From patchwork Tue Feb 22 00:38:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 2309 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.27.255.9]) by backend41.mail.ord1d.rsapps.net with LMTP id 0MwJO4HLFGJZcwAAqwncew (envelope-from ) for ; Tue, 22 Feb 2022 06:39:45 -0500 Received: from proxy2.mail.iad3a.rsapps.net ([172.27.255.9]) by director8.mail.ord1d.rsapps.net with LMTP id aLpFBoLLFGKlFwAAfY0hYg (envelope-from ) for ; Tue, 22 Feb 2022 06:39:46 -0500 Received: from smtp20.gate.iad3a ([172.27.255.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.iad3a.rsapps.net with LMTPS id IAwgO4HLFGLLawAABcWvHw (envelope-from ) for ; Tue, 22 Feb 2022 06:39:45 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp20.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: 21914a70-93d4-11ec-ac2a-525400aab2f3-1-1 Received: from [216.105.38.7] ([216.105.38.7:35418] helo=lists.sourceforge.net) by smtp20.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 95/DD-05452-18BC4126; Tue, 22 Feb 2022 06:39:45 -0500 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nMTVG-0004ig-Oj; Tue, 22 Feb 2022 11:38:45 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nMTVF-0004ia-8r for openvpn-devel@lists.sourceforge.net; Tue, 22 Feb 2022 11:38:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=z3A2wYf6sFGAPp+j9yUaMdTSHzROKfQF0i47dqDdeHU=; b=gqsuRbOYahx9V7VcLpGI/ePalE gPOxxieXukOVfh2HfoMpHv2uYVfVupkuuwsFpVX/S5aJlPEBHTJdKNbtkKfxRK5RI/+ofz7lv9qlg 3a6nUwGGXHbcEzeIFH18m6cuMqDHhAIjajqUmIJEtG5R+W/xi6HFgMvam2I2xjM56ydg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=z3A2wYf6sFGAPp+j9yUaMdTSHzROKfQF0i47dqDdeHU=; b=mVtw1NGMOVkUiCGxzzKsOLUbU6 3zvy0cB1skpybLGNeXDsaNAgjCutW9WUltE7PEvhtmsNpST4A9A86WCorBI4MXI2fWKIBsHwwFPQ4 M8MgOd9JN+/EMBH+ZNAxOAWfzkWi50jiOOWHZPQonwXhfj0OnrhN/jYDVOdAH9P0VgQM=; Received: from dhcp-174.greenie.muc.de ([193.149.48.174] helo=blue.greenie.muc.de) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nMTV9-00BEVE-Uv for openvpn-devel@lists.sourceforge.net; Tue, 22 Feb 2022 11:38:43 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.15.2/8.14.9) with ESMTP id 21MBcXMd013432 for ; Tue, 22 Feb 2022 12:38:33 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.15.2/8.14.9/Submit) id 21MBcXAn013431 for openvpn-devel@lists.sourceforge.net; Tue, 22 Feb 2022 12:38:33 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Tue, 22 Feb 2022 12:38:32 +0100 Message-Id: <20220222113832.13383-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.26.3 In-Reply-To: <20220221173818.10693-1-gert@greenie.muc.de> References: <20220221173818.10693-1-gert@greenie.muc.de> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: --mtu-disc (on Linux) needs two components to work: - setsockopt() with IP_MTU_DISCOVER or IPV6_MTU_DISCOVER - "extended error reporting" (setsockopt(IP_RECVERR) and then via mtu.c/format_extended_soc [...] Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1nMTV9-00BEVE-Uv Subject: [Openvpn-devel] [PATCH v2] Fix --mtu-disc maybe|yes on Linux. X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox --mtu-disc (on Linux) needs two components to work: - setsockopt() with IP_MTU_DISCOVER or IPV6_MTU_DISCOVER - "extended error reporting" (setsockopt(IP_RECVERR) and then via mtu.c/format_extended_socket_error()) to react on "packet too big" errors on sendto() / sendmsg() Some configure.ac reorganization broke detection of and "struct sock_extended_err". Re-add