diff options
| author | Brian Hinz <bphinz@users.sourceforge.net> | 2017-11-15 08:40:57 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-11-15 08:40:57 -0500 |
| commit | bbbd12017235540659c14eb888a0687ecafa7157 (patch) | |
| tree | a458c93516d43bf31a6d6b26328c417b01ad6fe7 /common/rfb | |
| parent | 84d578edbb048023e10e5e2522609772093d4ed7 (diff) | |
| parent | 4b9b89730defae2f17df4400da819be799af1c7a (diff) | |
| download | tigervnc-bbbd12017235540659c14eb888a0687ecafa7157.tar.gz tigervnc-bbbd12017235540659c14eb888a0687ecafa7157.zip | |
Merge pull request #500 from bphinz/issue106-rebase
Hook up the "Load X.509 Cert/Key" dialogs in winvnc. Fixes #106
Diffstat (limited to 'common/rfb')
| -rw-r--r-- | common/rfb/SSecurityTLS.cxx | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx index b9460223..5576a060 100644 --- a/common/rfb/SSecurityTLS.cxx +++ b/common/rfb/SSecurityTLS.cxx @@ -35,6 +35,7 @@ #include <rfb/Exception.h> #include <rdr/TLSInStream.h> #include <rdr/TLSOutStream.h> +#include <gnutls/x509.h> #define DH_BITS 1024 /* XXX This should be configurable! */ @@ -207,9 +208,16 @@ void SSecurityTLS::setParams(gnutls_session_t session) gnutls_certificate_set_dh_params(cert_cred, dh_params); - if (gnutls_certificate_set_x509_key_file(cert_cred, certfile, keyfile, - GNUTLS_X509_FMT_PEM) != GNUTLS_E_SUCCESS) - throw AuthFailureException("load of key failed"); + switch (gnutls_certificate_set_x509_key_file(cert_cred, certfile, keyfile, GNUTLS_X509_FMT_PEM)) { + case GNUTLS_E_SUCCESS: + break; + case GNUTLS_E_CERTIFICATE_KEY_MISMATCH: + throw AuthFailureException("Private key does not match certificate"); + case GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE: + throw AuthFailureException("Unsupported certificate type"); + default: + throw AuthFailureException("Error loading X509 certificate or key"); + } if (gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred) != GNUTLS_E_SUCCESS) |