From 6da826db2154321addb79c05b60a5e6f1a9dccf1 Mon Sep 17 00:00:00 2001
From: Nathan Stratton Treadway <nathanst@ontko.com>
Date: Sat, 12 Sep 2015 16:33:52 +0200
Subject: [PATCH] Fix invalid checksum generation.

Use equation 3 given in RFC 1624 and the UpdateTTL() example function given
RFC 1141.
---
 src/route.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/route.c b/src/route.c
index 324212b..c1be6cb 100644
--- a/src/route.c
+++ b/src/route.c
@@ -160,7 +160,7 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac
 		/* Found it */
 		uint16_t oldmss = packet->data[start + 22 + i] << 8 | packet->data[start + 23 + i];
 		uint16_t newmss = mtu - start - 20;
-		uint16_t csum = packet->data[start + 16] << 8 | packet->data[start + 17];
+		uint32_t csum = packet->data[start + 16] << 8 | packet->data[start + 17];
 
 		if(oldmss <= newmss)
 			break;
@@ -171,11 +171,13 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac
 		packet->data[start + 22 + i] = newmss >> 8;
 		packet->data[start + 23 + i] = newmss & 0xff;
 		csum ^= 0xffff;
-		csum -= oldmss;
+		csum += oldmss ^ 0xffff;
 		csum += newmss;
+		csum = (csum & 0xffff) + (csum >> 16);
+		csum += csum >> 16;
 		csum ^= 0xffff;
 		packet->data[start + 16] = csum >> 8;
-		packet->data[start + 17] = csum & 0xff;
+		packet->data[start + 17] = csum;
 		break;
 	}
 }
-- 
2.25.1