vtls: unify the error handling in ssl_cf_connect().

Check preference at first, then init peer and do connect. Also fixes
CF_DATA_RESTORE.

Closes #19196

diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index 7ee9699dbf0bfc73a1454cd6fb33f9890b592186..115559b70db86ba2eab978ed1c2c7f557b224bf3 100644 (file)
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -1365,6 +1365,15 @@ static CURLcode ssl_cf_connect(struct Curl_cfilter *cf,
   DEBUGASSERT(connssl);
 
   *done = FALSE;
+
+  if(!connssl->prefs_checked) {
+    if(!ssl_prefs_check(data)) {
+      result = CURLE_SSL_CONNECT_ERROR;
+      goto out;
+    }
+    connssl->prefs_checked = TRUE;
+  }
+
   if(!connssl->peer.hostname) {
     char tls_id[80];
     connssl->ssl_impl->version(tls_id, sizeof(tls_id) - 1);
@@ -1373,12 +1382,6 @@ static CURLcode ssl_cf_connect(struct Curl_cfilter *cf,
       goto out;
   }
 
-  if(!connssl->prefs_checked) {
-    if(!ssl_prefs_check(data))
-      return CURLE_SSL_CONNECT_ERROR;
-    connssl->prefs_checked = TRUE;
-  }
-
   result = connssl->ssl_impl->do_connect(cf, data, done);
 
   if(!result && *done) {