From 1a7bd492d52c3b362b7009221cc6951f067f159f Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Fri, 9 Oct 2015 04:13:34 +0000 Subject: fix a gotcha in the connect refactoring, that could result in dropping through and trying to bind failed v6 connects. ok guenther --- src/lib/libtls/tls_client.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/lib/libtls/tls_client.c b/src/lib/libtls/tls_client.c index 68b0f32226..6bb24cd512 100644 --- a/src/lib/libtls/tls_client.c +++ b/src/lib/libtls/tls_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_client.c,v 1.31 2015/10/08 20:13:45 guenther Exp $ */ +/* $OpenBSD: tls_client.c,v 1.32 2015/10/09 04:13:34 deraadt Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -118,6 +118,7 @@ tls_connect_servername(struct tls *ctx, const char *host, const char *port, } /* It was resolved somehow; now try connecting to what we got */ + s = -1; for (res = res0; res; res = res->ai_next) { s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (s == -1) { @@ -135,6 +136,9 @@ tls_connect_servername(struct tls *ctx, const char *host, const char *port, } freeaddrinfo(res0); + if (s == -1) + goto err; + if (servername == NULL) servername = h; -- cgit v1.2.3-55-g6feb