Ensure that dco keepalive and mssfix options are also set in pure p2p mode

Trac: #1476
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221219174027.2567505-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20221219174027.2567505-1-arne@rfc2549.org
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index 7f5e69e3e1781bb836f476d0b15abe8f7641eaf3..cd4083c4968b3cb6b5d469bd86048ea20067283c 100644 (file)
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -461,6 +461,9 @@ dco_set_peer(dco_context_t *dco, unsigned int peerid,
     nvlist_t *nvl;
     int ret;
 
+    msg(D_DCO_DEBUG, "%s: peer-id %d, ping interval %d, ping timeout %d",
+        __func__, peerid, keepalive_interval, keepalive_timeout);
+
     nvl = nvlist_create(0);
     nvlist_add_number(nvl, "peerid", peerid);
     nvlist_add_number(nvl, "interval", keepalive_interval);

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index e36014730cf4f704b9ef76cca2ab5670f9516c06..409a8be2a39d7a3e020d1d9100a31a5880f20048 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2119,6 +2119,26 @@ options_hash_changed_or_zero(const struct sha256_digest *a,
            || !memcmp(a, &zero, sizeof(struct sha256_digest));
 }
 
+static bool
+p2p_set_dco_keepalive(struct context *c)
+{
+    if (dco_enabled(&c->options)
+        && (c->options.ping_send_timeout || c->c2.frame.mss_fix))
+    {
+        int ret = dco_set_peer(&c->c1.tuntap->dco,
+                               c->c2.tls_multi->dco_peer_id,
+                               c->options.ping_send_timeout,
+                               c->options.ping_rec_timeout,
+                               c->c2.frame.mss_fix);
+        if (ret < 0)
+        {
+            msg(D_DCO, "Cannot set parameters for DCO peer (id=%u): %s",
+                c->c2.tls_multi->dco_peer_id, strerror(-ret));
+            return false;
+        }
+    }
+    return true;
+}
 /**
  * This function is expected to be invoked after open_tun() was performed.
  *
@@ -2147,22 +2167,6 @@ do_deferred_options_part2(struct context *c)
         return false;
     }
 
-    if (dco_enabled(&c->options)
-        && (c->options.ping_send_timeout || c->c2.frame.mss_fix))
-    {
-        int ret = dco_set_peer(&c->c1.tuntap->dco,
-                               c->c2.tls_multi->dco_peer_id,
-                               c->options.ping_send_timeout,
-                               c->options.ping_rec_timeout,
-                               c->c2.frame.mss_fix);
-        if (ret < 0)
-        {
-            msg(D_DCO, "Cannot set parameters for DCO peer (id=%u): %s",
-                c->c2.tls_multi->dco_peer_id, strerror(-ret));
-            return false;
-        }
-    }
-
     return true;
 }
 
@@ -2265,6 +2269,12 @@ do_up(struct context *c, bool pulled_options, unsigned int option_types_found)
             }
         }
 
+        if (c->mode == MODE_POINT_TO_POINT && !p2p_set_dco_keepalive(c))
+        {
+            msg(D_TLS_ERRORS, "ERROR: Failed to apply DCO keepalive or MSS fix parameters");
+            return false;
+        }
+
         if (c->c2.did_open_tun)
         {
             c->c1.pulled_options_digest_save = c->c2.pulled_options_digest;