Support MSS clamping for IP in IP (RFC 2003) packets.
authorEtienne Dechamps <etienne@edechamps.fr>
Tue, 2 Jan 2018 09:55:26 +0000 (09:55 +0000)
committerEtienne Dechamps <etienne@edechamps.fr>
Fri, 5 Jan 2018 18:26:40 +0000 (18:26 +0000)
This change allows tinc MSS clamping to operate on TCP streams that are
inside an IP in IP tunnel.

src/route.c

index a130e690d50f2b6cf14ef95160330c2592afe97e..92dc1cd0a6755a62cc067821c157a3516dff3d4a 100644 (file)
@@ -406,6 +406,15 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac
                type = DATA(packet)[16] << 8 | DATA(packet)[17];
        }
 
+       /* IP in IP (RFC 2003) packet */
+       if(type == ETH_P_IP && DATA(packet)[start + 9] == 4) {
+               start += 20;
+       }
+
+       if(packet->len <= start + 20) {
+               return;
+       }
+
        if(type == ETH_P_IP && DATA(packet)[start + 9] == 6) {
                start += (DATA(packet)[start] & 0xf) * 4;
        } else if(type == ETH_P_IPV6 && DATA(packet)[start + 6] == 6) {