Check for SSL_CTX_set_default_verify_paths return code.

GitOrigin-RevId: 9f282b9c8ea7290588d45e310e667c05742041e9
2018-08-29 16:07:34 +03:00 · 2018-08-29 16:07:34 +03:00 · cb165adf7c
commit cb165adf7c
parent 8079285e5c
1 changed files with 8 additions and 2 deletions
--- a/tdnet/td/net/SslStream.cpp
+++ b/tdnet/td/net/SslStream.cpp
@ -267,9 +267,15 @@ class SslStreamImpl {
      } else {
        LOG(ERROR) << "Failed to open system certificate store";
      }
-
 #else
-      SSL_CTX_set_default_verify_paths(ssl_ctx);
+      if (SSL_CTX_set_default_verify_paths(ssl_ctx) == 0) {
+        auto error = create_openssl_error(-8, "Failed to load default verify paths");
+        if (verify_peer == VerifyPeer::On) {
+          return error;
+        } else {
+          LOG(ERROR) << error;
+        }
+      }
 #endif
    } else {
      if (SSL_CTX_load_verify_locations(ssl_ctx, cert_file.c_str(), nullptr) == 0) {