Hi Tao,
On 04/20/2017 04:36 PM, Tao Wu wrote:
This bug was introduced by https://github.com/qemu/qemu/commit/98c6305
Nice catch...
In 98c6305 Guillaume probably missed parentheses :S
- mss = min(IF_MTU, IF_MRU) - sizeof(struct tcpiphdr);
+ mss = min(IF_MTU, IF_MRU) - sizeof(struct tcphdr) + sizeof(struct ip);
This would have been ok:
mss = min(IF_MTU, IF_MRU) - (sizeof(struct tcphdr) + sizeof(struct ip));
"The MSS value to be sent in an MSS option should be equal to the
effective MTU minus the fixed IP and TCP headers." (RFC6691)
Signed-off-by: Tao Wu <lep...@google.com>
Reviewed-by: Philippe Mathieu-Daudé <f4...@amsat.org>
---
slirp/tcp_input.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/slirp/tcp_input.c b/slirp/tcp_input.c
index edb98f06f3..07bcbdb2dd 100644
--- a/slirp/tcp_input.c
+++ b/slirp/tcp_input.c
@@ -1587,11 +1587,11 @@ tcp_mss(struct tcpcb *tp, u_int offer)
switch (so->so_ffamily) {
case AF_INET:
mss = MIN(IF_MTU, IF_MRU) - sizeof(struct tcphdr)
- + sizeof(struct ip);
+ - sizeof(struct ip);
break;
case AF_INET6:
mss = MIN(IF_MTU, IF_MRU) - sizeof(struct tcphdr)
- + sizeof(struct ip6);
+ - sizeof(struct ip6);
break;
default:
g_assert_not_reached();
