From: Nathan Stratton Treadway Date: Sat, 12 Sep 2015 14:33:52 +0000 (+0200) Subject: Fix invalid checksum generation. X-Git-Tag: release-1.0.27~32 X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=6da826db2154321addb79c05b60a5e6f1a9dccf1;p=tinc Fix invalid checksum generation. Use equation 3 given in RFC 1624 and the UpdateTTL() example function given RFC 1141. --- diff --git a/src/route.c b/src/route.c index 324212b7..c1be6cb0 100644 --- a/src/route.c +++ b/src/route.c @@ -160,7 +160,7 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac /* Found it */ uint16_t oldmss = packet->data[start + 22 + i] << 8 | packet->data[start + 23 + i]; uint16_t newmss = mtu - start - 20; - uint16_t csum = packet->data[start + 16] << 8 | packet->data[start + 17]; + uint32_t csum = packet->data[start + 16] << 8 | packet->data[start + 17]; if(oldmss <= newmss) break; @@ -171,11 +171,13 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac packet->data[start + 22 + i] = newmss >> 8; packet->data[start + 23 + i] = newmss & 0xff; csum ^= 0xffff; - csum -= oldmss; + csum += oldmss ^ 0xffff; csum += newmss; + csum = (csum & 0xffff) + (csum >> 16); + csum += csum >> 16; csum ^= 0xffff; packet->data[start + 16] = csum >> 8; - packet->data[start + 17] = csum & 0xff; + packet->data[start + 17] = csum; break; } }