mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
271c480357
When encrypting packets, we need to reserve a buffer within which boringtun will encrypt the IP packet. Unfortunately, `boringtun` panics if that buffer is not big enough which essentially brings all of `connlib` down. Really, we should never see a packet that is too large and ideally, we enforce this at compile-time by creating different variants of `IpPacket` that are sized accordingly. That is a large refactoring so until then, we simply discard them instead of panicking. --------- Signed-off-by: Thomas Eizinger <thomas@eizinger.io> Co-authored-by: Jamil <jamilbk@users.noreply.github.com>