Loading apps/s_client.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -320,7 +320,7 @@ static void sc_usage(void) BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -mtu - set the MTU\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); Loading Loading @@ -999,10 +999,10 @@ re_start: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } } if (socket_mtu > 0) if (socket_mtu > 28) { { SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_mtu(con, socket_mtu); SSL_set_mtu(con, socket_mtu - 28); } } else else /* want to do MTU discovery */ /* want to do MTU discovery */ Loading apps/s_server.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -459,7 +459,7 @@ static void sv_usage(void) BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); BIO_printf(bio_err," -timeout - Enable timeouts\n"); BIO_printf(bio_err," -timeout - Enable timeouts\n"); BIO_printf(bio_err," -mtu - Set MTU\n"); BIO_printf(bio_err," -mtu - Set link layer MTU\n"); BIO_printf(bio_err," -chain - Read a certificate chain\n"); BIO_printf(bio_err," -chain - Read a certificate chain\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); Loading Loading @@ -1823,10 +1823,10 @@ static int sv_body(char *hostname, int s, unsigned char *context) BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } } if (socket_mtu > 0) if (socket_mtu > 28) { { SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_mtu(con, socket_mtu); SSL_set_mtu(con, socket_mtu - 28); } } else else /* want to do MTU discovery */ /* want to do MTU discovery */ Loading crypto/bio/bss_dgram.c +78 −15 Original line number Original line Diff line number Diff line Loading @@ -338,6 +338,10 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) bio_dgram_data *data = NULL; bio_dgram_data *data = NULL; long sockopt_val = 0; long sockopt_val = 0; unsigned int sockopt_len = 0; unsigned int sockopt_len = 0; #ifdef OPENSSL_SYS_LINUX socklen_t addr_len; struct sockaddr_storage addr; #endif data = (bio_dgram_data *)b->ptr; data = (bio_dgram_data *)b->ptr; Loading Loading @@ -396,25 +400,84 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) #endif #endif break; break; /* (Linux)kernel sets DF bit on outgoing IP packets */ /* (Linux)kernel sets DF bit on outgoing IP packets */ #ifdef IP_MTU_DISCOVER case BIO_CTRL_DGRAM_MTU_DISCOVER: case BIO_CTRL_DGRAM_MTU_DISCOVER: #ifdef OPENSSL_SYS_LINUX addr_len = (socklen_t)sizeof(struct sockaddr_storage); memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); if (getsockname(b->num, (void *)&addr, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); switch (addr.ss_family) { case AF_INET: sockopt_val = IP_PMTUDISC_DO; sockopt_val = IP_PMTUDISC_DO; if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, &sockopt_val, sizeof(sockopt_val))) < 0) &sockopt_val, sizeof(sockopt_val))) < 0) perror("setsockopt"); perror("setsockopt"); break; break; case AF_INET6: sockopt_val = IPV6_PMTUDISC_DO; if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &sockopt_val, sizeof(sockopt_val))) < 0) perror("setsockopt"); break; default: ret = -1; break; } ret = -1; #else break; #endif #endif case BIO_CTRL_DGRAM_QUERY_MTU: case BIO_CTRL_DGRAM_QUERY_MTU: #ifdef IP_MTU #ifdef OPENSSL_SYS_LINUX addr_len = (socklen_t)sizeof(struct sockaddr_storage); memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); if (getsockname(b->num, (void *)&addr, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); sockopt_len = sizeof(sockopt_val); switch (addr.ss_family) { case AF_INET: if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0) &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } { ret = 0; } else { /* we assume that the transport protocol is UDP and no * IP options are used. */ data->mtu = sockopt_val - 8 - 20; ret = data->mtu; } break; case AF_INET6: if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } else else { { data->mtu = sockopt_val - 20 - 8; /* Subtract IP and UDP header */ /* we assume that the transport protocol is UDP and no * IPV6 options are used. */ data->mtu = sockopt_val - 8 - 40; ret = data->mtu; ret = data->mtu; } } break; default: ret = 0; break; } #else #else ret = 0; ret = 0; #endif #endif Loading @@ -423,8 +486,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) return data->mtu; return data->mtu; break; break; case BIO_CTRL_DGRAM_SET_MTU: case BIO_CTRL_DGRAM_SET_MTU: data->mtu = num - 20 - 8; /* Subtract IP and UDP header */ data->mtu = num; ret = data->mtu; ret = num; break; break; case BIO_CTRL_DGRAM_SET_CONNECTED: case BIO_CTRL_DGRAM_SET_CONNECTED: to = (struct sockaddr *)ptr; to = (struct sockaddr *)ptr; Loading ssl/dtls1.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -204,7 +204,7 @@ typedef struct dtls1_state_st */ */ record_pqueue buffered_app_data; record_pqueue buffered_app_data; unsigned int mtu; /* max wire packet size */ unsigned int mtu; /* max DTLS packet size */ struct hm_header_st w_msg_hdr; struct hm_header_st w_msg_hdr; struct hm_header_st r_msg_hdr; struct hm_header_st r_msg_hdr; Loading Loading
