diff options
| author | Philip Hazel <ph10@hermes.cam.ac.uk> | 2004-11-25 10:26:04 +0000 |
|---|---|---|
| committer | Philip Hazel <ph10@hermes.cam.ac.uk> | 2004-11-25 10:26:04 +0000 |
| commit | de365dedeec38c30d7ff318eb6505d323e8a4411 (patch) | |
| tree | 9de4ad434ef2e8e83d1527205d1fafc2142a2a59 | |
| parent | 51a0ece14d610b73162eb330bef9c92fb5ce40aa (diff) | |
| download | exim4-de365dedeec38c30d7ff318eb6505d323e8a4411.tar.gz | |
Expand error message when GnuTLS has problems setting up cert/key files.
| -rw-r--r-- | doc/doc-txt/ChangeLog | 6 | ||||
| -rw-r--r-- | src/src/tls-gnu.c | 9 |
2 files changed, 12 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index d223383ba..cd5fe9821 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.39 2004/11/24 16:14:50 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.40 2004/11/25 10:26:04 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -172,6 +172,10 @@ Exim version 4.44 40. When running the queue in the test harness, wait just a tad after forking a delivery process, to get repeatability of debugging output. +41. Include certificate and key file names in error message when GnuTLS fails + to set them up, because the GnuTLS error message doesn't include the name + of the failing file when there is a problem reading it. + Exim version 4.43 ----------------- diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 14a11ed56..ade383e42 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/tls-gnu.c,v 1.1 2004/10/07 10:39:01 ph10 Exp $ */ +/* $Cambridge: exim/src/src/tls-gnu.c,v 1.2 2004/11/25 10:26:04 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -461,7 +461,12 @@ if (cert_expanded != NULL) cert_expanded, key_expanded); rc = gnutls_certificate_set_x509_key_file(x509_cred, CS cert_expanded, CS key_expanded, GNUTLS_X509_FMT_PEM); - if (rc < 0) return tls_error(US"cert/key setup", host, rc); + if (rc < 0) + { + uschar *msg = string_sprintf("cert/key setup: cert=%s key=%s", + cert_expanded, key_expanded); + return tls_error(msg, host, rc); + } } /* A certificate is mandatory in a server, but not in a client */ |