Merge pull request #7903 from Habbie/dnsdist-doc-nits

[thirdparty/pdns.git] / pdns / dnssecinfra.cc

diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc
index 186463d740832b90fabfc82c634118f23866472d..233b228b12cff44b102d995a26850f41b51f37d1 100644 (file)
--- a/pdns/dnssecinfra.cc
+++ b/pdns/dnssecinfra.cc
@@ -52,18 +52,25 @@ using namespace boost::assign;
 shared_ptr<DNSCryptoKeyEngine> DNSCryptoKeyEngine::makeFromISCFile(DNSKEYRecordContent& drc, const char* fname)
 {
   string sline, isc;
-  FILE *fp=fopen(fname, "r");
+  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fopen(fname, "r"), fclose);
   if(!fp) {
     throw runtime_error("Unable to read file '"+string(fname)+"' for generating DNS Private Key");
   }
   
-  while(stringfgets(fp, sline)) {
+  while(stringfgets(fp.get(), sline)) {
     isc += sline;
   }
-  fclose(fp);
+  fp.reset();
+
   shared_ptr<DNSCryptoKeyEngine> dke = makeFromISCString(drc, isc);
-  if(!dke->checkKey()) {
-    throw runtime_error("Invalid DNS Private Key in file '"+string(fname));
+  vector<string> checkKeyErrors;
+
+  if(!dke->checkKey(&checkKeyErrors)) {
+    string reason;
+    if(checkKeyErrors.size()) {
+      reason = " ("+boost::algorithm::join(checkKeyErrors, ", ")+")";
+    }
+    throw runtime_error("Invalid DNS Private Key in file '"+string(fname)+"'"+reason);
   }
   return dke;
 }