Close ssl_sock before returning error in connect_https_socket()

Spotted by Coverity.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

diff --git a/ssl.c b/ssl.c
index 9ad5e85..c5115e7 100644 (file)
--- a/ssl.c
+++ b/ssl.c
@@ -111,17 +111,18 @@ int connect_https_socket(struct openconnect_info *vpninfo)
                if (cancellable_connect(vpninfo, ssl_sock, vpninfo->peer_addr, vpninfo->peer_addrlen)) {
                reconn_err:
                        if (vpninfo->proxy) {
-                               vpn_progress(vpninfo, PRG_ERR, 
+                               vpn_progress(vpninfo, PRG_ERR,
                                             _("Failed to reconnect to proxy %s\n"),
                                             vpninfo->proxy);
                        } else {
-                               vpn_progress(vpninfo, PRG_ERR, 
+                               vpn_progress(vpninfo, PRG_ERR,
                                             _("Failed to reconnect to host %s\n"),
                                             vpninfo->hostname);
                        }
+                       if (ssl_sock >= 0)
+                               close(ssl_sock);
                        return -EINVAL;
                }
-               
        } else {
                struct addrinfo hints, *result, *rp;
                char *hostname;