Clear cached peer_addr where necessary.

If the user declined to manually accept a certificate in the NetworkManager
auth-dialog, and the SSL_connect() failed, we were still keeping the cached
peer_addr around. So even after the user chose *another* host to connect to,
we weren't actually doing another DNS lookup; we were just continuing to
connect to the old address.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

library.c

@@ -152,9 +152,11 @@ void openconnect_clear_cookie (struct openconnect_info *vpninfo)
 void openconnect_reset_ssl (struct openconnect_info *vpninfo)
 {
 	if (vpninfo->https_ssl) {
+		openconnect_close_https(vpninfo);
+	}
+	if (vpninfo->peer_addr) {
 		free(vpninfo->peer_addr);
 		vpninfo->peer_addr = NULL;
-		openconnect_close_https(vpninfo);
 	}
 	if (vpninfo->https_ctx) {
 		SSL_CTX_free(vpninfo->https_ctx);
@@ -164,6 +166,11 @@ void openconnect_reset_ssl (struct openconnect_info *vpninfo)
 
 int openconnect_parse_url (struct openconnect_info *vpninfo, char *url)
 {
+	if (vpninfo->peer_addr) {
+		free(vpninfo->peer_addr);
+		vpninfo->peer_addr = NULL;
+	}
+
 	return internal_parse_url (url, NULL, &vpninfo->hostname,
 				   &vpninfo->port, &vpninfo->urlpath, 443);
 }

openconnect.html

@@ -184,6 +184,7 @@ <H2>Release Notes / Changelog</H2>
      <UL>
        <LI>Install man page in <TT>make install</TT> target.</LI>
        <LI>Add <TT>openconnect_vpninfo_free()</TT> to libopenconnect.</LI>
+       <LI>Clear cached <tt>peer_addr</tt> to avoid reconnecting to wrong host.</LI>
      </UL><BR>
   </LI>
   <LI><B><A HREF="ftp://ftp.infradead.org/pub/openconnect/openconnect-3.01.tar.gz">OpenConnect v3.01</a></B> &mdash; 2011-03-09<BR>
@@ -465,6 +466,6 @@ <H3>FreeBSD</H3>
 <hr>
 <address>David Woodhouse &lt;<A HREF="mailto:dwmw2@infradead.org">dwmw2@infradead.org</A>&gt;</address>
 <!-- hhmts start -->
-Last modified: Thu Mar 17 19:08:36 GMT 2011
+Last modified: Tue Apr 19 13:00:50 BST 2011
 <!-- hhmts end -->
 </body> </html>