From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Bin Meng" <bmeng.cn@gmail.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [PATCH 1/2] crypto: check for and report errors setting PSK credentials
Date: Mon, 3 Oct 2022 11:27:17 +0100 [thread overview]
Message-ID: <20221003102718.600058-2-berrange@redhat.com> (raw)
In-Reply-To: <20221003102718.600058-1-berrange@redhat.com>
If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/tlscredspsk.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index a4f9891274..546cad1c5a 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK server credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
gnutls_psk_set_server_dh_params(creds->data.server,
creds->parent_obj.dh_params);
} else {
@@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
- gnutls_psk_set_client_credentials(creds->data.client,
- username, &key, GNUTLS_PSK_KEY_HEX);
+ ret = gnutls_psk_set_client_credentials(creds->data.client,
+ username, &key, GNUTLS_PSK_KEY_HEX);
+ if (ret < 0) {
+ error_setg(errp, "Cannot set PSK client credentials: %s",
+ gnutls_strerror(ret));
+ goto cleanup;
+ }
}
rv = 0;
--
2.37.3
next prev parent reply other threads:[~2022-10-03 10:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-03 10:27 [PATCH 0/2] crypto: fix TLS PSK credentials on Windows platforms Daniel P. Berrangé
2022-10-03 10:27 ` Daniel P. Berrangé [this message]
2022-10-03 13:22 ` [PATCH 1/2] crypto: check for and report errors setting PSK credentials Bin Meng
2022-10-03 13:53 ` Philippe Mathieu-Daudé via
2022-10-03 10:27 ` [PATCH 2/2] tests: avoid DOS line endings in PSK file Daniel P. Berrangé
2022-10-03 13:24 ` Bin Meng
2022-10-03 13:55 ` Philippe Mathieu-Daudé via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221003102718.600058-2-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=bmeng.cn@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.