3 files changed, 9 insertions, 4 deletions

diff --git a/src/PolarSSL++/BlockingSslClientSocket.cpp b/src/PolarSSL++/BlockingSslClientSocket.cpp
index 821125b31..f5ad2f08c 100644
--- a/src/PolarSSL++/BlockingSslClientSocket.cpp
+++ b/src/PolarSSL++/BlockingSslClientSocket.cpp
@@ -54,19 +54,19 @@ class cBlockingSslClientSocketLinkCallbacks:
 	}
 
 
-	virtual void OnReceivedData(const char * a_Data, size_t a_Length)
+	virtual void OnReceivedData(const char * a_Data, size_t a_Length) override
 	{
 		m_Socket.OnReceivedData(a_Data, a_Length);
 	}
 
 
-	virtual void OnRemoteClosed(void)
+	virtual void OnRemoteClosed(void) override
 	{
 		m_Socket.OnDisconnected();
 	}
 
 
-	virtual void OnError(int a_ErrorCode, const AString & a_ErrorMsg)
+	virtual void OnError(int a_ErrorCode, const AString & a_ErrorMsg) override
 	{
 		m_Socket.OnDisconnected();
 	}
diff --git a/src/PolarSSL++/BlockingSslClientSocket.h b/src/PolarSSL++/BlockingSslClientSocket.h
index 319e82bf2..462ee95a7 100644
--- a/src/PolarSSL++/BlockingSslClientSocket.h
+++ b/src/PolarSSL++/BlockingSslClientSocket.h
@@ -21,6 +21,11 @@ class cBlockingSslClientSocket :
 {
 public:
 	cBlockingSslClientSocket(void);
+
+	~cBlockingSslClientSocket(void)
+	{
+		Disconnect();
+	}
 	
 	/** Connects to the specified server and performs SSL handshake.
 	Returns true if successful, false on failure. Sets internal error text on failure. */
diff --git a/src/PolarSSL++/SslContext.cpp b/src/PolarSSL++/SslContext.cpp
index 4c7fd4a23..5ac4bc227 100644
--- a/src/PolarSSL++/SslContext.cpp
+++ b/src/PolarSSL++/SslContext.cpp
@@ -152,7 +152,7 @@ void cSslContext::SetCACerts(const cX509CertPtr & a_CACert, const AString & a_Ex
 	m_CACerts = a_CACert;
 	
 	// Set the trusted CA root cert store:
-	ssl_set_authmode(&m_Ssl, SSL_VERIFY_OPTIONAL);
+	ssl_set_authmode(&m_Ssl, SSL_VERIFY_REQUIRED);
 	ssl_set_ca_chain(&m_Ssl, m_CACerts->GetInternal(), nullptr, m_ExpectedPeerName.empty() ? nullptr : m_ExpectedPeerName.c_str());
 }