aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
diff options
context:
space:
mode:
authorPeter Andersson <[email protected]>2012-08-27 12:00:24 +0200
committerPeter Andersson <[email protected]>2012-08-27 12:00:24 +0200
commit0ff106bd0fa654c09144102ca5baf73bb1d3a459 (patch)
treeb8d4dfb7b689823a28353b5ad41f0302360ed281 /lib/ssl
parentae2c50f36806b26530de88d2609cd6ced018cb54 (diff)
parentfd7423d3fc1a32e497084d5c70e2d05792032925 (diff)
downloadotp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.tar.gz
otp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.tar.bz2
otp-0ff106bd0fa654c09144102ca5baf73bb1d3a459.zip
Merge remote branch 'upstream/maint' into maint
Diffstat (limited to 'lib/ssl')
-rw-r--r--lib/ssl/src/ssl_handshake.erl29
1 files changed, 17 insertions, 12 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 28469dfa5f..bb26302fff 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -220,18 +220,23 @@ certify(#certificate{asn1_certificates = ASN1Certs}, CertDbHandle, CertDbRef,
end, {Role, UserState0}}
end,
- {TrustedErlCert, CertPath} =
- ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef),
-
- case public_key:pkix_path_validation(TrustedErlCert,
- CertPath,
- [{max_path_length,
- MaxPathLen},
- {verify_fun, ValidationFunAndState}]) of
- {ok, {PublicKeyInfo,_}} ->
- {PeerCert, PublicKeyInfo};
- {error, Reason} ->
- path_validation_alert(Reason)
+ try
+ {TrustedErlCert, CertPath} =
+ ssl_certificate:trusted_cert_and_path(ASN1Certs, CertDbHandle, CertDbRef),
+ case public_key:pkix_path_validation(TrustedErlCert,
+ CertPath,
+ [{max_path_length,
+ MaxPathLen},
+ {verify_fun, ValidationFunAndState}]) of
+ {ok, {PublicKeyInfo,_}} ->
+ {PeerCert, PublicKeyInfo};
+ {error, Reason} ->
+ path_validation_alert(Reason)
+ end
+ catch
+ error:_ ->
+ %% ASN-1 decode of certificate somehow failed
+ ?ALERT_REC(?FATAL, ?CERTIFICATE_UNKNOWN)
end.
%%--------------------------------------------------------------------