dovecot-2.2: login: If ssl_key parsing fails, log the reason.

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/5bbdfee113a5
changeset: 14791:5bbdfee113a5
user:      Timo Sirainen <tss at iki.fi>
date:      Mon Jul 16 16:49:16 2012 +0300
description:
login: If ssl_key parsing fails, log the reason.

diffstat:

 src/login-common/ssl-proxy-openssl.c |  28 +++++++++++++++-------------
 1 files changed, 15 insertions(+), 13 deletions(-)

diffs (49 lines):

diff -r b4cd382b6606 -r 5bbdfee113a5 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c	Wed Jul 11 19:15:03 2012 +0200
+++ b/src/login-common/ssl-proxy-openssl.c	Mon Jul 16 16:49:16 2012 +0300
@@ -1026,6 +1026,17 @@
 	}
 }
 
+static const char *ssl_key_load_error(void)
+{
+	unsigned long err = ERR_peek_error();
+
+	if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
+	    ERR_GET_REASON(err) == X509_R_KEY_VALUES_MISMATCH)
+		return "Key is for a different cert than ssl_cert";
+	else
+		return ssl_last_error();
+}
+
 static EVP_PKEY *
 ssl_proxy_load_key(const char *key, const char *password)
 {
@@ -1040,23 +1051,14 @@
 	dup_password = t_strdup_noconst(password);
 	pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback,
 				       dup_password);
-	if (pkey == NULL)
-		i_fatal("Couldn't parse private ssl_key");
+	if (pkey == NULL) {
+		i_fatal("Couldn't parse private ssl_key: %s",
+			ssl_key_load_error());
+	}
 	BIO_free(bio);
 	return pkey;
 }
 
-static const char *ssl_key_load_error(void)
-{
-	unsigned long err = ERR_peek_error();
-
-	if (ERR_GET_LIB(err) == ERR_LIB_X509 &&
-	    ERR_GET_REASON(err) == X509_R_KEY_VALUES_MISMATCH)
-		return "Key is for a different cert than ssl_cert";
-	else
-		return ssl_last_error();
-}
-
 static void ssl_proxy_ctx_use_key(SSL_CTX *ctx, const struct login_settings *set)
 {
 	EVP_PKEY *pkey;