git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Sat, 1 Jan 2022 16:25:20 +0000 (17:25 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Wed, 2 Feb 2022 11:16:32 +0000 (12:16 +0100)
commit	5b3c8ca869766de2c94eb7dd4450b0d9ab1c75fc
tree	2527f975329055209bd75f716bc9525437076ef5	tree
parent	29453c37c1f3aa420a894996dd7be4a4f8393c5a	commit \| diff

Fix mssfix and frame calculation in CBC mode

This commit fixes the MSS calculation in CBC mode. This fix has two parts:

- Added rounding to a multiple of block size during calculation of overhead
- In CBC mode the packet ID is part of the plaintext (or payload) rather
than part of the header (like for AEAD), adjust the functions to
correctly reflect this.

OCC link calculation is not affected since it ignores rounding of CBC
block size completely.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220101162532.2251835-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23494.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/crypto.c		diff \| blob \| blame \| history
src/openvpn/crypto.h		diff \| blob \| blame \| history
src/openvpn/integer.h		diff \| blob \| blame \| history
src/openvpn/mss.c		diff \| blob \| blame \| history
src/openvpn/mtu.c		diff \| blob \| blame \| history
src/openvpn/mtu.h		diff \| blob \| blame \| history
tests/unit_tests/openvpn/test_crypto.c		diff \| blob \| blame \| history