From 0953896d2dc41ab08baf6a9ef6f599e77fe602de Mon Sep 17 00:00:00 2001
From: Lance Stout <lancestout@gmail.com>
Date: Sat, 9 Jun 2012 10:32:25 -0700
Subject: Fix SSL handshake handling when not using legacy SSL.
Fixes issue #172
---
sleekxmpp/xmlstream/xmlstream.py | 23 +++++++++++------------
1 file changed, 11 insertions(+), 12 deletions(-)
diff --git a/sleekxmpp/xmlstream/xmlstream.py b/sleekxmpp/xmlstream/xmlstream.py
index 7376d56d..8575c65b 100644
--- a/sleekxmpp/xmlstream/xmlstream.py
+++ b/sleekxmpp/xmlstream/xmlstream.py
@@ -511,18 +511,17 @@ class XMLStream(object):
log.debug("Connecting to %s:%s", domain, self.address[1])
self.socket.connect(self.address)
- try:
- self.socket.do_handshake()
- except:
- log.error('CERT: Invalid certificate trust chain.')
- if not self.event_handled('ssl_invalid_chain'):
- self.disconnect(self.auto_reconnect, send_close=False)
- else:
- self.event('ssl_invalid_chain', direct=True)
- return False
-
-
if self.use_ssl and self.ssl_support:
+ try:
+ self.socket.do_handshake()
+ except (Socket.error, ssl.SSLError):
+ log.error('CERT: Invalid certificate trust chain.')
+ if not self.event_handled('ssl_invalid_chain'):
+ self.disconnect(self.auto_reconnect, send_close=False)
+ else:
+ self.event('ssl_invalid_chain', direct=True)
+ return False
+
self._der_cert = self.socket.getpeercert(binary_form=True)
pem_cert = ssl.DER_cert_to_PEM_cert(self._der_cert)
log.debug('CERT: %s', pem_cert)
@@ -802,7 +801,7 @@ class XMLStream(object):
try:
self.socket.do_handshake()
- except:
+ except (Socket.error, ssl.SSLError):
log.error('CERT: Invalid certificate trust chain.')
if not self.event_handled('ssl_invalid_chain'):
self.disconnect(self.auto_reconnect, send_close=False)
--
cgit v1.2.3