From patchwork Thu Feb 10 05:26:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2277 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id /G7DFvw8BWLvdAAAqwncew (envelope-from ) for ; Thu, 10 Feb 2022 11:27:40 -0500 Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6]) by director13.mail.ord1d.rsapps.net with LMTP id aOUJNfw8BWLFTQAA91zNiA (envelope-from ) for ; Thu, 10 Feb 2022 11:27:40 -0500 Received: from smtp14.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy11.mail.ord1d.rsapps.net with LMTPS id iHwnAeg8BWKgOQAAgKDEHA (envelope-from ) for ; Thu, 10 Feb 2022 11:27:20 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp14.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 5d86d594-8a8e-11ec-b1d1-525400504bae-1-1 Received: from [216.105.38.7] ([216.105.38.7:37516] helo=lists.sourceforge.net) by smtp14.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id D9/8E-21562-CFC35026; Thu, 10 Feb 2022 11:27:40 -0500 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nICHR-0001hE-04; Thu, 10 Feb 2022 16:26:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nICHP-0001gy-J2 for openvpn-devel@lists.sourceforge.net; Thu, 10 Feb 2022 16:26:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VjaBtFkgVazkfAsn/KW/PE41gdffnGa9SQz22L4v+p4=; b=I/tK9vHkZVQcez6lw4OyN9bNyD HH41oAqPhqHk3kVPVCvD03OULhp/UdJQ/CwW2ZyOAkf/sOyMrM9XALorh3U3STiTKkhuGuDM2DVN1 4Tspo+5brge8ssWgVJ6SITBvAS7QbREeE5d3paZ4XDFQ6qPg/ToxWEQcPYwbTScPH3P0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=VjaBtFkgVazkfAsn/KW/PE41gdffnGa9SQz22L4v+p4=; b=Z GoVdHQVp8ckgQqmVQHpPspDkrbV2xJMGyRHD8UZ0JWMMFAppSN+j35zqAWdKB1lype+QjsETUUCPg F5FWOX4HuEN1iId8ChL7mXeLM31KPFrHNl3BkfHJIc3fDk5eYIxdKAQKHcFWs8JcYZkBaW22Gx7Et 1wnUaLjtBwPPCvF8=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nICHJ-00DbNW-S8 for openvpn-devel@lists.sourceforge.net; Thu, 10 Feb 2022 16:26:46 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1nICHA-00060E-A5 for openvpn-devel@lists.sourceforge.net; Thu, 10 Feb 2022 17:26:32 +0100 Received: (nullmailer pid 3310020 invoked by uid 10006); Thu, 10 Feb 2022 16:26:32 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Thu, 10 Feb 2022 17:26:25 +0100 Message-Id: <20220210162632.3309974-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This always uses the configured MTU size instead relying on the calculated MTU size. Patch v4: Fix a few overlooked TUN_MTU_SIZE. Signed-off-by: Arne Schwabe --- src/openvpn/forward.c | 2 +- src/openvpn/init.c | 20 ++++++++++ src/openvpn/mtu.c | 4 ++-- src/openvpn/mtu.h | 5 ----- 4 files changed, 13 [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1nICHJ-00DbNW-S8 Subject: [Openvpn-devel] [PATCH v4 1/8] Replace TUN_MTU_SIZE with frame->tun_mtu X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This always uses the configured MTU size instead relying on the calculated MTU size. Patch v4: Fix a few overlooked TUN_MTU_SIZE. Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/forward.c | 2 +- src/openvpn/init.c | 20 ++++++++++---------- src/openvpn/mtu.c | 4 ++-- src/openvpn/mtu.h | 5 ----- 4 files changed, 13 insertions(+), 18 deletions(-) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index af041179..dcc430d4 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -1381,7 +1381,7 @@ ipv6_send_icmp_unreachable(struct context *c, struct buffer *buf, bool client) * packet */ int max_payload_size = min_int(MAX_ICMPV6LEN, - TUN_MTU_SIZE(&c->c2.frame) - icmpheader_len); + c->c2.frame.tun_mtu - icmpheader_len); int payload_len = min_int(max_payload_size, BLEN(&inputipbuf)); pip6out.payload_len = htons(sizeof(struct openvpn_icmp6hdr) + payload_len); diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 8e1e43cb..4c799f19 