Inicio Explorar Axuda
Rexistro Iniciar sesión
hebinlong
/
aria2
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Improve error message when loading pkcs12 file failed

Tatsuhiro Tsujikawa %!s(int64=9) %!d(string=hai) anos
pai
9acd322db8
achega
aaab5bbc74
Modificáronse 2 ficheiros con 34 adicións e 11 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 10 3
      src/LibgnutlsTLSContext.cc
  2. 24 8
      src/LibsslTLSContext.cc

+ 10 - 3
src/LibgnutlsTLSContext.cc
Ver ficheiro 

@@ -111,9 +111,16 @@ bool GnuTLSContext::addP12CredentialFile(const std::string& p12file)
 
   int err = gnutls_certificate_set_x509_simple_pkcs12_mem(
 
       certCred_, &data, GNUTLS_X509_FMT_DER, "");
 
   if (err != GNUTLS_E_SUCCESS) {
 
-    A2_LOG_ERROR("Failed to import PKCS12 file. "
 
-                 "If you meant to use PEM, you'll also have to specify "
 
-                 "--rpc-private-key. See the manual.");
 
+    if (side_ == TLS_SERVER) {
 
+      A2_LOG_ERROR("Failed to import PKCS12 file. "
 
+                   "If you meant to use PEM, you'll also have to specify "
 
+                   "--rpc-private-key. See the manual.");
 
+    }
 
+    else {
 
+      A2_LOG_ERROR("Failed to import PKCS12 file. "
 
+                   "If you meant to use PEM, you'll also have to specify "
 
+                   "--private-key. See the manual.");
 
+    }
 
     return false;
 
   }
 
   return true;

+ 24 - 8
src/LibsslTLSContext.cc
Ver ficheiro 

@@ -203,20 +203,36 @@ bool OpenSSLTLSContext::addP12CredentialFile(const std::string& p12file)
 
   }
 
   p12_t p12(d2i_PKCS12_bio(bio.get(), nullptr));
 
   if (!p12) {
 
-    A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. "
 
-                     "If you meant to use PEM, you'll also have to specify "
 
-                     "--rpc-private-key. See the manual.",
 
-                     ERR_error_string(ERR_get_error(), nullptr)));
 
+    if (side_ == TLS_SERVER) {
 
+      A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. "
 
+                       "If you meant to use PEM, you'll also have to specify "
 
+                       "--rpc-private-key. See the manual.",
 
+                       ERR_error_string(ERR_get_error(), nullptr)));
 
+    }
 
+    else {
 
+      A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. "
 
+                       "If you meant to use PEM, you'll also have to specify "
 
+                       "--private-key. See the manual.",
 
+                       ERR_error_string(ERR_get_error(), nullptr)));
 
+    }
 
     return false;
 
   }
 
   EVP_PKEY* pkey;
 
   X509* cert;
 
   STACK_OF(X509)* ca = nullptr;
 
   if (!PKCS12_parse(p12.get(), "", &pkey, &cert, &ca)) {
 
-    A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. "
 
-                     "If you meant to use PEM, you'll also have to specify "
 
-                     "--rpc-private-key. See the manual.",
 
-                     ERR_error_string(ERR_get_error(), nullptr)));
 
+    if (side_ == TLS_SERVER) {
 
+      A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. "
 
+                       "If you meant to use PEM, you'll also have to specify "
 
+                       "--rpc-private-key. See the manual.",
 
+                       ERR_error_string(ERR_get_error(), nullptr)));
 
+    }
 
+    else {
 
+      A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. "
 
+                       "If you meant to use PEM, you'll also have to specify "
 
+                       "--private-key. See the manual.",
 
+                       ERR_error_string(ERR_get_error(), nullptr)));
 
+    }
 
     return false;
 
   }