update --fix-gro

common.h

@@ -349,7 +349,7 @@ struct not_copy_able_t
 
 const int single_max_data_len=1800;
 const int max_data_len=single_max_data_len*10;
-const int buf_len=max_data_len+400;
+const int buf_len=max_data_len+800;
 
 //const int max_data_len_gro=max_data_len*10;
 //const int buf_len_gro=max_data_len_gro+400;

connection.cpp

@@ -497,8 +497,8 @@ int send_safer(conn_info_t &conn_info,char type,const char* data,int len)  //saf
             return -1;
         }
         write_u16(send_data_buf2,new_len);
-        //send_data_buf2[0]^=gro_xor[0];
-        //send_data_buf2[1]^=gro_xor[1];
+        send_data_buf2[0]^=gro_xor[0];
+        send_data_buf2[1]^=gro_xor[1];
         new_len+=2;
     }
 
@@ -653,30 +653,35 @@ int recv_safer_multi(conn_info_t &conn_info,vector<char> &type_arr,vector<string
     } else
     {
         char *ori_recv_data=recv_data;
+        int ori_recv_len=recv_len;
         //mylog(log_debug,"recv_len:%d\n",recv_len);
+        int cnt=0;
         while(recv_len>2)
         {
+            cnt++;
+            int single_len_no_xor;
+            single_len_no_xor=read_u16(recv_data);
             int single_len;
-            //recv_data[0]^=gro_xor[0];
-            //recv_data[1]^=gro_xor[1];
+            recv_data[0]^=gro_xor[0];
+            recv_data[1]^=gro_xor[1];
             single_len=read_u16(recv_data);
             recv_len-=2;
             recv_data+=2;
             if(single_len > recv_len)
             {
-                mylog(log_debug,"illegal single_len %d, recv_len %d left,dropped\n",single_len,recv_len);
+                mylog(log_debug,"illegal single_len %d(%d), recv_len %d left,dropped\n",single_len,single_len_no_xor,recv_len);
                 break;
             }
             if(single_len> single_max_data_len )
             {
-                mylog(log_warn,"single_len %d > %d\n",single_len,single_max_data_len);
+                mylog(log_warn,"single_len %d(%d) > %d, maybe you need to turn down mtu at upper level\n",single_len,single_len_no_xor,single_max_data_len);
             }
 
             int ret = reserved_parse_safer(conn_info, recv_data, single_len, type, data, len);
 
             if(ret!=0)
             {
-                mylog(log_debug,"parse failed, offset= %d,single_len=%d\n",recv_data-ori_recv_data,single_len);
+                mylog(log_debug,"parse failed, offset= %d,single_len=%d(%d)\n",(int)(recv_data-ori_recv_data),single_len,single_len_no_xor);
             } else{
                 type_arr.push_back(type);
                 data_arr.emplace_back(data,data+len);
@@ -685,6 +690,10 @@ int recv_safer_multi(conn_info_t &conn_info,vector<char> &type_arr,vector<string
             recv_data+=single_len;
             recv_len-=single_len;
         }
+        if(cnt>1)
+        {
+            mylog(log_debug,"got a suspected gro packet, %d packets recovered, recv_len=%d, loop_cnt=%d\n",(int)data_arr.size(),ori_recv_len,cnt);
+        }
         return 0;
     }
 }

encrypt.cpp

@@ -26,7 +26,7 @@ unsigned char hmac_key_decrypt[hmac_key_len + 100];  //key for hmac
 unsigned char cipher_key_encrypt[cipher_key_len + 100];  //key for aes etc.
 unsigned char cipher_key_decrypt[cipher_key_len + 100];  //key for aes etc.
 
-char gro_xor[16+100];//dirty fix for gro
+char gro_xor[256+100];//dirty fix for gro
 
 unordered_map<int, const char *> auth_mode_tostring = {{auth_none, "none"}, {auth_md5, "md5"}, {auth_crc32, "crc32"},{auth_simple,"simple"},{auth_hmac_sha1,"hmac_sha1"},};
 
@@ -87,7 +87,7 @@ int my_init_keys(const char * user_passwd,int is_client)
 		assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)info_hmac_decrypt,strlen(info_hmac_decrypt), hmac_key_decrypt, hmac_key_len )  ==0);
 
         const char *gro_info="gro";
-        assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)gro_info,strlen(gro_info), (unsigned char *)gro_xor, 16 )  ==0);
+        assert( hkdf_sha256_expand( pbkdf2_output1,32, (unsigned char *)gro_info,strlen(gro_info), (unsigned char *)gro_xor, 256 )  ==0);
 	}
 	
 	print_binary_chars(normal_key,16);

encrypt.h

@@ -34,7 +34,7 @@ extern cipher_mode_t cipher_mode;
 extern unordered_map<int, const char *> auth_mode_tostring;
 extern unordered_map<int, const char *> cipher_mode_tostring;
 
-extern char gro_xor[16+100];
+extern char gro_xor[256+100];
 
 int cipher_decrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only
 int cipher_encrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only

misc.cpp

@@ -185,6 +185,8 @@ void print_help()
 	printf("    --mtu-warn            <number>        mtu warning threshold, unit:byte, default:1375\n");
 	printf("    --clear                               clear any iptables rules added by this program.overrides everything\n");
 	printf("    --retry-on-error                      retry on error, allow to start udp2raw before network is initialized\n");
+	printf("    --fix-gro                             try to fix huge packet caused by GRO. this option is at an early stage.\n");
+	printf("                                          make sure client and server are at same version\n");
 	printf("    -h,--help                             print this help message\n");
 
 	//printf("common options,these options must be same on both side\n");

network.cpp

@@ -849,7 +849,7 @@ int pre_recv_raw_packet()
     {
         if(g_fix_gro==0)
         {
-            mylog(log_warn, "huge packet, data_len %d > %d(single_max_data_len) dropped\n", g_packet_buf_len,
+            mylog(log_warn, "huge packet, data_len %d > %d(single_max_data_len) dropped, maybe you need to turn down mtu at upper level, or you may take a look at --fix-gro\n", g_packet_buf_len,
                   single_max_data_len);
             return -1;
         }