1. Patchew
  2. QEMU
  3. [PATCH 0/2] crypto: fix TLS PSK credentials on Windows platforms
  4. View patch

[PATCH 1/2] crypto: check for and report errors setting PSK credentials

Daniel P. Berrangé posted 2 patches 1 year, 11 months ago
Maintainers: "Daniel P. Berrangé" <berrange@redhat.com>
[PATCH 1/2] crypto: check for and report errors setting PSK credentials
Posted by Daniel P. Berrangé 1 year, 11 months ago 
If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/tlscredspsk.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index a4f9891274..546cad1c5a 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
             goto cleanup;
         }
 
-        gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+        ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+        if (ret < 0) {
+            error_setg(errp, "Cannot set PSK server credentials: %s",
+                       gnutls_strerror(ret));
+            goto cleanup;
+        }
         gnutls_psk_set_server_dh_params(creds->data.server,
                                         creds->parent_obj.dh_params);
     } else {
@@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
             goto cleanup;
         }
 
-        gnutls_psk_set_client_credentials(creds->data.client,
-                                          username, &key, GNUTLS_PSK_KEY_HEX);
+        ret = gnutls_psk_set_client_credentials(creds->data.client,
+                                                username, &key, GNUTLS_PSK_KEY_HEX);
+        if (ret < 0) {
+            error_setg(errp, "Cannot set PSK client credentials: %s",
+                       gnutls_strerror(ret));
+            goto cleanup;
+        }
     }
 
     rv = 0;
-- 
2.37.3
Re: [PATCH 1/2] crypto: check for and report errors setting PSK credentials
Posted by Philippe Mathieu-Daudé via 1 year, 11 months ago 
On 3/10/22 12:27, Daniel P. Berrangé wrote:
> If setting credentials fails, the handshake will later fail to complete
> with an obscure error message which is hard to diagnose.
> 
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>   crypto/tlscredspsk.c | 16 +++++++++++++---
>   1 file changed, 13 insertions(+), 3 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Re: [PATCH 1/2] crypto: check for and report errors setting PSK credentials
Posted by Bin Meng 1 year, 11 months ago 
On Mon, Oct 3, 2022 at 6:27 PM Daniel P. Berrangé <berrange@redhat.com> wrote:
>
> If setting credentials fails, the handshake will later fail to complete
> with an obscure error message which is hard to diagnose.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  crypto/tlscredspsk.c | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)
>

Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.