}
int err = gnutls_init(&tls->session, GNUTLS_SERVER | GNUTLS_NONBLOCK);
- if (err < 0) {
+ if (err != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] gnutls_init(): %s (%d)\n", gnutls_strerror_name(err), err);
tls_free(tls);
return NULL;
}
tls->credentials = tls_credentials_reserve(net->tls_credentials);
err = gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->credentials->credentials);
- if (err < 0) {
+ if (err != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] gnutls_credentials_set(): %s (%d)\n", gnutls_strerror_name(err), err);
tls_free(tls);
return NULL;
}
const char *errpos = NULL;
err = gnutls_priority_set_direct(tls->session, priorities, &errpos);
- if (err < 0) {
+ if (err != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] setting priority '%s' failed at character %zd (...'%s') with %s (%d)\n",
priorities, errpos - priorities, errpos, gnutls_strerror_name(err), err);
tls_free(tls);
tls_p->handshake_done = true;
} else if (err == GNUTLS_E_AGAIN) {
return 0; /* No data, bail out */
- } else if (err < 0 && gnutls_error_is_fatal(err)) {
+ } else if (gnutls_error_is_fatal(err)) {
return kr_error(err);
}
}
gnutls_pubkey_t key;
gnutls_datum_t datum = { .size = 0 };
- if ((err = gnutls_pubkey_init(&key)) < 0) {
+ if ((err = gnutls_pubkey_init(&key)) != GNUTLS_E_SUCCESS) {
return err;
}
int err;
time_t ret = GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION;
- if ((err = gnutls_certificate_get_crt_raw(creds, 0, 0, &data)) < 0) {
+ if ((err = gnutls_certificate_get_crt_raw(creds, 0, 0, &data)) != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] failed to get cert to check expiration: (%d) %s\n",
err, gnutls_strerror_name(err));
goto done;
}
- if ((err = gnutls_x509_crt_init(&cert)) < 0) {
+ if ((err = gnutls_x509_crt_init(&cert)) != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] failed to initialize cert: (%d) %s\n",
err, gnutls_strerror_name(err));
goto done;
}
- if ((err = gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_DER)) < 0) {
+ if ((err = gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_DER)) != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] failed to construct cert while checking expiration: (%d) %s\n",
err, gnutls_strerror_name(err));
goto done;
}
int err = 0;
- if ((err = gnutls_certificate_allocate_credentials(&tls_credentials->credentials)) < 0) {
+ if ((err = gnutls_certificate_allocate_credentials(&tls_credentials->credentials)) != GNUTLS_E_SUCCESS) {
kr_log_error("[tls] gnutls_certificate_allocate_credentials() failed: (%d) %s\n",
err, gnutls_strerror_name(err));
tls_credentials_free(tls_credentials);
}
if ((err = gnutls_certificate_set_x509_key_file(tls_credentials->credentials,
- tls_cert, tls_key, GNUTLS_X509_FMT_PEM)) < 0) {
+ tls_cert, tls_key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS) {
tls_credentials_free(tls_credentials);
kr_log_error("[tls] gnutls_certificate_set_x509_key_file(%s,%s) failed: %d (%s)\n",
tls_cert, tls_key, err, gnutls_strerror_name(err));
ctx->handshake_state = TLS_HS_DONE;
} else if (err == GNUTLS_E_AGAIN) {
return 0;
- } else if (err < 0 && gnutls_error_is_fatal(err)) {
+ } else if (gnutls_error_is_fatal(err)) {
kr_log_error("[tls_client] gnutls_handshake failed: %s (%d)\n",
gnutls_strerror_name(err), err);
if (ctx->handshake_cb) {
projects / thirdparty / knot-resolver.git / commitdiff
