diff options
author | Peter Andersson <[email protected]> | 2012-08-27 12:00:24 +0200 |
---|---|---|
committer | Peter Andersson <[email protected]> | 2012-08-27 12:00:24 +0200 |
commit | 0ff106bd0fa654c09144102ca5baf73bb1d3a459 (patch) | |
tree | b8d4dfb7b689823a28353b5ad41f0302360ed281 /lib/ssl | |
parent | ae2c50f36806b26530de88d2609cd6ced018cb54 (diff) | |
parent | fd7423d3fc1a32e497084d5c70e2d05792032925 (diff) | |
download | otp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.tar.gz otp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.tar.bz2 otp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.zip |
Merge remote branch 'upstream/maint' into maint
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 29 |
1 files changed, 17 insertions, 12 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 28469dfa5f..bb26302fff 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -220,18 +220,23 @@ certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef, end, {Role, UserState0}} end, - {TrustedErlCert, CertPath} = - ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef), - - case public_key:pkix_path_validation(TrustedErlCert, - CertPath, - [{max_path_length, - MaxPathLen}, - {verify_fun, ValidationFunAndState}]) of - {ok, {PublicKeyInfo,_}} -> - {PeerCert, PublicKeyInfo}; - {error, Reason} -> - path_validation_alert(Reason) + try + {TrustedErlCert, CertPath} = + ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef), + case public_key:pkix_path_validation(TrustedErlCert, + CertPath, + [{max_path_length, + MaxPathLen}, + {verify_fun, ValidationFunAndState}]) of + {ok, {PublicKeyInfo,_}} -> + {PeerCert, PublicKeyInfo}; + {error, Reason} -> + path_validation_alert(Reason) + end + catch + error:_ -> + %% ASN-1 decode of certificate somehow failed + ?ALERT_REC(?FATAL, ?CERTIFICATE_UNKNOWN) end. %%-------------------------------------------------------------------- |