git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan@karger.me>
	Wed, 8 Jun 2016 12:20:39 +0000 (14:20 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Wed, 8 Jun 2016 18:17:27 +0000 (20:17 +0200)
commit	358f513c008bf01fadb82759ac75ffb8613fc785
tree	372bd6ca51cae54da78cc6183f314520f76f4154	tree
parent	859c9f412455665635964519f3e44a0b4151a787	commit \| diff

Don't limit max incoming message size based on c2->frame

"Be conservative in what you send, be liberal in what you accept"

When receiving packets, the real limitation of how much data we can accept
is the size of our internal buffers, not the maximum size we expect
incoming packets to have.

I ran into this while working on cipher negotiation, which will need
separate bookkeeping for the required internal buffer size, and the
link/tun MTU. Basing this code on the buffer size instead of c2->frame
makes that easier. A nice side-effect of this change is that it
simplifies the code.

This should also reduce the impact of using asymmetric tun/link MTU's,
such as in trac ticket #647.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465388443-15484-2-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11850
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 3c1b19e04745177185decd14da82c71458442b82)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Conflicts:
src/openvpn/socket.c

src/openvpn/forward.c		diff \| blob \| blame \| history
src/openvpn/socket.c		diff \| blob \| blame \| history
src/openvpn/socket.h		diff \| blob \| blame \| history