[Bugfix] Check return codes from gnutls library every time.

git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4120 3789f03b-4d11-0410-bbf8-ca57d06f2519

common/rfb/CSecurityTLS.cxx

 void CSecurityTLS::shutdown()
 {
   if (session)
-    gnutls_bye(session, GNUTLS_SHUT_RDWR);
+    if (gnutls_bye(session, GNUTLS_SHUT_RDWR) != GNUTLS_E_SUCCESS)
+      throw Exception("gnutls_bye failed");
 
   if (anon_cred) {
     gnutls_anon_free_client_credentials(anon_cred);
     if (is->readU8() == 0)
       return true;
 
-    gnutls_init(&session, GNUTLS_CLIENT);
-    gnutls_set_default_priority(session);
+    if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_init failed");
+
+    if (gnutls_set_default_priority(session) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_set_default_priority failed");
 
     setParam();
     
 				     GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0 };
 
   if (anon) {
-    gnutls_kx_set_priority(session, kx_anon_priority);
-    gnutls_anon_allocate_client_credentials(&anon_cred);
-    gnutls_credentials_set(session, GNUTLS_CRD_ANON, anon_cred);
+    if (gnutls_kx_set_priority(session, kx_anon_priority) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_kx_set_priority failed");
+
+    if (gnutls_anon_allocate_client_credentials(&anon_cred) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_anon_allocate_client_credentials failed");
+
+    if (gnutls_credentials_set(session, GNUTLS_CRD_ANON, anon_cred) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_credentials_set failed");
 
     vlog.debug("Anonymous session has been set");
   } else {
-    gnutls_kx_set_priority(session, kx_priority);
-    gnutls_certificate_allocate_credentials(&cert_cred);
+    if (gnutls_kx_set_priority(session, kx_priority) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_kx_set_priority failed");
+
+    if (gnutls_certificate_allocate_credentials(&cert_cred) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_certificate_allocate_credentials failed");
 
     if (*cafile && gnutls_certificate_set_x509_trust_file(cert_cred,cafile,GNUTLS_X509_FMT_PEM) < 0)
       throw AuthFailureException("load of CA cert failed");
     if (*crlfile && gnutls_certificate_set_x509_crl_file(cert_cred,crlfile,GNUTLS_X509_FMT_PEM) < 0)
       throw AuthFailureException("load of CRL failed");
 
-    gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred);
+    if (gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred) != GNUTLS_E_SUCCESS)
+      throw AuthFailureException("gnutls_credentials_set failed");
 
     vlog.debug("X509 session has been set");
   }

common/rfb/SSecurityTLS.cxx

   static const int kx_priority[] = { GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA,
 				     GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0 };
 
-  gnutls_kx_set_priority(session, anon ? kx_anon_priority : kx_priority);
+  if (gnutls_kx_set_priority(session, anon ? kx_anon_priority : kx_priority)
+      != GNUTLS_E_SUCCESS)
+    throw AuthFailureException("gnutls_kx_set_priority failed");
 
   if (gnutls_dh_params_init(&dh_params) != GNUTLS_E_SUCCESS)
     throw AuthFailureException("gnutls_dh_params_init failed");