As reported in trac #716, cipher negotiation (NCP) broke --mssfix. This
patch now also restores the mssfix value after the crypto negotiation.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1473487872-13119-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12436.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -2809,19 +2809,6 @@ do_init_fragment (struct context *c) |
2809 | 2809 |
#endif |
2810 | 2810 |
|
2811 | 2811 |
/* |
2812 |
- * Set the --mssfix option. |
|
2813 |
- */ |
|
2814 |
-static void |
|
2815 |
-do_init_mssfix (struct context *c) |
|
2816 |
-{ |
|
2817 |
- if (c->options.ce.mssfix) |
|
2818 |
- { |
|
2819 |
- frame_set_mtu_dynamic (&c->c2.frame, |
|
2820 |
- c->options.ce.mssfix, SET_MTU_UPPER_BOUND); |
|
2821 |
- } |
|
2822 |
-} |
|
2823 |
- |
|
2824 |
-/* |
|
2825 | 2812 |
* Allocate our socket object. |
2826 | 2813 |
*/ |
2827 | 2814 |
static void |
... | ... |
@@ -3663,7 +3650,7 @@ init_instance (struct context *c, const struct env_set *env, const unsigned int |
3663 | 3663 |
#endif |
3664 | 3664 |
|
3665 | 3665 |
/* initialize dynamic MTU variable */ |
3666 |
- do_init_mssfix (c); |
|
3666 |
+ frame_init_mssfix (&c->c2.frame, &c->options); |
|
3667 | 3667 |
|
3668 | 3668 |
/* bind the TCP/UDP socket */ |
3669 | 3669 |
if (c->mode == CM_P2P || c->mode == CM_TOP || c->mode == CM_CHILD_TCP) |
... | ... |
@@ -35,6 +35,7 @@ |
35 | 35 |
#include "error.h" |
36 | 36 |
#include "integer.h" |
37 | 37 |
#include "mtu.h" |
38 |
+#include "options.h" |
|
38 | 39 |
|
39 | 40 |
#include "memdbg.h" |
40 | 41 |
|
... | ... |
@@ -125,6 +126,15 @@ frame_subtract_extra (struct frame *frame, const struct frame *src) |
125 | 125 |
} |
126 | 126 |
|
127 | 127 |
void |
128 |
+frame_init_mssfix (struct frame *frame, const struct options *options) |
|
129 |
+{ |
|
130 |
+ if (options->ce.mssfix) |
|
131 |
+ { |
|
132 |
+ frame_set_mtu_dynamic (frame, options->ce.mssfix, SET_MTU_UPPER_BOUND); |
|
133 |
+ } |
|
134 |
+} |
|
135 |
+ |
|
136 |
+void |
|
128 | 137 |
frame_print (const struct frame *frame, |
129 | 138 |
int level, |
130 | 139 |
const char *prefix) |
... | ... |
@@ -135,6 +135,9 @@ struct frame { |
135 | 135 |
int align_adjust; |
136 | 136 |
}; |
137 | 137 |
|
138 |
+/* Forward declarations, to prevent includes */ |
|
139 |
+struct options; |
|
140 |
+ |
|
138 | 141 |
/* Routines which read struct frame should use the macros below */ |
139 | 142 |
|
140 | 143 |
/* |
... | ... |
@@ -227,6 +230,9 @@ void alloc_buf_sock_tun (struct buffer *buf, |
227 | 227 |
const bool tuntap_buffer, |
228 | 228 |
const unsigned int align_mask); |
229 | 229 |
|
230 |
+/** Set the --mssfix option. */ |
|
231 |
+void frame_init_mssfix (struct frame *frame, const struct options *options); |
|
232 |
+ |
|
230 | 233 |
/* |
231 | 234 |
* EXTENDED_SOCKET_ERROR_CAPABILITY functions -- print extra error info |
232 | 235 |
* on socket errors, such as PMTU size. As of 2003.05.11, only works |
... | ... |
@@ -1691,6 +1691,7 @@ tls_session_update_crypto_params(struct tls_session *session, |
1691 | 1691 |
options->use_iv, options->replay, packet_id_long_form); |
1692 | 1692 |
frame_finalize(frame, options->ce.link_mtu_defined, options->ce.link_mtu, |
1693 | 1693 |
options->ce.tun_mtu_defined, options->ce.tun_mtu); |
1694 |
+ frame_init_mssfix(frame, options); |
|
1694 | 1695 |
frame_print (frame, D_MTU_INFO, "Data Channel MTU parms"); |
1695 | 1696 |
|
1696 | 1697 |
const struct session_id *client_sid = session->opt->server ? |