aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrangé <berrange@redhat.com>2022-09-28 15:56:42 +0100
committerDaniel P. Berrangé <berrange@redhat.com>2022-10-27 11:55:41 +0100
commit3983bf1b41cefcf553a2c6316f767367d6977b51 (patch)
tree95d0317e4cb12349f60e1e850764c965eb9e97a5
parentdd84a906e061550daaedea6ce88762f1839253ab (diff)
crypto: check for and report errors setting PSK credentials
If setting credentials fails, the handshake will later fail to complete with an obscure error message which is hard to diagnose. Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
-rw-r--r--crypto/tlscredspsk.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index a4f9891274..546cad1c5a 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK server credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
gnutls_psk_set_server_dh_params(creds->data.server,
creds->parent_obj.dh_params);
} else {
@@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_client_credentials(creds->data.client,
- username, &key, GNUTLS_PSK_KEY_HEX);
+ ret = gnutls_psk_set_client_credentials(creds->data.client,
+ username, &key, GNUTLS_PSK_KEY_HEX);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK client credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
}
rv = 0;