From: David Woodhouse <David.Woodhouse@intel.com>
Date: Tue, 29 May 2012 14:43:30 +0000 (+0100)
Subject: Split out connect_https_socket() function from openconnect_open_https()
X-Git-Tag: v3.99~124
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=197628fa0e0738b44e4f11eef6b40898b94844eb;p=platform%2Fupstream%2Fopenconnect.git

Split out connect_https_socket() function from openconnect_open_https()

This can be used by the GnuTLS version too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---

diff --git a/ssl.c b/ssl.c
index 9fe2c33..cc1eb47 100644
--- a/ssl.c
+++ b/ssl.c
@@ -1007,22 +1007,11 @@ static int cancellable_connect(struct openconnect_info *vpninfo, int sockfd,
 	return getpeername(sockfd, (void *)&peer, &peerlen);
 }
 
-int openconnect_open_https(struct openconnect_info *vpninfo)
+static int connect_https_socket(struct openconnect_info *vpninfo)
 {
-	method_const SSL_METHOD *ssl3_method;
-	SSL *https_ssl;
-	BIO *https_bio;
 	int ssl_sock = -1;
 	int err;
 
-	if (vpninfo->https_ssl)
-		return 0;
-
-	if (vpninfo->peer_cert) {
-		X509_free(vpninfo->peer_cert);
-		vpninfo->peer_cert = NULL;
-	}
-
 	if (!vpninfo->port)
 		vpninfo->port = 443;
 
@@ -1194,6 +1183,29 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 		}
 	}
 
+	return ssl_sock;
+}
+
+int openconnect_open_https(struct openconnect_info *vpninfo)
+{
+	method_const SSL_METHOD *ssl3_method;
+	SSL *https_ssl;
+	BIO *https_bio;
+	int ssl_sock;
+	int err;
+
+	if (vpninfo->https_ssl)
+		return 0;
+
+	if (vpninfo->peer_cert) {
+		X509_free(vpninfo->peer_cert);
+		vpninfo->peer_cert = NULL;
+	}
+
+	ssl_sock = connect_https_socket(vpninfo);
+	if (ssl_sock < 0)
+		return ssl_sock;
+
 	ssl3_method = TLSv1_client_method();
 	if (!vpninfo->https_ctx) {
 		vpninfo->https_ctx = SSL_CTX_new(ssl3_method);