ARC: give more detail with "bad signing-spec" message

2 files changed, 4 insertions, 2 deletions

diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt
index 149598ee8..2ed6e3582 100644
--- a/doc/doc-txt/experimental-spec.txt
+++ b/doc/doc-txt/experimental-spec.txt
@@ -799,7 +799,8 @@ arc_sign = <admd-identifier> : <selector> : <privkey>
 An option on the smtp transport, which constructs and prepends to the message
 an ARC set of headers.  The textually-first Authentication-Results: header
 is used as a basis (you must have added one on entry to the ADMD).
-Expanded; if unset, empty or forced-failure then no signing is done.
+Expanded as a whole; if unset, empty or forced-failure then no signing is done.
+If it is set, all three elements must be non-empty.
 
 
 
diff --git a/src/src/arc.c b/src/src/arc.c
index f4ae096bc..eb143b697 100644
--- a/src/src/arc.c
+++ b/src/src/arc.c
@@ -1536,7 +1536,8 @@ selector = string_nextinlist(&signspec, &sep, NULL, 0);
 if (  !*identity | !*selector
    || !(privkey = string_nextinlist(&signspec, &sep, NULL, 0)) || !*privkey)
   {
-  log_write(0, LOG_MAIN|LOG_PANIC, "ARC: bad signing-specification");
+  log_write(0, LOG_MAIN|LOG_PANIC, "ARC: bad signing-specification (%s)",
+    !*identity ? "identity" : !*selector ? "selector" : "private-key");
   return NULL;
   }
 if (*privkey == '/' && !(privkey = expand_file_big_buffer(privkey)))