summaryrefslogtreecommitdiffstats
path: root/src/PolarSSL++
diff options
context:
space:
mode:
Diffstat (limited to 'src/PolarSSL++')
-rw-r--r--src/PolarSSL++/BlockingSslClientSocket.cpp6
-rw-r--r--src/PolarSSL++/BlockingSslClientSocket.h5
-rw-r--r--src/PolarSSL++/SslContext.cpp2
3 files changed, 9 insertions, 4 deletions
diff --git a/src/PolarSSL++/BlockingSslClientSocket.cpp b/src/PolarSSL++/BlockingSslClientSocket.cpp
index 821125b31..f5ad2f08c 100644
--- a/src/PolarSSL++/BlockingSslClientSocket.cpp
+++ b/src/PolarSSL++/BlockingSslClientSocket.cpp
@@ -54,19 +54,19 @@ class cBlockingSslClientSocketLinkCallbacks:
}
- virtual void OnReceivedData(const char * a_Data, size_t a_Length)
+ virtual void OnReceivedData(const char * a_Data, size_t a_Length) override
{
m_Socket.OnReceivedData(a_Data, a_Length);
}
- virtual void OnRemoteClosed(void)
+ virtual void OnRemoteClosed(void) override
{
m_Socket.OnDisconnected();
}
- virtual void OnError(int a_ErrorCode, const AString & a_ErrorMsg)
+ virtual void OnError(int a_ErrorCode, const AString & a_ErrorMsg) override
{
m_Socket.OnDisconnected();
}
diff --git a/src/PolarSSL++/BlockingSslClientSocket.h b/src/PolarSSL++/BlockingSslClientSocket.h
index 319e82bf2..462ee95a7 100644
--- a/src/PolarSSL++/BlockingSslClientSocket.h
+++ b/src/PolarSSL++/BlockingSslClientSocket.h
@@ -21,6 +21,11 @@ class cBlockingSslClientSocket :
{
public:
cBlockingSslClientSocket(void);
+
+ ~cBlockingSslClientSocket(void)
+ {
+ Disconnect();
+ }
/** Connects to the specified server and performs SSL handshake.
Returns true if successful, false on failure. Sets internal error text on failure. */
diff --git a/src/PolarSSL++/SslContext.cpp b/src/PolarSSL++/SslContext.cpp
index 4c7fd4a23..5ac4bc227 100644
--- a/src/PolarSSL++/SslContext.cpp
+++ b/src/PolarSSL++/SslContext.cpp
@@ -152,7 +152,7 @@ void cSslContext::SetCACerts(const cX509CertPtr & a_CACert, const AString & a_Ex
m_CACerts = a_CACert;
// Set the trusted CA root cert store:
- ssl_set_authmode(&m_Ssl, SSL_VERIFY_OPTIONAL);
+ ssl_set_authmode(&m_Ssl, SSL_VERIFY_REQUIRED);
ssl_set_ca_chain(&m_Ssl, m_CACerts->GetInternal(), nullptr, m_ExpectedPeerName.empty() ? nullptr : m_ExpectedPeerName.c_str());
}