gtls: check return code for gnutls_alpn_set_protocols

Closes #8181
author: Daniel Stenberg <daniel@haxx.se> 2021-12-25 21:48:38 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2021-12-26 11:28:23 +0100
commit: 4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa (patch)
tree: 994e626266ec15a5a5063d7c126f09f8596d24a4
parent: 7c1ede7b691abe046af5590b9c52ff59551be33b (diff)
download: curl-4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 2053fd439..3d7c29ebd 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -497,6 +497,7 @@ gtls_connect_step1(struct Curl_easy *data,
   /* use system ca certificate store as fallback */
   if(SSL_CONN_CONFIG(verifypeer) &&
      !(SSL_CONN_CONFIG(CAfile) || SSL_CONN_CONFIG(CApath))) {
+    /* this ignores errors on purpose */
     gnutls_certificate_set_x509_system_trust(backend->cred);
   }
 #endif
@@ -631,7 +632,10 @@ gtls_connect_step1(struct Curl_easy *data,
     cur++;
     infof(data, "ALPN, offering %s", ALPN_HTTP_1_1);
 
-    gnutls_alpn_set_protocols(session, protocols, cur, 0);
+    if(gnutls_alpn_set_protocols(session, protocols, cur, 0)) {
+      failf(data, "failed setting ALPN");
+      return CURLE_SSL_CONNECT_ERROR;
+    }
   }
 
   if(SSL_SET_OPTION(primary.clientcert)) {
author	Daniel Stenberg <daniel@haxx.se>	2021-12-25 21:48:38 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2021-12-26 11:28:23 +0100
commit	4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa (patch)
tree	994e626266ec15a5a5063d7c126f09f8596d24a4
parent	7c1ede7b691abe046af5590b9c52ff59551be33b (diff)
download	curl-4a2ab69ab52e5dbf006533fc509b40d22cfbdbfa.tar.gz