Make BIO_do_connect() and friends handle multiple IP addresses
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Wed, 27 May 2020 10:16:53 +0000 (12:16 +0200)
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>
Mon, 1 Jun 2020 07:23:54 +0000 (09:23 +0200)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11971)

crypto/bio/bss_conn.c

index d3bd33e..31a5b58 100644 (file)
@@ -188,8 +188,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
 
         case BIO_CONN_S_BLOCKED_CONNECT:
             i = BIO_sock_error(b->num);
-            if (i) {
+            if (i != 0) {
                 BIO_clear_retry_flags(b);
+                if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
+                    /*
+                     * if there are more addresses to try, do that first
+                     */
+                    BIO_closesocket(b->num);
+                    c->state = BIO_CONN_S_CREATE_SOCKET;
+                    ERR_clear_error();
+                    break;
+                }
                 ERR_raise_data(ERR_LIB_SYS, i,
                                "calling connect(%s, %s)",
                                 c->param_hostname, c->param_service);