From dc18e4ddfbd55b738dd7ccd9347accf6c5b342f6 Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
Date: Wed, 27 May 2020 12:16:53 +0200
Subject: Make BIO_do_connect() and friends handle multiple IP addresses

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11971)
---
 crypto/bio/bss_conn.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index d3bd33e957..31a5b58b7d 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -188,8 +188,17 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
 
         case BIO_CONN_S_BLOCKED_CONNECT:
             i = BIO_sock_error(b->num);
-            if (i) {
+            if (i != 0) {
                 BIO_clear_retry_flags(b);
+                if ((c->addr_iter = BIO_ADDRINFO_next(c->addr_iter)) != NULL) {
+                    /*
+                     * if there are more addresses to try, do that first
+                     */
+                    BIO_closesocket(b->num);
+                    c->state = BIO_CONN_S_CREATE_SOCKET;
+                    ERR_clear_error();
+                    break;
+                }
                 ERR_raise_data(ERR_LIB_SYS, i,
                                "calling connect(%s, %s)",
                                 c->param_hostname, c->param_service);
-- 
cgit v1.2.3