diff options
| author | Anthony Neal <aneal@zeroc.com> | 2002-03-24 00:08:08 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2002-03-24 00:08:08 +0000 |
| commit | 8adad8d4286c63735ef6bdd6a35c1f43a2f5b975 (patch) | |
| tree | 6bc7f117c631b6ca8c78e82e33f7f3c8ead9b756 /cpp/src | |
| parent | Updated to contain better verification directives. (diff) | |
| download | ice-8adad8d4286c63735ef6bdd6a35c1f43a2f5b975.tar.bz2 ice-8adad8d4286c63735ef6bdd6a35c1f43a2f5b975.tar.xz ice-8adad8d4286c63735ef6bdd6a35c1f43a2f5b975.zip | |
Fixed bugs while developing tests for IceSSL
Diffstat (limited to 'cpp/src')
| -rw-r--r-- | cpp/src/Ice/SslConnectionOpenSSLClient.cpp | 33 | ||||
| -rw-r--r-- | cpp/src/Ice/SslConnectionOpenSSLServer.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/Ice/ice.dsp | 4 |
3 files changed, 33 insertions, 8 deletions
diff --git a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp index 86b44d65b56..519ca3f9d7f 100644 --- a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp +++ b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp @@ -108,7 +108,7 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) // Find out what the error was (if any). int code = getLastError(); - +
switch (code) { case SSL_ERROR_WANT_READ: @@ -173,18 +173,39 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) protocolEx._message = "Encountered an EOF during handshake that violates the SSL Protocol.\n"; protocolEx._message += sslGetErrors(); - throw protocolEx; + throw protocolEx;
} } case SSL_ERROR_SSL: { - ProtocolException protocolEx(__FILE__, __LINE__); + int verifyError = SSL_get_verify_result(_sslConnection);
+
+ if (verifyError != X509_V_OK && verifyError != 1)
+ {
+ CertificateVerificationException certVerEx(__FILE__, __LINE__);
+
+ certVerEx._message = "SSL certificate verification error.";
+
+ string errors = sslGetErrors();
+
+ if (!errors.empty())
+ {
+ certVerEx._message += "\n";
+ certVerEx._message += errors;
+ }
+
+ throw certVerEx;
+ }
+ else
+ {
+ ProtocolException protocolEx(__FILE__, __LINE__); - protocolEx._message = "Encountered a violation of the SSL Protocol during handshake.\n"; - protocolEx._message += sslGetErrors(); + protocolEx._message = "Encountered a violation of the SSL Protocol during handshake.\n"; + protocolEx._message += sslGetErrors(); - throw protocolEx; + throw protocolEx; + }
} } diff --git a/cpp/src/Ice/SslConnectionOpenSSLServer.cpp b/cpp/src/Ice/SslConnectionOpenSSLServer.cpp index 40e0758165e..550535108ef 100644 --- a/cpp/src/Ice/SslConnectionOpenSSLServer.cpp +++ b/cpp/src/Ice/SslConnectionOpenSSLServer.cpp @@ -115,9 +115,9 @@ IceSSL::OpenSSL::ServerConnection::init(int timeout) if ((result <= 0) && (BIO_sock_should_retry(result) == 0)) { // Socket can't retry - bad scene, find out why. - long verify_error = SSL_get_verify_result(_sslConnection); + long verifyError = SSL_get_verify_result(_sslConnection); - if (verify_error != X509_V_OK) + if (verifyError != X509_V_OK) { CertificateVerificationException certVerEx(__FILE__, __LINE__); diff --git a/cpp/src/Ice/ice.dsp b/cpp/src/Ice/ice.dsp index 60ba6c29250..47d9c62bc0e 100644 --- a/cpp/src/Ice/ice.dsp +++ b/cpp/src/Ice/ice.dsp @@ -912,6 +912,10 @@ SOURCE=.\SslConnector.h # End Source File
# Begin Source File
+SOURCE=..\..\include\Ice\SslException.h
+# End Source File
+# Begin Source File
+
SOURCE=..\..\include\Ice\SslExtension.h
# End Source File
# Begin Source File
|