> Arne Schwabe <a...@rfc2549.org> hat am 07.12.2021 18:01 geschrieben:
[...]
> diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c
> index aa5b68ce9..56dea0292 100644
> --- a/src/openvpn/mss.c
> +++ b/src/openvpn/mss.c
[...]
> @@ -204,3 +206,41 @@ mss_fixup_dowork(struct buffer *buf, uint16_t maxmss)
> }
> }
> }
> +
> +void
> +frame_calculate_mssfix(struct frame *frame, struct key_type *kt,
> + const struct options *options)
> +{
> + if (options->ce.mssfix == 0)
> + {
> + return;
> + }
Wouldn't an ASSERT be better here? This essentially should never happen because
ce.mssfix is initialized
to MSSFIX_DEFAULT, anyway. If you handle this without an error here it looks
like this will just explode
later in mss_fixup_dowork. An ASSERT might be easier and cleaner.
> + unsigned int payload_size;
> + unsigned int overhead;
> +
> +
> + payload_size = frame_calculate_payload_size(frame, options);
> +
> + overhead = frame_calculate_protocol_header_size(kt, options,
> + payload_size, false);
> +
> + /* Calculate the number of bytes that the payload differs from the
> payload
> + * MTU. This are fragment/compression/ethernet headers */
> + unsigned payload_overhead = frame_calculate_payload_overhead(frame,
> options, true);
> +
> + /* We are in a "liberal" position with respect to MSS,
> + * i.e. we assume that MSS can be calculated from MTU
> + * by subtracting out only the IP and TCP header sizes
> + * without options.
> + *
> + * (RFC 879, section 7). */
> +
> + /* Add 20 bytes for the IPv4 header and TCP header of the payload,
> + * the mssfix routes will add 20 extra if payload is IPv6 */
> + overhead += 20 + 20;
> +
> + /* Calculate the maximum MSS value from the max link layer size specified
> + * by ce.mssfix */
> + frame->mss_fix = options->ce.mssfix - overhead - payload_overhead;
> +}
> \ No newline at end of file
Regards,
--
Frank Lichtenheld
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
