git: c9058615733d - main - net/mpd5: minor improvements
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 30 Mar 2023 02:37:17 UTC
The branch main has been updated by eugen:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c9058615733d904933b84ca1fada45bc0e2bbaa0
commit c9058615733d904933b84ca1fada45bc0e2bbaa0
Author: Eugene Grosbein <eugen@FreeBSD.org>
AuthorDate: 2023-03-30 02:25:00 +0000
Commit: Eugene Grosbein <eugen@FreeBSD.org>
CommitDate: 2023-03-30 02:37:05 +0000
net/mpd5: minor improvements
Import several improvement from upstream:
* r2408,2409 - use SOCK_CLOEXEC for all sockets including PPtP,
web and telnet consoles, so that subprocesses like ip-up/down scripts
do not inherit such sockets;
* r2415 - avoid inadequate MTU undervalueing when bundle compression
and/or encryption configured but not negotiated;
f.e. PPPoE interface MTU could be set to 1490 instead of 1492 previously;
* r2482,2483 - improve client-side implementation of PPP-Max-Payload (RFC4638)
and do not limit "set pppoe max-payload {size}" to 1510
but use MTU of parent interface minus 8, as per RFC;
also, relax sanity check for "set link mtu/mru" in case of PPPoE,
so that it is possible to configure values like 1500 and over, if needed.
---
net/mpd5/Makefile | 2 +-
net/mpd5/files/patch-cloexec | 98 ++++++++++++++++++++++++++++++++
net/mpd5/files/patch-max-payload | 118 +++++++++++++++++++++++++++++++++++++++
net/mpd5/files/patch-overhead | 18 ++++++
4 files changed, 235 insertions(+), 1 deletion(-)
diff --git a/net/mpd5/Makefile b/net/mpd5/Makefile
index a2d7c85e8dad..d63d862eb150 100644
--- a/net/mpd5/Makefile
+++ b/net/mpd5/Makefile
@@ -1,6 +1,6 @@
PORTNAME= mpd
DISTVERSION= 5.9
-PORTREVISION= 13
+PORTREVISION= 14
CATEGORIES= net
MASTER_SITES= SF/${PORTNAME}/Mpd5/Mpd-${PORTVERSION}
PKGNAMESUFFIX= 5
diff --git a/net/mpd5/files/patch-cloexec b/net/mpd5/files/patch-cloexec
new file mode 100644
index 000000000000..7417dd231c04
--- /dev/null
+++ b/net/mpd5/files/patch-cloexec
@@ -0,0 +1,98 @@
+Index: src/contrib/libpdel/http/http_server.c
+===================================================================
+--- src/contrib/libpdel/http/http_server.c (revision 2407)
++++ src/contrib/libpdel/http/http_server.c (revision 2409)
+@@ -243,10 +243,16 @@ http_server_start(struct pevent_ctx *ctx, struct in_ad
+ }
+
+ /* Create socket */
+- if ((serv->sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) {
++#ifdef SOCK_CLOEXEC
++#define hs_stype(x) (x | SOCK_CLOEXEC)
++#else
++#define hs_stype(x) (x)
++#endif
++ if ((serv->sock = socket(PF_INET, hs_stype(SOCK_STREAM), IPPROTO_TCP)) == -1) {
+ (*serv->logger)(LOG_ERR, "%s: %s", "socket", strerror(errno));
+ goto fail;
+ }
++#undef hs_stype
+ (void)fcntl(serv->sock, F_SETFD, 1);
+ if (setsockopt(serv->sock, SOL_SOCKET,
+ SO_REUSEADDR, &one, sizeof(one)) == -1) {
+Index: src/l2tp.c
+===================================================================
+--- src/l2tp.c (revision 2407)
++++ src/l2tp.c (revision 2409)
+@@ -1632,9 +1632,9 @@ L2tpListen(Link l)
+
+ /* Setup UDP socket that listens for new connections */
+ if (s->self_addr.family==AF_INET6) {
+- s->sock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
++ s->sock = socket(PF_INET6, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ } else {
+- s->sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
++ s->sock = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ }
+ if (s->sock == -1) {
