From b5828f12ff689b9c1b62264b27b32dcbd97de33f Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 31 Mar 2015 12:21:27 +0000
Subject: Store errors that occur during a tls_accept_socket() call on the
 context for the server, rather than on the context for the connection. This
 makes more sense than the current behaviour does.

Issue reported by Tim van der Molen.
---
 src/lib/libtls/tls_client.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib/libtls/tls_client.c')

diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c
index 2414034651..7c4ca9f306 100644
--- a/src/lib/libtls/tls_client.c
+++ b/src/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.16 2015/03/21 15:35:15 sthen Exp $ */
+/* $OpenBSD: tls_client.c,v 1.17 2015/03/31 12:21:27 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -246,7 +246,7 @@ tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
 
  connecting:
 	if ((ret = SSL_connect(ctx->ssl_conn)) != 1) {
-		err = tls_ssl_error(ctx, ret, "connect");
+		err = tls_ssl_error(ctx, ctx->ssl_conn, ret, "connect");
 		if (err == TLS_READ_AGAIN || err == TLS_WRITE_AGAIN) {
 			ctx->flags |= TLS_CONNECTING;
 			return (err);
-- 
cgit v1.2.3-55-g6feb