src/connection.c: Fix error check for gnutls_priority_set().

[tlsproxy/tlsproxy.git] / src / connection.c

diff --git a/src/connection.c b/src/connection.c
index e4b0b29f1b1575dcefb32518c58eb9ef43f3357e..5c7f7ae600f7813f2691996811ee9d4231112fd8 100644 (file)
--- a/src/connection.c
+++ b/src/connection.c
@@ -199,7 +199,7 @@ void handle_connection(int client_socket) {
      * certificate then just pass through the connection and let the client
      * verify the server certificate. */
     if (global_passthrough_unknown) {
-        char path[1024];
+        char path[TLSPROXY_MAX_PATH_LENGTH];
         FILE *file = NULL;
 
         if (-2 == server_certificate_file(&file, host, path, sizeof(path))) {
@@ -353,7 +353,7 @@ static int initialize_tls_session_client(int peer_socket,
         gnutls_certificate_credentials_t *x509_cred) {
     int result;
     int use_invalid_cert;
-    char path[1024];
+    char path[TLSPROXY_MAX_PATH_LENGTH];
 
     /* The "invalid" hostname is special. If it's used we send an invalid
      * certificate to let the client know something is wrong. */
@@ -470,7 +470,7 @@ gnutls_certificate_allocate_credentials(): %s",
         gnutls_certificate_free_credentials(*x509_cred);
         return -1;
     }
-    gnutls_priority_set(*session, global_tls_priority_cache);
+    result = gnutls_priority_set(*session, global_tls_priority_cache);
     if (GNUTLS_E_SUCCESS != result) {
         LOG(LOG_ERROR,
             "initialize_tls_session_server(): gnutls_priority_set(): %s",