From d75a9f243615f67309e76527d7d7f2512c3db0fd Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Wed, 21 Jun 2017 10:35:47 -0700
Subject: [PATCH] =?UTF-8?q?Fix=20for=20`wc=5FReadDirFirst`=20to=20return?=
 =?UTF-8?q?=20non-zero=20value=20if=20no=20files=20found.=20Fix=20for=20`w?=
 =?UTF-8?q?olfSSL=5FCTX=5Fload=5Fverify=5Flocations`=20to=20not=20return?=
 =?UTF-8?q?=20failure=20due=20to=20`wc=5FReadDirNext`=20=E2=80=9Cno=20more?=
 =?UTF-8?q?=20files=E2=80=9D=20-1=20response.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/ssl.c               | 12 +++++++++---
 wolfcrypt/src/wc_port.c |  6 ++++--
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index bcbbbf5a2..8e297c4eb 100755
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -5621,6 +5621,7 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
                                      const char* path)
 {
     int ret = SSL_SUCCESS;
+    int fileRet;
 
     WOLFSSL_ENTER("wolfSSL_CTX_load_verify_locations");
 
@@ -5644,16 +5645,21 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
     #endif
 
         /* try to load each regular file in path */
-        ret = wc_ReadDirFirst(readCtx, path, &name);
-        while (ret == 0 && name) {
+        fileRet = wc_ReadDirFirst(readCtx, path, &name);
+        while (fileRet == 0 && name) {
             ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE,
                                                           NULL, 0, NULL);
             if (ret != SSL_SUCCESS)
                 break;
-            ret = wc_ReadDirNext(readCtx, path, &name);
+            fileRet = wc_ReadDirNext(readCtx, path, &name);
         }
         wc_ReadDirClose(readCtx);
 
+        /* pass directory read failure to response code */
+        if (ret == SSL_SUCCESS && fileRet != -1) {
+            ret = fileRet;
+        }
+
     #ifdef WOLFSSL_SMALL_STACK
         XFREE(readCtx, ctx->heap, DYNAMIC_TYPE_DIRCTX);
     #endif
diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c
index 2104ace74..3345e0f55 100755
--- a/wolfcrypt/src/wc_port.c
+++ b/wolfcrypt/src/wc_port.c
@@ -197,9 +197,10 @@ int wolfCrypt_Cleanup(void)
 #if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
 
 /* File Handling Helpers */
+/* returns 0 if file found, -1 if no files or negative error */
 int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name)
 {
-    int ret = 0;
+    int ret = -1; /* default to no files found */
 
     if (name)
         *name = NULL;
@@ -258,9 +259,10 @@ int wc_ReadDirFirst(ReadDirCtx* ctx, const char* path, char** name)
     return ret;
 }
 
+/* returns 0 if file found, -1 if no more files */
 int wc_ReadDirNext(ReadDirCtx* ctx, const char* path, char** name)
 {
-    int ret = -1;
+    int ret = -1; /* default to no file found */
 
     if (name)
         *name = NULL;