2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
8 * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32 * Packet maninipulation routes such as encrypt, decrypt, compress, decompress
33 * are passed a frame buffer that looks like this:
35 * [extra_frame bytes] [mtu bytes] [extra_frame_bytes] [compression overflow bytes]
37 * Pointer passed to function points here so that routine
38 * can make use of extra_frame bytes before pointer
39 * to prepend headers, etc.
41 * extra_frame bytes is large enough for all encryption related overhead.
43 * mtu bytes will be the MTU size set in the ifconfig statement that configures
44 * the TUN or TAP device such as:
46 * ifconfig $1 10.1.0.2 pointopoint 10.1.0.1 mtu 1450
48 * Compression overflow bytes is the worst-case size expansion that would be
49 * expected if we tried to compress mtu + extra_frame bytes of uncompressible data.
53 * Standard ethernet MTU
55 #define ETHERNET_MTU 1500
58 * It is a fatal error if mtu is less than
59 * this value for tun device.
61 #define TUN_MTU_MIN 100
64 * Default MTU of network over which tunnel data will pass by TCP/UDP.
66 #define LINK_MTU_DEFAULT 1500
69 * Default MTU of tunnel device.
71 #define TUN_MTU_DEFAULT 1500
74 * MTU Defaults for TAP devices
76 #define TAP_MTU_EXTRA_DEFAULT 32
79 * Default MSSFIX value, used for reducing TCP MTU size
81 #define MSSFIX_DEFAULT 1450
84 * Alignment of payload data such as IP packet or
87 #define PAYLOAD_ALIGN 4
91 * Maximum datagram size to be sent over the tunnel TCP/UDP channel.
97 * How many extra bytes might each subsystem (crypto, TLS, or, compression)
98 * add to frame in worst case?
100 * mtu + extra_frame = MTU of TCP/UDP transport
105 * Worst case size added to internal buffer due to functions
106 * such as compression which can potentially expand the size of uncompressible
112 * Max number of bytes in excess of tun mtu size that we might read
113 * or write from TUN/TAP device.
118 * Max number of bytes in excess of link mtu size that we might read
119 * or write from UDP/TCP link.
126 # define FRAME_HEADROOM_MARKER_DECRYPT (1<<0)
127 # define FRAME_HEADROOM_MARKER_FRAGMENT (1<<1)
128 # define FRAME_HEADROOM_MARKER_READ_LINK (1<<2)
129 # define FRAME_HEADROOM_MARKER_READ_STREAM (1<<3)
130 unsigned int align_flags
;
134 /* Routines which read struct frame should use the macros below */
137 * Overhead added to packet payload due to encapsulation
139 #define EXTRA_FRAME(f) ((f)->extra_frame)
142 * Delta between tun payload size and final TCP/UDP datagram size
143 * (not including extra_link additions)
145 #define TUN_LINK_DELTA(f) ((f)->extra_frame + (f)->extra_tun)
148 * This is the size to "ifconfig" the tun or tap device.
150 #define TUN_MTU_SIZE(f) ((f)->link_mtu - TUN_LINK_DELTA(f))
151 #define TUN_MTU_SIZE_DYNAMIC(f) ((f)->link_mtu_dynamic - TUN_LINK_DELTA(f))
154 * This is the maximum packet size that we need to be able to
155 * read from or write to a tun or tap device. For example,
156 * a tap device ifconfiged to an MTU of 1200 might actually want
157 * to return a packet size of 1214 on a read().
159 #define PAYLOAD_SIZE(f) ((f)->link_mtu - (f)->extra_frame)
160 #define PAYLOAD_SIZE_DYNAMIC(f) ((f)->link_mtu_dynamic - (f)->extra_frame)
163 * Max size of a payload packet after encryption, compression, etc.
166 #define EXPANDED_SIZE(f) ((f)->link_mtu)
167 #define EXPANDED_SIZE_DYNAMIC(f) ((f)->link_mtu_dynamic)
168 #define EXPANDED_SIZE_MIN(f) (TUN_MTU_MIN + TUN_LINK_DELTA(f))
171 * These values are used as maximum size constraints
172 * on read() or write() from TUN/TAP device or TCP/UDP port.