apps/s_client.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -320,7 +320,7 @@ static void sc_usage(void) BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); BIO_printf(bio_err," -mtu - set the MTU\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); Loading Loading @@ -999,10 +999,10 @@ re_start: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } } if (socket_mtu > 0) if (socket_mtu > 28) { { SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_mtu(con, socket_mtu); SSL_set_mtu(con, socket_mtu - 28); } } else else /* want to do MTU discovery */ /* want to do MTU discovery */ Loading
apps/s_server.c +3 −3 Original line number Original line Diff line number Diff line Loading @@ -459,7 +459,7 @@ static void sv_usage(void) BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); BIO_printf(bio_err," -timeout - Enable timeouts\n"); BIO_printf(bio_err," -timeout - Enable timeouts\n"); BIO_printf(bio_err," -mtu - Set MTU\n"); BIO_printf(bio_err," -mtu - Set link layer MTU\n"); BIO_printf(bio_err," -chain - Read a certificate chain\n"); BIO_printf(bio_err," -chain - Read a certificate chain\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); Loading Loading @@ -1823,10 +1823,10 @@ static int sv_body(char *hostname, int s, unsigned char *context) BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } } if (socket_mtu > 0) if (socket_mtu > 28) { { SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_options(con, SSL_OP_NO_QUERY_MTU); SSL_set_mtu(con, socket_mtu); SSL_set_mtu(con, socket_mtu - 28); } } else else /* want to do MTU discovery */ /* want to do MTU discovery */ Loading
crypto/bio/bss_dgram.c +78 −15 Original line number Original line Diff line number Diff line Loading @@ -338,6 +338,10 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) bio_dgram_data *data = NULL; bio_dgram_data *data = NULL; long sockopt_val = 0; long sockopt_val = 0; unsigned int sockopt_len = 0; unsigned int sockopt_len = 0; #ifdef OPENSSL_SYS_LINUX socklen_t addr_len; struct sockaddr_storage addr; #endif data = (bio_dgram_data *)b->ptr; data = (bio_dgram_data *)b->ptr; Loading Loading @@ -396,25 +400,84 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) #endif #endif break; break; /* (Linux)kernel sets DF bit on outgoing IP packets */ /* (Linux)kernel sets DF bit on outgoing IP packets */ #ifdef IP_MTU_DISCOVER case BIO_CTRL_DGRAM_MTU_DISCOVER: case BIO_CTRL_DGRAM_MTU_DISCOVER: #ifdef OPENSSL_SYS_LINUX addr_len = (socklen_t)sizeof(struct sockaddr_storage); memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); if (getsockname(b->num, (void *)&addr, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); switch (addr.ss_family) { case AF_INET: sockopt_val = IP_PMTUDISC_DO; sockopt_val = IP_PMTUDISC_DO; if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, &sockopt_val, sizeof(sockopt_val))) < 0) &sockopt_val, sizeof(sockopt_val))) < 0) perror("setsockopt"); perror("setsockopt"); break; break; case AF_INET6: sockopt_val = IPV6_PMTUDISC_DO; if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &sockopt_val, sizeof(sockopt_val))) < 0) perror("setsockopt"); break; default: ret = -1; break; } ret = -1; #else break; #endif #endif case BIO_CTRL_DGRAM_QUERY_MTU: case BIO_CTRL_DGRAM_QUERY_MTU: #ifdef IP_MTU #ifdef OPENSSL_SYS_LINUX addr_len = (socklen_t)sizeof(struct sockaddr_storage); memset((void *)&addr, 0, sizeof(struct sockaddr_storage)); if (getsockname(b->num, (void *)&addr, &addr_len) < 0) { ret = 0; break; } sockopt_len = sizeof(sockopt_val); sockopt_len = sizeof(sockopt_val); switch (addr.ss_family) { case AF_INET: if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0) &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } { ret = 0; } else { /* we assume that the transport protocol is UDP and no * IP options are used. */ data->mtu = sockopt_val - 8 - 20; ret = data->mtu; } break; case AF_INET6: if ((ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } else else { { data->mtu = sockopt_val - 20 - 8; /* Subtract IP and UDP header */ /* we assume that the transport protocol is UDP and no * IPV6 options are used. */ data->mtu = sockopt_val - 8 - 40; ret = data->mtu; ret = data->mtu; } } break; default: ret = 0; break; } #else #else ret = 0; ret = 0; #endif #endif Loading @@ -423,8 +486,8 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) return data->mtu; return data->mtu; break; break; case BIO_CTRL_DGRAM_SET_MTU: case BIO_CTRL_DGRAM_SET_MTU: data->mtu = num - 20 - 8; /* Subtract IP and UDP header */ data->mtu = num; ret = data->mtu; ret = num; break; break; case BIO_CTRL_DGRAM_SET_CONNECTED: case BIO_CTRL_DGRAM_SET_CONNECTED: to = (struct sockaddr *)ptr; to = (struct sockaddr *)ptr; Loading
ssl/dtls1.h +1 −1 Original line number Original line Diff line number Diff line Loading @@ -204,7 +204,7 @@ typedef struct dtls1_state_st */ */ record_pqueue buffered_app_data; record_pqueue buffered_app_data; unsigned int mtu; /* max wire packet size */ unsigned int mtu; /* max DTLS packet size */ struct hm_header_st w_msg_hdr; struct hm_header_st w_msg_hdr; struct hm_header_st r_msg_hdr; struct hm_header_st r_msg_hdr; Loading
