search

bjdgyc / anylink

AnyLink是一个企业级远程办公 ssl vpn 软件,可以支持多人同时在线使用。基于 openconnect 协议开发,并且借鉴了 ocserv 的开发思路,可以完全兼容 AnyConnect 客户端。
GNU Affero General Public License v3.0
1.55k stars 375 forks source link

遵循 DPD-REQ 协议,修复 OpenConnect DTLS 的 MTU 探测 #285

Closed itviewer closed 6 months ago

itviewer commented 6 months ago

https://datatracker.ietf.org/doc/html/draft-mavrogiannopoulos-openconnect-04#name-the-cstp-channel-protocol

DPD-REQ: used for dead peer detection. Once sent the peer should reply with a DPD-RESP packet, that has the same contents as the original request.

openconnect 的 DTLS 根据 DPD-RESP 最终确定 mtu,否则设为最小值。 之前的代码没有遵循上面的描述返回原样内容,导致 openconnect 的 dtls 网速很慢

codecov-commenter commented 6 months ago

Codecov Report

Attention: 2 lines in your changes are missing coverage. Please review.

Comparison is base (3f07224) 18.99% compared to head (ffd68d6) 18.98%.

Files Patch % Lines
server/handler/link_dtls.go 0.00% 2 Missing :warning:

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## dev #285 +/- ## ========================================== - Coverage 18.99% 18.98% -0.01% ========================================== Files 64 64 Lines 4265 4266 +1 ========================================== Hits 810 810 - Misses 3330 3331 +1 Partials 125 125 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.