diff options
author | Daniel Stenberg <daniel@haxx.se> | 2021-12-25 21:48:38 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-12-25 21:48:38 +0100 |
commit | 4c9d3861ef9921bff73b9bd20e01d9ba9a72a2ab (patch) | |
tree | 45a03de43c5f6dc398d94433d67caf007926d4c4 | |
parent | d4492b6d125d31ef5c74e4deb6786896606b70cc (diff) | |
download | curl-bagder/gtls-return-check.tar.gz |
gtls: check return code for gnutls_alpn_set_protocolsbagder/gtls-return-check
-rw-r--r-- | lib/vtls/gtls.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 2053fd439..3d7c29ebd 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -497,6 +497,7 @@ gtls_connect_step1(struct Curl_easy *data, /* use system ca certificate store as fallback */ if(SSL_CONN_CONFIG(verifypeer) && !(SSL_CONN_CONFIG(CAfile) || SSL_CONN_CONFIG(CApath))) { + /* this ignores errors on purpose */ gnutls_certificate_set_x509_system_trust(backend->cred); } #endif @@ -631,7 +632,10 @@ gtls_connect_step1(struct Curl_easy *data, cur++; infof(data, "ALPN, offering %s", ALPN_HTTP_1_1); - gnutls_alpn_set_protocols(session, protocols, cur, 0); + if(gnutls_alpn_set_protocols(session, protocols, cur, 0)) { + failf(data, "failed setting ALPN"); + return CURLE_SSL_CONNECT_ERROR; + } } if(SSL_SET_OPTION(primary.clientcert)) { |