From: Ondrej Zajicek Date: Mon, 2 Dec 2024 05:38:59 +0000 (+0100) Subject: RPKI: Increase max PDU length to 64k X-Git-Tag: v2.16~5 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=89d548accb79b706d6bc0a6eb89ab390fa17333b;p=thirdparty%2Fbird.git RPKI: Increase max PDU length to 64k APSA records can be arbitrarily large, let's use 64k as a reasonable limit. --- diff --git a/proto/rpki/packets.c b/proto/rpki/packets.c index f23cf467d..3300c9c9a 100644 --- a/proto/rpki/packets.c +++ b/proto/rpki/packets.c @@ -1141,7 +1141,7 @@ rpki_connected_hook(sock *sk) * This function prepares Error PDU and sends it to a cache server. */ static int -rpki_send_error_pdu(struct rpki_cache *cache, const enum pdu_error_type error_code, const u32 err_pdu_len, const struct pdu_header *erroneous_pdu, const char *fmt, ...) +rpki_send_error_pdu(struct rpki_cache *cache, const enum pdu_error_type error_code, u32 err_pdu_len, const struct pdu_header *erroneous_pdu, const char *fmt, ...) { va_list args; char msg[128]; @@ -1163,6 +1163,9 @@ rpki_send_error_pdu(struct rpki_cache *cache, const enum pdu_error_type error_co va_end(args); } + u32 err_pdu_max_len = ROUND_DOWN_POW2(RPKI_TX_BUFFER_SIZE - (16 + msg_len), 4); + err_pdu_len = MIN(err_pdu_len, err_pdu_max_len); + u32 pdu_size = 16 + err_pdu_len + msg_len; byte pdu[pdu_size]; memset(pdu, 0, sizeof(pdu)); diff --git a/proto/rpki/packets.h b/proto/rpki/packets.h index f7897d9af..4f16c4d9a 100644 --- a/proto/rpki/packets.h +++ b/proto/rpki/packets.h @@ -25,12 +25,12 @@ * ------------ * = 848 bytes (Maximal expected PDU size) * - * Received ASPA PDU can have any size, so let's start with 4k */ -#define RPKI_PDU_MAX_LEN 4096 + * Received ASPA PDU can have any size, so let's start with 64k */ +#define RPKI_PDU_MAX_LEN 65536 /* RX buffer size has a great impact to scheduler granularity */ -#define RPKI_RX_BUFFER_SIZE 4096 -#define RPKI_TX_BUFFER_SIZE RPKI_PDU_MAX_LEN +#define RPKI_RX_BUFFER_SIZE 65536 +#define RPKI_TX_BUFFER_SIZE 4096 /* Return values */ enum rpki_rtvals {