Fix SSL handshake handling when not using legacy SSL.

Fixes issue #172
author: Lance Stout <lancestout@gmail.com> 2012-06-09 10:32:25 -0700
committer: Lance Stout <lancestout@gmail.com> 2012-06-09 11:01:11 -0700
commit: 4b37a4706f62d4ac447d2e0e5127a9199075287d (patch)
tree: 285fd0ff31a1c7e31f35dcf2bb44b9ca5a33904f
parent: 7b1564947d9ea05608862acec6ccfe96e7f52e01 (diff)
download: slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.gz
slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.bz2
slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.xz
slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.zip
1 files changed, 11 insertions, 12 deletions
diff --git a/sleekxmpp/xmlstream/xmlstream.py b/sleekxmpp/xmlstream/xmlstream.py
index 7376d56d..8575c65b 100644
--- a/sleekxmpp/xmlstream/xmlstream.py
+++ b/sleekxmpp/xmlstream/xmlstream.py
@@ -511,18 +511,17 @@ class XMLStream(object):
                 log.debug("Connecting to %s:%s", domain, self.address[1])
                 self.socket.connect(self.address)
 
-                try:
-                    self.socket.do_handshake()
-                except:
-                    log.error('CERT: Invalid certificate trust chain.')
-                    if not self.event_handled('ssl_invalid_chain'):
-                        self.disconnect(self.auto_reconnect, send_close=False)
-                    else:
-                        self.event('ssl_invalid_chain', direct=True)
-                    return False
-
-
                 if self.use_ssl and self.ssl_support:
+                    try:
+                        self.socket.do_handshake()
+                    except (Socket.error, ssl.SSLError):
+                        log.error('CERT: Invalid certificate trust chain.')
+                        if not self.event_handled('ssl_invalid_chain'):
+                            self.disconnect(self.auto_reconnect, send_close=False)
+                        else:
+                            self.event('ssl_invalid_chain', direct=True)
+                        return False
+
                     self._der_cert = self.socket.getpeercert(binary_form=True)
                     pem_cert = ssl.DER_cert_to_PEM_cert(self._der_cert)
                     log.debug('CERT: %s', pem_cert)
@@ -802,7 +801,7 @@ class XMLStream(object):
 
             try:
                 self.socket.do_handshake()
-            except:
+            except (Socket.error, ssl.SSLError):
                 log.error('CERT: Invalid certificate trust chain.')
                 if not self.event_handled('ssl_invalid_chain'):
                     self.disconnect(self.auto_reconnect, send_close=False)
author	Lance Stout <lancestout@gmail.com>	2012-06-09 10:32:25 -0700
committer	Lance Stout <lancestout@gmail.com>	2012-06-09 11:01:11 -0700
commit	4b37a4706f62d4ac447d2e0e5127a9199075287d (patch)
tree	285fd0ff31a1c7e31f35dcf2bb44b9ca5a33904f
parent	7b1564947d9ea05608862acec6ccfe96e7f52e01 (diff)
download	slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.gz slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.bz2 slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.tar.xz slixmpp-4b37a4706f62d4ac447d2e0e5127a9199075287d.zip