Commit 6d228206 authored by Yann Leboulanger's avatar Yann Leboulanger

store all SSL errors

parent 72ae2f08
......@@ -393,7 +393,7 @@ class NonBlockingTLS(PlugIn):
flags |= 16384
tcpsock._sslContext.set_options(flags)
tcpsock.ssl_errnum = 0
tcpsock.ssl_errnum = [0]
tcpsock._sslContext.set_verify(OpenSSL.SSL.VERIFY_PEER,
self._ssl_verify_callback)
try:
......@@ -449,11 +449,11 @@ class NonBlockingTLS(PlugIn):
def _ssl_verify_callback(self, sslconn, cert, errnum, depth, ok):
# Exceptions can't propagate up through this callback, so print them here.
try:
self._owner.ssl_fingerprint_sha1 = cert.digest('sha1')
self._owner.ssl_certificate = cert
self._owner.ssl_errnum = errnum
self._owner.ssl_cert_pem = OpenSSL.crypto.dump_certificate(
OpenSSL.crypto.FILETYPE_PEM, cert)
self._owner.ssl_fingerprint_sha1.append(cert.digest('sha1'))
self._owner.ssl_certificate.append(cert)
self._owner.ssl_errnum.append(errnum)
self._owner.ssl_cert_pem.append(OpenSSL.crypto.dump_certificate(
OpenSSL.crypto.FILETYPE_PEM, cert))
return True
except:
log.error("Exception caught in _ssl_info_callback:", exc_info=True)
......
......@@ -310,6 +310,12 @@ class NonBlockingTCP(NonBlockingTransport, IdleObject):
self.proxy_dict = proxy_dict
self.on_remote_disconnect = self.disconnect
# ssl variables
self.ssl_fingerprint_sha1 = []
self.ssl_certificate = []
self.ssl_errnum = []
self.ssl_cert_pem = []
# FIXME: transport should not be aware xmpp
def start_disconnect(self):
NonBlockingTransport.start_disconnect(self)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment