diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2003-01-14 11:36:31 +0000 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2003-01-14 11:36:31 +0000 |
commit | 9948d4b2b90276ca4e3aa5e3aa338209f9430d1f (patch) | |
tree | d9ddff7bd0be0fcf270633f1aed1e054722bb68e /auth | |
parent | a228e028aa23eaaae736bbe56b9861a951fa73b3 (diff) | |
download | mailutils-9948d4b2b90276ca4e3aa5e3aa338209f9430d1f.tar.gz mailutils-9948d4b2b90276ca4e3aa5e3aa338209f9430d1f.tar.bz2 |
(mu_init_tls_server): Check return value from
gnutls_certificate_set_x509_key_file(). Use gnutls_strerror(),
instead of gnutls_perror(), as the latter confuses mail clients.
(mu_init_tls_libs): Removed useless initialization of the auto
variable.
Diffstat (limited to 'auth')
-rw-r--r-- | auth/tls.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/auth/tls.c b/auth/tls.c index f1a46e050..04836d90b 100644 --- a/auth/tls.c +++ b/auth/tls.c @@ -145,8 +145,7 @@ mu_check_tls_environment (void) int mu_init_tls_libs (void) { - int rs = 1; - rs = gnutls_global_init (); + int rs = gnutls_global_init (); if (rs == 0) /* Reverse for tls_available */ rs = 1; @@ -199,10 +198,15 @@ mu_init_tls_server (int fd_in, int fd_out) gnutls_certificate_set_x509_trust_file (x509_cred, ssl_cafile, GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_file (x509_cred, - ssl_cert, ssl_key, - GNUTLS_X509_FMT_PEM); - + rs = gnutls_certificate_set_x509_key_file (x509_cred, + ssl_cert, ssl_key, + GNUTLS_X509_FMT_PEM); + if (rs < 0) + { + mu_error (_("cannot parse cerificate/key: %s"), gnutls_strerror (rs)); + return 0; + } + generate_dh_params (); gnutls_certificate_set_dh_params (x509_cred, dh_params); @@ -213,8 +217,7 @@ mu_init_tls_server (int fd_in, int fd_out) if (rs < 0) { gnutls_deinit (session); - mu_error (_("TLS/SSL handshake failed!")); - gnutls_perror (rs); + mu_error (_("TLS/SSL handshake failed: %s"), gnutls_strerror (rs)); return 0; /* failed */ } return (gnutls_session) session; |