diff options
| author | Jose <jose@zeroc.com> | 2014-10-21 11:33:27 +0200 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2014-10-21 11:33:27 +0200 |
| commit | e787d0855b51a47f10547d0346faa7fe6def5064 (patch) | |
| tree | cfb595d9500151f74f8bf32786e0d55c91fe52f5 /cpp/src/IceSSL | |
| parent | Fixed gradle jar installation task to depend on jar task (diff) | |
| download | ice-e787d0855b51a47f10547d0346faa7fe6def5064.tar.bz2 ice-e787d0855b51a47f10547d0346faa7fe6def5064.tar.xz ice-e787d0855b51a47f10547d0346faa7fe6def5064.zip | |
OS X 10.10 SSL configuration fixes
Diffstat (limited to 'cpp/src/IceSSL')
| -rw-r--r-- | cpp/src/IceSSL/SecureTransportEngine.cpp | 7 | ||||
| -rw-r--r-- | cpp/src/IceSSL/SecureTransportTransceiverI.cpp | 7 |
2 files changed, 14 insertions, 0 deletions
diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index 7a4d16d7c5e..743347feb67 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -1499,5 +1499,12 @@ IceSSL::SecureTransportEngine::parseCiphers(const string& ciphers) } } _ciphers = enabled; + + if(_ciphers.empty()) + { + throw PluginInitializationException(__FILE__, __LINE__, + "IceSSL: invalid value for IceSSL.Ciphers:\n" + ciphers + + "\nThe result cipher list does not contain any entries"); + } } #endif diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp index 38f9e4cc70a..a8f491db570 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp @@ -224,6 +224,13 @@ IceSSL::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal::B { assert(!_trust); err = SSLCopyPeerTrust(_ssl, &_trust); + if(_incoming && err == errSSLBadCert && _engine->getVerifyPeer() == 1) + { + // This happens in 10.10 when the client doesn't provide + // a certificate and the server is configured to try + // authenticate + continue; + } if(err == noErr) { checkTrustResult(_trust, _engine, _instance); |