desync: ignore higher ttls in cmsgs

Instead of short-circuting processing subsequent cmsgs, assume the TTL in a cmsg is probably incorrect if its higher than max TTL sent.
celzero · Aug 22, 2024 · fb41a2f · fb41a2f · ignoramous · Aug 23, 2024
1 parent 840c927
commit fb41a2f
Showing 1 changed file with 8 additions and 10 deletions.
diff --git a/intra/dialers/split_and_desync.go b/intra/dialers/split_and_desync.go
@@ -238,21 +238,19 @@ func desyncWithTraceroute(d *protect.RDial, ipp netip.AddrPort) (*overwriteSplit
 			if exceedsHopLimit(cmsgs) {
 				fromPort := from.(*unix.SockaddrInet6).Port
 				ttl := fromPort - basePort
-				if ttl > desync_max_ttl {
-					break
-				}
-				oc.ttl = max(oc.ttl, ttl)
-				processed = true
+				if ttl <= desync_max_ttl {
+					oc.ttl = max(oc.ttl, ttl)
+					processed = true
+				} // else: corrupted packet?
 			}
 		} else {
 			if exceedsTTL(cmsgs) {
 				fromPort := from.(*unix.SockaddrInet4).Port
 				ttl := fromPort - basePort
-				if ttl > desync_max_ttl {
-					break
-				}
-				oc.ttl = max(oc.ttl, ttl)
-				processed = true
+				if ttl <= desync_max_ttl {
+					oc.ttl = max(oc.ttl, ttl)
+					processed = true
+				} // else: corrupted packet?
 			}
 		}
 	}