summaryrefslogtreecommitdiffstats
path: root/net/socket
diff options
context:
space:
mode:
Diffstat (limited to 'net/socket')
-rw-r--r--net/socket/ssl_client_socket_mac.cc8
1 files changed, 5 insertions, 3 deletions
diff --git a/net/socket/ssl_client_socket_mac.cc b/net/socket/ssl_client_socket_mac.cc
index 2fe9743..6684398 100644
--- a/net/socket/ssl_client_socket_mac.cc
+++ b/net/socket/ssl_client_socket_mac.cc
@@ -92,7 +92,6 @@ int NetErrorFromOSStatus(OSStatus status) {
switch (status) {
case errSSLWouldBlock:
return ERR_IO_PENDING;
- case errSSLIllegalParam:
case errSSLBadCipherSuite:
case errSSLBadConfiguration:
return ERR_INVALID_ARGUMENT;
@@ -105,6 +104,8 @@ int NetErrorFromOSStatus(OSStatus status) {
case errSSLInternal:
case errSSLCrypto:
case errSSLFatalAlert:
+ case errSSLIllegalParam: // Received an illegal_parameter alert.
+ case errSSLPeerUnexpectedMsg: // Received an unexpected_message alert.
case errSSLProtocol:
return ERR_SSL_PROTOCOL_ERROR;
case errSSLHostNameMismatch:
@@ -246,7 +247,8 @@ int KeySizeOfCipherSuite(SSLCipherSuite suite) {
X509Certificate* GetServerCert(SSLContextRef ssl_context) {
CFArrayRef certs;
OSStatus status = SSLCopyPeerCertificates(ssl_context, &certs);
- if (status != noErr)
+ // SSLCopyPeerCertificates may succeed but return a null |certs|.
+ if (status != noErr || !certs)
return NULL;
DCHECK_GT(CFArrayGetCount(certs), 0);
@@ -529,7 +531,7 @@ int SSLClientSocketMac::DoHandshake() {
}
}
}
- } else if (IsCertStatusError(net_error)) {
+ } else if (IsCertificateError(net_error)) {
server_cert_ = GetServerCert(ssl_context_);
DCHECK(server_cert_);
server_cert_status_ |= MapNetErrorToCertStatus(net_error);
generated by cgit v1.1 at 2025-01-31 17:39:38 +0000