OpenVPN
Macros | Functions
mtu.c File Reference
#include "syshead.h"
#include "common.h"
#include "buffer.h"
#include "error.h"
#include "integer.h"
#include "mtu.h"
#include "options.h"
#include "crypto.h"
#include "memdbg.h"
Include dependency graph for mtu.c:

Go to the source code of this file.

Macros

#define MTUDISC_NOT_SUPPORTED_MSG   "--mtu-disc is not supported on this OS"
 

Functions

void alloc_buf_sock_tun (struct buffer *buf, const struct frame *frame, const bool tuntap_buffer)
 
unsigned int calc_packet_id_size_dc (const struct options *options, const struct key_type *kt)
 Return the size of the packet ID size that is currently in use by cipher and options for the data channel. More...
 
size_t frame_calculate_protocol_header_size (const struct key_type *kt, const struct options *options, bool occ)
 Calculates the size of the OpenVPN protocol header. More...
 
size_t frame_calculate_payload_overhead (const struct frame *frame, const struct options *options, const struct key_type *kt, bool extra_tun)
 Calculates the size of the payload overhead according to tun-mtu and tap overhead. More...
 
size_t frame_calculate_payload_size (const struct frame *frame, const struct options *options, const struct key_type *kt)
 Calculates the size of the payload according to tun-mtu and tap overhead. More...
 
size_t calc_options_string_link_mtu (const struct options *o, const struct frame *frame)
 Calculate the link-mtu to advertise to our peer. More...
 
void frame_print (const struct frame *frame, int level, const char *prefix)
 
void set_mtu_discover_type (socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
 
int translate_mtu_discover_type_name (const char *name)
 

Macro Definition Documentation

◆ MTUDISC_NOT_SUPPORTED_MSG

#define MTUDISC_NOT_SUPPORTED_MSG   "--mtu-disc is not supported on this OS"

Definition at line 236 of file mtu.c.

Function Documentation

◆ alloc_buf_sock_tun()

void alloc_buf_sock_tun ( struct buffer buf,
const struct frame frame,
const bool  tuntap_buffer 
)

◆ calc_options_string_link_mtu()

size_t calc_options_string_link_mtu ( const struct options options,
const struct frame frame 
)

Calculate the link-mtu to advertise to our peer.

The actual value is not relevant, because we will possibly perform data channel cipher negotiation after this, but older clients will log warnings if we do not supply them the value they expect. This assumes that the traditional cipher/auth directives in the config match the config of the peer.

Definition at line 166 of file mtu.c.

References options::authname, options::ciphername, frame_calculate_payload_size(), frame_calculate_protocol_header_size(), init_key_type(), options::shared_secret_file, options::tls_client, and options::tls_server.

Referenced by options_string(), and test_occ_mtu_calculation().

◆ calc_packet_id_size_dc()

unsigned int calc_packet_id_size_dc ( const struct options options,
const struct key_type kt 
)

Return the size of the packet ID size that is currently in use by cipher and options for the data channel.

Definition at line 56 of file mtu.c.

References key_type::cipher, cipher_kt_mode_ofb_cfb(), packet_id_size(), options::replay, options::tls_client, and options::tls_server.

Referenced by frame_calculate_fragment(), frame_calculate_payload_overhead(), and frame_calculate_protocol_header_size().

◆ frame_calculate_payload_overhead()

size_t frame_calculate_payload_overhead ( const struct frame frame,
const struct options options,
const struct key_type kt,
bool  extra_tun 
)

Calculates the size of the payload overhead according to tun-mtu and tap overhead.

This all the overhead that is considered part of the payload itself. The compression and fragmentation header and extra header from tap are considered part of this overhead that increases the payload larger than tun-mtu.

In CBC mode, the IV is part of the payload instead of part of the OpenVPN protocol header and is included in the returned value.

In this context payload is identical to the size of the plaintext and this method can be also understand as number of bytes that are added to the plaintext before encryption.

  • [IP][UDP][OPENVPN PROTOCOL HEADER][ PAYLOAD incl compression header ]

Definition at line 111 of file mtu.c.

References calc_packet_id_size_dc(), options::ce, key_type::cipher, cipher_kt_mode_cbc(), frame::extra_tun, and connection_entry::fragment.

Referenced by check_send_occ_msg_dowork(), frame_calculate_mssfix(), and frame_calculate_payload_size().

◆ frame_calculate_payload_size()

size_t frame_calculate_payload_size ( const struct frame frame,
const struct options options,
const struct key_type kt 
)

Calculates the size of the payload according to tun-mtu and tap overhead.

In this context payload is identical to the size of the plaintext. This also includes compression, fragmentation overhead, and packet id in CBC mode if these options are used.

  • [IP][UDP][OPENVPN PROTOCOL HEADER][ PAYLOAD incl compression header ]

Definition at line 156 of file mtu.c.

References options::ce, frame_calculate_payload_overhead(), and connection_entry::tun_mtu.

Referenced by calc_options_string_link_mtu(), and check_send_occ_load_test_dowork().

◆ frame_calculate_protocol_header_size()

size_t frame_calculate_protocol_header_size ( const struct key_type kt,
const struct options options,
bool  occ 
)

Calculates the size of the OpenVPN protocol header.

This includes the crypto IV/tag/HMAC but does not include the IP encapsulation

This does NOT include the padding and rounding of CBC size as the users (mssfix/fragment) of this function need to adjust for this and add it themselves.

[IP][UDP][ OPENVPN PROTOCOL HEADER][PAYLOAD incl compression header]

Parameters
ktthe key_type to use to calculate the crypto overhead
optionsthe options struct to be used to calculate
occUse the calculation for the OCC link-mtu
Returns
size of the overhead in bytes

Definition at line 73 of file mtu.c.

References calc_packet_id_size_dc(), calculate_crypto_overhead(), options::ce, connection_entry::proto, proto_is_tcp(), proto_is_udp(), connection_entry::socks_proxy_server, options::tls_client, options::tls_server, and options::use_peer_id.

Referenced by calc_options_string_link_mtu(), check_send_occ_load_test_dowork(), check_send_occ_msg_dowork(), frame_calculate_fragment(), frame_calculate_mssfix(), and get_frame_mtu().

◆ frame_print()

void frame_print ( const struct frame frame,
int  level,
const char *  prefix 
)

◆ set_mtu_discover_type()

void set_mtu_discover_type ( socket_descriptor_t  sd,
int  mtu_type,
sa_family_t  proto_af 
)

Definition at line 239 of file mtu.c.

References M_ERR, M_FATAL, msg, and MTUDISC_NOT_SUPPORTED_MSG.

Referenced by phase2_set_socket_flags().

◆ translate_mtu_discover_type_name()

int translate_mtu_discover_type_name ( const char *  name)

Definition at line 275 of file mtu.c.

References M_FATAL, msg, and MTUDISC_NOT_SUPPORTED_MSG.

Referenced by add_option().