GnuTLS defaults to an MTU of 1200 (less the 13-byte overhead), and will
truncate data packets accordingly. We *really* don't want that...
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
#include "openconnect-internal.h"
+#include <gnutls/dtls.h>
+
static unsigned char nybble(unsigned char n)
{
if (n >= '0' && n <= '9') return n - '0';
vpninfo->dtls_attempt_period = 0;
return -EINVAL;
}
+ /* +1 for packet header, +13 for DTLS overhead */
+ gnutls_dtls_set_mtu(dtls_ssl, vpninfo->mtu + 14);
gnutls_transport_set_ptr(dtls_ssl,
(gnutls_transport_ptr_t)(long) dtls_fd);
gnutls_record_disable_padding(dtls_ssl);
<ul>
<li><b>OpenConnect HEAD</b>
<ul>
+ <li>Fix DTLS MTU issue with GnuTLS.</li>
<li>Fix reconnect crash when compression is disabled.</li>
<li>Fix build on systems like FreeBSD 8 without <tt>O_CLOEXEC</tt>.</li>
<li>Add <tt>--dtls-local-port</tt> option.</li>