From c5cb79b6f630f7d83b3f701385e162c6a82d5939 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Mon, 10 Jul 2017 02:33:57 +0200 Subject: send: orphan skbs when buffering longterm Otherwise we quickly use up all of a socket's memory, which prevents a socket from sending packets to other interfaces. This also has the nice effect of letting TCP connections continue to attempt to begin, with the older ones being naturally rotated out and freed, so when a connection finally is made, only the later TCP connections are attempted, not the ones that would already have timed out. --- src/send.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/send.c b/src/send.c index 8ff2b11..4086739 100644 --- a/src/send.c +++ b/src/send.c @@ -147,6 +147,7 @@ void packet_create_data_done(struct sk_buff_head *queue, struct wireguard_peer * void packet_send_queue(struct wireguard_peer *peer) { struct sk_buff_head queue; + struct sk_buff *skb; peer->need_resend_queue = false; @@ -180,7 +181,12 @@ void packet_send_queue(struct wireguard_peer *peer) break; case -ENOKEY: /* ENOKEY means that we don't have a valid session for the peer, which - * means we should initiate a session, but after requeuing like above. */ + * means we should initiate a session, but after requeuing like above. + * Since we'll be queuing these up for potentially a little while, we + * first make sure they're no longer using up a socket's write buffer. */ + + skb_queue_walk (&queue, skb) + skb_orphan(skb); spin_lock_bh(&peer->tx_packet_queue.lock); skb_queue_splice(&queue, &peer->tx_packet_queue); -- cgit v1.2.3-59-g8ed1b