diff options
author | Daniel Stenberg <daniel@haxx.se> | 2021-12-25 21:48:38 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-12-26 11:28:23 +0100 |
commit | 4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa (patch) | |
tree | 994e626266ec15a5a5063d7c126f09f8596d24a4 | |
parent | 7c1ede7b691abe046af5590b9c52ff59551be33b (diff) | |
download | curl-4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa.tar.gz |
gtls: check return code for gnutls_alpn_set_protocols
Closes #8181
-rw-r--r-- | lib/vtls/gtls.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 2053fd439..3d7c29ebd 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -497,6 +497,7 @@ gtls_connect_step1(struct Curl_easy *data, /* use system ca certificate store as fallback */ if(SSL_CONN_CONFIG(verifypeer) && !(SSL_CONN_CONFIG(CAfile) || SSL_CONN_CONFIG(CApath))) { + /* this ignores errors on purpose */ gnutls_certificate_set_x509_system_trust(backend->cred); } #endif @@ -631,7 +632,10 @@ gtls_connect_step1(struct Curl_easy *data, cur++; infof(data, "ALPN, offering %s", ALPN_HTTP_1_1); - gnutls_alpn_set_protocols(session, protocols, cur, 0); + if(gnutls_alpn_set_protocols(session, protocols, cur, 0)) { + failf(data, "failed setting ALPN"); + return CURLE_SSL_CONNECT_ERROR; + } } if(SSL_SET_OPTION(primary.clientcert)) { |