to configure.ac, remove all the other conditionals in syshead.h, and remove the "struct sock_extended_err" check completely (assumption: if errqueue.h exists, it contains what we need). Thus, the "non-helpful" socket error message turns into: 2022-02-22 12:31:42 write UDPv4 [EMSGSIZE Path-MTU=800]: Message too long (fd=3,code=90) 2022-02-22 12:31:42 Note adjusting 'mssfix 1400 mtu' to 'mssfix 800 mtu' according to path MTU discovery 2022-02-22 12:31:42 Note adjusting 'fragment 1400 mtu' to 'fragment 800 mtu' according to path MTU discovery ... while at it, fix extra space in first part of these messages, and print o->ce.fragment for the "fragment" message... v2: assume that "if it's linux, and has these two headers, everything else will be there as well" and get rid of most of the #ifdef checks Trac: #1452 Signed-off-by: Gert Doering Acked-By: Arne Schwabe --- configure.ac | 8 +------- src/openvpn/mss.c | 6 +++--- src/openvpn/syshead.h | 2 +- 3 files changed, 5 insertions(+), 11 deletions(-) diff --git a/configure.ac b/configure.ac index d42185d0..9c898718 100644 --- a/configure.ac +++ b/configure.ac @@ -425,7 +425,7 @@ AC_CHECK_HEADERS([ \ unistd.h libgen.h stropts.h \ syslog.h pwd.h grp.h termios.h \ sys/sockio.h sys/uio.h linux/sockios.h \ - linux/types.h poll.h sys/epoll.h err.h \ + linux/types.h linux/errqueue.h poll.h sys/epoll.h err.h \ ]) SOCKET_INCLUDES=" @@ -484,12 +484,6 @@ AC_CHECK_TYPE( , [[${SOCKET_INCLUDES}]] ) -AC_CHECK_TYPE( - [struct sock_extended_err], - [AC_DEFINE([HAVE_SOCK_EXTENDED_ERR], [1], [struct sock_extended_err needed for extended socket error support])], - , - [[${SOCKET_INCLUDES}]] -) AC_CHECK_TYPE( [struct msghdr], [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c index 81692e91..25b26405 100644 --- a/src/openvpn/mss.c +++ b/src/openvpn/mss.c @@ -361,7 +361,7 @@ frame_adjust_path_mtu(struct context *c) || (o->ce.mssfix_encap && pmtu < o->ce.mssfix + encap_overhead)) { const char* mtustr = o->ce.mssfix_encap ? " mtu" : ""; - msg(D_MTU_INFO, "Note adjusting 'mssfix %d %s' to 'mssfix %d mtu' " + msg(D_MTU_INFO, "Note adjusting 'mssfix %d%s' to 'mssfix %d mtu' " "according to path MTU discovery", o->ce.mssfix, mtustr, pmtu); o->ce.mssfix = pmtu; @@ -374,8 +374,8 @@ frame_adjust_path_mtu(struct context *c) (o->ce.fragment_encap && pmtu < o->ce.fragment + encap_overhead)) { const char* mtustr = o->ce.fragment_encap ? " mtu" : ""; - msg(D_MTU_INFO, "Note adjusting 'fragment %d %s' to 'fragment %d mtu' " - "according to path MTU discovery", o->ce.mssfix, + msg(D_MTU_INFO, "Note adjusting 'fragment %d%s' to 'fragment %d mtu' " + "according to path MTU discovery", o->ce.fragment, mtustr, pmtu); o->ce.fragment = pmtu; o->ce.fragment_encap = true; diff --git a/src/openvpn/syshead.h b/src/openvpn/syshead.h index d699c608..a638b3dd 100644 --- a/src/openvpn/syshead.h +++ b/src/openvpn/syshead.h @@ -371,7 +371,7 @@ typedef int MIB_TCP_STATE; /* * Do we have the capability to report extended socket errors? */ -#if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) && defined(HAVE_SOCK_EXTENDED_ERR) && defined(HAVE_MSGHDR) && defined(HAVE_CMSGHDR) && defined(CMSG_FIRSTHDR) && defined(CMSG_NXTHDR) && defined(IP_RECVERR) && defined(MSG_ERRQUEUE) && defined(SOL_IP) +#if defined(HAVE_LINUX_TYPES_H) && defined(HAVE_LINUX_ERRQUEUE_H) #define EXTENDED_SOCKET_ERROR_CAPABILITY 1 #else #define EXTENDED_SOCKET_ERROR_CAPABILITY 0