Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
This commit is contained in:
Dr. Stephen Henson 2012-03-06 13:47:27 +00:00
parent 9c284f9651
commit 25bfdca16a
4 changed files with 29 additions and 2 deletions

View File

@ -157,6 +157,7 @@ extern "C" {
/* #endif */ /* #endif */
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ #define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */ #define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for #define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this * MTU. want to use this

View File

@ -616,6 +616,27 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0; ret = 0;
#endif #endif
break; break;
case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
switch (data->peer.sa.sa_family)
{
case AF_INET:
ret = 576 - 20 - 8;
break;
#if OPENSSL_USE_IPV6
case AF_INET6:
#ifdef IN6_IS_ADDR_V4MAPPED
if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
ret = 576 - 20 - 8;
else
#endif
ret = 1280 - 40 - 8;
break;
#endif
default:
ret = 576 - 20 - 8;
break;
}
break;
case BIO_CTRL_DGRAM_GET_MTU: case BIO_CTRL_DGRAM_GET_MTU:
return data->mtu; return data->mtu;
break; break;

View File

@ -227,14 +227,14 @@ int dtls1_do_write(SSL *s, int type)
unsigned int len, frag_off, mac_size, blocksize; unsigned int len, frag_off, mac_size, blocksize;
/* AHA! Figure out the MTU, and stick to the right size */ /* AHA! Figure out the MTU, and stick to the right size */
if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
{ {
s->d1->mtu = s->d1->mtu =
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL); BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
/* I've seen the kernel return bogus numbers when it doesn't know /* I've seen the kernel return bogus numbers when it doesn't know
* (initial write), so just make sure we have a reasonable number */ * (initial write), so just make sure we have a reasonable number */
if ( s->d1->mtu < dtls1_min_mtu()) if (s->d1->mtu < dtls1_min_mtu())
{ {
s->d1->mtu = 0; s->d1->mtu = 0;
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu); s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);

View File

@ -424,6 +424,11 @@ int dtls1_handle_timeout(SSL *s)
state->timeout.read_timeouts = 1; state->timeout.read_timeouts = 1;
} }
if (state->timeout_duration > 2)
{
s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
}
#ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
if (s->tlsext_hb_pending) if (s->tlsext_hb_pending)
{ {