Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
mainloop: Fix pause/resume on gateways without DTLS
Some gateways have DTLS disabled, so they do not send any X-DTLS-*
options upon connection.  This causes vpninfo->dtls_state to remain in
DTLS_SECRET state forever.  Currently we override this state to
DTLS_SLEEPING on pause/resume, which is bad because the DTLS mainloop
will get invoked on reconnection and it will start printing
"No DTLS address" errors on every packet.

Instead we should check for (vpninfo->dtls_state > DTLS_DISABLED), as is
done elsewhere in the code.

Reported-by: Holger Dell <holger.dell@gmail.com>
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
cernekee authored and David Woodhouse committed Mar 8, 2016
1 parent 90ac52e commit 33638c2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion mainloop.c
Expand Up @@ -250,7 +250,7 @@ int openconnect_mainloop(struct openconnect_info *vpninfo,
/* close all connections and wait for the user to call
openconnect_mainloop() again */
openconnect_close_https(vpninfo, 0);
if (vpninfo->dtls_state != DTLS_DISABLED) {
if (vpninfo->dtls_state > DTLS_DISABLED) {
vpninfo->proto.udp_close(vpninfo);
vpninfo->dtls_state = DTLS_SLEEPING;
vpninfo->new_dtls_started = 0;
Expand Down

0 comments on commit 33638c2

Please sign in to comment.