Fix DecrementTTL option.

[oweals/tinc.git] / src / route.c

diff --git a/src/route.c b/src/route.c
index 13f81572c66d504809d3e15282341225823c944f..a1254d80832491ee947e505c2c2050a9cd33e0fa 100644 (file)
--- a/src/route.c
+++ b/src/route.c
@@ -1,7 +1,7 @@
 /*
     route.c -- routing
     Copyright (C) 2000-2005 Ivo Timmermans,
-                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2014 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -197,7 +197,7 @@ static void learn_mac(mac_t *address) {
        /* If we don't know this MAC address yet, store it */
 
        if(!subnet) {
-               ifdebug(TRAFFIC) logger(LOG_INFO, "Learned new MAC address %hx:%hx:%hx:%hx:%hx:%hx",
+               ifdebug(TRAFFIC) logger(LOG_INFO, "Learned new MAC address %x:%x:%x:%x:%x:%x",
                                   address->x[0], address->x[1], address->x[2], address->x[3],
                                   address->x[4], address->x[5]);
 
@@ -340,7 +340,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et
        todo = ntohs(ip.ip_len) - ip_size;
 
        if(ether_size + ip_size + todo != packet->len) {
-               ifdebug(TRAFFIC) logger(LOG_WARNING, "Length of packet (%d) doesn't match length in IPv4 header (%zd)", packet->len, ether_size + ip_size + todo);
+               ifdebug(TRAFFIC) logger(LOG_WARNING, "Length of packet (%d) doesn't match length in IPv4 header (%d)", packet->len, (int)(ether_size + ip_size + todo));
                return;
        }
 
@@ -836,6 +836,11 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
        if(forwarding_mode == FMODE_OFF && source != myself && subnet->owner != myself)
                return;
 
+       uint16_t type = packet->data[12] << 8 | packet->data[13];
+
+       if(priorityinheritance && type == ETH_P_IP && packet->len >= ether_size + ip_size)
+               packet->priority = packet->data[15];
+
        // Handle packets larger than PMTU
 
        node_t *via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
@@ -845,7 +850,6 @@ static void route_mac(node_t *source, vpn_packet_t *packet) {
        
        if(via && packet->len > via->mtu && via != myself) {
                ifdebug(TRAFFIC) logger(LOG_INFO, "Packet for %s (%s) length %d larger than MTU %d", subnet->owner->name, subnet->owner->hostname, packet->len, via->mtu);
-               uint16_t type = packet->data[12] << 8 | packet->data[13];
                length_t ethlen = 14;
 
                if(type == ETH_P_8021Q) {
@@ -887,7 +891,7 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
                        if(!checklength(source, packet, ethlen + ip_size))
                                return false;
 
-                       if(packet->data[ethlen + 8] < 1) {
+                       if(packet->data[ethlen + 8] <= 1) {
                                if(packet->data[ethlen + 11] != IPPROTO_ICMP || packet->data[ethlen + 32] != ICMP_TIME_EXCEEDED)
                                        route_ipv4_unreachable(source, packet, ethlen, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL);
                                return false;
@@ -910,7 +914,7 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
                        if(!checklength(source, packet, ethlen + ip6_size))
                                return false;
 
-                       if(packet->data[ethlen + 7] < 1) {
+                       if(packet->data[ethlen + 7] <= 1) {
                                if(packet->data[ethlen + 6] != IPPROTO_ICMPV6 || packet->data[ethlen + 40] != ICMP6_TIME_EXCEEDED)
                                        route_ipv6_unreachable(source, packet, ethlen, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT);
                                return false;