diff options
author | Steffan Karger | 2015-01-23 20:52:41 +0100 |
---|---|---|
committer | Gert Doering | 2015-01-23 22:17:51 +0100 |
commit | f95010ad247a8998e0c39e394236251fca316849 (patch) | |
tree | 99c764a792e45a70e554bf1e12194e0d97ad6107 /src/openvpn/ssl.c | |
parent | 0c0c178a3d3bc541ccf076f99c54d5aa6908cbcb (diff) | |
download | openvpn-f95010ad247a8998e0c39e394236251fca316849.zip openvpn-f95010ad247a8998e0c39e394236251fca316849.tar.gz |
Account for peer-id in frame size calculation
Data channel packet using P_DATA_V2 will use three bytes extra for the
peer-id. This needs to be accounted for, otherwise OpenVPN will throw
TCP/UDP packet too large on write to [AF_INET]10.1.1.1:1194
warnings.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <1422042761-10014-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9418
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/ssl.c')
-rw-r--r-- | src/openvpn/ssl.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 0bca28d..80293ef 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -264,16 +264,14 @@ tls_get_cipher_name_pair (const char * cipher_name, size_t len) { return NULL; } -/* - * Max number of bytes we will add - * for data structures common to both - * data and control channel packets. - * (opcode only). +/** + * Max number of bytes we will add for data structures common to both data and + * control channel packets (1 byte opcode + 3 bytes peer-id). */ void tls_adjust_frame_parameters(struct frame *frame) { - frame_add_to_extra_frame (frame, 1); /* space for opcode */ + frame_add_to_extra_frame (frame, 1 + 3); /* space for opcode + peer-id */ } /* |