aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/vtls/gtls.c18
1 files changed, 10 insertions, 8 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 1a41c05d7..1c1cc2f7b 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -663,17 +663,18 @@ gtls_connect_step1(struct connectdata *conn,
GNUTLS_PKCS_USE_PKCS12_RC2_40 | GNUTLS_PKCS_USE_PBES2_3DES |
GNUTLS_PKCS_USE_PBES2_AES_128 | GNUTLS_PKCS_USE_PBES2_AES_192 |
GNUTLS_PKCS_USE_PBES2_AES_256;
- if(gnutls_certificate_set_x509_key_file2(
+ rc = gnutls_certificate_set_x509_key_file2(
conn->ssl[sockindex].cred,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
do_file_type(data->set.str[STRING_CERT_TYPE]),
data->set.str[STRING_KEY_PASSWD],
- supported_key_encryption_algorithms) !=
- GNUTLS_E_SUCCESS) {
+ supported_key_encryption_algorithms);
+ if(rc != GNUTLS_E_SUCCESS) {
failf(data,
- "error reading X.509 potentially-encrypted key file");
+ "error reading X.509 potentially-encrypted key file: %s",
+ gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
#else
failf(data, "gnutls lacks support for encrypted key files");
@@ -682,14 +683,15 @@ gtls_connect_step1(struct connectdata *conn,
}
}
else {
- if(gnutls_certificate_set_x509_key_file(
+ rc = gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
- do_file_type(data->set.str[STRING_CERT_TYPE]) ) !=
- GNUTLS_E_SUCCESS) {
- failf(data, "error reading X.509 key or certificate file");
+ do_file_type(data->set.str[STRING_CERT_TYPE]) );
+ if(rc != GNUTLS_E_SUCCESS) {
+ failf(data, "error reading X.509 key or certificate file: %s",
+ gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
}