net/mpd5: minor improvements

Import several improvement from upstream: * r2408,2409 - use SOCK_CLOEXEC for all sockets including PPtP, web and telnet consoles, so that subprocesses like ip-up/down scripts do not inherit such sockets; * r2415 - avoid inadequate MTU undervalueing when bundle compression and/or encryption configured but not negotiated; f.e. PPPoE interface MTU could be set to 1490 instead of 1492 previously; * r2482,2483 - improve client-side implementation of PPP-Max-Payload (RFC4638) and do not limit "set pppoe max-payload {size}" to 1510 but use MTU of parent interface minus 8, as per RFC; also, relax sanity check for "set link mtu/mru" in case of PPPoE, so that it is possible to configure values like 1500 and over, if needed.
freebsd · Mar 30, 2023 · c905861 · c905861
1 parent 4ef8f0d
commit c905861
Show file tree

Hide file tree

Showing 4 changed files with 235 additions and 1 deletion.
diff --git a/net/mpd5/Makefile b/net/mpd5/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	mpd
 DISTVERSION=	5.9
-PORTREVISION=	13
+PORTREVISION=	14
 CATEGORIES=	net
 MASTER_SITES=	SF/${PORTNAME}/Mpd5/Mpd-${PORTVERSION}
 PKGNAMESUFFIX=	5

