Skip to content

Commit

Permalink
Tolerate packets that are larger than negotiated MTU after decompression
Browse files Browse the repository at this point in the history 
In July 2016, the "Fixed regression with CSTP MTU handling" patch
(http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/90e1555494dbc1cf462552679f9aa3d30451d123)
allowed openconnect to gracefully handle uncompressed CSTP packets larger
than the negotiated MTU.

This patch extends that approach to tolerate compressed packets which are
larger than the negotiated MTU after decompression.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
  • Loading branch information
@dlenski
dlenski committed Aug 2, 2018
1 parent 03025fd commit 87a66e1
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions cstp.c
View file
Expand Up @@ -729,7 +729,11 @@ static int cstp_reconnect(struct openconnect_info *vpninfo)
int decompress_and_queue_packet(struct openconnect_info *vpninfo, int compr_type,
unsigned char *buf, int len)
{
struct pkt *new = malloc(sizeof(struct pkt) + vpninfo->ip_info.mtu);
/* Some servers send us packets that are larger than
negotiated MTU after decompression. We reserve some extra
space to handle that */
int receive_mtu = MAX(16384, vpninfo->ip_info.mtu);
struct pkt *new = malloc(sizeof(struct pkt) + receive_mtu);
const char *comprname = "";

if (!new)
Expand All @@ -746,7 +750,7 @@ int decompress_and_queue_packet(struct openconnect_info *vpninfo, int compr_type
vpninfo->inflate_strm.avail_in = len - 4;

vpninfo->inflate_strm.next_out = new->data;
vpninfo->inflate_strm.avail_out = vpninfo->ip_info.mtu;
vpninfo->inflate_strm.avail_out = receive_mtu;
vpninfo->inflate_strm.total_out = 0;

if (inflate(&vpninfo->inflate_strm, Z_SYNC_FLUSH)) {
Expand All @@ -768,7 +772,7 @@ int decompress_and_queue_packet(struct openconnect_info *vpninfo, int compr_type
} else if (compr_type == COMPR_LZS) {
comprname = "LZS";

new->len = lzs_decompress(new->data, vpninfo->ip_info.mtu, buf, len);
new->len = lzs_decompress(new->data, receive_mtu, buf, len);
if (new->len < 0) {
len = new->len;
if (len == 0)
Expand All @@ -781,7 +785,7 @@ int decompress_and_queue_packet(struct openconnect_info *vpninfo, int compr_type
#ifdef HAVE_LZ4
} else if (compr_type == COMPR_LZ4) {
comprname = "LZ4";
new->len = LZ4_decompress_safe((void *)buf, (void *)new->data, len, vpninfo->ip_info.mtu);
new->len = LZ4_decompress_safe((void *)buf, (void *)new->data, len, receive_mtu);
if (new->len <= 0) {
len = new->len;
if (len == 0)
Expand Down

0 comments on commit 87a66e1

Please sign in to comment.