SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto: check for and report errors setting PSK credentials

Browse Source 
If setting credentials fails, the handshake will later fail to complete
with an obscure error message which is hard to diagnose.

Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2022-09-28 15:56:42 +01:00
parent dd84a906e0
commit 3983bf1b41
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
crypto/tlscredspsk.c
View File

@ -109,7 +109,12 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
ret = gnutls_psk_set_server_credentials_file(creds->data.server, pskfile);
if (ret < 0) {
error_setg(errp, "Cannot set PSK server credentials: %s",
gnutls_strerror(ret));
goto cleanup;
}
gnutls_psk_set_server_dh_params(creds->data.server,
creds->parent_obj.dh_params);
} else {
@ -135,8 +140,13 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
goto cleanup;
}
gnutls_psk_set_client_credentials(creds->data.client,
username, &key, GNUTLS_PSK_KEY_HEX);
ret = gnutls_psk_set_client_credentials(creds->data.client,
username, &key, GNUTLS_PSK_KEY_HEX);
if (ret < 0) {
error_setg(errp, "Cannot set PSK client credentials: %s",
gnutls_strerror(ret));
goto cleanup;
}
}
rv = 0;