summaryrefslogtreecommitdiffstats
path: root/modules/mbedtls/ssl_context_mbedtls.cpp
diff options
context:
space:
mode:
authorFabio Alessandrelli <fabio.alessandrelli@gmail.com>2019-08-22 16:40:43 +0200
committerFabio Alessandrelli <fabio.alessandrelli@gmail.com>2019-08-22 16:49:11 +0200
commit17d5b471b9be55a60c366da82629099f6937ec88 (patch)
tree9445b62232ba1818d87883126fe3a04459408bcd /modules/mbedtls/ssl_context_mbedtls.cpp
parent99f657d89f43615bff12e00e59d07499dccec20d (diff)
downloadredot-engine-17d5b471b9be55a60c366da82629099f6937ec88.tar.gz
Better error handling in SSLContext, Crypto
Diffstat (limited to 'modules/mbedtls/ssl_context_mbedtls.cpp')
-rw-r--r--modules/mbedtls/ssl_context_mbedtls.cpp11
1 files changed, 7 insertions, 4 deletions
diff --git a/modules/mbedtls/ssl_context_mbedtls.cpp b/modules/mbedtls/ssl_context_mbedtls.cpp
index edd679e335..97b5e23f58 100644
--- a/modules/mbedtls/ssl_context_mbedtls.cpp
+++ b/modules/mbedtls/ssl_context_mbedtls.cpp
@@ -94,6 +94,9 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<Crypto
}
Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509CertificateMbedTLS> p_valid_cas) {
+ Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, p_authmode);
+ ERR_FAIL_COND_V(err != OK, err);
+
X509CertificateMbedTLS *cas = NULL;
if (p_valid_cas.is_valid()) {
@@ -104,12 +107,12 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509Ce
} else {
// Fall back to default certificates (no need to lock those).
cas = CryptoMbedTLS::get_default_certificates();
- ERR_FAIL_COND_V(cas == NULL, ERR_UNCONFIGURED);
+ if (cas == NULL) {
+ clear();
+ ERR_FAIL_V_MSG(ERR_UNCONFIGURED, "SSL module failed to initialize!");
+ }
}
- Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, p_authmode);
- ERR_FAIL_COND_V(err != OK, err);
-
// Set valid CAs
mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), NULL);
mbedtls_ssl_setup(&ssl, &conf);