+ Perror("L2TP: socket");
+Index: src/radsrv.c
+===================================================================
+--- src/radsrv.c (revision 2407)
++++ src/radsrv.c (revision 2409)
+@@ -661,7 +661,7 @@ RadsrvOpen(Radsrv w)
+ return (-1);
+ }
+
+- if ((w->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) {
++ if ((w->fd = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP)) == -1) {
+ Perror("%s: Cannot create socket", __FUNCTION__);
+ return (-1);
+ }
+Index: src/udp.c
+===================================================================
+--- src/udp.c (revision 2407)
++++ src/udp.c (revision 2409)
+@@ -652,9 +652,9 @@ UdpListen(Link l)
+
+ /* Make listening UDP socket. */
+ if (pi->If->self_addr.family==AF_INET6) {
+- pi->If->csock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
++ pi->If->csock = socket(PF_INET6, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ } else {
+- pi->If->csock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
++ pi->If->csock = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ }
+ (void)fcntl(pi->If->csock, F_SETFD, 1);
+
+Index: src/util.c
+===================================================================
+--- src/util.c (revision 2407)
++++ src/util.c (revision 2409)
+@@ -921,7 +921,7 @@ GetInetSocket(int type, struct u_addr *addr, in_port_t
+
+ /* Get and bind non-blocking socket */
+
+- if ((sock = socket(sa.ss_family, type, type == SOCK_STREAM ? IPPROTO_TCP : 0)) < 0)
++ if ((sock = socket(sa.ss_family, socktype(type), type == SOCK_STREAM ? IPPROTO_TCP : 0)) < 0)
+ {
+ snprintf(ebuf, len, "socket: %s", strerror(errno));
+ return(-1);
+Index: src/util.h
+===================================================================
+--- src/util.h (revision 2407)
++++ src/util.h (revision 2409)
+@@ -103,8 +103,12 @@ extern int IfaceSetFlag(const char *ifname, int value)
+
+ #ifndef HAVE_NTOA_R
+ extern char *ether_ntoa_r(const struct ether_addr *n, char *a);
+-
+ #endif
+
++#ifdef SOCK_CLOEXEC
++#define socktype(x) ((x) | SOCK_CLOEXEC)
++#else
++#define socktype(x) (x)
++#endif
+
+ #endif
diff --git a/net/mpd5/files/patch-max-payload b/net/mpd5/files/patch-max-payload
new file mode 100644
index 000000000000..a4ffecd37a43
--- /dev/null
+++ b/net/mpd5/files/patch-max-payload
@@ -0,0 +1,118 @@
+Index: src/link.c
+===================================================================
+--- src/link.c (revision 2481)
++++ src/link.c (revision 2483)
+@@ -1549,7 +1549,7 @@ LinkSetCommand(Context ctx, int ac, const char *const
+ name = ((intptr_t)arg == SET_MTU) ? "MTU" : "MRU";
+ if (val < LCP_MIN_MRU)
+ Error("min %s is %d", name, LCP_MIN_MRU);
+- else if (l->type && (val > l->type->mru)) {
++ else if (l->type && (val > l->type->mtu)) {
+ Error("max %s on type \"%s\" links is %d",
+ name, l->type->name, l->type->mru);
+ } else if ((intptr_t)arg == SET_MTU)
+Index: src/pppoe.c
+===================================================================
+--- src/pppoe.c (revision 2481)
++++ src/pppoe.c (revision 2483)
+@@ -31,7 +31,7 @@
+ * DEFINITIONS
+ */
+
+-#define PPPOE_MTU 1492 /* allow room for PPPoE overhead */
++#define PPPOE_MTU (ETHER_MAX_LEN_JUMBO - 8)
+ #define PPPOE_MRU 1492
+
+ #define PPPOE_CONNECT_TIMEOUT 9
+@@ -1712,6 +1712,7 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ unsigned i;
+ #ifdef NGM_PPPOE_SETMAXP_COOKIE
+ int ap;
++ uint16_t mtu;
+ #endif
+ switch ((intptr_t)arg) {
+ case SET_IFACE:
