> Arne Schwabe <a...@rfc2549.org> hat am 14.12.2021 16:09 geschrieben:
>
>
> This consolidates the MSS fix calculation into a single function
> instead having it distributed all over the code. It also calculates
> the real wire overhead without extra sizes for buffer etc.
>
> Patch v2: improve comment
>
> Signed-off-by: Arne Schwabe <a...@rfc2549.org>
> ---
> src/openvpn/forward.c | 5 ++---
> src/openvpn/init.c | 3 ++-
> src/openvpn/mss.c | 40 ++++++++++++++++++++++++++++++++++++++++
> src/openvpn/mss.h | 6 ++++++
> src/openvpn/mtu.c | 9 ---------
> src/openvpn/mtu.h | 10 ++++++----
> src/openvpn/proto.h | 11 -----------
> src/openvpn/ssl.c | 3 ++-
> 8 files changed, 58 insertions(+), 29 deletions(-)
>
> diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
> index 29efcd3b9..f82386a1d 100644
> --- a/src/openvpn/forward.c
> +++ b/src/openvpn/forward.c
> @@ -1493,7 +1493,7 @@ process_ip_header(struct context *c, unsigned int
> flags, struct buffer *buf)
> /* possibly alter the TCP MSS */
> if (flags & PIP_MSSFIX)
> {
> - mss_fixup_ipv4(&ipbuf,
> MTU_TO_MSS(TUN_MTU_SIZE_DYNAMIC(&c->c2.frame)));
> + mss_fixup_ipv4(&ipbuf, c->c2.frame.mss_fix);
I still think this will badly explode in the ce.mssfix == 0 code path. In that
case frame.mss_fix == 0 AFAICT
and I see no handling of that possibility in mss_fixup_ipv4/6.
Regards,
--
Frank Lichtenheld
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel