From 7585e8790a96c1c5629b6b072722f97c932ccb44 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= <petr.spacek@nic.cz>
Date: Thu, 18 Jan 2018 14:11:16 +0100
Subject: [PATCH] TLS client: fix certificate loading from file

gnutls_certificate_set_x509_trust_file could theoretically return 0
to indicate nothing was read, so we need to check for this as well.
---
 daemon/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/daemon/tls.c b/daemon/tls.c
index 7c92be92a..cf1080720 100644
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -620,7 +620,7 @@ int tls_client_params_set(map_t *tls_client_paramlist,
 			} else {
 				int res = gnutls_certificate_set_x509_trust_file(entry->credentials, value,
 										 GNUTLS_X509_FMT_PEM);
-				if (res < 0) {
+				if (res <= 0) {
 					kr_log_error("[tls_client] failed to import certificate file '%s' (%s)\n",
 						     value, gnutls_strerror_name(res));
 					/* value will be freed at cleanup */
-- 
GitLab