From eb9a2c3ae76b862254669b798b51b2b848616b6a Mon Sep 17 00:00:00 2001
From: Mark Spruiell <mes@zeroc.com>
Date: Tue, 7 Apr 2015 13:51:23 -0700
Subject: ICE-6402 - IceSSL.DefaultDir fixes

---
 cpp/src/IceSSL/SChannelEngine.cpp | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

(limited to 'cpp/src/IceSSL/SChannelEngine.cpp')

diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp
index c72f4d42d64..00a90c4531d 100644
--- a/cpp/src/IceSSL/SChannelEngine.cpp
+++ b/cpp/src/IceSSL/SChannelEngine.cpp
@@ -60,6 +60,11 @@ addCertificateToStore(const string& file, HCERTSTORE store, PCCERT_CONTEXT* cert
 {
     vector<char> buffer;
     readFile(file, buffer);
+    if(buffer.empty())
+    {
+        throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: certificate file is empty:\n" + file);
+    }
+
     vector<BYTE> outBuffer;
     outBuffer.resize(buffer.size());
     DWORD outLength = static_cast<DWORD>(outBuffer.size());
@@ -190,15 +195,15 @@ SChannelEngine::initialize()
     defaultProtocols.push_back("tls1_1");
     defaultProtocols.push_back("tls1_2");
     const_cast<DWORD&>(_protocols) =
-                    parseProtocols(properties->getPropertyAsListWithDefault(prefix + "Protocols", defaultProtocols));
+        parseProtocols(properties->getPropertyAsListWithDefault(prefix + "Protocols", defaultProtocols));
 
     //
     // Check for a default directory. We look in this directory for
     // files mentioned in the configuration.
     //
-    string defaultDir = properties->getProperty(prefix + "DefaultDir");
+    const string defaultDir = properties->getProperty(prefix + "DefaultDir");
 
-    int passwordRetryMax = properties->getPropertyAsIntWithDefault(prefix + "PasswordRetryMax", 3);
+    const int passwordRetryMax = properties->getPropertyAsIntWithDefault(prefix + "PasswordRetryMax", 3);
     PasswordPromptPtr passwordPrompt = getPasswordPrompt();
     setPassword(properties->getProperty(prefix + "Password"));
 
@@ -343,6 +348,11 @@ SChannelEngine::initialize()
 
             vector<char> buffer;
             readFile(certFile, buffer);
+            if(buffer.empty())
+            {
+                throw PluginInitializationException(__FILE__, __LINE__,
+                                                    "IceSSL: certificate file is empty:\n" + certFile);
+            }
 
             CRYPT_DATA_BLOB pfxBlob;
             pfxBlob.cbData = static_cast<DWORD>(buffer.size());
@@ -424,6 +434,10 @@ SChannelEngine::initialize()
             }
 
             readFile(keyFile, buffer);
+            if(buffer.empty())
+            {
+                throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: key file is empty:\n" + keyFile);
+            }
 
             vector<BYTE> outBuffer;
             outBuffer.resize(buffer.size());
-- 
cgit v1.2.3