From 8c81f7673b033ed7e77221375aeda72b737a4181 Mon Sep 17 00:00:00 2001 From: wangyu Date: Mon, 15 Jul 2019 13:00:16 -0400 Subject: [PATCH] update --fix-gro --- common.h | 2 +- connection.cpp | 23 ++++++++++++++++------- encrypt.cpp | 4 ++-- encrypt.h | 2 +- misc.cpp | 2 ++ network.cpp | 2 +- 6 files changed, 23 insertions(+), 12 deletions(-) diff --git a/common.h b/common.h index 3390977..1ddade8 100644 --- a/common.h +++ b/common.h @@ -349,7 +349,7 @@ struct not_copy_able_t const int single_max_data_len=1800; const int max_data_len=single_max_data_len*10; -const int buf_len=max_data_len+400; +const int buf_len=max_data_len+800; //const int max_data_len_gro=max_data_len*10; //const int buf_len_gro=max_data_len_gro+400; diff --git a/connection.cpp b/connection.cpp index beea633..62d7cdb 100644 --- a/connection.cpp +++ b/connection.cpp @@ -497,8 +497,8 @@ int send_safer(conn_info_t &conn_info,char type,const char* data,int len) //saf return -1; } write_u16(send_data_buf2,new_len); - //send_data_buf2[0]^=gro_xor[0]; - //send_data_buf2[1]^=gro_xor[1]; + send_data_buf2[0]^=gro_xor[0]; + send_data_buf2[1]^=gro_xor[1]; new_len+=2; } @@ -653,30 +653,35 @@ int recv_safer_multi(conn_info_t &conn_info,vector &type_arr,vector2) { + cnt++; + int single_len_no_xor; + single_len_no_xor=read_u16(recv_data); int single_len; - //recv_data[0]^=gro_xor[0]; - //recv_data[1]^=gro_xor[1]; + recv_data[0]^=gro_xor[0]; + recv_data[1]^=gro_xor[1]; single_len=read_u16(recv_data); recv_len-=2; recv_data+=2; if(single_len > recv_len) { - mylog(log_debug,"illegal single_len %d, recv_len %d left,dropped\n",single_len,recv_len); + mylog(log_debug,"illegal single_len %d(%d), recv_len %d left,dropped\n",single_len,single_len_no_xor,recv_len); break; } if(single_len> single_max_data_len ) { - mylog(log_warn,"single_len %d > %d\n",single_len,single_max_data_len); + mylog(log_warn,"single_len %d(%d) > %d, maybe you need to turn down mtu at upper level\n",single_len,single_len_no_xor,single_max_data_len); } int ret = reserved_parse_safer(conn_info, recv_data, single_len, type, data, len); if(ret!=0) { - mylog(log_debug,"parse failed, offset= %d,single_len=%d\n",recv_data-ori_recv_data,single_len); + mylog(log_debug,"parse failed, offset= %d,single_len=%d(%d)\n",(int)(recv_data-ori_recv_data),single_len,single_len_no_xor); } else{ type_arr.push_back(type); data_arr.emplace_back(data,data+len); @@ -685,6 +690,10 @@ int recv_safer_multi(conn_info_t &conn_info,vector &type_arr,vector1) + { + mylog(log_debug,"got a suspected gro packet, %d packets recovered, recv_len=%d, loop_cnt=%d\n",(int)data_arr.size(),ori_recv_len,cnt); + } return 0; } } diff --git a/encrypt.cpp b/encrypt.cpp index 7ee2e68..0df0c01 100755 --- a/encrypt.cpp +++ b/encrypt.cpp @@ -26,7 +26,7 @@ unsigned char hmac_key_decrypt[hmac_key_len + 100]; //key for hmac unsigned char cipher_key_encrypt[cipher_key_len + 100]; //key for aes etc. unsigned char cipher_key_decrypt[cipher_key_len + 100]; //key for aes etc. -char gro_xor[16+100];//dirty fix for gro +char gro_xor[256+100];//dirty fix for gro unordered_map auth_mode_tostring = {{auth_none, "none"}, {auth_md5, "md5"}, {auth_crc32, "crc32"},{auth_simple,"simple"},{auth_hmac_sha1,"hmac_sha1"},}; @@ -87,7 +87,7 @@ int my_init_keys(const char * user_passwd,int is_client) assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_hmac_decrypt,strlen(info_hmac_decrypt), hmac_key_decrypt, hmac_key_len ) ==0); const char *gro_info="gro"; - assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)gro_info,strlen(gro_info), (unsigned char *)gro_xor, 16 ) ==0); + assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)gro_info,strlen(gro_info), (unsigned char *)gro_xor, 256 ) ==0); } print_binary_chars(normal_key,16); diff --git a/encrypt.h b/encrypt.h index 4bd556b..fc22f17 100755 --- a/encrypt.h +++ b/encrypt.h @@ -34,7 +34,7 @@ extern cipher_mode_t cipher_mode; extern unordered_map auth_mode_tostring; extern unordered_map cipher_mode_tostring; -extern char gro_xor[16+100]; +extern char gro_xor[256+100]; int cipher_decrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only int cipher_encrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only diff --git a/misc.cpp b/misc.cpp index e3dc380..dc6c52f 100644 --- a/misc.cpp +++ b/misc.cpp @@ -185,6 +185,8 @@ void print_help() printf(" --mtu-warn mtu warning threshold, unit:byte, default:1375\n"); printf(" --clear clear any iptables rules added by this program.overrides everything\n"); printf(" --retry-on-error retry on error, allow to start udp2raw before network is initialized\n"); + printf(" --fix-gro try to fix huge packet caused by GRO. this option is at an early stage.\n"); + printf(" make sure client and server are at same version\n"); printf(" -h,--help print this help message\n"); //printf("common options,these options must be same on both side\n"); diff --git a/network.cpp b/network.cpp index 0585c79..188666c 100644 --- a/network.cpp +++ b/network.cpp @@ -849,7 +849,7 @@ int pre_recv_raw_packet() { if(g_fix_gro==0) { - mylog(log_warn, "huge packet, data_len %d > %d(single_max_data_len) dropped\n", g_packet_buf_len, + mylog(log_warn, "huge packet, data_len %d > %d(single_max_data_len) dropped, maybe you need to turn down mtu at upper level, or you may take a look at --fix-gro\n", g_packet_buf_len, single_max_data_len); return -1; }