if (session == NULL || r != 0)
return FALSE;
-#if GNUTLS_VERSION_NUMBER < 0x030003
- gnutls_transport_set_lowat (session, 0);
-#endif
if (method == 0)
gnutls_priority_set_direct(session, "NORMAL:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-TLS1.2", NULL);
else
}
gnutls_certificate_set_verify_flags (xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
- gnutls_transport_set_ptr(session, (gnutls_transport_ptr) sockinfo->sock);
+ gnutls_transport_set_ptr(session, (gnutls_transport_ptr) GINT_TO_POINTER(sockinfo->sock));
gnutls_session_set_ptr(session, sockinfo);
gnutls_certificate_client_set_retrieve_function(xcred, gnutls_client_cert_cb);
r = gnutls_certificate_verify_peers2(session, &status);
- if (!ssl_certificate_check(cert, status, sockinfo->hostname, sockinfo->port)) {
+ if (r < 0 || !ssl_certificate_check(cert, status, sockinfo->hostname, sockinfo->port)) {
gnutls_x509_crt_deinit(cert);
gnutls_certificate_free_credentials(xcred);
gnutls_deinit(session);