From 1007a1f86697c5f72aaa723eea397d758e2f031d Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 22 Aug 2015 14:51:34 +0000
Subject: SSL_set_app_data is a macro for SSL_set_ex_data(), which is a wrapper
 around CRYPTO_set_ex_data(), which can fail. Since this is the case, check
 the return value of CRYPTO_set_ex_data^WSSL_set_ex_data^WSSL_set_app_data.

---
 src/lib/libtls/tls_client.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/lib/libtls/tls_client.c')

diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index 295e76c60d..442ba4321e 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.18 2015/08/22 14:40:25 jsing Exp $ */
+/* $OpenBSD: tls_client.c,v 1.19 2015/08/22 14:51:34 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -225,8 +225,10 @@ tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
 		tls_set_error(ctx, "ssl connection failure");
 		goto err;
 	}
-	SSL_set_app_data(ctx->ssl_conn, ctx);
-
+	if (SSL_set_app_data(ctx->ssl_conn, ctx) != 1) {
+		tls_set_error(ctx, "ssl application data failure");
+		goto err;
+	}
 	if (SSL_set_rfd(ctx->ssl_conn, fd_read) != 1 ||
 	    SSL_set_wfd(ctx->ssl_conn, fd_write) != 1) {
 		tls_set_error(ctx, "ssl file descriptor failure");
-- 
cgit v1.2.3-55-g6feb