+@@ -1732,6 +1733,20 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ }
+ }
+ strlcpy(pi->hook, hookname, sizeof(pi->hook));
++
++#ifdef NGM_PPPOE_SETMAXP_COOKIE
++ if (pi->max_payload > 0) {
++ mtu = GetSystemIfaceMTU(pi->iface);
++ if (mtu == 0)
++ mtu = ETHER_MAX_LEN;
++ if (pi->max_payload > mtu - 8) {
++ pi->max_payload = mtu - 8;
++ Perror("[%s] PPPoE: PPP-Max-Payload"
++ " value reduced to %hu",
++ pi->iface, pi->max_payload);
++ }
++ }
++#endif
+ break;
+ default:
+ return(-1);
+@@ -1762,8 +1777,18 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ if (ac != 1)
+ return(-1);
+ ap = atoi(av[0]);
+- if (ap < PPPOE_MRU || ap > ETHER_MAX_LEN - 8)
+- Error("PPP-Max-Payload value \"%s\"", av[0]);
++ if (pi->iface[0] == '\0') {
++ if (ap < PPPOE_MRU) /* postpone check for MTU */
++ Error("PPP-Max-Payload value \"%s\" less than %d",
++ av[0], PPPOE_MRU);
++ } else {
++ mtu = GetSystemIfaceMTU(pi->iface);
++ if (mtu == 0)
++ mtu = ETHER_MAX_LEN;
++ if (ap < PPPOE_MRU || ap > mtu - 8)
++ Error("PPP-Max-Payload value \"%s\" not in a range of %d..%hu",
++ av[0], PPPOE_MRU, mtu);
++ }
+ pi->max_payload = ap;
+ break;
+ #endif
+Index: src/util.c
+===================================================================
+--- src/util.c (revision 2481)
++++ src/util.c (revision 2483)
+@@ -1597,3 +1597,25 @@ ssize_t GetDataAddrs(int sock, void *dbuf, size_t dbuf
+
+ return (size);
+ }
++
++uint16_t GetSystemIfaceMTU(const char *ifname)
++{
++ struct ifreq ifr;
++ static int sock = -1;
++
++ if (sock == -1 &&
++ (sock = socket(PF_INET, socktype(SOCK_DGRAM), 0)) == -1) {
++ Perror("[%s] %s: Socket creation error", ifname, __FUNCTION__);
++ return (0);
++ }
++
++ memset(&ifr, 0, sizeof(ifr));
++ strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
++
++ if (ioctl(sock, SIOCGIFMTU, (caddr_t)&ifr) == -1) {
++ Perror("[%s] %s: SIOCGIFMTU failed", ifname, __FUNCTION__);
++ return (0);
++ }
++ /* Let _exit() close sock */
++ return (ifr.ifr_mtu);
++}
+Index: src/util.h
+===================================================================
+--- src/util.h (revision 2481)
++++ src/util.h (revision 2483)
+@@ -98,6 +98,7 @@ extern u_int32_t GenerateMagic(void);
+ extern int GetAnyIpAddress(struct u_addr *ipaddr, const char *ifname);
+ extern int GetEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
+ extern int GetPeerEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
++extern uint16_t GetSystemIfaceMTU(const char *ifname);
+ extern void ppp_util_ascify(char *buf, size_t max, const char *bytes, size_t len);
+ extern int IfaceSetFlag(const char *ifname, unsigned value);
+
diff --git a/net/mpd5/files/patch-overhead b/net/mpd5/files/patch-overhead
new file mode 100644
index 000000000000..6841949c1aaf
--- /dev/null
+++ b/net/mpd5/files/patch-overhead
@@ -0,0 +1,18 @@
+Index: src/bund.c
+===================================================================
+--- src/bund.c (revision 2414)
++++ src/bund.c (revision 2415)
+@@ -900,9 +900,11 @@ BundUpdateParams(Bund b)
+
+ /* Subtract to make room for various frame-bloating protocols */
+ if (b->n_up > 0) {
+- if (Enabled(&b->conf.options, BUND_CONF_COMPRESSION))
++ if (Enabled(&b->conf.options, BUND_CONF_COMPRESSION) &&
++ b->pppConfig.bund.enableCompression)
+ mtu = CcpSubtractBloat(b, mtu);
+- if (Enabled(&b->conf.options, BUND_CONF_ENCRYPTION))
++ if (Enabled(&b->conf.options, BUND_CONF_ENCRYPTION) &&
++ b->pppConfig.bund.enableEncryption)
+ mtu = EcpSubtractBloat(b, mtu);
+ }
+