4 files changed, 12 insertions, 11 deletions

diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c
index 9fc81b5a646..b7b6570ff96 100644
--- a/lib/libtls/tls.c
+++ b/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.7 2015/02/07 09:50:09 jsing Exp $ */
+/* $OpenBSD: tls.c,v 1.8 2015/03/31 12:21:27 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -237,13 +237,13 @@ tls_reset(struct tls *ctx)
 }
 
 int
-tls_ssl_error(struct tls *ctx, int ssl_ret, const char *prefix)
+tls_ssl_error(struct tls *ctx, SSL *ssl_conn, int ssl_ret, const char *prefix)
 {
 	const char *errstr = "unknown error";
 	unsigned long err;
 	int ssl_err;
 
-	ssl_err = SSL_get_error(ctx->ssl_conn, ssl_ret);
+	ssl_err = SSL_get_error(ssl_conn, ssl_ret);
 	switch (ssl_err) {
 	case SSL_ERROR_NONE:
 		return (0);
@@ -301,7 +301,7 @@ tls_read(struct tls *ctx, void *buf, size_t buflen, size_t *outlen)
 		return (0);
 	}
 
-	return tls_ssl_error(ctx, ssl_ret, "read"); 
+	return tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "read"); 
 }
 
 int
@@ -320,7 +320,7 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen, size_t *outlen)
 		return (0);
 	}
 
-	return tls_ssl_error(ctx, ssl_ret, "write"); 
+	return tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "write"); 
 }
 
 int
diff --git a/lib/libtls/tls_client.c b/lib/libtls/tls_client.c
index 24140346512..7c4ca9f306a 100644
--- a/lib/libtls/tls_client.c
+++ b/lib/libtls/tls_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_client.c,v 1.16 2015/03/21 15:35:15 sthen Exp $ */
+/* $OpenBSD: tls_client.c,v 1.17 2015/03/31 12:21:27 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -246,7 +246,7 @@ tls_connect_fds(struct tls *ctx, int fd_read, int fd_write,
 
  connecting:
 	if ((ret = SSL_connect(ctx->ssl_conn)) != 1) {
-		err = tls_ssl_error(ctx, ret, "connect");
+		err = tls_ssl_error(ctx, ctx->ssl_conn, ret, "connect");
 		if (err == TLS_READ_AGAIN || err == TLS_WRITE_AGAIN) {
 			ctx->flags |= TLS_CONNECTING;
 			return (err);
diff --git a/lib/libtls/tls_internal.h b/lib/libtls/tls_internal.h
index d1ba48ea1a0..ba37e136e66 100644
--- a/lib/libtls/tls_internal.h
+++ b/lib/libtls/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.11 2015/02/22 14:50:41 jsing Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.12 2015/03/31 12:21:27 jsing Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
@@ -77,6 +77,7 @@ int tls_host_port(const char *hostport, char **host, char **port);
 int tls_set_error(struct tls *ctx, char *fmt, ...)
     __attribute__((__format__ (printf, 2, 3)))
     __attribute__((__nonnull__ (2)));
-int tls_ssl_error(struct tls *ctx, int ssl_ret, const char *prefix);
+int tls_ssl_error(struct tls *ctx, SSL *ssl_conn, int ssl_ret,
+    const char *prefix);
 
 #endif /* HEADER_TLS_INTERNAL_H */
diff --git a/lib/libtls/tls_server.c b/lib/libtls/tls_server.c
index 8f34ecdded9..cbe064e2f5e 100644
--- a/lib/libtls/tls_server.c
+++ b/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_server.c,v 1.5 2015/02/07 09:50:09 jsing Exp $ */
+/* $OpenBSD: tls_server.c,v 1.6 2015/03/31 12:21:27 jsing Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -131,7 +131,7 @@ tls_accept_socket(struct tls *ctx, struct tls **cctx, int socket)
 	}
 
 	if ((ret = SSL_accept(conn_ctx->ssl_conn)) != 1) {
-		err = tls_ssl_error(conn_ctx, ret, "accept");
+		err = tls_ssl_error(ctx, conn_ctx->ssl_conn, ret, "accept");
 		if (err == TLS_READ_AGAIN || err == TLS_WRITE_AGAIN) {
 			return (err);
 		}