Store errors that occur during a tls_accept_socket() call on the context

for the server, rather than on the context for the connection. This makes more sense than the current behaviour does. Issue reported by Tim van der Molen.
author: jsing <> 2015-03-31 12:21:27 +0000
committer: jsing <> 2015-03-31 12:21:27 +0000
commit: b5828f12ff689b9c1b62264b27b32dcbd97de33f (patch)
tree: d79f85860400a651427592168da3935f38b4ff73 /src/lib/libtls/tls_client.c
parent: 9f9909654ade9ba11a37c45f75c146ac91419bca (diff)
download: openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.tar.gz
openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.tar.bz2
openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index 2414034651..7c4ca9f306 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.16 2015/03/21 15:35:15 sthen Exp $ */
+/* $OpenBSD: tls_client.c,v 1.17 2015/03/31 12:21:27 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -246,7 +246,7 @@ tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
 connecting:
        if ((ret = SSL_connect(ctx->ssl_conn)) != 1) {
-                err = tls_ssl_error(ctx, ret, "connect");
+                err = tls_ssl_error(ctx, ctx->ssl_conn, ret, "connect");
                if (err == TLS_READ_AGAIN || err == TLS_WRITE_AGAIN) {
                        ctx->flags |= TLS_CONNECTING;
                        return (err);
author	jsing <>	2015-03-31 12:21:27 +0000
committer	jsing <>	2015-03-31 12:21:27 +0000
commit	b5828f12ff689b9c1b62264b27b32dcbd97de33f (patch)
tree	d79f85860400a651427592168da3935f38b4ff73 /src/lib/libtls/tls_client.c
parent	9f9909654ade9ba11a37c45f75c146ac91419bca (diff)
download	openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.tar.gz openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.tar.bz2 openbsd-b5828f12ff689b9c1b62264b27b32dcbd97de33f.zip

diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c index 2414034651..7c4ca9f306 100644 --- a/src/lib/libtls/tls_client.c +++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_client.c,v 1.16 2015/03/21 15:35:15 sthen Exp $ */	1	/* $OpenBSD: tls_client.c,v 1.17 2015/03/31 12:21:27 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -246,7 +246,7 @@ tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
246		246
247	connecting:	247	connecting:
248	if ((ret = SSL_connect(ctx->ssl_conn)) != 1) {	248	if ((ret = SSL_connect(ctx->ssl_conn)) != 1) {
249	err = tls_ssl_error(ctx, ret, "connect");	249	err = tls_ssl_error(ctx, ctx->ssl_conn, ret, "connect");
250	if (err == TLS_READ_AGAIN \|\| err == TLS_WRITE_AGAIN) {	250	if (err == TLS_READ_AGAIN \|\| err == TLS_WRITE_AGAIN) {
251	ctx->flags \|= TLS_CONNECTING;	251	ctx->flags \|= TLS_CONNECTING;
252	return (err);	252	return (err);