--- gvpe/src/connection.C	2003/09/01 15:52:03	1.16
+++ gvpe/src/connection.C	2003/10/04 13:20:07	1.18
@@ -912,8 +912,8 @@
                 if (0 > RSA_private_decrypt (sizeof (p->encr),
                                              (unsigned char *)&p->encr, (unsigned char *)&k,
                                              ::conf.rsa_key, RSA_PKCS1_OAEP_PADDING))
-                  slog (L_ERR, _("%s(%s): challenge illegal or corrupted"),
-                        conf->nodename, (const char *)rsi);
+                  slog (L_ERR, _("%s(%s): challenge illegal or corrupted (%s). mismatched key or config file?"),
+                        conf->nodename, (const char *)rsi, ERR_error_string (ERR_get_error (), 0));
                 else
                   {
                     delete octx;
@@ -956,7 +956,7 @@
 
               if (!rsa_cache.find (p->id, chg))
                 {
-                  slog (L_ERR, _("%s(%s): unrequested auth response"),
+                  slog (L_ERR, _("%s(%s): unrequested auth response ignored"),
                         conf->nodename, (const char *)rsi);
                   break;
                 }
@@ -965,9 +965,12 @@
                   crypto_ctx *cctx = new crypto_ctx (chg, 0);
 
                   if (!p->hmac_chk (cctx))
-                    slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
-                                   "could be an attack, or just corruption or an synchronization error"),
-                          conf->nodename, (const char *)rsi);
+                    {
+                      slog (L_ERR, _("%s(%s): hmac authentication error on auth response, received invalid packet\n"
+                                     "could be an attack, or just corruption or an synchronization error"),
+                            conf->nodename, (const char *)rsi);
+                      break;
+                    }
                   else
                     {
                       rsaresponse h;