Message ID | 20230301091851.82243-1-kprovost@netgate.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,1/2] configure: improve FreeBSD DCO check | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Straightforward :-) - and we really shouldn't divide by zero.. I have adjusted the message to read "--fragment ..." (with dashes), because that's what we seem to do in other option-related error messages. Your patch has been applied to the master and release/2.6 branch. commit 78e504210add19343e65f5c5b80be9ea6e9e95ab (master) commit b9a9de156bc3ad517bfc6d1042ad0ef0350b638e (release/2.6) Author: Kristof Provost Date: Wed Mar 1 10:18:51 2023 +0100 options.c: enforce a minimal fragment size Signed-off-by: Kristof Provost <kprovost@netgate.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20230301091851.82243-1-kprovost@netgate.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26313.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 9105449c..9f79da09 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -6549,6 +6549,12 @@ add_option(struct options *options, VERIFY_PERMISSION(OPT_P_MTU|OPT_P_CONNECTION); options->ce.fragment = positive_atoi(p[1]); + if (options->ce.fragment < 68) + { + msg(msglevel, "fragment needs to be at least 68"); + goto err; + } + if (p[2] && streq(p[2], "mtu")) { options->ce.fragment_encap = true;