Skip to content

Commit

Permalink
Handle failure to agree DTLS cipher more gracefully
Browse files Browse the repository at this point in the history 
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Apr 24, 2009
1 parent 2f520bc commit 7512134
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions dtls.c
View file
Expand Up @@ -110,6 +110,12 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
BIO *dtls_bio;
int dtls_fd;

if (!vpninfo->dtls_cipher) {
/* We probably didn't offer it any ciphers it liked */
vpninfo->progress(vpninfo, PRG_ERR, "Server offered no DTLS cipher option\n");
return -EINVAL;
}

dtls_fd = socket(vpninfo->peer_addr->sa_family, SOCK_DGRAM, IPPROTO_UDP);
if (dtls_fd < 0) {
perror("Open UDP socket for DTLS:");
Expand Down

0 comments on commit 7512134

Please sign in to comment.