int connect_dtls_socket(struct openconnect_info *vpninfo)
{
- int dtls_fd, ret;
+ int dtls_fd, ret, sndbuf;
if (!vpninfo->dtls_addr) {
vpn_progress(vpninfo, PRG_ERR, _("No DTLS address\n"));
return -EINVAL;
}
+ sndbuf = vpninfo->actual_mtu * 2;
+ setsockopt(dtls_fd, SOL_SOCKET, SO_SNDBUF, &sndbuf, sizeof(sndbuf));
+
if (vpninfo->dtls_local_port) {
union {
struct sockaddr_in in;
}
/* Service outgoing packet queue */
+ FD_CLR(vpninfo->dtls_fd, &vpninfo->select_wfds);
while (vpninfo->outgoing_queue) {
struct pkt *this = vpninfo->outgoing_queue;
int ret;
if (ret <= 0) {
ret = SSL_get_error(vpninfo->dtls_ssl, ret);
- /* If it's a real error, kill the DTLS connection and
- requeue the packet to be sent over SSL */
- if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE) {
+ if (ret == SSL_ERROR_WANT_WRITE) {
+ FD_SET(vpninfo->dtls_fd, &vpninfo->select_wfds);
+ vpninfo->outgoing_queue = this;
+ vpninfo->outgoing_qlen++;
+
+ } else if (ret != SSL_ERROR_WANT_READ) {
+ /* If it's a real error, kill the DTLS connection and
+ requeue the packet to be sent over SSL */
vpn_progress(vpninfo, PRG_ERR,
_("DTLS got write error %d. Falling back to SSL\n"),
ret);
dtls_restart(vpninfo);
vpninfo->outgoing_queue = this;
vpninfo->outgoing_qlen++;
+ work_done = 1;
}
- return 1;
+ return work_done;
}
#elif defined(DTLS_GNUTLS)
ret = gnutls_record_send(vpninfo->dtls_ssl, &this->hdr[7], this->len + 1);
dtls_restart(vpninfo);
vpninfo->outgoing_queue = this;
vpninfo->outgoing_qlen++;
+ work_done = 1;
+ } else if (gnutls_record_get_direction(vpninfo->dtls_ssl)) {
+ FD_SET(vpninfo->dtls_fd, &vpninfo->select_wfds);
+ vpninfo->outgoing_queue = this;
+ vpninfo->outgoing_qlen++;
}
- return 1;
+
+ return work_done;
}
#endif
time(&vpninfo->dtls_times.last_tx);
projects / users / dwmw2 / openconnect.git / commitdiff