diff options
| author | Martin Matuska <mm@FreeBSD.org> | 2011-01-15 00:26:39 +0000 |
|---|---|---|
| committer | Martin Matuska <mm@FreeBSD.org> | 2011-01-15 00:26:39 +0000 |
| commit | 71db92a9dfbb89a42fbb97bf5f7a001d60733389 (patch) | |
| tree | 4363ef3c431d3a11c3a72788d4464d328ab23c30 /net/relayd | |
| parent | e0a1d111b9c41b64490730f8e500748a6b926f7c (diff) | |
| download | ports-71db92a9dfbb89a42fbb97bf5f7a001d60733389.tar.gz ports-71db92a9dfbb89a42fbb97bf5f7a001d60733389.zip | |
Notes
Diffstat (limited to 'net/relayd')
| -rw-r--r-- | net/relayd/Makefile | 2 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-check_tcp.c | 41 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-hce.c | 20 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-log.c | 22 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-relay.c | 115 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-relayd.c | 55 | ||||
| -rw-r--r-- | net/relayd/files/patch-relayd-relayd.h | 46 |
7 files changed, 264 insertions, 37 deletions
diff --git a/net/relayd/Makefile b/net/relayd/Makefile index 7dc8889a32a2..229ae0a2f415 100644 --- a/net/relayd/Makefile +++ b/net/relayd/Makefile @@ -6,7 +6,7 @@ PORTNAME= relayd PORTVERSION= 4.6.20090813 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_LOCAL} MASTER_SITE_SUBDIR= mm diff --git a/net/relayd/files/patch-relayd-check_tcp.c b/net/relayd/files/patch-relayd-check_tcp.c index eb4e13728c75..d46971103271 100644 --- a/net/relayd/files/patch-relayd-check_tcp.c +++ b/net/relayd/files/patch-relayd-check_tcp.c @@ -1,5 +1,42 @@ ---- relayd/check_tcp.c.orig 2010-05-27 11:10:01.114202025 +0200 -+++ relayd/check_tcp.c 2010-05-27 11:22:55.453595437 +0200 +--- relayd/check_tcp.c.orig 2011-01-15 00:27:09.011450590 +0100 ++++ relayd/check_tcp.c 2011-01-15 00:42:05.271822942 +0100 +@@ -50,11 +50,10 @@ + check_tcp(struct ctl_tcp_event *cte) + { + int s; +- int type; + socklen_t len; + struct timeval tv; + struct linger lng; +- int he = HCE_TCP_CONNECT_ERROR; ++ int he = HCE_TCP_SOCKET_OPTION; + + switch (cte->host->conf.ss.ss_family) { + case AF_INET: +@@ -69,17 +68,18 @@ + + len = ((struct sockaddr *)&cte->host->conf.ss)->sa_len; + +- if ((s = socket(cte->host->conf.ss.ss_family, SOCK_STREAM, 0)) == -1) ++ if ((s = socket(cte->host->conf.ss.ss_family, SOCK_STREAM, 0)) == -1) { ++ if (errno == EMFILE || errno == ENFILE) ++ he = HCE_TCP_SOCKET_LIMIT; ++ else ++ he = HCE_TCP_SOCKET_ERROR; + goto bad; ++ } + + bzero(&lng, sizeof(lng)); + if (setsockopt(s, SOL_SOCKET, SO_LINGER, &lng, sizeof(lng)) == -1) + goto bad; + +- type = 1; +- if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &type, sizeof(type)) == -1) +- goto bad; +- + if (cte->host->conf.ttl > 0) { + if (setsockopt(s, IPPROTO_IP, IP_TTL, + &cte->host->conf.ttl, sizeof(int)) == -1) @@ -99,6 +99,7 @@ cte->buf = NULL; diff --git a/net/relayd/files/patch-relayd-hce.c b/net/relayd/files/patch-relayd-hce.c index bea88b501c5c..505edc8a2fe0 100644 --- a/net/relayd/files/patch-relayd-hce.c +++ b/net/relayd/files/patch-relayd-hce.c @@ -1,5 +1,5 @@ ---- relayd/hce.c.orig 2010-05-31 08:54:55.771055422 +0200 -+++ relayd/hce.c 2010-05-31 08:54:50.916277342 +0200 +--- relayd/hce.c.orig 2011-01-15 00:27:09.012456298 +0100 ++++ relayd/hce.c 2011-01-15 00:40:15.058397878 +0100 @@ -62,6 +62,11 @@ case SIGTERM: hce_shutdown(); @@ -21,7 +21,17 @@ switch (pid = fork()) { case -1: -@@ -135,12 +138,17 @@ +@@ -117,6 +120,9 @@ + + event_init(); + ++ /* Allow maximum available sockets for TCP checks */ ++ socket_rlimit(-1); ++ + if ((iev_pfe = calloc(1, sizeof(struct imsgev))) == NULL || + (iev_main = calloc(1, sizeof(struct imsgev))) == NULL) + fatal("hce"); +@@ -135,12 +141,17 @@ iev_main->handler, iev_main); event_add(&iev_main->ev, NULL); @@ -45,7 +55,7 @@ /* setup pipes */ close(pipe_pfe2hce[1]); -@@ -370,6 +378,7 @@ +@@ -370,6 +381,7 @@ objid_t id; struct host *host; struct table *table; @@ -53,7 +63,7 @@ iev = ptr; ibuf = &iev->ibuf; -@@ -437,6 +446,10 @@ +@@ -437,6 +449,10 @@ table->skipped = 0; hce_launch_checks(-1, EV_TIMEOUT, env); break; diff --git a/net/relayd/files/patch-relayd-log.c b/net/relayd/files/patch-relayd-log.c index 35c97fab94e8..4921f9779660 100644 --- a/net/relayd/files/patch-relayd-log.c +++ b/net/relayd/files/patch-relayd-log.c @@ -1,5 +1,5 @@ ---- relayd/log.c.orig 2010-05-31 08:55:55.644112693 +0200 -+++ relayd/log.c 2010-05-31 08:55:50.789959404 +0200 +--- relayd/log.c.orig 2011-01-15 00:27:09.012456298 +0100 ++++ relayd/log.c 2011-01-15 00:39:01.553947279 +0100 @@ -45,6 +45,7 @@ #include "relayd.h" @@ -38,3 +38,21 @@ va_start(ap, emsg); vlog(LOG_DEBUG, emsg, ap); va_end(ap); +@@ -192,9 +200,15 @@ + case HCE_ICMP_WRITE_TIMEOUT: + return ("icmp write timeout"); + break; +- case HCE_TCP_CONNECT_ERROR: +- return ("tcp connect error"); ++ case HCE_TCP_SOCKET_ERROR: ++ return ("tcp socket error"); ++ break; ++ case HCE_TCP_SOCKET_LIMIT: ++ return ("tcp socket limit"); + break; ++ case HCE_TCP_SOCKET_OPTION: ++ return ("tcp socket option"); ++ break; + case HCE_TCP_CONNECT_FAIL: + return ("tcp connect failed"); + break; diff --git a/net/relayd/files/patch-relayd-relay.c b/net/relayd/files/patch-relayd-relay.c index db5614bfef0d..ac59ef482321 100644 --- a/net/relayd/files/patch-relayd-relay.c +++ b/net/relayd/files/patch-relayd-relay.c @@ -1,6 +1,23 @@ ---- relayd/relay.c.orig 2010-05-31 09:13:05.908338459 +0200 -+++ relayd/relay.c 2010-05-31 09:12:54.131616372 +0200 -@@ -105,6 +105,7 @@ +--- relayd/relay.c.orig 2011-01-15 01:22:35.236684399 +0100 ++++ relayd/relay.c 2011-01-15 01:24:07.864955572 +0100 +@@ -28,7 +28,6 @@ + #include <sys/un.h> + #include <sys/tree.h> + #include <sys/hash.h> +-#include <sys/resource.h> + + #include <net/if.h> + #include <netinet/in_systm.h> +@@ -64,7 +63,7 @@ + void relay_init(void); + void relay_launch(void); + int relay_socket(struct sockaddr_storage *, in_port_t, +- struct protocol *, int); ++ struct protocol *, int, int); + int relay_socket_listen(struct sockaddr_storage *, in_port_t, + struct protocol *); + int relay_socket_connect(struct sockaddr_storage *, in_port_t, +@@ -105,6 +104,7 @@ char *, size_t); void relay_close_http(struct rsession *, u_int, const char *, u_int16_t); @@ -8,7 +25,7 @@ SSL_CTX *relay_ssl_ctx_create(struct relay *); void relay_ssl_transaction(struct rsession *, -@@ -148,6 +149,14 @@ +@@ -148,6 +148,14 @@ case SIGTERM: case SIGINT: (void)event_loopexit(NULL); @@ -23,7 +40,7 @@ } } -@@ -158,8 +167,6 @@ +@@ -158,8 +166,6 @@ { pid_t pid; struct passwd *pw; @@ -32,7 +49,7 @@ int i; switch (pid = fork()) { -@@ -213,12 +220,17 @@ +@@ -213,12 +219,17 @@ /* Per-child initialization */ relay_init(); @@ -56,7 +73,72 @@ /* setup pipes */ close(pipe_pfe2hce[0]); -@@ -1312,6 +1324,29 @@ +@@ -452,19 +463,9 @@ + struct relay *rlay; + struct host *host; + struct timeval tv; +- struct rlimit rl; + +- if (getrlimit(RLIMIT_NOFILE, &rl) == -1) +- fatal("relay_init: failed to get resource limit"); +- log_debug("relay_init: max open files %d", rl.rlim_max); +- +- /* +- * Allow the maximum number of open file descriptors for this +- * login class (which should be the class "daemon" by default). +- */ +- rl.rlim_cur = rl.rlim_max; +- if (setrlimit(RLIMIT_NOFILE, &rl) == -1) +- fatal("relay_init: failed to set resource limit"); ++ /* Unlimited file descriptors (use system limits) */ ++ socket_rlimit(-1); + + TAILQ_FOREACH(rlay, env->sc_relays, rl_entry) { + if ((rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT)) && +@@ -625,7 +626,7 @@ + + int + relay_socket(struct sockaddr_storage *ss, in_port_t port, +- struct protocol *proto, int fd) ++ struct protocol *proto, int fd, int reuseport) + { + int s = -1, val; + struct linger lng; +@@ -643,9 +644,12 @@ + bzero(&lng, sizeof(lng)); + if (setsockopt(s, SOL_SOCKET, SO_LINGER, &lng, sizeof(lng)) == -1) + goto bad; +- val = 1; +- if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &val, sizeof(int)) == -1) +- goto bad; ++ if (reuseport) { ++ val = 1; ++ if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &val, ++ sizeof(int)) == -1) ++ goto bad; ++ } + if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) + goto bad; + if (proto->tcpflags & TCPFLAG_BUFSIZ) { +@@ -713,7 +717,7 @@ + { + int s; + +- if ((s = relay_socket(ss, port, proto, fd)) == -1) ++ if ((s = relay_socket(ss, port, proto, fd, 0)) == -1) + return (-1); + + if (connect(s, (struct sockaddr *)ss, ss->ss_len) == -1) { +@@ -734,7 +738,7 @@ + { + int s; + +- if ((s = relay_socket(ss, port, proto, -1)) == -1) ++ if ((s = relay_socket(ss, port, proto, -1, 1)) == -1) + return (-1); + + if (bind(s, (struct sockaddr *)ss, ss->ss_len) == -1) +@@ -1312,6 +1316,29 @@ } void @@ -86,7 +168,7 @@ relay_read_http(struct bufferevent *bev, void *arg) { struct ctl_relay_event *cre = (struct ctl_relay_event *)arg; -@@ -1580,10 +1615,7 @@ +@@ -1580,10 +1607,7 @@ if (relay_bufferevent_print(cre->dst, "\r\n") == -1) goto fail; @@ -98,7 +180,20 @@ done: if (cre->dir == RELAY_DIR_REQUEST && !cre->toread && -@@ -2419,6 +2451,7 @@ +@@ -2380,6 +2404,12 @@ + bufferevent_free(con->se_out.bev); + else if (con->se_out.output != NULL) + evbuffer_free(con->se_out.output); ++ if (con->se_out.ssl != NULL) { ++ /* XXX handle non-blocking shutdown */ ++ if (SSL_shutdown(con->se_out.ssl) == 0) ++ SSL_shutdown(con->se_out.ssl); ++ SSL_free(con->se_out.ssl); ++ } + if (con->se_out.s != -1) + close(con->se_out.s); + if (con->se_out.path != NULL) +@@ -2419,6 +2449,7 @@ struct table *table; struct ctl_status st; objid_t id; @@ -106,7 +201,7 @@ iev = ptr; ibuf = &iev->ibuf; -@@ -2522,6 +2555,10 @@ +@@ -2522,6 +2553,10 @@ imsg_compose_event(iev, IMSG_CTL_END, 0, 0, -1, NULL, 0); break; diff --git a/net/relayd/files/patch-relayd-relayd.c b/net/relayd/files/patch-relayd-relayd.c index 87b994ed7d65..661c23251cc2 100644 --- a/net/relayd/files/patch-relayd-relayd.c +++ b/net/relayd/files/patch-relayd-relayd.c @@ -1,6 +1,14 @@ ---- relayd/relayd.c.orig 2010-05-31 07:32:32.670912835 +0000 -+++ relayd/relayd.c 2010-05-31 07:35:25.223559078 +0000 -@@ -112,6 +112,9 @@ +--- relayd/relayd.c.orig 2011-01-15 00:27:09.020486320 +0100 ++++ relayd/relayd.c 2011-01-15 00:32:43.024188430 +0100 +@@ -26,6 +26,7 @@ + #include <sys/queue.h> + #include <sys/socket.h> + #include <sys/wait.h> ++#include <sys/resource.h> + + #include <net/if.h> + #include <netinet/in.h> +@@ -113,6 +114,9 @@ case SIGHUP: reconfigure(); break; @@ -10,8 +18,8 @@ default: fatalx("unexpected signal"); } -@@ -136,10 +139,6 @@ - u_int32_t opts; +@@ -142,10 +146,6 @@ + #endif struct relayd *env; const char *conffile; - struct event ev_sigint; @@ -21,7 +29,7 @@ struct imsgev *iev; opts = 0; -@@ -245,15 +244,17 @@ +@@ -261,15 +261,17 @@ event_init(); @@ -48,7 +56,7 @@ close(pipe_parent2pfe[1]); close(pipe_parent2hce[1]); -@@ -306,6 +307,8 @@ +@@ -322,6 +324,8 @@ #endif event_dispatch(); @@ -57,7 +65,7 @@ return (0); } -@@ -626,6 +629,7 @@ +@@ -642,6 +646,7 @@ #ifndef __FreeBSD__ struct ctl_demote demote; #endif @@ -65,7 +73,7 @@ iev = ptr; ibuf = &iev->ibuf; -@@ -669,6 +673,10 @@ +@@ -685,6 +690,10 @@ */ reconfigure(); break; @@ -76,7 +84,7 @@ default: log_debug("main_dispatch_pfe: unexpected imsg %d", imsg.hdr.type); -@@ -972,6 +980,7 @@ +@@ -988,6 +997,7 @@ if (timercmp(&tv_next, &tv, >)) bcopy(&tv_next, &tv, sizeof(tv)); @@ -84,7 +92,7 @@ event_set(ev, fd, event, fn, arg); event_add(ev, &tv); } -@@ -1129,6 +1138,7 @@ +@@ -1145,6 +1155,7 @@ } pn->key = strdup(pk->key); if (pn->key == NULL) { @@ -92,3 +100,28 @@ log_warn("out of memory"); return (NULL); } +@@ -1370,3 +1381,24 @@ + + return (0); + } ++ ++void ++socket_rlimit(int maxfd) ++{ ++ struct rlimit rl; ++ ++ if (getrlimit(RLIMIT_NOFILE, &rl) == -1) ++ fatal("socket_rlimit: failed to get resource limit"); ++ log_debug("socket_rlimit: max open files %d", rl.rlim_max); ++ ++ /* ++ * Allow the maximum number of open file descriptors for this ++ * login class (which should be the class "daemon" by default). ++ */ ++ if (maxfd == -1) ++ rl.rlim_cur = rl.rlim_max; ++ else ++ rl.rlim_cur = MAX(rl.rlim_max, (rlim_t)maxfd); ++ if (setrlimit(RLIMIT_NOFILE, &rl) == -1) ++ fatal("socket_rlimit: failed to set resource limit"); ++} diff --git a/net/relayd/files/patch-relayd-relayd.h b/net/relayd/files/patch-relayd-relayd.h index 100b072cd573..33ba4116ff26 100644 --- a/net/relayd/files/patch-relayd-relayd.h +++ b/net/relayd/files/patch-relayd-relayd.h @@ -1,6 +1,32 @@ ---- relayd/relayd.h.orig 2010-05-31 09:21:12.676718667 +0200 -+++ relayd/relayd.h 2010-05-31 09:21:04.892410464 +0200 -@@ -637,6 +637,13 @@ +--- relayd/relayd.h.orig 2011-01-15 00:27:09.022494663 +0100 ++++ relayd/relayd.h 2011-01-15 00:47:37.743251059 +0100 +@@ -19,11 +19,12 @@ + */ + + #include <sys/tree.h> ++ ++#include <sys/param.h> /* MAXHOSTNAMELEN */ ++#include <limits.h> + #ifdef __FreeBSD__ +-#include <sys/param.h> + #include <sys/queue.h> + #endif +- + #include <imsg.h> + + #ifdef __FreeBSD__ +@@ -299,7 +300,9 @@ + HCE_ICMP_OK, + HCE_ICMP_READ_TIMEOUT, + HCE_ICMP_WRITE_TIMEOUT, +- HCE_TCP_CONNECT_ERROR, ++ HCE_TCP_SOCKET_ERROR, ++ HCE_TCP_SOCKET_LIMIT, ++ HCE_TCP_SOCKET_OPTION, + HCE_TCP_CONNECT_FAIL, + HCE_TCP_CONNECT_TIMEOUT, + HCE_TCP_CONNECT_OK, +@@ -637,6 +640,13 @@ struct ctl_icmp_event sc_icmp_recv; struct ctl_icmp_event sc_icmp6_send; struct ctl_icmp_event sc_icmp6_recv; @@ -14,7 +40,7 @@ }; #define RELAYD_OPT_VERBOSE 0x01 -@@ -699,6 +706,7 @@ +@@ -699,6 +709,7 @@ IMSG_CTL_NOTIFY, IMSG_CTL_RDR_STATS, IMSG_CTL_RELAY_STATS, @@ -22,7 +48,7 @@ IMSG_RDR_ENABLE, /* notifies from pfe to hce */ IMSG_RDR_DISABLE, IMSG_TABLE_ENABLE, -@@ -799,7 +807,6 @@ +@@ -799,7 +810,6 @@ int relay_cmp_af(struct sockaddr_storage *, struct sockaddr_storage *); @@ -30,7 +56,15 @@ RB_PROTOTYPE(proto_tree, protonode, se_nodes, relay_proto_cmp); SPLAY_PROTOTYPE(session_tree, rsession, se_nodes, relay_session_cmp); -@@ -894,6 +901,7 @@ +@@ -867,6 +877,7 @@ + void imsg_event_add(struct imsgev *); + int imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t, + pid_t, int, void *, u_int16_t); ++void socket_rlimit(int); + + /* carp.c */ + int carp_demote_init(char *, int); +@@ -898,6 +909,7 @@ /* log.c */ void log_init(int); |