diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-12-31 21:52:02 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-12-31 21:52:02 +0000 |
commit | 996a98d33f790a1e6af927c02318649feec6061b (patch) | |
tree | 5d00c8d4d9851daca562e3114cc3c8939ab6cbd6 | |
parent | 32131d8971eef03a74eef7a7127ca32d4378f50e (diff) |
TFO: better observability (slightly) on FreeBSD
-rw-r--r-- | src/src/smtp_out.c | 32 | ||||
-rwxr-xr-x | test/runtest | 2 | ||||
-rw-r--r-- | test/scripts/1990-TCP-Fast-Open/1990 | 15 |
3 files changed, 38 insertions, 11 deletions
diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c index 0bf619795..bb7a0e3b3 100644 --- a/src/src/smtp_out.c +++ b/src/src/smtp_out.c @@ -159,20 +159,32 @@ tfo_out_check(int sock) { # ifdef __FreeBSD__ struct tcp_info tinfo; -int val; -socklen_t len = sizeof(val); +socklen_t len = sizeof(tinfo); -/* The observability as of 12.1 is not useful as a client, only telling us that -a TFO option was used on SYN. It could have been a TFO-R, or ignored by the -server. */ +/* A getsockopt TCP_FASTOPEN unfortunately returns "was-used" for a TFO/R as +well as a TFO/C. Use what we can of the Linux hack below; reliability issues ditto. */ +switch (tcp_out_fastopen) + { + case TFO_ATTEMPTED_NODATA: + if ( getsockopt(sock, IPPROTO_TCP, TCP_INFO, &tinfo, &len) == 0 + && tinfo.tcpi_state == TCPS_SYN_SENT + && tinfo.__tcpi_unacked > 0 + ) + { + DEBUG(D_transport|D_v) + debug_printf("TCP_FASTOPEN tcpi_unacked %d\n", tinfo.__tcpi_unacked); + tcp_out_fastopen = TFO_USED_NODATA; + } + break; + /* + case TFO_ATTEMPTED_DATA: + case TFO_ATTEMPTED_DATA: + if (tinfo.tcpi_options & TCPI_OPT_SYN_DATA) XXX no equvalent as of 12.2 + */ + } -/* -if (tcp_out_fastopen == TFO_ATTEMPTED_NODATA || tcp_out_fastopen == TFO_ATTEMPTED_DATA) - if (getsockopt(sock, IPPROTO_TCP, TCP_FASTOPEN, &val, &len) == 0 && val != 0) {} -*/ switch (tcp_out_fastopen) { - case TFO_ATTEMPTED_NODATA: tcp_out_fastopen = TFO_USED_NODATA; break; case TFO_ATTEMPTED_DATA: tcp_out_fastopen = TFO_USED_DATA; break; default: break; /* compiler quietening */ } diff --git a/test/runtest b/test/runtest index b5ace4ee3..1e604e1cd 100755 --- a/test/runtest +++ b/test/runtest @@ -3112,7 +3112,7 @@ if (defined $parm_trusted_config_list) open(TCL, $parm_trusted_config_list) or die "Can't open $parm_trusted_config_list: $!\n"; my $test_config = getcwd() . '/test-config'; die "Can't find '$test_config' in TRUSTED_CONFIG_LIST $parm_trusted_config_list." - if not grep { /^\Q$test_config\E$/ } <TCL>; + if not grep { /^\Q$test_config\E$/ } <TCL>; } else { diff --git a/test/scripts/1990-TCP-Fast-Open/1990 b/test/scripts/1990-TCP-Fast-Open/1990 index 80059e685..d2c7b75f9 100644 --- a/test/scripts/1990-TCP-Fast-Open/1990 +++ b/test/scripts/1990-TCP-Fast-Open/1990 @@ -27,6 +27,14 @@ # 'net.inet.tcp.fastopen.server_enable=1' in /etc/sysctl.conf # Seems to always claim TFO used by transport, if tried. # +# FreeBSD: tried this setup, but we only get the banner captured 100ms after 3rd-ack: +# #kenv net.inet.ip.fw.default_to_accept=1 +# #kldload ipfw dummynet +# #ipfw add 00097 pipe 1 ip from 127.0.0.1 to 127.0.0.1 +# #ipfw pipe 1 config delay 50ms +# Also, the VM managed to lose the ipv4 & 6 addrs on its main interface +# after a while - so not usable in production +# sudo perl system ("tc qdisc add dev lo root netem delay 50ms"); **** @@ -50,7 +58,14 @@ system ("[ -e /proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec ] && echo 0 # # First clear any previously-obtained cookie: sudo perl +open(INFO, "-|", "/usr/bin/uname -s"); +$_ = <INFO>; +if (/^FreeBSD/) { +system("sysctl net.inet.tcp.fastopen.client_enable=0"); system("sysctl net.inet.tcp.fastopen.client_enable=1"); +} else { system ("ip tcp_metrics delete 127.0.0.1"); +} + **** # # |