful */
+    MAX_CHAIN_ERROR        = -268,            /* max chain depth exceeded */
     /* add strings to SetErrorString !!!!! */
 
     /* begin negotiation parameter errors */

cyassl/internal.h

@@ -387,7 +387,7 @@ enum Misc {
     MAX_EX_DATA        =   3,  /* allow for three items of ex_data */
     MAX_CHAIN_DEPTH    =   9,  /* max cert chain peer depth, FORTRESS option */
 #else
-    MAX_CHAIN_DEPTH    =   4,  /* max cert chain peer depth */
+    MAX_CHAIN_DEPTH    =   6,  /* max cert chain peer depth */
 #endif
     MAX_X509_SIZE      = 2048, /* max static x509 buffer size */
     CERT_MIN_SIZE      =  256, /* min PEM cert size with header/footer */

src/internal.c

@@ -1586,7 +1586,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
         word32 certSz;
 
         if (totalCerts >= MAX_CHAIN_DEPTH)
-            return BUFFER_E;
+            return MAX_CHAIN_ERROR;
 
         c24to32(&input[i], &certSz);
         i += CERT_HEADER_SZ;
@@ -3558,6 +3558,10 @@ void SetErrorString(int error, char* str)
         XSTRNCPY(str, "OCSP Responder lookup fail", max);
         break;
 
+    case MAX_CHAIN_ERROR:
+        XSTRNCPY(str, "Maximum Chain Depth Exceeded", max);
+        break;
+
     default :
         XSTRNCPY(str, "unknown error number", max);
     }