dovecot-2.2: login: If ssl_key parsing fails, log the reason.
dovecot at dovecot.org
dovecot at dovecot.org
Fri Aug 10 05:24:40 EEST 2012
details: http://hg.dovecot.org/dovecot-2.2/rev/5bbdfee113a5
changeset: 14791:5bbdfee113a5
user: Timo Sirainen <tss at iki.fi>
date: Mon Jul 16 16:49:16 2012 +0300
description:
login: If ssl_key parsing fails, log the reason.
diffstat:
src/login-common/ssl-proxy-openssl.c | 28 +++++++++++++++-------------
1 files changed, 15 insertions(+), 13 deletions(-)
diffs (49 lines):
diff -r b4cd382b6606 -r 5bbdfee113a5 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Wed Jul 11 19:15:03 2012 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Mon Jul 16 16:49:16 2012 +0300
@@ -1026,6 +1026,17 @@
}
}
+static const char *ssl_key_load_error(void)
+{
+ unsigned long err = ERR_peek_error();
+
+ if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+ ERR_GET_REASON(err) == X509_R_KEY_VALUES_MISMATCH)
+ return "Key is for a different cert than ssl_cert";
+ else
+ return ssl_last_error();
+}
+
static EVP_PKEY *
ssl_proxy_load_key(const char *key, const char *password)
{
@@ -1040,23 +1051,14 @@
dup_password = t_strdup_noconst(password);
pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback,
dup_password);
- if (pkey == NULL)
- i_fatal("Couldn't parse private ssl_key");
+ if (pkey == NULL) {
+ i_fatal("Couldn't parse private ssl_key: %s",
+ ssl_key_load_error());
+ }
BIO_free(bio);
return pkey;
}
-static const char *ssl_key_load_error(void)
-{
- unsigned long err = ERR_peek_error();
-
- if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
- ERR_GET_REASON(err) == X509_R_KEY_VALUES_MISMATCH)
- return "Key is for a different cert than ssl_cert";
- else
- return ssl_last_error();
-}
-
static void ssl_proxy_ctx_use_key(SSL_CTX *ctx, const struct login_settings *set)
{
EVP_PKEY *pkey;
More information about the dovecot-cvs
mailing list