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1735,7 +1735,7 @@ do_open_tun(struct context *c) c->options.dev_type, c->options.dev_node, &gc); - do_ifconfig(c->c1.tuntap, guess, TUN_MTU_SIZE(&c->c2.frame), c->c2.es, + do_ifconfig(c->c1.tuntap, guess, c->c2.frame.tun_mtu, c->c2.es, &c->net_ctx); } @@ -1766,7 +1766,7 @@ do_open_tun(struct context *c) && ifconfig_order() == IFCONFIG_AFTER_TUN_OPEN) { do_ifconfig(c->c1.tuntap, c->c1.tuntap->actual_name, - TUN_MTU_SIZE(&c->c2.frame), c->c2.es, &c->net_ctx); + c->c2.frame.tun_mtu, c->c2.es, &c->net_ctx); } /* run the up script */ @@ -1778,7 +1778,7 @@ do_open_tun(struct context *c) c->c1.tuntap->adapter_index, #endif dev_type_string(c->options.dev, c->options.dev_type), - TUN_MTU_SIZE(&c->c2.frame), + c->c2.frame.tun_mtu, print_in_addr_t(c->c1.tuntap->local, IA_EMPTY_IF_UNDEF, &gc), print_in_addr_t(c->c1.tuntap->remote_netmask, IA_EMPTY_IF_UNDEF, &gc), "init", @@ -1827,7 +1827,7 @@ else c->c1.tuntap->adapter_index, #endif dev_type_string(c->options.dev, c->options.dev_type), - TUN_MTU_SIZE(&c->c2.frame), + c->c2.frame.tun_mtu, print_in_addr_t(c->c1.tuntap->local, IA_EMPTY_IF_UNDEF, &gc), print_in_addr_t(c->c1.tuntap->remote_netmask, IA_EMPTY_IF_UNDEF, &gc), "restart", @@ -1906,7 +1906,7 @@ do_close_tun(struct context *c, bool force) adapter_index, #endif NULL, - TUN_MTU_SIZE(&c->c2.frame), + c->c2.frame.tun_mtu, print_in_addr_t(local, IA_EMPTY_IF_UNDEF, &gc), print_in_addr_t(remote_netmask, IA_EMPTY_IF_UNDEF, &gc), "init", @@ -1936,7 +1936,7 @@ do_close_tun(struct context *c, bool force) adapter_index, #endif NULL, - TUN_MTU_SIZE(&c->c2.frame), + c->c2.frame.tun_mtu, print_in_addr_t(local, IA_EMPTY_IF_UNDEF, &gc), print_in_addr_t(remote_netmask, IA_EMPTY_IF_UNDEF, &gc), "init", @@ -1974,7 +1974,7 @@ do_close_tun(struct context *c, bool force) adapter_index, #endif NULL, - TUN_MTU_SIZE(&c->c2.frame), + c->c2.frame.tun_mtu, print_in_addr_t(local, IA_EMPTY_IF_UNDEF, &gc), print_in_addr_t(remote_netmask, IA_EMPTY_IF_UNDEF, &gc), "restart", @@ -2154,7 +2154,7 @@ void adjust_mtu_peerid(struct context *c) { msg(M_WARN, "OPTIONS IMPORT: WARNING: peer-id set, but link-mtu" " fixed by config - reducing tun-mtu to %d, expect" - " MTU problems", TUN_MTU_SIZE(&c->c2.frame)); + " MTU problems", c->c2.frame.tun_mtu); } } @@ -3185,11 +3185,11 @@ do_init_frame(struct context *c) #ifdef ENABLE_FRAGMENT if ((c->options.ce.mssfix || c->options.ce.fragment) - && TUN_MTU_SIZE(&c->c2.frame_fragment) != ETHERNET_MTU) + && c->c2.frame.tun_mtu != ETHERNET_MTU) { msg(M_WARN, "WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu %d (currently it is %d)", - ETHERNET_MTU, TUN_MTU_SIZE(&c->c2.frame_fragment)); + ETHERNET_MTU, c->c2.frame.tun_mtu); } #endif } diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c index d014d2b8..783fcc5f 100644 --- a/src/openvpn/mtu.c +++ b/src/openvpn/mtu.c @@ -229,9 +229,9 @@ frame_finalize(struct frame *frame, frame->link_mtu = link_mtu; } - if (TUN_MTU_SIZE(frame) < TUN_MTU_MIN) + if (frame->tun_mtu < TUN_MTU_MIN) { - msg(M_WARN, "TUN MTU value (%d) must be at least %d", TUN_MTU_SIZE(frame), TUN_MTU_MIN); + msg(M_WARN, "TUN MTU value (%d) must be at least %d", frame->tun_mtu, TUN_MTU_MIN); frame_print(frame, M_FATAL, "MTU is too small"); } diff --git a/src/openvpn/mtu.h b/src/openvpn/mtu.h index ef8ac4ab..7a6cdcb4 100644 --- a/src/openvpn/mtu.h +++ b/src/openvpn/mtu.h @@ -184,11 +184,6 @@ struct options; */ #define TUN_LINK_DELTA(f) ((f)->extra_frame + (f)->extra_tun) -/* - * This is the size to "ifconfig" the tun or tap device. - */ -#define TUN_MTU_SIZE(f) ((f)->link_mtu - TUN_LINK_DELTA(f)) - /* * This is the maximum packet size that we need to be able to * read from or write to a tun or tap device. For example,