tun_recv: removed mssfix limit for IPv4 traffic if DF is not set

Signed-off-by: Marco Baffo <[email protected]>

Author: mrbff

openvpn/client/cliproto.hpp

@@ -443,12 +443,25 @@ class Session : ProtoContextCallbackInterface,
             if (buf.size())
             {
                 const ProtoContext::ProtoConfig &c = proto_context.conf();
+
+                bool df = true;
+
+                // Check if the packet is IPv4
+                if (IPCommon::version(buf[0]) == IPCommon::IPv4 && buf.size() >= sizeof(struct IPv4Header))
+                {
+                    // The Flags field is in the 6th byte (starting from index 6) of the IPv4 header
+                    uint16_t flags_and_fragment_offset = ntohs(*(uint16_t*)&buf[6]);
+
+                    df = (flags_and_fragment_offset & IPv4Header::DF) != 0;
+                }
+                
                 // when calculating mss, we take IPv4 and TCP headers into account
                 // here we need to add it back since we check the whole IP packet size, not just TCP payload
                 constexpr size_t MinTcpHeader = 20;
                 constexpr size_t MinIpHeader = 20;
                 size_t mss_no_tcp_ip_encap = c.mss_fix + (MinTcpHeader + MinIpHeader);
-                if (c.mss_fix > 0 && buf.size() > mss_no_tcp_ip_encap)
+            
+                if (df && c.mss_fix > 0 && buf.size() > mss_no_tcp_ip_encap)
                 {
                     Ptb::generate_icmp_ptb(buf, clamp_to_typerange<unsigned short>(mss_no_tcp_ip_encap));
                     tun->tun_send(buf);

openvpn/ip/ip4.hpp

@@ -52,6 +52,7 @@ struct IPv4Header
     enum
     {
         OFFMASK = 0x1fff,
+        DF = 0x4000,
     };
     std::uint16_t frag_off;