diff options
| author | Brian P. Hinz <bphinz@users.sf.net> | 2017-11-14 20:57:07 -0500 |
|---|---|---|
| committer | Brian P. Hinz <bphinz@users.sf.net> | 2017-11-14 20:57:07 -0500 |
| commit | cab73385bafb146676a7f14e0404bfeb4f9cd1ea (patch) | |
| tree | 22bd63dfd63e4a76a97eee32898b1e4f22dfd4ab /common | |
| parent | 6a7f9082fd783a1b24387cef0755426e90a0402d (diff) | |
| download | tigervnc-cab73385bafb146676a7f14e0404bfeb4f9cd1ea.tar.gz tigervnc-cab73385bafb146676a7f14e0404bfeb4f9cd1ea.zip | |
Move gnutls functions into SSecurityTLS
Diffstat (limited to 'common')
| -rw-r--r-- | common/rfb/SSecurityTLS.cxx | 13 | ||||
| -rw-r--r-- | common/rfb/SSecurityTLS.h | 1 |
2 files changed, 11 insertions, 3 deletions
diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx index b9460223..92ff4b80 100644 --- a/common/rfb/SSecurityTLS.cxx +++ b/common/rfb/SSecurityTLS.cxx @@ -207,9 +207,16 @@ void SSecurityTLS::setParams(gnutls_session_t session) gnutls_certificate_set_dh_params(cert_cred, dh_params); - if (gnutls_certificate_set_x509_key_file(cert_cred, certfile, keyfile, - GNUTLS_X509_FMT_PEM) != GNUTLS_E_SUCCESS) - throw AuthFailureException("load of key failed"); + switch (gnutls_certificate_set_x509_key_file(cert_cred, certfile, keyfile, GNUTLS_X509_FMT_PEM)) { + case GNUTLS_E_SUCCESS: + break; + case GNUTLS_E_CERTIFICATE_KEY_MISMATCH: + throw AuthFailureException("Private key does not match certificate"); + case GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE: + throw AuthFailureException("Unsupported certificate type"); + default: + throw AuthFailureException("Error loading X509 certificate or key"); + } if (gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred) != GNUTLS_E_SUCCESS) diff --git a/common/rfb/SSecurityTLS.h b/common/rfb/SSecurityTLS.h index 30242a24..dafc997c 100644 --- a/common/rfb/SSecurityTLS.h +++ b/common/rfb/SSecurityTLS.h @@ -35,6 +35,7 @@ #include <rdr/InStream.h> #include <rdr/OutStream.h> #include <gnutls/gnutls.h> +#include <gnutls/x509.h> namespace rfb { |