From 69c48599e4084f74cbb8fda572d1f519674e3594 Mon Sep 17 00:00:00 2001
From: Mark Janssen -- Sig-I/O Automatisering <mark@sig-io.nl>
Date: Thu, 28 Jan 2021 22:55:15 +0100
Subject: [PATCH] Error handling on SSL_new and SSL_connect

---
 CHANGES    | 6 ++++++
 ptstream.c | 9 ++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 38321b2..84ca425 100755
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,9 @@
+Changed to proxytunnel 1.10.20210128 -- Thu 28 Jan 2021 10:23:24 PM CET
+
+- Changed version to 1.10.20210128
+- Applied 2 more debian patches by Julian Gilbey <jdg@debian.org>
+- Error handling on SSL_new / SSL_connect
+
 Changes to proxytunnel 1.10.20200507 -- Thu 07 May 2020 05:13:01 PM CEST
 
 - Applied 3 patches from debian's package
diff --git a/ptstream.c b/ptstream.c
index 7f6a174..0ef5f57 100644
--- a/ptstream.c
+++ b/ptstream.c
@@ -309,6 +309,10 @@ int stream_enable_ssl(PTSTREAM *pts, const char *proxy_arg) {
 	}
 
 	ssl = SSL_new (ctx);
+    if ( ssl == NULL ) {
+        message("SSL_new failed\n");
+        goto fail;
+    }
 	
 	SSL_set_rfd (ssl, stream_get_incoming_fd(pts));
 	SSL_set_wfd (ssl, stream_get_outgoing_fd(pts));	
@@ -334,7 +338,10 @@ int stream_enable_ssl(PTSTREAM *pts, const char *proxy_arg) {
 		exit( 1 );
 	}
 	
-	SSL_connect (ssl);
+	if ( SSL_connect (ssl) <= 0) {
+        message( "SSL_connect failed\n");
+        goto fail;
+    }
 
 	if ( !args_info.no_check_cert_flag ) {
 		/* Make sure peer presented a certificate */