mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
Don't limit max incoming message size based on c2->frame
"Be conservative in what you send, be liberal in what you accept" When receiving packets, the real limitation of how much data we can accept is the size of our internal buffers, not the maximum size we expect incoming packets to have. I ran into this while working on cipher negotiation, which will need separate bookkeeping for the required internal buffer size, and the link/tun MTU. Basing this code on the buffer size instead of c2->frame makes that easier. A nice side-effect of this change is that it simplifies the code. This should also reduce the impact of using asymmetric tun/link MTU's, such as in trac ticket #647. Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1465388443-15484-2-git-send-email-steffan@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/11850 Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
parent
63b3e000c9
commit
3c1b19e047
@ -669,7 +669,6 @@ read_incoming_link (struct context *c)
|
||||
|
||||
status = link_socket_read (c->c2.link_socket,
|
||||
&c->c2.buf,
|
||||
MAX_RW_SIZE_LINK (&c->c2.frame),
|
||||
&c->c2.from);
|
||||
|
||||
if (socket_connection_reset (c->c2.link_socket, status))
|
||||
|
@ -2886,7 +2886,6 @@ union openvpn_pktinfo {
|
||||
static socklen_t
|
||||
link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
|
||||
struct buffer *buf,
|
||||
int maxsize,
|
||||
struct link_socket_actual *from)
|
||||
{
|
||||
struct iovec iov;
|
||||
@ -2895,7 +2894,7 @@ link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
|
||||
socklen_t fromlen = sizeof (from->dest.addr);
|
||||
|
||||
iov.iov_base = BPTR (buf);
|
||||
iov.iov_len = maxsize;
|
||||
iov.iov_len = buf_forward_capacity_total (buf);
|
||||
mesg.msg_iov = &iov;
|
||||
mesg.msg_iovlen = 1;
|
||||
mesg.msg_name = &from->dest.addr;
|
||||
@ -2954,20 +2953,18 @@ link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
|
||||
int
|
||||
link_socket_read_udp_posix (struct link_socket *sock,
|
||||
struct buffer *buf,
|
||||
int maxsize,
|
||||
struct link_socket_actual *from)
|
||||
{
|
||||
socklen_t fromlen = sizeof (from->dest.addr);
|
||||
socklen_t expectedlen = af_addr_size(sock->info.af);
|
||||
addr_zero_host(&from->dest);
|
||||
ASSERT (buf_safe (buf, maxsize));
|
||||
#if ENABLE_IP_PKTINFO
|
||||
/* Both PROTO_UDPv4 and PROTO_UDPv6 */
|
||||
if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
|
||||
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from);
|
||||
fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, from);
|
||||
else
|
||||
#endif
|
||||
buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0,
|
||||
buf->len = recvfrom (sock->sd, BPTR (buf), buf_forward_capacity(buf), 0,
|
||||
&from->dest.addr.sa, &fromlen);
|
||||
/* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
|
||||
if (buf->len >= 0 && expectedlen && fromlen != expectedlen)
|
||||
|
@ -961,7 +961,6 @@ link_socket_read_udp_win32 (struct link_socket *sock,
|
||||
|
||||
int link_socket_read_udp_posix (struct link_socket *sock,
|
||||
struct buffer *buf,
|
||||
int maxsize,
|
||||
struct link_socket_actual *from);
|
||||
|
||||
#endif
|
||||
@ -970,7 +969,6 @@ int link_socket_read_udp_posix (struct link_socket *sock,
|
||||
static inline int
|
||||
link_socket_read (struct link_socket *sock,
|
||||
struct buffer *buf,
|
||||
int maxsize,
|
||||
struct link_socket_actual *from)
|
||||
{
|
||||
if (proto_is_udp(sock->info.proto)) /* unified UDPv4 and UDPv6 */
|
||||
@ -980,7 +978,7 @@ link_socket_read (struct link_socket *sock,
|
||||
#ifdef WIN32
|
||||
res = link_socket_read_udp_win32 (sock, buf, from);
|
||||
#else
|
||||
res = link_socket_read_udp_posix (sock, buf, maxsize, from);
|
||||
res = link_socket_read_udp_posix (sock, buf, from);
|
||||
#endif
|
||||
return res;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user