From patchwork Sat Jan 1 05:25:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2201 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id ID72D7uA0GFyLAAAqwncew (envelope-from ) for ; Sat, 01 Jan 2022 11:26:35 -0500 Received: from proxy6.mail.ord1d.rsapps.net ([172.30.191.6]) by director7.mail.ord1d.rsapps.net with LMTP id 0CWJEruA0GH2QAAAovjBpQ (envelope-from ) for ; Sat, 01 Jan 2022 11:26:35 -0500 Received: from smtp4.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.ord1d.rsapps.net with LMTPS id sxlnEruA0GFLDgAAQyIf0w (envelope-from ) for ; Sat, 01 Jan 2022 11:26:35 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp4.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 95f283d0-6b1f-11ec-bd87-525400760ffc-1-1 Received: from [216.105.38.7] ([216.105.38.7:55172] helo=lists.sourceforge.net) by smtp4.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 7A/2B-07260-AB080D16; Sat, 01 Jan 2022 11:26:35 -0500 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1n3hCX-0000Fs-HM; Sat, 01 Jan 2022 16:25:49 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1n3hCU-0000EZ-GE for openvpn-devel@lists.sourceforge.net; Sat, 01 Jan 2022 16:25:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=LnJ4AWdI39a3kP6daAqrWBp/avygd5G8vTUexHGQt08=; b=YwGcQpbIaqPA+yRoLuIYinS2b5 rpqZOGhi9snD1UpdST5MybM/vHM7F+HbOw+qk4AUv1+MizGNNX+d4y2jaG3JMRQGtzWRUW/jmOWVO RsrwMXk49nLxPORw8MlMgKHtUzG7/LdpFBbak4hjaFOnwTruIHaYUZG3pXXAQjYFxgwo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=LnJ4AWdI39a3kP6daAqrWBp/avygd5G8vTUexHGQt08=; b=i2mLSXrLylVc0Pc036mSmnLj/e qNU/WnryVfwhwMoP/K0uAnNjKQxCmr2dEuCF382RN7GU9cQizB65kHiKIVL5pLiggLE+XXekw9SUv ARvvtHlrBR3p4pGts9NV+i/RR+3kCqFhFjeKpuyi1tKhH909IEZsHA7FlzGKh3KDyKHs=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1n3hCT-00GV3t-6a for openvpn-devel@lists.sourceforge.net; Sat, 01 Jan 2022 16:25:46 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1n3hCH-000Fg4-9D for openvpn-devel@lists.sourceforge.net; Sat, 01 Jan 2022 17:25:33 +0100 Received: (nullmailer pid 2251890 invoked by uid 10006); Sat, 01 Jan 2022 16:25:32 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Sat, 1 Jan 2022 17:25:22 +0100 Message-Id: <20220101162532.2251835-5-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220101162532.2251835-1-arne@rfc2549.org> References: <20220101162532.2251835-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This function is supposed to calculate the overhead of the protocol header (IP/IPv6 + TCP/UDP). But at some point the index that used to index the array proto_overhead and the associated PROTO_N went [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1n3hCT-00GV3t-6a Subject: [Openvpn-devel] [PATCH v3 04/14] Fix datagram_overhead and assorted functions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This function is supposed to calculate the overhead of the protocol header (IP/IPv6 + TCP/UDP). But at some point the index that used to index the array proto_overhead and the associated PROTO_N went completely out of sync. This fixed the function and related caller to again calculate the overhead as intended. Note that IPv6 mapped IPv4 addresses still have the wrong overhead calculated as they treated as IPv6 addresses (0:0:0:0:0:ffff::/96) Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/forward.c | 10 ++++++---- src/openvpn/socket.c | 16 +++------------- src/openvpn/socket.h | 17 ++++++----------- 3 files changed, 15 insertions(+), 28 deletions(-) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index c971c6bd..6de6b4d4 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -480,10 +480,10 @@ check_fragment(struct context *c) struct link_socket_info *lsi = get_link_socket_info(c); /* OS MTU Hint? */ - if (lsi->mtu_changed) + if (lsi->mtu_changed && lsi->lsa) { frame_adjust_path_mtu(&c->c2.frame_fragment, c->c2.link_socket->mtu, - c->options.ce.proto); + lsi->lsa->actual.dest.addr.sa.sa_family, lsi->proto); lsi->mtu_changed = false; } @@ -1565,8 +1565,10 @@ process_outgoing_link(struct context *c) */ if (c->options.shaper) { - shaper_wrote_bytes(&c->c2.shaper, BLEN(&c->c2.to_link) - + datagram_overhead(c->options.ce.proto)); + int overhead = datagram_overhead(c->c2.to_link_addr->dest.addr.sa.sa_family, + c->options.ce.proto); + shaper_wrote_bytes(&c->c2.shaper, + BLEN(&c->c2.to_link) + overhead); } /* diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index df736746..93d2e61e 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -44,17 +44,6 @@ #include "memdbg.h" -const int proto_overhead[] = { /* indexed by PROTO_x */ - 0, - IPv4_UDP_HEADER_SIZE, /* IPv4 */ - IPv4_TCP_HEADER_SIZE, - IPv4_TCP_HEADER_SIZE, - IPv6_UDP_HEADER_SIZE, /* IPv6 */ - IPv6_TCP_HEADER_SIZE, - IPv6_TCP_HEADER_SIZE, - IPv6_TCP_HEADER_SIZE, -}; - /* * Convert sockflags/getaddr_flags into getaddr_flags */ @@ -1660,9 +1649,10 @@ socket_frame_init(const struct frame *frame, struct link_socket *sock) * to us by the OS. */ void -frame_adjust_path_mtu(struct frame *frame, int pmtu, int proto) +frame_adjust_path_mtu(struct frame *frame, int pmtu, sa_family_t af, int proto) { - frame_set_mtu_dynamic(frame, pmtu - datagram_overhead(proto), SET_MTU_UPPER_BOUND); + frame_set_mtu_dynamic(frame, pmtu - datagram_overhead(af, proto), + SET_MTU_UPPER_BOUND); } static void diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index cc1e0c36..936ef262 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -300,7 +300,7 @@ void do_preresolve(struct context *c); void socket_adjust_frame_parameters(struct frame *frame, int proto); -void frame_adjust_path_mtu(struct frame *frame, int pmtu, int proto); +void frame_adjust_path_mtu(struct frame *frame, int pmtu, sa_family_t af, int proto); void link_socket_close(struct link_socket *sock); @@ -579,18 +579,13 @@ const char *addr_family_name(int af); /* * Overhead added to packets by various protocols. */ -#define IPv4_UDP_HEADER_SIZE 28 -#define IPv4_TCP_HEADER_SIZE 40 -#define IPv6_UDP_HEADER_SIZE 48 -#define IPv6_TCP_HEADER_SIZE 60 - -extern const int proto_overhead[]; - static inline int -datagram_overhead(int proto) +datagram_overhead(sa_family_t af, int proto) { - ASSERT(proto >= 0 && proto < PROTO_N); - return proto_overhead [proto]; + int overhead = 0; + overhead += (proto == PROTO_UDP) ? 8 : 20; + overhead += (af == AF_INET) ? 20 : 40; + return overhead; } /*