diff options
Diffstat (limited to 'cpp/src/Ice/SslConnectionOpenSSLClient.cpp')
| -rw-r--r-- | cpp/src/Ice/SslConnectionOpenSSLClient.cpp | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp index 86b44d65b56..519ca3f9d7f 100644 --- a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp +++ b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp @@ -108,7 +108,7 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) // Find out what the error was (if any). int code = getLastError(); - +
switch (code) { case SSL_ERROR_WANT_READ: @@ -173,18 +173,39 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) protocolEx._message = "Encountered an EOF during handshake that violates the SSL Protocol.\n"; protocolEx._message += sslGetErrors(); - throw protocolEx; + throw protocolEx;
} } case SSL_ERROR_SSL: { - ProtocolException protocolEx(__FILE__, __LINE__); + int verifyError = SSL_get_verify_result(_sslConnection);
+
+ if (verifyError != X509_V_OK && verifyError != 1)
+ {
+ CertificateVerificationException certVerEx(__FILE__, __LINE__);
+
+ certVerEx._message = "SSL certificate verification error.";
+
+ string errors = sslGetErrors();
+
+ if (!errors.empty())
+ {
+ certVerEx._message += "\n";
+ certVerEx._message += errors;
+ }
+
+ throw certVerEx;
+ }
+ else
+ {
+ ProtocolException protocolEx(__FILE__, __LINE__); - protocolEx._message = "Encountered a violation of the SSL Protocol during handshake.\n"; - protocolEx._message += sslGetErrors(); + protocolEx._message = "Encountered a violation of the SSL Protocol during handshake.\n"; + protocolEx._message += sslGetErrors(); - throw protocolEx; + throw protocolEx; + }
} } |