Fix windows issues with dtls.

git-svn-id: https://svn.code.sf.net/p/fteqw/code/trunk@6233 fc73d0e0-1445-4013-8a0c-d673dee63da5

engine/common/net_ice.c

@@ -402,7 +402,6 @@ static struct icestate_s *QDECL ICE_Create(void *module, const char *conname, co
 	con->originversion = 1;
 	Q_strncpyz(con->originaddress, "127.0.0.1", sizeof(con->originaddress));
 
-	con->mode = mode;
 	con->blockcandidates = true;	//until offers/answers are sent.
 
 #ifdef HAVE_DTLS
@@ -423,6 +422,12 @@ static struct icestate_s *QDECL ICE_Create(void *module, const char *conname, co
 			con->dtlsfuncs->GenTempCertificate(NULL, &con->cred.local);
 			Con_DPrintf("Done\n");
 		}
+		else
+		{	//failure if we can't do the whole dtls thing.
+			con->dtlsfuncs = NULL;
+			Con_Printf(CON_WARNING"DTLS %s support unavailable, disabling encryption (and webrtc compat).\n", con->dtlspassive?"server":"client");
+			mode = ICEM_ICE;	//fall back on unencrypted (this doesn't depend on the peer, so while shitty it hopefully shouldn't be exploitable with a downgrade-attack)
+		}
 
 		con->mysctpport = 27500;
 	}
@@ -433,6 +438,8 @@ static struct icestate_s *QDECL ICE_Create(void *module, const char *conname, co
 	con->qadr.prot = NP_DGRAM;
 	Q_strncpyz(con->qadr.address.icename, con->friendlyname, sizeof(con->qadr.address.icename));
 
+	con->mode = mode;
+
 	con->next = icelist;
 	icelist = con;
 

engine/common/net_ssl_winsspi.c

@@ -1106,9 +1106,10 @@ static int SSPI_GetChannelBinding(vfsfile_t *vf, qbyte *binddata, size_t *bindsi
 
 #include "netinc.h"
 #if defined(HAVE_DTLS)
-static void *SSPI_DTLS_CreateContext(const char *remotehost, void *cbctx, neterr_t(*push)(void *cbctx, const qbyte *data, size_t datasize), qboolean isserver)
+static void *SSPI_DTLS_CreateContext(const dtlscred_t *credinfo, void *cbctx, neterr_t(*push)(void *cbctx, const qbyte *data, size_t datasize), qboolean isserver)
 {
 	int i = 0;
+	const char *remotehost = credinfo->peer.name;
 	sslfile_t *ctx;
 	if (!SSL_Inited())
 		return NULL;