summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2020-12-31 21:52:02 +0000
committerJeremy Harris <jgh146exb@wizmail.org>2020-12-31 21:52:02 +0000
commit996a98d33f790a1e6af927c02318649feec6061b (patch)
tree5d00c8d4d9851daca562e3114cc3c8939ab6cbd6
parent32131d8971eef03a74eef7a7127ca32d4378f50e (diff)
TFO: better observability (slightly) on FreeBSD
-rw-r--r--src/src/smtp_out.c32
-rwxr-xr-xtest/runtest2
-rw-r--r--test/scripts/1990-TCP-Fast-Open/199015
3 files changed, 38 insertions, 11 deletions
diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c
index 0bf619795..bb7a0e3b3 100644
--- a/src/src/smtp_out.c
+++ b/src/src/smtp_out.c
@@ -159,20 +159,32 @@ tfo_out_check(int sock)
{
# ifdef __FreeBSD__
struct tcp_info tinfo;
-int val;
-socklen_t len = sizeof(val);
+socklen_t len = sizeof(tinfo);
-/* The observability as of 12.1 is not useful as a client, only telling us that
-a TFO option was used on SYN. It could have been a TFO-R, or ignored by the
-server. */
+/* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as
+well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */
+switch (tcp_out_fastopen)
+ {
+ case TFO_ATTEMPTED_NODATA:
+ if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0
+ && tinfo.tcpi_state == TCPS_SYN_SENT
+ && tinfo.__tcpi_unacked > 0
+ )
+ {
+ DEBUG(D_transport|D_v)
+ debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked);
+ tcp_out_fastopen = TFO_USED_NODATA;
+ }
+ break;
+ /*
+ case TFO_ATTEMPTED_DATA:
+ case TFO_ATTEMPTED_DATA:
+ if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2
+ */
+ }
-/*
-if (tcp_out_fastopen == TFO_ATTEMPTED_NODATA || tcp_out_fastopen == TFO_ATTEMPTED_DATA)
- if (getsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN, &val, &len) == 0 && val != 0) {}
-*/
switch (tcp_out_fastopen)
{
- case TFO_ATTEMPTED_NODATA: tcp_out_fastopen = TFO_USED_NODATA; break;
case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break;
default: break; /* compiler quietening */
}
diff --git a/test/runtest b/test/runtest
index b5ace4ee3..1e604e1cd 100755
--- a/test/runtest
+++ b/test/runtest
@@ -3112,7 +3112,7 @@ if (defined $parm_trusted_config_list)
open(TCL, $parm_trusted_config_list) or die "Can't open $parm_trusted_config_list: $!\n";
my $test_config = getcwd() . '/test-config';
die "Can't find '$test_config' in TRUSTED_CONFIG_LIST $parm_trusted_config_list."
- if not grep { /^\Q$test_config\E$/ } <TCL>;
+ if not grep { /^\Q$test_config\E$/ } <TCL>;
}
else
{
diff --git a/test/scripts/1990-TCP-Fast-Open/1990 b/test/scripts/1990-TCP-Fast-Open/1990
index 80059e685..d2c7b75f9 100644
--- a/test/scripts/1990-TCP-Fast-Open/1990
+++ b/test/scripts/1990-TCP-Fast-Open/1990
@@ -27,6 +27,14 @@
# 'net.inet.tcp.fastopen.server_enable=1' in /etc/sysctl.conf
# Seems to always claim TFO used by transport, if tried.
#
+# FreeBSD: tried this setup, but we only get the banner captured 100ms after 3rd-ack:
+# #kenv net.inet.ip.fw.default_to_accept=1
+# #kldload ipfw dummynet
+# #ipfw add 00097 pipe 1 ip from 127.0.0.1 to 127.0.0.1
+# #ipfw pipe 1 config delay 50ms
+# Also, the VM managed to lose the ipv4 & 6 addrs on its main interface
+# after a while - so not usable in production
+#
sudo perl
system ("tc qdisc add dev lo root netem delay 50ms");
****
@@ -50,7 +58,14 @@ system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 0
#
# First clear any previously-obtained cookie:
sudo perl
+open(INFO, "-|", "/usr/bin/uname -s");
+$_ = <INFO>;
+if (/^FreeBSD/) {
+system("sysctl net.inet.tcp.fastopen.client_enable=0"); system("sysctl net.inet.tcp.fastopen.client_enable=1");
+} else {
system ("ip tcp_metrics delete 127.0.0.1");
+}
+
****
#
#