diff options
-rw-r--r-- | lib/vtls/gtls.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 1a41c05d7..1c1cc2f7b 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -663,17 +663,18 @@ gtls_connect_step1(struct connectdata *conn, GNUTLS_PKCS_USE_PKCS12_RC2_40 | GNUTLS_PKCS_USE_PBES2_3DES | GNUTLS_PKCS_USE_PBES2_AES_128 | GNUTLS_PKCS_USE_PBES2_AES_192 | GNUTLS_PKCS_USE_PBES2_AES_256; - if(gnutls_certificate_set_x509_key_file2( + rc = gnutls_certificate_set_x509_key_file2( conn->ssl[sockindex].cred, data->set.str[STRING_CERT], data->set.str[STRING_KEY] ? data->set.str[STRING_KEY] : data->set.str[STRING_CERT], do_file_type(data->set.str[STRING_CERT_TYPE]), data->set.str[STRING_KEY_PASSWD], - supported_key_encryption_algorithms) != - GNUTLS_E_SUCCESS) { + supported_key_encryption_algorithms); + if(rc != GNUTLS_E_SUCCESS) { failf(data, - "error reading X.509 potentially-encrypted key file"); + "error reading X.509 potentially-encrypted key file: %s", + gnutls_strerror(rc)); return CURLE_SSL_CONNECT_ERROR; #else failf(data, "gnutls lacks support for encrypted key files"); @@ -682,14 +683,15 @@ gtls_connect_step1(struct connectdata *conn, } } else { - if(gnutls_certificate_set_x509_key_file( + rc = gnutls_certificate_set_x509_key_file( conn->ssl[sockindex].cred, data->set.str[STRING_CERT], data->set.str[STRING_KEY] ? data->set.str[STRING_KEY] : data->set.str[STRING_CERT], - do_file_type(data->set.str[STRING_CERT_TYPE]) ) != - GNUTLS_E_SUCCESS) { - failf(data, "error reading X.509 key or certificate file"); + do_file_type(data->set.str[STRING_CERT_TYPE]) ); + if(rc != GNUTLS_E_SUCCESS) { + failf(data, "error reading X.509 key or certificate file: %s", + gnutls_strerror(rc)); return CURLE_SSL_CONNECT_ERROR; } } |