github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

Improve error message when loading pkcs12 file failed

pull/547/head
Tatsuhiro Tsujikawa 2016-01-21 23:13:13 +09:00
parent 9acd322db8
commit aaab5bbc74
2 changed files with 34 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/LibgnutlsTLSContext.cc
View File

@ -111,9 +111,16 @@ bool GnuTLSContext::addP12CredentialFile(const std::string& p12file)
int err = gnutls_certificate_set_x509_simple_pkcs12_mem( int err = gnutls_certificate_set_x509_simple_pkcs12_mem(
certCred_, &data, GNUTLS_X509_FMT_DER, ""); certCred_, &data, GNUTLS_X509_FMT_DER, "");
if (err != GNUTLS_E_SUCCESS) { if (err != GNUTLS_E_SUCCESS) {
if (side_ == TLS_SERVER) {
A2_LOG_ERROR("Failed to import PKCS12 file. " A2_LOG_ERROR("Failed to import PKCS12 file. "
"If you meant to use PEM, you'll also have to specify " "If you meant to use PEM, you'll also have to specify "
"--rpc-private-key. See the manual."); "--rpc-private-key. See the manual.");
}
else {
A2_LOG_ERROR("Failed to import PKCS12 file. "
"If you meant to use PEM, you'll also have to specify "
"--private-key. See the manual.");
}
return false; return false;
} }
return true; return true;

16
src/LibsslTLSContext.cc
View File

@ -203,20 +203,36 @@ bool OpenSSLTLSContext::addP12CredentialFile(const std::string& p12file)
} }
p12_t p12(d2i_PKCS12_bio(bio.get(), nullptr)); p12_t p12(d2i_PKCS12_bio(bio.get(), nullptr));
if (!p12) { if (!p12) {
if (side_ == TLS_SERVER) {
A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. " A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. "
"If you meant to use PEM, you'll also have to specify " "If you meant to use PEM, you'll also have to specify "
"--rpc-private-key. See the manual.", "--rpc-private-key. See the manual.",
ERR_error_string(ERR_get_error(), nullptr))); ERR_error_string(ERR_get_error(), nullptr)));
}
else {
A2_LOG_ERROR(fmt("Failed to open PKCS12 file: %s. "
"If you meant to use PEM, you'll also have to specify "
"--private-key. See the manual.",
ERR_error_string(ERR_get_error(), nullptr)));
}
return false; return false;
} }
EVP_PKEY* pkey; EVP_PKEY* pkey;
X509* cert; X509* cert;
STACK_OF(X509)* ca = nullptr; STACK_OF(X509)* ca = nullptr;
if (!PKCS12_parse(p12.get(), "", &pkey, &cert, &ca)) { if (!PKCS12_parse(p12.get(), "", &pkey, &cert, &ca)) {
if (side_ == TLS_SERVER) {
A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. " A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. "
"If you meant to use PEM, you'll also have to specify " "If you meant to use PEM, you'll also have to specify "
"--rpc-private-key. See the manual.", "--rpc-private-key. See the manual.",
ERR_error_string(ERR_get_error(), nullptr))); ERR_error_string(ERR_get_error(), nullptr)));
}
else {
A2_LOG_ERROR(fmt("Failed to parse PKCS12 file: %s. "
"If you meant to use PEM, you'll also have to specify "
"--private-key. See the manual.",
ERR_error_string(ERR_get_error(), nullptr)));
}
return false; return false;
} }