From 10864cd8a01f17f9e509d694081b566955a81f54 Mon Sep 17 00:00:00 2001 From: Daniel Lenski Date: Sat, 15 May 2021 12:25:06 -0700 Subject: [PATCH] Don't try to set MTU on tunnel interface within (lib)openconnect itself This has been the responsibility of the vpnc-script for a very long time, but the MTU-setting code was retained in openconnect for compatibility with ancient versions of the vpnc-script. The MTU-setting code causes noisy errors when running OpenConnect as non-root, and is simply redundant with all vpnc-scripts since at least 2009 (see https://gitlab.com/openconnect/vpnc-scripts/commit/02b674554db6cf662283ed74941564ccb9c5a8a4). We will need to refine the MTU-setting code in the future (see https://gitlab.com/openconnect/openconnect/-/issues/244#note_576191228), but for now we should remove this code. Signed-off-by: Daniel Lenski --- tun.c | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/tun.c b/tun.c index f5aafc58..a50485d6 100644 --- a/tun.c +++ b/tun.c @@ -186,7 +186,6 @@ intptr_t os_setup_tun(struct openconnect_info *vpninfo) #else /* !__sun__ && !__native_client__ */ -/* MTU setting code for both Linux and BSD systems */ static void ifreq_set_ifname(struct openconnect_info *vpninfo, struct ifreq *ifr) { char *ifname = openconnect_utf8_to_legacy(vpninfo, vpninfo->ifname); @@ -195,28 +194,6 @@ static void ifreq_set_ifname(struct openconnect_info *vpninfo, struct ifreq *ifr free(ifname); } -static int set_tun_mtu(struct openconnect_info *vpninfo) -{ - struct ifreq ifr; - int net_fd; - - net_fd = socket(PF_INET, SOCK_DGRAM, 0); - if (net_fd < 0) { - vpn_perror(vpninfo, _("open net")); - return -EINVAL; - } - - memset(&ifr, 0, sizeof(ifr)); - ifreq_set_ifname(vpninfo, &ifr); - ifr.ifr_mtu = vpninfo->ip_info.mtu; - - if (ioctl(net_fd, SIOCSIFMTU, &ifr) < 0) - vpn_perror(vpninfo, _("SIOCSIFMTU")); - - close(net_fd); - return 0; -} - #ifdef IFF_TUN /* Linux */ intptr_t os_setup_tun(struct openconnect_info *vpninfo) { @@ -263,9 +240,6 @@ intptr_t os_setup_tun(struct openconnect_info *vpninfo) if (!vpninfo->ifname) vpninfo->ifname = strdup(ifr.ifr_name); - /* Ancient vpnc-scripts might not get this right */ - set_tun_mtu(vpninfo); - return tun_fd; } #else /* BSD et al, including OS X */ @@ -440,9 +414,6 @@ intptr_t os_setup_tun(struct openconnect_info *vpninfo) } #endif - /* Ancient vpnc-scripts might not get this right */ - set_tun_mtu(vpninfo); - return tun_fd; } #endif /* !IFF_TUN (i.e. BSD) */ -- 2.50.1