@@ -700,7 +700,7 @@ crypto_adjust_frame_parameters(struct frame *frame,
bool packet_id,
bool packet_id_long_form)
{
- size_t crypto_overhead = 0;
+ unsigned int crypto_overhead = 0;
if (packet_id)
{
@@ -725,10 +725,10 @@ crypto_adjust_frame_parameters(struct frame *frame,
frame_add_to_extra_frame(frame, crypto_overhead);
msg(D_MTU_DEBUG, "%s: Adjusting frame parameters for crypto by %u bytes",
- __func__, (unsigned int) crypto_overhead);
+ __func__, crypto_overhead);
}
-size_t
+unsigned int
crypto_max_overhead(void)
{
return packet_id_size(true) + OPENVPN_MAX_IV_LENGTH
@@ -418,7 +418,7 @@ void crypto_adjust_frame_parameters(struct frame *frame,
bool packet_id_long_form);
/** Return the worst-case OpenVPN crypto overhead (in bytes) */
-size_t crypto_max_overhead(void);
+unsigned int crypto_max_overhead(void);
/* Minimum length of the nonce used by the PRNG */
#define NONCE_SECRET_LEN_MIN 16
@@ -271,12 +271,18 @@ frame_add_to_link_mtu(struct frame *frame, const int increment)
}
static inline void
-frame_add_to_extra_frame(struct frame *frame, const int increment)
+frame_add_to_extra_frame(struct frame *frame, const unsigned int increment)
{
frame->extra_frame += increment;
}
static inline void
+frame_remove_from_extra_frame(struct frame *frame, const unsigned int decrement)
+{
+ frame->extra_frame -= decrement;
+}
+
+static inline void
frame_add_to_extra_tun(struct frame *frame, const int increment)
{
frame->extra_tun += increment;
@@ -3509,7 +3509,7 @@ calc_options_string_link_mtu(const struct options *o, const struct frame *frame)
struct key_type fake_kt;
init_key_type(&fake_kt, o->ciphername, o->authname, o->keysize, true,
false);
- frame_add_to_extra_frame(&fake_frame, -(crypto_max_overhead()));
+ frame_remove_from_extra_frame(&fake_frame, crypto_max_overhead());
crypto_adjust_frame_parameters(&fake_frame, &fake_kt, o->replay,
cipher_kt_mode_ofb_cfb(fake_kt.cipher));
frame_finalize(&fake_frame, o->ce.link_mtu_defined, o->ce.link_mtu,
@@ -1987,7 +1987,7 @@ tls_session_update_crypto_params(struct tls_session *session,
}
/* Update frame parameters: undo worst-case overhead, add actual overhead */
- frame_add_to_extra_frame(frame, -(crypto_max_overhead()));
+ frame_remove_from_extra_frame(frame, crypto_max_overhead());
crypto_adjust_frame_parameters(frame, &session->opt->key_type,
options->replay, packet_id_long_form);
frame_finalize(frame, options->ce.link_mtu_defined, options->ce.link_mtu,