Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/crypto/dist/ipsec-tools/src/libipsec From Marcelo Leitner <m...

details:   https://anonhg.NetBSD.org/src/rev/82cf7f1fd332
branches:  trunk
changeset: 771210:82cf7f1fd332
user:      tteras <tteras%NetBSD.org@localhost>
date:      Mon Nov 14 13:24:04 2011 +0000

description:
>From Marcelo Leitner <mleitner%redhat.com@localhost>: do not shrink pfkey socket
buffers (if system default is larger than what we want as minimum)

diffstat:

 crypto/dist/ipsec-tools/src/libipsec/pfkey.c |  37 ++++++++++++++++++++-------
 1 files changed, 27 insertions(+), 10 deletions(-)

diffs (58 lines):

diff -r fafa550975ca -r 82cf7f1fd332 crypto/dist/ipsec-tools/src/libipsec/pfkey.c
--- a/crypto/dist/ipsec-tools/src/libipsec/pfkey.c      Mon Nov 14 11:29:48 2011 +0000
+++ b/crypto/dist/ipsec-tools/src/libipsec/pfkey.c      Mon Nov 14 13:24:04 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: pfkey.c,v 1.21 2011/01/20 16:08:35 vanhu Exp $ */
+/*     $NetBSD: pfkey.c,v 1.22 2011/11/14 13:24:04 tteras Exp $        */
 
 /*     $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $  */
 
@@ -1783,7 +1783,9 @@
 pfkey_open(void)
 {
        int so;
-       int bufsiz = 128 * 1024;        /*is 128K enough?*/
+       int bufsiz_current, bufsiz_wanted;
+       int ret;
+       socklen_t len;
 
        if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) {
                __ipsec_set_strerror(strerror(errno));
@@ -1794,14 +1796,29 @@
         * This is a temporary workaround for KAME PR 154.
         * Don't really care even if it fails.
         */
-       (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF, &bufsiz, sizeof(bufsiz));
-       (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz));
-       bufsiz = 256 * 1024;
-       (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz));
-       bufsiz = 512 * 1024;
-       (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz));
-       bufsiz = 1024 * 1024;
-       (void)setsockopt(so, SOL_SOCKET, SO_RCVBUF, &bufsiz, sizeof(bufsiz));
+       /* Try to have 128k. If we have more, do not lower it. */
+       bufsiz_wanted = 128 * 1024;
+       len = sizeof(bufsiz_current);
+       ret = getsockopt(so, SOL_SOCKET, SO_SNDBUF,
+               &bufsiz_current, &len);
+       if ((ret < 0) || (bufsiz_current < bufsiz_wanted))
+               (void)setsockopt(so, SOL_SOCKET, SO_SNDBUF,
+                       &bufsiz_wanted, sizeof(bufsiz_wanted));
+
+       /* Try to have have at least 2MB. If we have more, do not lower it. */
+       bufsiz_wanted = 2 * 1024 * 1024;
+       len = sizeof(bufsiz_current);
+       ret = getsockopt(so, SOL_SOCKET, SO_RCVBUF,
+               &bufsiz_current, &len);
+       if (ret < 0)
+               bufsiz_current = 128 * 1024;
+
+       for (; bufsiz_wanted > bufsiz_current; bufsiz_wanted /= 2) {
+               if (setsockopt(so, SOL_SOCKET, SO_RCVBUF,
+                               &bufsiz_wanted, sizeof(bufsiz_wanted)) == 0)
+                       break;
+       }
+
        __ipsec_errcode = EIPSEC_NO_ERROR;
        return so;
 }
Home | Main Index | Thread Index | Old Index