From: David Woodhouse <David.Woodhouse@intel.com>
Date: Wed, 27 Jun 2012 22:20:40 +0000 (+0100)
Subject: Fix DTLS MTU for GnuTLS
X-Git-Tag: v4.01~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c218e2ac0876ef089449e18384274a132c84c06b;p=platform%2Fupstream%2Fopenconnect.git

Fix DTLS MTU for GnuTLS

GnuTLS defaults to an MTU of 1200 (less the 13-byte overhead), and will
truncate data packets accordingly. We *really* don't want that...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---

diff --git a/dtls.c b/dtls.c
index 30351ee..190d578 100644
--- a/dtls.c
+++ b/dtls.c
@@ -36,6 +36,8 @@
 
 #include "openconnect-internal.h"
 
+#include <gnutls/dtls.h>
+
 static unsigned char nybble(unsigned char n)
 {
 	if      (n >= '0' && n <= '9') return n - '0';
@@ -376,6 +378,8 @@ static int start_dtls_handshake(struct openconnect_info *vpninfo, int dtls_fd)
 		vpninfo->dtls_attempt_period = 0;
 		return -EINVAL;
 	}
+	/* +1 for packet header, +13 for DTLS overhead */
+	gnutls_dtls_set_mtu(dtls_ssl, vpninfo->mtu + 14);
 	gnutls_transport_set_ptr(dtls_ssl,
 				 (gnutls_transport_ptr_t)(long) dtls_fd);
 	gnutls_record_disable_padding(dtls_ssl);
diff --git a/www/changelog.xml b/www/changelog.xml
index a3d4c2c..8f5226f 100644
--- a/www/changelog.xml
+++ b/www/changelog.xml
@@ -17,6 +17,7 @@
 <ul>
    <li><b>OpenConnect HEAD</b>
      <ul>
+       <li>Fix DTLS MTU issue with GnuTLS.</li>
        <li>Fix reconnect crash when compression is disabled.</li>
        <li>Fix build on systems like FreeBSD 8 without <tt>O_CLOEXEC</tt>.</li>
        <li>Add <tt>--dtls-local-port</tt> option.</li>