174 #define MAX_RW_SIZE_TUN(f) (PAYLOAD_SIZE(f))
175 #define MAX_RW_SIZE_LINK(f) (EXPANDED_SIZE(f) + (f)->extra_link)
178 * Control buffer headroom allocations to allow for efficient prepending.
180 #define FRAME_HEADROOM_BASE(f) (TUN_LINK_DELTA(f) + (f)->extra_buffer + (f)->extra_link)
181 #define FRAME_HEADROOM(f) frame_headroom(f, 0)
182 #define FRAME_HEADROOM_ADJ(f, fm) frame_headroom(f, fm)
185 * Max size of a buffer used to build a packet for output to
188 #define BUF_SIZE(f) (TUN_MTU_SIZE(f) + FRAME_HEADROOM_BASE(f) * 2)
191 * Function prototypes.
194 void frame_finalize (struct frame
*frame
,
195 bool link_mtu_defined
,
197 bool tun_mtu_defined
,
200 void frame_subtract_extra (struct frame
*frame
, const struct frame
*src
);
202 void frame_print (const struct frame
*frame
,
206 void set_mtu_discover_type (int sd
, int mtu_type
);
207 int translate_mtu_discover_type_name (const char *name
);
210 * frame_set_mtu_dynamic and flags
213 #define SET_MTU_TUN (1<<0) /* use tun/tap rather than link sizing */
214 #define SET_MTU_UPPER_BOUND (1<<1) /* only decrease dynamic MTU */
216 void frame_set_mtu_dynamic (struct frame
*frame
, int mtu
, unsigned int flags
);
219 * allocate a buffer for socket or tun layer
221 void alloc_buf_sock_tun (struct buffer
*buf
,
222 const struct frame
*frame
,
223 const bool tuntap_buffer
,
224 const unsigned int align_mask
);
227 * EXTENDED_SOCKET_ERROR_CAPABILITY functions -- print extra error info
228 * on socket errors, such as PMTU size. As of 2003.05.11, only works
232 #if EXTENDED_SOCKET_ERROR_CAPABILITY
234 void set_sock_extended_error_passing (int sd
);
235 const char *format_extended_socket_error (int fd
, int *mtu
, struct gc_arena
*gc
);
240 * Calculate a starting offset into a buffer object, dealing with
241 * headroom and alignment issues.
244 frame_headroom (const struct frame
*f
, const unsigned int flag_mask
)
246 const int offset
= FRAME_HEADROOM_BASE (f
);
247 const int adjust
= (flag_mask
& f
->align_flags
) ? f
->align_adjust
: 0;
248 const int delta
= ((PAYLOAD_ALIGN
<< 24) - (offset
+ adjust
)) & (PAYLOAD_ALIGN
- 1);
249 return offset
+ delta
;
253 * frame member adjustment functions
257 frame_add_to_extra_frame (struct frame
*frame
, const int increment
)
259 frame
->extra_frame
+= increment
;
263 frame_add_to_extra_tun (struct frame
*frame
, const int increment
)
265 frame
->extra_tun
+= increment
;
269 frame_add_to_extra_link (struct frame
*frame
, const int increment
)
271 frame
->extra_link
+= increment
;
275 frame_add_to_extra_buffer (struct frame
*frame
, const int increment
)
277 frame
->extra_buffer
+= increment
;
281 frame_add_to_align_adjust (struct frame
*frame
, const int increment
)
283 frame
->align_adjust
+= increment
;
287 frame_align_to_extra_frame (struct frame
*frame
)
289 frame
->align_adjust
= frame
->extra_frame
+ frame
->extra_link
;
293 frame_or_align_flags (struct frame
*frame
, const unsigned int flag_mask
)
295 frame
->align_flags
|= flag_mask
;
299 frame_defined (const struct frame
*frame
)
301 return frame
->link_mtu
> 0;