X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Froute.c;h=d1048e76dc7c4890ad23c08a4e68048c6d7106a6;hb=50f23fbc02bd52bdc5cfd4fc9c0c6f177083efda;hp=a3e92020ce4bcc47c2aa10be772990b92cb73c61;hpb=1b777010e7255cb354e31ca28c6442ee86383bac;p=tinc

diff --git a/src/route.c b/src/route.c
index a3e92020..d1048e76 100644
--- a/src/route.c
+++ b/src/route.c
@@ -1,7 +1,7 @@
 /*
     route.c -- routing
     Copyright (C) 2000-2005 Ivo Timmermans,
-                  2000-2013 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2018 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -63,17 +63,20 @@ static timeout_t age_subnets_timeout;
 
 /* RFC 1071 */
 
-static uint16_t inet_checksum(void *data, int len, uint16_t prevsum) {
-	uint16_t *p = data;
+static uint16_t inet_checksum(void *vdata, int len, uint16_t prevsum) {
+	uint8_t *data = vdata;
+	uint16_t word;
 	uint32_t checksum = prevsum ^ 0xFFFF;
 
 	while(len >= 2) {
-		checksum += *p++;
+		memcpy(&word, data, sizeof(word));
+		checksum += word;
+		data += 2;
 		len -= 2;
 	}
 
 	if(len) {
-		checksum += *(uint8_t *)p;
+		checksum += *data;
 	}
 
 	while(checksum >> 16) {
@@ -159,7 +162,7 @@ static void route_ipv4_unreachable(node_t *source, vpn_packet_t *packet, length_
 				addr.sin_family = AF_INET;
 				socklen_t addrlen = sizeof(addr);
 
-				if(!getsockname(sockfd, (struct sockaddr *) &addr, &addrlen) && addrlen <= sizeof(addr)) {
+				if(!getsockname(sockfd, (struct sockaddr *) &addr, &addrlen) && (size_t)addrlen <= sizeof(addr)) {
 					ip_dst = addr.sin_addr;
 				}
 			}
@@ -264,7 +267,7 @@ static void route_ipv6_unreachable(node_t *source, vpn_packet_t *packet, length_
 				addr.sin6_family = AF_INET6;
 				socklen_t addrlen = sizeof(addr);
 
-				if(!getsockname(sockfd, (struct sockaddr *) &addr, &addrlen) && addrlen <= sizeof(addr)) {
+				if(!getsockname(sockfd, (struct sockaddr *) &addr, &addrlen) && (size_t)addrlen <= sizeof(addr)) {
 					pseudo.ip6_src = addr.sin6_addr;
 				}
 			}
@@ -489,6 +492,7 @@ static void clamp_mss(const node_t *source, const node_t *via, vpn_packet_t *pac
 }
 
 static void age_subnets(void *data) {
+	(void)data;
 	bool left = false;
 
 	for splay_each(subnet_t, s, myself->subnet_tree) {
@@ -591,7 +595,7 @@ static void fragment_ipv4_packet(node_t *dest, vpn_packet_t *packet, length_t et
 	logger(DEBUG_TRAFFIC, LOG_INFO, "Fragmenting packet of %d bytes to %s (%s)", packet->len, dest->name, dest->hostname);
 
 	offset = DATA(packet) + ether_size + ip_size;
-	maxlen = (dest->mtu - ether_size - ip_size) & ~0x7;
+	maxlen = (MAX(dest->mtu, 590) - ether_size - ip_size) & ~0x7;
 	ip_off = ntohs(ip.ip_off);
 	origf = ip_off & ~IP_OFFMASK;
 	ip_off &= IP_OFFMASK;
@@ -900,7 +904,7 @@ static void route_neighborsol(node_t *source, vpn_packet_t *packet) {
 	memcpy(DATA(packet), DATA(packet) + ETH_ALEN, ETH_ALEN); /* copy destination address */
 	DATA(packet)[ETH_ALEN * 2 - 1] ^= 0xFF;                  /* mangle source address so it looks like it's not from us */
 
-	ip6.ip6_dst = ip6.ip6_src;                               /* swap destination and source protocoll address */
+	ip6.ip6_dst = ip6.ip6_src;                               /* swap destination and source protocol address */
 	ip6.ip6_src = ns.nd_ns_target;
 
 	if(has_opt) {