aboutsummaryrefslogtreecommitdiffstats
path: root/netlib/tcp.py
diff options
context:
space:
mode:
Diffstat (limited to 'netlib/tcp.py')
-rw-r--r--netlib/tcp.py11
1 files changed, 9 insertions, 2 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py
index 5c4094d7..77c2a531 100644
--- a/netlib/tcp.py
+++ b/netlib/tcp.py
@@ -65,6 +65,10 @@ class NetLibSSLError(NetLibError):
pass
+class NetLibInvalidCertificateError(NetLibSSLError):
+ pass
+
+
class SSLKeyLogger(object):
def __init__(self, filename):
@@ -517,13 +521,16 @@ class TCPClient(_Connection):
try:
self.connection.do_handshake()
except SSL.Error as v:
- raise NetLibError("SSL handshake error: %s" % repr(v))
+ if self.ssl_verification_error:
+ raise NetLibInvalidCertificateError("SSL handshake error: %s" % repr(v))
+ else:
+ raise NetLibError("SSL handshake error: %s" % repr(v))
# Fix for pre v1.0 OpenSSL, which doesn't throw an exception on
# certificate validation failure
verification_mode = sslctx_kwargs.get('verify_options', None)
if self.ssl_verification_error is not None and verification_mode == SSL.VERIFY_PEER:
- raise NetLibError("SSL handshake error: certificate verify failed")
+ raise NetLibInvalidCertificateError("SSL handshake error: certificate verify failed")
self.ssl_established = True
self.cert = certutils.SSLCert(self.connection.get_peer_certificate())
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-01 00:39:33 +0000