Added SOCKET_SND_RCV_BUF_MAX constant (set to 1000000) to limit the

maximum size passed to setsockopt SNDBUF/RCVBUF.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3062 e7ae566f-a301-0410-adde-c780ea21d3b5

diff --git a/socket.c b/socket.c
index ffb8c111e9202e7fb3aef3584c2c62b7a2938af7..135fb0ea4d1b36059d8f45f59fbd44ef3566bebd 100644 (file)
--- a/socket.c
+++ b/socket.c
@@ -292,9 +292,12 @@ static void
 socket_set_sndbuf (int sd, int size)
 {
 #if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_SNDBUF)
-  if (setsockopt (sd, SOL_SOCKET, SO_SNDBUF, (void *) &size, sizeof (size)) != 0)
+  if (size > 0 && size < SOCKET_SND_RCV_BUF_MAX)
     {
-      msg (M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
+      if (setsockopt (sd, SOL_SOCKET, SO_SNDBUF, (void *) &size, sizeof (size)) != 0)
+       {
+         msg (M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
+       }
     }
 #endif
 }
@@ -318,10 +321,13 @@ static bool
 socket_set_rcvbuf (int sd, int size)
 {
 #if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_RCVBUF)
-  if (setsockopt (sd, SOL_SOCKET, SO_RCVBUF, (void *) &size, sizeof (size)) != 0)
+  if (size > 0 && size < SOCKET_SND_RCV_BUF_MAX)
     {
-      msg (M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
-      return false;
+      if (setsockopt (sd, SOL_SOCKET, SO_RCVBUF, (void *) &size, sizeof (size)) != 0)
+       {
+         msg (M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
+         return false;
+       }
     }
   return true;
 #endif

diff --git a/socket.h b/socket.h
index bb03f2fe93ace89c3115d4f267a9a9006be21c33..3d25f5e7b2fcc5c4064693bb6769cb5ce1316927 100644 (file)
--- a/socket.h
+++ b/socket.h
@@ -41,6 +41,11 @@
  */
 #define OPENVPN_PORT 1194
 
+/*
+ * Maximum size passed passed to setsockopt SNDBUF/RCVBUF
+ */
+#define SOCKET_SND_RCV_BUF_MAX 1000000
+
 /*
  * Number of seconds that "resolv-retry infinite"
  * represents.