From 78a703924064a92cedeb0a5aab5a80d8f77db73e Mon Sep 17 00:00:00 2001
From: Jan Vidar Krey <janvidar@extatic.org>
Date: Tue, 18 Jun 2019 16:01:44 +0200
Subject: [PATCH] Fix CPU spikes for TLS connections using incompatible TLS
 protocol versions.

---
 src/core/probe.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/core/probe.c b/src/core/probe.c
index d6be0cc..4e1c517 100644
--- a/src/core/probe.c
+++ b/src/core/probe.c
@@ -90,11 +90,14 @@ static void probe_net_event(struct net_connection* con, int events, void *arg)
 				if (probe->hub->config->tls_enable)
 				{
 					LOG_TRACE("Probed TLS %d.%d connection", (int) probe_recvbuf[9], (int) probe_recvbuf[10]);
-					if (user_create(probe->hub, probe->connection, &probe->addr))
+					if (net_con_ssl_handshake(con, net_con_ssl_mode_server, probe->hub->ctx) < 0)
+					{
+						LOG_TRACE("TLS handshake negotiation failed.");
+					}
+					else if (user_create(probe->hub, probe->connection, &probe->addr))
 					{
 						probe->connection = 0;
 					}
-					net_con_ssl_handshake(con, net_con_ssl_mode_server, probe->hub->ctx);
 				}
 				else
 				{