From f053eeae78e3a38b5e61bb82851e3f42172692aa Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 9 Oct 2015 04:13:34 +0000 Subject: [PATCH] fix a gotcha in the connect refactoring, that could result in dropping through and trying to bind failed v6 connects. ok guenther --- lib/libtls/tls_client.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/libtls/tls_client.c b/lib/libtls/tls_client.c index 68b0f32226f..6bb24cd512f 100644 --- a/lib/libtls/tls_client.c +++ b/lib/libtls/tls_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_client.c,v 1.31 2015/10/08 20:13:45 guenther Exp $ */ +/* $OpenBSD: tls_client.c,v 1.32 2015/10/09 04:13:34 deraadt Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -118,6 +118,7 @@ tls_connect_servername(struct tls *ctx, const char *host, const char *port, } /* It was resolved somehow; now try connecting to what we got */ + s = -1; for (res = res0; res; res = res->ai_next) { s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (s == -1) { @@ -135,6 +136,9 @@ tls_connect_servername(struct tls *ctx, const char *host, const char *port, } freeaddrinfo(res0); + if (s == -1) + goto err; + if (servername == NULL) servername = h; -- 2.20.1