diff options
| author | Gert Doering <gert@greenie.muc.de> | 2015-02-08 11:18:45 +0100 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2015-02-15 19:14:20 +0100 |
| commit | 9e0963c11aa439deb382d7d6bc40b6ade999401c (patch) | |
| tree | 681e6828bfb83638388befaac8e162d9da99b4d5 /src/openvpn/init.c | |
| parent | 5d5233778868ddd568140c394adfcfc8e3453245 (diff) | |
| download | openvpn-9e0963c11aa439deb382d7d6bc40b6ade999401c.tar.gz openvpn-9e0963c11aa439deb382d7d6bc40b6ade999401c.tar.xz openvpn-9e0963c11aa439deb382d7d6bc40b6ade999401c.zip | |
New approach to handle peer-id related changes to link-mtu.
Instead of statically increasing link-mtu by +3, keep the old value for
OCC compatibility with old servers/clients, and only increase link-mtu
if peer-id option is enabled (right now: is pushed by server).
If link-mtu has been set in the config, keep configured value, and log
warning (because the extra overhead has to decrease tun-mtu).
Reserve extra +3 bytes in frame->extra_link.
v2: use frame->extra_link, not frame->extra_buffer (receive path on server)
introduce frame_add_to_link_mtu() to manipulate frame->link_mtu value
rework comments to make more clear what is happening
This reverts commit f95010ad247a8998e0c39e394236251fca316849.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1423390725-13438-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9450
Diffstat (limited to 'src/openvpn/init.c')
| -rw-r--r-- | src/openvpn/init.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 706d07c..b670a48 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1794,6 +1794,19 @@ do_deferred_options (struct context *c, const unsigned int found) msg (D_PUSH, "OPTIONS IMPORT: peer-id set"); c->c2.tls_multi->use_peer_id = true; c->c2.tls_multi->peer_id = c->options.peer_id; + frame_add_to_extra_frame(&c->c2.frame, +3); /* peer-id overhead */ + if ( !c->options.ce.link_mtu_defined ) + { + frame_add_to_link_mtu(&c->c2.frame, +3); + msg (D_PUSH, "OPTIONS IMPORT: adjusting link_mtu to %d", + EXPANDED_SIZE(&c->c2.frame)); + } + else + { + msg (M_WARN, "OPTIONS IMPORT: WARNING: peer-id set, but link-mtu" + " fixed by config - reducing tun-mtu to %d, expect" + " MTU problems", TUN_MTU_SIZE(&c->c2.frame) ); + } } #endif } @@ -2403,6 +2416,17 @@ do_init_frame (struct context *c) #endif #endif /* USE_COMP */ + /* packets with peer-id (P_DATA_V2) need 3 extra bytes in frame (on client) + * and need link_mtu+3 bytes on socket reception (on server). + * + * accomodate receive path in f->extra_link, which has the side effect of + * also increasing send buffers (BUF_SIZE() macro), which need to be + * allocated big enough before receiving peer-id option from server. + * + * f->extra_frame is adjusted when peer-id option is push-received + */ + frame_add_to_extra_link(&c->c2.frame, 3); + #ifdef ENABLE_FRAGMENT /* * Set frame parameter for fragment code. This is necessary because |