diff options
author | Daniel P. Berrangé <berrange@redhat.com> | 2022-09-28 15:56:42 +0100 |
---|---|---|
committer | Daniel P. Berrangé <berrange@redhat.com> | 2022-10-27 11:55:41 +0100 |
commit | 3983bf1b41cefcf553a2c6316f767367d6977b51 (patch) | |
tree | 95d0317e4cb12349f60e1e850764c965eb9e97a5 | |
parent | dd84a906e061550daaedea6ce88762f1839253ab (diff) |
crypto: check for and report errors setting PSK credentials
If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
-rw-r--r-- | crypto/tlscredspsk.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c index a4f9891274..546cad1c5a 100644 --- a/crypto/tlscredspsk.c +++ b/crypto/tlscredspsk.c @@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds, goto cleanup; } - gnutls_psk_set_server_credentials_file(creds->data.server, pskfile); + ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile); + if (ret < 0) { + error_setg(errp, "Cannot set PSK server credentials: %s", + gnutls_strerror(ret)); + goto cleanup; + } gnutls_psk_set_server_dh_params(creds->data.server, creds->parent_obj.dh_params); } else { @@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds, goto cleanup; } - gnutls_psk_set_client_credentials(creds->data.client, - username, &key, GNUTLS_PSK_KEY_HEX); + ret = gnutls_psk_set_client_credentials(creds->data.client, + username, &key, GNUTLS_PSK_KEY_HEX); + if (ret < 0) { + error_setg(errp, "Cannot set PSK client credentials: %s", + gnutls_strerror(ret)); + goto cleanup; + } } rv = 0; |