PR: 2755
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.
This commit is contained in:
parent
9c284f9651
commit
25bfdca16a
@ -157,6 +157,7 @@ extern "C" {
|
|||||||
/* #endif */
|
/* #endif */
|
||||||
|
|
||||||
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
|
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
|
||||||
|
#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
|
||||||
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
|
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
|
||||||
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
|
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
|
||||||
* MTU. want to use this
|
* MTU. want to use this
|
||||||
|
@ -616,6 +616,27 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
|
|||||||
ret = 0;
|
ret = 0;
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
|
case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
|
||||||
|
switch (data->peer.sa.sa_family)
|
||||||
|
{
|
||||||
|
case AF_INET:
|
||||||
|
ret = 576 - 20 - 8;
|
||||||
|
break;
|
||||||
|
#if OPENSSL_USE_IPV6
|
||||||
|
case AF_INET6:
|
||||||
|
#ifdef IN6_IS_ADDR_V4MAPPED
|
||||||
|
if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
|
||||||
|
ret = 576 - 20 - 8;
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
ret = 1280 - 40 - 8;
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
ret = 576 - 20 - 8;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
break;
|
||||||
case BIO_CTRL_DGRAM_GET_MTU:
|
case BIO_CTRL_DGRAM_GET_MTU:
|
||||||
return data->mtu;
|
return data->mtu;
|
||||||
break;
|
break;
|
||||||
|
@ -227,14 +227,14 @@ int dtls1_do_write(SSL *s, int type)
|
|||||||
unsigned int len, frag_off, mac_size, blocksize;
|
unsigned int len, frag_off, mac_size, blocksize;
|
||||||
|
|
||||||
/* AHA! Figure out the MTU, and stick to the right size */
|
/* AHA! Figure out the MTU, and stick to the right size */
|
||||||
if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
|
if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
|
||||||
{
|
{
|
||||||
s->d1->mtu =
|
s->d1->mtu =
|
||||||
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
|
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
|
||||||
|
|
||||||
/* I've seen the kernel return bogus numbers when it doesn't know
|
/* I've seen the kernel return bogus numbers when it doesn't know
|
||||||
* (initial write), so just make sure we have a reasonable number */
|
* (initial write), so just make sure we have a reasonable number */
|
||||||
if ( s->d1->mtu < dtls1_min_mtu())
|
if (s->d1->mtu < dtls1_min_mtu())
|
||||||
{
|
{
|
||||||
s->d1->mtu = 0;
|
s->d1->mtu = 0;
|
||||||
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
|
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
|
||||||
|
@ -424,6 +424,11 @@ int dtls1_handle_timeout(SSL *s)
|
|||||||
state->timeout.read_timeouts = 1;
|
state->timeout.read_timeouts = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (state->timeout_duration > 2)
|
||||||
|
{
|
||||||
|
s->d1->mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_HEARTBEATS
|
#ifndef OPENSSL_NO_HEARTBEATS
|
||||||
if (s->tlsext_hb_pending)
|
if (s->tlsext_hb_pending)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user