From 184ef94e7e45ff757dbf2d6a5fc269edce5dcc41 Mon Sep 17 00:00:00 2001
From: Markus Triska <triska@metalevel.at>
Date: Tue, 9 Jun 2020 23:01:28 +0200
Subject: [PATCH] ENHANCED: throw Prolog exception on expired certificates

Example:

    ?- socket_client_open('expired.badssl.com':443, S, [tls(true)]).
    caught: error(permission_error(open,source_sink,'expired.badssl.com'),socket_client_open/3)
---
 src/prolog/machine/system_calls.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/prolog/machine/system_calls.rs b/src/prolog/machine/system_calls.rs
index 7d0592bb..887163a0 100644
--- a/src/prolog/machine/system_calls.rs
+++ b/src/prolog/machine/system_calls.rs
@@ -4536,7 +4536,10 @@ impl MachineState {
                                 match tls {
                                   "false" => { Stream::from_tcp_stream(socket_addr, tcp_stream) }
                                   "true" => { let connector = TlsConnector::new().unwrap();
-                                              let stream = connector.connect(socket_atom.as_str(), tcp_stream).unwrap();
+                                              let stream = match connector.connect(socket_atom.as_str(), tcp_stream) {
+                                                    Ok(tls_stream) => { tls_stream }
+                                                    Err(_) => { return Err(self.open_permission_error(addr, "socket_client_open", 3)); }
+                                                   };
 
                                               Stream::from_tls_stream(socket_addr, stream)
                                             }
-- 
2.54.0