On Mon, 2014-11-17 at 19:51 +0100, Nikos Mavrogiannopoulos wrote:
> On Mon, 2014-11-17 at 18:39 +0000, David Woodhouse wrote:
> > On Sat, 2014-11-15 at 16:03 +0100, Nikos Mavrogiannopoulos wrote:
> > > + if (vpninfo->dtls_session_id_set) {
> > > + if (memcmp(vpninfo->dtls_session_id, dtls_session_id, 32) != 0) {
> > > + if (vpninfo->dtls_state != DTLS_DISABLED) {
> > > + dtls_close(vpninfo);
> > > + vpninfo->dtls_state = DTLS_SLEEPING;
> > > + vpninfo->new_dtls_started = 0;
> > > + }
> > > + }
> >
> > Couldn't we just call dtls_reconnect() here?
>
> Not sure. That would start the DTLS connection while parsing the headers
> and that didn't seem quite right at the moment.
Yeah, in fact none of the dtls_reconnect() calls in cstp.c are really
very nice. I've switched to a 'need_dtls_reconnect' flag and let
dtls_mainloop() handle *actually* reconnecting.
Which also fixes the fact that if we *do* just call the old
dtls_reconnect() function right there as I'd suggested, we might
actually end up calling it twice in quick succession.
http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/038ba9e22
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141118/11aec908/attachment.bin>
