From 1b2517ea2004ce84974aa33d62cc9e39b10a6079 Mon Sep 17 00:00:00 2001
From: Viktor Liu <17948409+lixmal@users.noreply.github.com>
Date: Fri, 17 Jan 2025 11:39:08 +0100
Subject: [PATCH] [relay] Don't start relay quic listener on invalid TLS config
 (#3202)

---
 relay/server/server.go | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/relay/server/server.go b/relay/server/server.go
index cacc3dafb..10aabcace 100644
--- a/relay/server/server.go
+++ b/relay/server/server.go
@@ -6,6 +6,7 @@ import (
 	"sync"
 
 	"github.com/hashicorp/go-multierror"
+	log "github.com/sirupsen/logrus"
 	"go.opentelemetry.io/otel/metric"
 
 	nberrors "github.com/netbirdio/netbird/client/errors"
@@ -58,16 +59,16 @@ func (r *Server) Listen(cfg ListenerConfig) error {
 
 	tlsConfigQUIC, err := quictls.ServerQUICTLSConfig(cfg.TLSConfig)
 	if err != nil {
-		return err
-	}
+		log.Warnf("Not starting QUIC listener: %v", err)
+	} else {
+		quicListener := &quic.Listener{
+			Address:   cfg.Address,
+			TLSConfig: tlsConfigQUIC,
+		}
 
-	quicListener := &quic.Listener{
-		Address:   cfg.Address,
-		TLSConfig: tlsConfigQUIC,
+		r.listeners = append(r.listeners, quicListener)
 	}
 
-	r.listeners = append(r.listeners, quicListener)
-
 	errChan := make(chan error, len(r.listeners))
 	wg := sync.WaitGroup{}
 	for _, l := range r.listeners {