From 5eeac3566e11874ad62337a702fef84c8ef29d87 Mon Sep 17 00:00:00 2001
From: Jon Simons <jon@jonsimons.org>
Date: Mon, 10 Feb 2014 18:20:19 -0800
Subject: [PATCH] bind: only set bindfd after successful listen

In 'ssh_bind_listen', move setting of 'sshbind->bindfd' to only happen after
the listen call: otherwise 'bindfd' can be set to a bogus descriptor for the
case that listen fails.

Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/bind.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/bind.c b/src/bind.c
index 03d34031..b929b5c4 100644
--- a/src/bind.c
+++ b/src/bind.c
@@ -254,7 +254,6 @@ int ssh_bind_listen(ssh_bind sshbind) {
           sshbind->rsa = NULL;
           return -1;
       }
-      sshbind->bindfd = fd;
 
       if (listen(fd, 10) < 0) {
           ssh_set_error(sshbind, SSH_FATAL,
@@ -267,6 +266,8 @@ int ssh_bind_listen(ssh_bind sshbind) {
           sshbind->rsa = NULL;
           return -1;
       }
+
+      sshbind->bindfd = fd;
   } else {
       SSH_LOG(SSH_LOG_INFO, "Using app-provided bind socket");
   }