summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulien Muchembled <jm@nexedi.com>2015-10-10 11:44:51 +0200
committerGert Doering <gert@greenie.muc.de>2015-10-10 11:58:41 +0200
commit2bed089d31a12c2d0277e36a64964ebab6640f75 (patch)
tree851d70ba7bcb6690b32a46095a731d8500c8afba
parent99daa6b19270775006f034f21936c98a9005477d (diff)
downloadopenvpn-2bed089d31a12c2d0277e36a64964ebab6640f75.zip
openvpn-2bed089d31a12c2d0277e36a64964ebab6640f75.tar.gz
openvpn-2bed089d31a12c2d0277e36a64964ebab6640f75.tar.xz
Fix --mtu-disc option with IPv6 transport
Socket configuration of MTU discovery was done unconditionally at IP level, which has no effect for other protocols. This fixes the issue of OpenVPN sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is passed. Patch V2 (by Arne Schwabe): Rebase to current master and have separate #ifdefs for IPv4 an IPv6 Signed-off-by: Julien Muchembled <jm@nexedi.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1444470291-2980-1-git-send-email-arne@rfc2549.org> URL: http://article.gmane.org/gmane.network.openvpn.devel/10229 Signed-off-by: Gert Doering <gert@greenie.muc.de>
-rw-r--r--src/openvpn/mtu.c29
-rw-r--r--src/openvpn/mtu.h2
-rw-r--r--src/openvpn/socket.c2
3 files changed, 24 insertions, 9 deletions
diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c
index 3665a34..24531c9 100644
--- a/src/openvpn/mtu.c
+++ b/src/openvpn/mtu.c
@@ -153,17 +153,32 @@ frame_print (const struct frame *frame,
#define MTUDISC_NOT_SUPPORTED_MSG "--mtu-disc is not supported on this OS"
void
-set_mtu_discover_type (int sd, int mtu_type)
+set_mtu_discover_type (int sd, int mtu_type, sa_family_t proto_af)
{
if (mtu_type >= 0)
{
-#if defined(HAVE_SETSOCKOPT) && defined(SOL_IP) && defined(IP_MTU_DISCOVER)
- if (setsockopt (sd, SOL_IP, IP_MTU_DISCOVER, (void *) &mtu_type, sizeof (mtu_type)))
- msg (M_ERR, "Error setting IP_MTU_DISCOVER type=%d on TCP/UDP socket",
- mtu_type);
-#else
- msg (M_FATAL, MTUDISC_NOT_SUPPORTED_MSG);
+ switch (proto_af)
+ {
+#if defined(HAVE_SETSOCKOPT) && defined(IP_MTU_DISCOVER)
+ case AF_INET:
+ if (setsockopt
+ (sd, IPPROTO_IP, IP_MTU_DISCOVER, &mtu_type, sizeof (mtu_type)))
+ msg (M_ERR, "Error setting IP_MTU_DISCOVER type=%d on TCP/UDP socket",
+ mtu_type);
+ break;
+#endif
+#if defined(HAVE_SETSOCKOPT) && defined(IPV6_MTU_DISCOVER)
+ case AF_INET6:
+ if (setsockopt
+ (sd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &mtu_type, sizeof (mtu_type)))
+ msg (M_ERR, "Error setting IPV6_MTU_DISCOVER type=%d on TCP6/UDP6 socket",
+ mtu_type);
+ break;
#endif
+ default:
+ msg (M_FATAL, MTUDISC_NOT_SUPPORTED_MSG);
+ break;
+ }
}
}
diff --git a/src/openvpn/mtu.h b/src/openvpn/mtu.h
index bccd681..f94de89 100644
--- a/src/openvpn/mtu.h
+++ b/src/openvpn/mtu.h
@@ -207,7 +207,7 @@ void frame_print (const struct frame *frame,
int level,
const char *prefix);
-void set_mtu_discover_type (int sd, int mtu_type);
+void set_mtu_discover_type (int sd, int mtu_type, sa_family_t proto_af);
int translate_mtu_discover_type_name (const char *name);
/*
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index bd8dcb1..925665c 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -1676,7 +1676,7 @@ phase2_set_socket_flags (struct link_socket* sock)
set_cloexec (sock->ctrl_sd);
/* set Path MTU discovery options on the socket */
- set_mtu_discover_type (sock->sd, sock->mtu_discover_type);
+ set_mtu_discover_type (sock->sd, sock->mtu_discover_type, sock->info.af);
#if EXTENDED_SOCKET_ERROR_CAPABILITY
/* if the OS supports it, enable extended error passing on the socket */