If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/tlscredspsk.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index a4f9891274..546cad1c5a 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK server credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
gnutls_psk_set_server_dh_params(creds->data.server,
creds->parent_obj.dh_params);
} else {
@@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_client_credentials(creds->data.client,
- username, &key, GNUTLS_PSK_KEY_HEX);
+ ret = gnutls_psk_set_client_credentials(creds->data.client,
+ username, &key, GNUTLS_PSK_KEY_HEX);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK client credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
}
rv = 0;
--
2.37.3
On 3/10/22 12:27, Daniel P. Berrangé wrote: > If setting credentials fails, the handshake will later fail to complete > with an obscure error message which is hard to diagnose. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > crypto/tlscredspsk.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
On Mon, Oct 3, 2022 at 6:27 PM Daniel P. Berrangé <berrange@redhat.com> wrote: > > If setting credentials fails, the handshake will later fail to complete > with an obscure error message which is hard to diagnose. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > crypto/tlscredspsk.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) > Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
© 2016 - 2024 Red Hat, Inc.