aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Fandrich <dan@coneharvesters.com>2014-07-13 01:30:52 +0200
committerDan Fandrich <dan@coneharvesters.com>2014-07-13 01:32:11 +0200
commit425459b8ae8ab9ef5344493d54eadd8e735b928d (patch)
tree94f0b8a8fb9696956aa2ae4e57f7b229f1fbb3e2
parent763c51780c0830983ee75d66d516d65911b0e96a (diff)
gnutls: improved error message if setting cipher list fails
Reported-by: David Woodhouse
-rw-r--r--lib/vtls/gtls.c18
1 files changed, 11 insertions, 7 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index a2934838c..3bdd28547 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -386,7 +386,7 @@ gtls_connect_step1(struct connectdata *conn,
#else
#define GNUTLS_CIPHERS "NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509"
const char* prioritylist;
- const char *err;
+ const char *err = NULL;
#endif
#ifdef HAS_ALPN
int protocols_size = 2;
@@ -543,6 +543,11 @@ gtls_connect_step1(struct connectdata *conn,
break;
}
rc = gnutls_protocol_set_priority(session, protocol_priority);
+ if(rc != GNUTLS_E_SUCCESS) {
+ failf(data, "Did you pass a valid GnuTLS cipher list?");
+ return CURLE_SSL_CONNECT_ERROR;
+ }
+
#else
switch (data->set.ssl.version) {
case CURL_SSLVERSION_SSLv3:
@@ -572,6 +577,11 @@ gtls_connect_step1(struct connectdata *conn,
break;
}
rc = gnutls_priority_set_direct(session, prioritylist, &err);
+ if(rc != GNUTLS_E_SUCCESS) {
+ failf(data, "Error %d setting GnuTLS cipher list starting with %s",
+ rc, err);
+ return CURLE_SSL_CONNECT_ERROR;
+ }
#endif
#ifdef HAS_ALPN
@@ -591,12 +601,6 @@ gtls_connect_step1(struct connectdata *conn,
}
#endif
- if(rc != GNUTLS_E_SUCCESS) {
- failf(data, "Did you pass a valid GnuTLS cipher list?");
- return CURLE_SSL_CONNECT_ERROR;
- }
-
-
if(data->set.str[STRING_CERT]) {
if(gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred,