1 files changed, 19 insertions, 4 deletions

diff --git a/mullvad-masque-proxy/src/lib.rs b/mullvad-masque-proxy/src/lib.rs
index e6533b5368..7d22dc11d7 100644
--- a/mullvad-masque-proxy/src/lib.rs
+++ b/mullvad-masque-proxy/src/lib.rs
@@ -27,21 +27,36 @@ const UDP_HEADER_SIZE: u16 = 8;
 /// QUIC header size. This is conservative, real overhead varies
 const QUIC_HEADER_SIZE: u16 = 41;
 
+/// The minimum allowed `max_udp_payload_size`-value allowed by [quinn::EndpointConfig].
+/// FIXME: A bug in the proxy server implementation sets the actual minimum value to 1252 instead
+/// of 1200, which would be according to spec.
+const MIN_MAX_UDP_PAYLOAD_SIZE: u16 = 1252;
+
 /// This is the size of the payload that stores QUIC packets
 /// MTU - IP header - UDP header
+///
+/// Note that [quinn::EndpointConfig] accepts a minimum value of 1200.
 const fn compute_udp_payload_size(mtu: u16, target_addr: SocketAddr) -> u16 {
     let ip_overhead = if target_addr.is_ipv4() { 20 } else { 40 };
-    mtu - ip_overhead - UDP_HEADER_SIZE
+    let desired_max = mtu - ip_overhead - UDP_HEADER_SIZE;
+
+    if desired_max < MIN_MAX_UDP_PAYLOAD_SIZE {
+        MIN_MAX_UDP_PAYLOAD_SIZE
+    } else {
+        desired_max
+    }
 }
 
-/// Minimum allowed MTU (IPv6) is the overhead of all headers, plus 1 byte for actual data.
+/// Minimum allowed MTU (IPv4)
+///
 /// QUIC defines that clients must support UDP payloads of at least 1200 bytes.
 /// <https://datatracker.ietf.org/doc/html/rfc9000#section-8.1>
 // 20 = IPv4 header (without optional fields)
 pub const MIN_IPV4_MTU: u16 = 20 + UDP_HEADER_SIZE + 1200;
 
-/// Minimum allowed MTU (IPv6) is the overhead of all headers, plus 1 byte for actual data.
+/// Minimum allowed MTU (IPv6)
+///
 /// QUIC defines that clients must support UDP payloads of at least 1200 bytes.
 /// <https://datatracker.ietf.org/doc/html/rfc9000#section-8.1>
-// 40 = IPv6 header (without optional fields)
+// 40 = IPv6 header
 pub const MIN_IPV6_MTU: u16 = 40 + UDP_HEADER_SIZE + 1200;