From ec5aad1ca26599bcaddc3a03708fb925b21f3b6c Mon Sep 17 00:00:00 2001 From: "Dr. David von Oheimb" Date: Thu, 28 May 2020 19:03:37 +0200 Subject: [PATCH] Make BIO_do_connect() and friends handle multiple IP addresses Backport of #11971 Reviewed-by: Tomas Mraz Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/11989) --- crypto/bio/bss_conn.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c index dd43a40601..f4c6b85728 100644 --- a/crypto/bio/bss_conn.c +++ b/crypto/bio/bss_conn.c @@ -186,8 +186,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c) case BIO_CONN_S_BLOCKED_CONNECT: i = BIO_sock_error(b->num); - if (i) { + if (i != 0) { BIO_clear_retry_flags(b); + if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) { + /* + * if there are more addresses to try, do that first + */ + BIO_closesocket(b->num); + c->state = BIO_CONN_S_CREATE_SOCKET; + ERR_clear_error(); + break; + } SYSerr(SYS_F_CONNECT, i); ERR_add_error_data(4, "hostname=", c->param_hostname, -- 2.25.1