summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS/SecureTransport')
-rw-r--r--Swiften/TLS/SecureTransport/SecureTransportContext.mm18
1 files changed, 15 insertions, 3 deletions
diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.mm b/Swiften/TLS/SecureTransport/SecureTransportContext.mm
index 970d270..1ed636b 100644
--- a/Swiften/TLS/SecureTransport/SecureTransportContext.mm
+++ b/Swiften/TLS/SecureTransport/SecureTransportContext.mm
@@ -262,11 +262,23 @@ void SecureTransportContext::verifyServerCertificate() {
verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError);
}
break;
- case kSecTrustResultOtherError:
+ case kSecTrustResultInvalid:
verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError);
break;
- default:
- SWIFT_LOG(warning) << "Unhandled trust result " << trustResult << "." << std::endl;
+ case kSecTrustResultConfirm:
+ // TODO: Confirmation from the user is required before proceeding.
+ verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError);
+ break;
+ case kSecTrustResultDeny:
+ // The user specified that the certificate should not be trusted.
+ verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Untrusted);
+ break;
+ case kSecTrustResultFatalTrustFailure:
+ // Trust denied; no simple fix is available.
+ verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError);
+ break;
+ case kSecTrustResultOtherError:
+ verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError);
break;
}