From 8936f56031894138f2a24b350ce267dffe73b2c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= <pawel@process-one.net>
Date: Fri, 23 Aug 2024 18:32:19 +0200
Subject: [PATCH] When not being able to estabilish direct tls s2s connection,
 try next candidate

---
 src/xmpp_socket.erl     |  6 +++---
 src/xmpp_stream_out.erl | 24 +++++++++++++-----------
 2 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/src/xmpp_socket.erl b/src/xmpp_socket.erl
index 328b65f..e7c944c 100644
--- a/src/xmpp_socket.erl
+++ b/src/xmpp_socket.erl
@@ -176,9 +176,9 @@ starttls(#socket_state{sockmod = gen_tcp,
 						  sockmod = fast_tls,
 						  tls_certfile = proplists:get_value(certfile, TLSOpts, none)},
 	    SocketData2 = reset_stream(SocketData1),
-	    case fast_tls:recv_data(TLSSocket, <<>>) of
-		{ok, TLSData} ->
-		    parse(SocketData2, TLSData);
+	    case fast_tls:finish_handshake(TLSSocket, 10000) of
+		ok ->
+		    parse(SocketData2, <<>>);
 		{error, _} = Err ->
 		    Err
 	    end;
diff --git a/src/xmpp_stream_out.erl b/src/xmpp_stream_out.erl
index 23c5322..a5c2413 100644
--- a/src/xmpp_stream_out.erl
+++ b/src/xmpp_stream_out.erl
@@ -1402,15 +1402,17 @@ h_addr_list_to_host_ports(AddrList) ->
 				       {error, {tls, tls_error_reason()}}.
 connect(AddrPorts, State) ->
     case connect(AddrPorts, State, {error, nxdomain}) of
-	{ok, Socket, {Addr, Port, TLS = true}} ->
-	    case starttls(Socket, State) of
-		{ok, TLSSocket} -> {ok, TLSSocket, {Addr, Port, TLS}};
-		{error, Why} -> {error, {tls, Why}}
-	    end;
-	{ok, Socket, {Addr, Port, TLS = false}} ->
-	    {ok, Socket, {Addr, Port, TLS}};
-	{error, Why} ->
-	    {error, {socket, Why}}
+        {ok, Socket, {Addr, Port, TLS = true}, Rest} ->
+            case starttls(Socket, State) of
+                {ok, TLSSocket} ->
+                    {ok, TLSSocket, {Addr, Port, TLS}};
+                {error, Why} ->
+                    connect(Rest, State)
+            end;
+        {ok, Socket, {Addr, Port, TLS = false}, _Rest} ->
+            {ok, Socket, {Addr, Port, TLS}};
+        {error, Why} ->
+            {error, {socket, Why}}
     end.
 
 -ifndef(USE_GETHOSTBYNAME).
@@ -1428,7 +1430,7 @@ connect([{#{family := Type, addr := SockAddr}, TLS}|AddressInfos], State, _) ->
     Timeout = get_connect_timeout(State),
     try xmpp_socket:connect(SockAddr, Port, Opts1, Timeout) of
 	{ok, Socket} ->
-	    {ok, Socket, {Addr, Port, TLS}};
+	    {ok, Socket, {Addr, Port, TLS}, AddressInfos};
 	Err ->
 	    connect(AddressInfos, State, Err)
     catch _:badarg ->
@@ -1451,7 +1453,7 @@ connect([{Addr, Port, TLS}|AddrPorts], State, _) ->
     Timeout = get_connect_timeout(State),
     try xmpp_socket:connect(Addr, Port, Opts1, Timeout) of
 	{ok, Socket} ->
-	    {ok, Socket, {Addr, Port, TLS}};
+	    {ok, Socket, {Addr, Port, TLS}, AddrPorts};
 	Err ->
 	    connect(AddrPorts, State, Err)
     catch _:badarg ->