From 8099d352c9004e137f0949184b2fc53587915717 Mon Sep 17 00:00:00 2001
From: Aaron Jones <aaronmdjones@gmail.com>
Date: Fri, 16 Sep 2016 20:40:23 +0000
Subject: [PATCH] GNUTLS: Store error codes properly

This is similar to commit db12df5c16758487e0c88d43cd77926b784fe400 for
the MbedTLS backend.

The difference is, GNUTLS will not accept positive values as input to
gnutls_strerror(), so we invert the sign bit after retrieving the value
too, not just when storing it.

Also add a forgotten ssl_errno assignment to rb_ssl_connect_common().
---
 libratbox/src/gnutls.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libratbox/src/gnutls.c b/libratbox/src/gnutls.c
index c15f7bf3..365c9b72 100644
--- a/libratbox/src/gnutls.c
+++ b/libratbox/src/gnutls.c
@@ -308,7 +308,7 @@ rb_ssl_read_or_write(int r_or_w, rb_fde_t *F, void *rbuf, const void *wbuf, size
 				break;
 			}
 		default:
-			F->ssl_errno = ret;
+			F->ssl_errno = (unsigned long) -ret;
 			errno = EIO;
 			return RB_RW_IO_ERROR;
 		}
@@ -606,6 +606,8 @@ rb_ssl_connect_common(rb_fde_t *const F, void *const data)
 
 	struct ssl_connect *const sconn = data;
 
+	F->ssl_errno = (unsigned long) -ret;
+
 	if(ret == GNUTLS_E_SUCCESS)
 		rb_ssl_connect_realcb(F, RB_OK, sconn);
 	else
@@ -690,7 +692,8 @@ rb_get_random(void *buf, size_t length)
 const char *
 rb_get_ssl_strerror(rb_fde_t *F)
 {
-	return rb_ssl_strerror(F->ssl_errno);
+	int err = (int) F->ssl_errno;
+	return rb_ssl_strerror(-err);
 }
 
 int