X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_packet.c;h=ecdcfe203e9b7e39937d9832c99d2aa56c4aa26b;hb=66f325f4674e70d83744626f3b8dda6760f8d613;hp=012085e22bf8e9beb40185e11febd90701ede2b1;hpb=3d41e7d71247998b7c4a3dd4eacb93bd3529428d;p=tinc

diff --git a/src/net_packet.c b/src/net_packet.c
index 012085e2..ecdcfe20 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -767,7 +767,7 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) {
 
 	/* Send it via TCP if it is a handshake packet, TCPOnly is in use, or this packet is larger than the MTU. */
 
-	if(type >= SPTPS_HANDSHAKE || ((myself->options | to->options) & OPTION_TCPONLY) || (type != PKT_PROBE && len > to->minmtu)) {
+	if(type >= SPTPS_HANDSHAKE || ((myself->options | to->options) & OPTION_TCPONLY) || (type != PKT_PROBE && (len - SPTPS_DATAGRAM_OVERHEAD) > to->minmtu)) {
 		char buf[len * 4 / 3 + 5];
 		b64encode(data, buf, len);
 		/* If no valid key is known yet, send the packets using ANS_KEY requests,
@@ -792,6 +792,8 @@ bool send_sptps_data(void *handle, uint8_t type, const char *data, size_t len) {
 
 	if(sendto(listen_socket[sock].udp.fd, data, len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) {
 		if(sockmsgsize(sockerrno)) {
+			// Compensate for SPTPS overhead
+			len -= SPTPS_DATAGRAM_OVERHEAD;
 			if(to->maxmtu >= len)
 				to->maxmtu = len - 1;
 			if(to->mtu >= len)