New approach to handle peer-id related changes to link-mtu.
Instead of statically increasing link-mtu by +3, keep the old value for
OCC compatibility with old servers/clients, and only increase link-mtu
if peer-id option is enabled (right now: is pushed by server).
If link-mtu has been set in the config, keep configured value, and log
warning (because the extra overhead has to decrease tun-mtu).
Reserve extra +3 bytes in frame->extra_link.
v2: use frame->extra_link, not frame->extra_buffer (receive path on server)
introduce frame_add_to_link_mtu() to manipulate frame->link_mtu value
rework comments to make more clear what is happening
This reverts commit f95010ad247a8998e0c39e394236251fca316849.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1423390725-13438-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9450
Gert Doering authored on 2015/02/08 19:18:45Showing 3 changed files
| ... | ... |
@@ -1794,6 +1794,19 @@ do_deferred_options (struct context *c, const unsigned int found) |
| 1794 | 1794 |
msg (D_PUSH, "OPTIONS IMPORT: peer-id set"); |
| 1795 | 1795 |
c->c2.tls_multi->use_peer_id = true; |
| 1796 | 1796 |
c->c2.tls_multi->peer_id = c->options.peer_id; |
| 1797 |
+ frame_add_to_extra_frame(&c->c2.frame, +3); /* peer-id overhead */ |
|
| 1798 |
+ if ( !c->options.ce.link_mtu_defined ) |
|
| 1799 |
+ {
|
|
| 1800 |
+ frame_add_to_link_mtu(&c->c2.frame, +3); |
|
| 1801 |
+ msg (D_PUSH, "OPTIONS IMPORT: adjusting link_mtu to %d", |
|
| 1802 |
+ EXPANDED_SIZE(&c->c2.frame)); |
|
| 1803 |
+ } |
|
| 1804 |
+ else |
|
| 1805 |
+ {
|
|
| 1806 |
+ msg (M_WARN, "OPTIONS IMPORT: WARNING: peer-id set, but link-mtu" |
|
| 1807 |
+ " fixed by config - reducing tun-mtu to %d, expect" |
|
| 1808 |
+ " MTU problems", TUN_MTU_SIZE(&c->c2.frame) ); |
|
| 1809 |
+ } |
|
| 1797 | 1810 |
} |
| 1798 | 1811 |
#endif |
| 1799 | 1812 |
} |
| ... | ... |
@@ -2403,6 +2416,17 @@ do_init_frame (struct context *c) |
| 2403 | 2403 |
#endif |
| 2404 | 2404 |
#endif /* USE_COMP */ |
| 2405 | 2405 |
|
| 2406 |
+ /* packets with peer-id (P_DATA_V2) need 3 extra bytes in frame (on client) |
|
| 2407 |
+ * and need link_mtu+3 bytes on socket reception (on server). |
|
| 2408 |
+ * |
|
| 2409 |
+ * accomodate receive path in f->extra_link, which has the side effect of |
|
| 2410 |
+ * also increasing send buffers (BUF_SIZE() macro), which need to be |
|
| 2411 |
+ * allocated big enough before receiving peer-id option from server. |
|
| 2412 |
+ * |
|
| 2413 |
+ * f->extra_frame is adjusted when peer-id option is push-received |
|
| 2414 |
+ */ |
|
| 2415 |
+ frame_add_to_extra_link(&c->c2.frame, 3); |
|
| 2416 |
+ |
|
| 2406 | 2417 |
#ifdef ENABLE_FRAGMENT |
| 2407 | 2418 |
/* |
| 2408 | 2419 |
* Set frame parameter for fragment code. This is necessary because |
| ... | ... |
@@ -258,6 +258,12 @@ frame_headroom (const struct frame *f, const unsigned int flag_mask) |
| 258 | 258 |
*/ |
| 259 | 259 |
|
| 260 | 260 |
static inline void |
| 261 |
+frame_add_to_link_mtu (struct frame *frame, const int increment) |
|
| 262 |
+{
|
|
| 263 |
+ frame->link_mtu += increment; |
|
| 264 |
+} |
|
| 265 |
+ |
|
| 266 |
+static inline void |
|
| 261 | 267 |
frame_add_to_extra_frame (struct frame *frame, const int increment) |
| 262 | 268 |
{
|
| 263 | 269 |
frame->extra_frame += increment; |
| ... | ... |
@@ -264,14 +264,16 @@ tls_get_cipher_name_pair (const char * cipher_name, size_t len) {
|
| 264 | 264 |
return NULL; |
| 265 | 265 |
} |
| 266 | 266 |
|
| 267 |
-/** |
|
| 268 |
- * Max number of bytes we will add for data structures common to both data and |
|
| 269 |
- * control channel packets (1 byte opcode + 3 bytes peer-id). |
|
| 267 |
+/* |
|
| 268 |
+ * Max number of bytes we will add |
|
| 269 |
+ * for data structures common to both |
|
| 270 |
+ * data and control channel packets. |
|
| 271 |
+ * (opcode only). |
|
| 270 | 272 |
*/ |
| 271 | 273 |
void |
| 272 | 274 |
tls_adjust_frame_parameters(struct frame *frame) |
| 273 | 275 |
{
|
| 274 |
- frame_add_to_extra_frame (frame, 1 + 3); /* space for opcode + peer-id */ |
|
| 276 |
+ frame_add_to_extra_frame (frame, 1); /* space for opcode */ |
|
| 275 | 277 |
} |
| 276 | 278 |
|
| 277 | 279 |
/* |