From 2bed089d31a12c2d0277e36a64964ebab6640f75 Mon Sep 17 00:00:00 2001
From: Julien Muchembled <jm@nexedi.com>
Date: Sat, 10 Oct 2015 11:44:51 +0200
Subject: Fix --mtu-disc option with IPv6 transport

Socket configuration of MTU discovery was done unconditionally at IP level,
which has no effect for other protocols. This fixes the issue of OpenVPN
sending fragmented tcp6/udp6 packets even when 'mtu-disc yes' option is
passed.

Patch V2 (by Arne Schwabe): Rebase to current master and have
separate #ifdefs for IPv4 an IPv6

Signed-off-by: Julien Muchembled <jm@nexedi.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1444470291-2980-1-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10229
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/mtu.c    | 29 ++++++++++++++++++++++-------
 src/openvpn/mtu.h    |  2 +-
 src/openvpn/socket.c |  2 +-
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c
index 3665a34..24531c9 100644
--- a/src/openvpn/mtu.c
+++ b/src/openvpn/mtu.c
@@ -153,17 +153,32 @@ frame_print (const struct frame *frame,
 #define MTUDISC_NOT_SUPPORTED_MSG "--mtu-disc is not supported on this OS"
 
 void
-set_mtu_discover_type (int sd, int mtu_type)
+set_mtu_discover_type (int sd, int mtu_type, sa_family_t proto_af)
 {
   if (mtu_type >= 0)
     {
-#if defined(HAVE_SETSOCKOPT) && defined(SOL_IP) && defined(IP_MTU_DISCOVER)
-      if (setsockopt (sd, SOL_IP, IP_MTU_DISCOVER, (void *) &mtu_type, sizeof (mtu_type)))
-	msg (M_ERR, "Error setting IP_MTU_DISCOVER type=%d on TCP/UDP socket",
-	     mtu_type);
-#else
-      msg (M_FATAL, MTUDISC_NOT_SUPPORTED_MSG);
+      switch (proto_af)
+	{
+#if defined(HAVE_SETSOCKOPT) && defined(IP_MTU_DISCOVER)
+	case AF_INET:
+	  if (setsockopt
+	      (sd, IPPROTO_IP, IP_MTU_DISCOVER, &mtu_type, sizeof (mtu_type)))
+	    msg (M_ERR, "Error setting IP_MTU_DISCOVER type=%d on TCP/UDP socket",
+		 mtu_type);
+	  break;
+#endif
+#if defined(HAVE_SETSOCKOPT) && defined(IPV6_MTU_DISCOVER)
+	case AF_INET6:
+	  if (setsockopt
+	      (sd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &mtu_type, sizeof (mtu_type)))
+	    msg (M_ERR, "Error setting IPV6_MTU_DISCOVER type=%d on TCP6/UDP6 socket",
+		 mtu_type);
+	  break;
 #endif
+	default:
+	  msg (M_FATAL, MTUDISC_NOT_SUPPORTED_MSG);
+	  break;
+	}
     }
 }
 
diff --git a/src/openvpn/mtu.h b/src/openvpn/mtu.h
index bccd681..f94de89 100644
--- a/src/openvpn/mtu.h
+++ b/src/openvpn/mtu.h
@@ -207,7 +207,7 @@ void frame_print (const struct frame *frame,
 		  int level,
 		  const char *prefix);
 
-void set_mtu_discover_type (int sd, int mtu_type);
+void set_mtu_discover_type (int sd, int mtu_type, sa_family_t proto_af);
 int translate_mtu_discover_type_name (const char *name);
 
 /*
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index bd8dcb1..925665c 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -1676,7 +1676,7 @@ phase2_set_socket_flags (struct link_socket* sock)
     set_cloexec (sock->ctrl_sd);
 
   /* set Path MTU discovery options on the socket */
-  set_mtu_discover_type (sock->sd, sock->mtu_discover_type);
+  set_mtu_discover_type (sock->sd, sock->mtu_discover_type, sock->info.af);
 
 #if EXTENDED_SOCKET_ERROR_CAPABILITY
   /* if the OS supports it, enable extended error passing on the socket */
-- 
cgit