diff --git a/net/mpd5/files/patch-cloexec b/net/mpd5/files/patch-cloexec
@@ -0,0 +1,98 @@
+Index: src/contrib/libpdel/http/http_server.c
+===================================================================
+--- src/contrib/libpdel/http/http_server.c	(revision 2407)
++++ src/contrib/libpdel/http/http_server.c	(revision 2409)
+@@ -243,10 +243,16 @@ http_server_start(struct pevent_ctx *ctx, struct in_ad
+ 	}
+
+ 	/* Create socket */
+-	if ((serv->sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1) {
++#ifdef SOCK_CLOEXEC
++#define hs_stype(x) (x | SOCK_CLOEXEC)
++#else
++#define hs_stype(x) (x)
++#endif
++	if ((serv->sock = socket(PF_INET, hs_stype(SOCK_STREAM), IPPROTO_TCP)) == -1) {
+ 		(*serv->logger)(LOG_ERR, "%s: %s", "socket", strerror(errno));
+ 		goto fail;
+ 	}
++#undef hs_stype
+ 	(void)fcntl(serv->sock, F_SETFD, 1);
+ 	if (setsockopt(serv->sock, SOL_SOCKET,
+ 	    SO_REUSEADDR, &one, sizeof(one)) == -1) {
+Index: src/l2tp.c
+===================================================================
+--- src/l2tp.c	(revision 2407)
++++ src/l2tp.c	(revision 2409)
+@@ -1632,9 +1632,9 @@ L2tpListen(Link l)
+
+ 	/* Setup UDP socket that listens for new connections */
+ 	if (s->self_addr.family==AF_INET6) {
+-		s->sock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
++		s->sock = socket(PF_INET6, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ 	} else {
+-		s->sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
++		s->sock = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ 	}
+ 	if (s->sock == -1) {
+ 		Perror("L2TP: socket");
+Index: src/radsrv.c
+===================================================================
+--- src/radsrv.c	(revision 2407)
++++ src/radsrv.c	(revision 2409)
+@@ -661,7 +661,7 @@ RadsrvOpen(Radsrv w)
+ 	return (-1);
+     }
+
+-    if ((w->fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1) {
++    if ((w->fd = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP)) == -1) {
+ 	Perror("%s: Cannot create socket", __FUNCTION__);
+ 	return (-1);
+     }
+Index: src/udp.c
+===================================================================
+--- src/udp.c	(revision 2407)
++++ src/udp.c	(revision 2409)
+@@ -652,9 +652,9 @@ UdpListen(Link l)
+
+ 	/* Make listening UDP socket. */
+ 	if (pi->If->self_addr.family==AF_INET6) {
+-	    pi->If->csock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP);
++	    pi->If->csock = socket(PF_INET6, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ 	} else {
+-	    pi->If->csock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
++	    pi->If->csock = socket(PF_INET, socktype(SOCK_DGRAM), IPPROTO_UDP);
+ 	}
+ 	(void)fcntl(pi->If->csock, F_SETFD, 1);
+
+Index: src/util.c
+===================================================================
+--- src/util.c	(revision 2407)
++++ src/util.c	(revision 2409)
+@@ -921,7 +921,7 @@ GetInetSocket(int type, struct u_addr *addr, in_port_t
+
+ /* Get and bind non-blocking socket */
+
+-  if ((sock = socket(sa.ss_family, type, type == SOCK_STREAM ? IPPROTO_TCP : 0)) < 0)
++  if ((sock = socket(sa.ss_family, socktype(type), type == SOCK_STREAM ? IPPROTO_TCP : 0)) < 0)
+   {
+     snprintf(ebuf, len, "socket: %s", strerror(errno));
+     return(-1);
+Index: src/util.h
+===================================================================
+--- src/util.h	(revision 2407)
++++ src/util.h	(revision 2409)
+@@ -103,8 +103,12 @@ extern int IfaceSetFlag(const char *ifname, int value)
+
+ #ifndef	HAVE_NTOA_R
+ extern char *ether_ntoa_r(const struct ether_addr *n, char *a);
+-
+ #endif
+
++#ifdef SOCK_CLOEXEC
++#define socktype(x) ((x) | SOCK_CLOEXEC)
++#else
++#define socktype(x) (x)
++#endif
+
+ #endif
diff --git a/net/mpd5/files/patch-max-payload b/net/mpd5/files/patch-max-payload
@@ -0,0 +1,118 @@
+Index: src/link.c
+===================================================================
+--- src/link.c	(revision 2481)
++++ src/link.c	(revision 2483)
+@@ -1549,7 +1549,7 @@ LinkSetCommand(Context ctx, int ac, const char *const 
+     	    name = ((intptr_t)arg == SET_MTU) ? "MTU" : "MRU";
+     	    if (val < LCP_MIN_MRU)
+ 		Error("min %s is %d", name, LCP_MIN_MRU);
+-    	    else if (l->type && (val > l->type->mru)) {
++    	    else if (l->type && (val > l->type->mtu)) {
+ 		Error("max %s on type \"%s\" links is %d",
+ 		    name, l->type->name, l->type->mru);
+     	    } else if ((intptr_t)arg == SET_MTU)
+Index: src/pppoe.c
+===================================================================
+--- src/pppoe.c	(revision 2481)
++++ src/pppoe.c	(revision 2483)
+@@ -31,7 +31,7 @@
+  * DEFINITIONS
+  */
+
+-#define PPPOE_MTU		1492	/* allow room for PPPoE overhead */
++#define PPPOE_MTU		(ETHER_MAX_LEN_JUMBO - 8)
+ #define PPPOE_MRU		1492
+
+ #define PPPOE_CONNECT_TIMEOUT	9
+@@ -1712,6 +1712,7 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ 	unsigned i;
+ #ifdef NGM_PPPOE_SETMAXP_COOKIE
+ 	int ap;
++	uint16_t mtu;
+ #endif
+ 	switch ((intptr_t)arg) {
+ 	case SET_IFACE:
+@@ -1732,6 +1733,20 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ 				}
+ 			}
+ 			strlcpy(pi->hook, hookname, sizeof(pi->hook));
++
++#ifdef NGM_PPPOE_SETMAXP_COOKIE
++			if (pi->max_payload > 0) {
++				mtu = GetSystemIfaceMTU(pi->iface);
++				if (mtu == 0)
++					mtu = ETHER_MAX_LEN;
++				if (pi->max_payload > mtu - 8) {
++					pi->max_payload = mtu - 8;
++					Perror("[%s] PPPoE: PPP-Max-Payload"
++					       " value reduced to %hu",
++						pi->iface, pi->max_payload);
++				}
++			}
++#endif
+ 			break;
+ 		default:
+ 			return(-1);
+@@ -1762,8 +1777,18 @@ PppoeSetCommand(Context ctx, int ac, const char *const
+ 		if (ac != 1)
+ 			return(-1);
+ 		ap = atoi(av[0]);
+-		if (ap < PPPOE_MRU || ap > ETHER_MAX_LEN - 8)
+-			Error("PPP-Max-Payload value \"%s\"", av[0]);
++		if (pi->iface[0] == '\0') {
++			if (ap < PPPOE_MRU)	/* postpone check for MTU */
++			    Error("PPP-Max-Payload value \"%s\" less than %d",
++				av[0], PPPOE_MRU);
++		} else {
++			mtu = GetSystemIfaceMTU(pi->iface);
++			if (mtu == 0)
++				mtu = ETHER_MAX_LEN;
++			if (ap < PPPOE_MRU || ap > mtu - 8)
++			    Error("PPP-Max-Payload value \"%s\" not in a range of %d..%hu",
++				av[0], PPPOE_MRU, mtu);
++		}
+ 		pi->max_payload = ap;
+ 		break;
+ #endif
+Index: src/util.c
+===================================================================
+--- src/util.c	(revision 2481)
++++ src/util.c	(revision 2483)
+@@ -1597,3 +1597,25 @@ ssize_t GetDataAddrs(int sock, void *dbuf, size_t dbuf
+
+ 	return (size);
+ }
++
++uint16_t GetSystemIfaceMTU(const char *ifname)
++{
++	struct ifreq ifr;
++	static int sock = -1;
++
++	if (sock == -1 &&
++	    (sock = socket(PF_INET, socktype(SOCK_DGRAM), 0)) == -1) {
++		Perror("[%s] %s: Socket creation error", ifname, __FUNCTION__);
++		return (0);
++	}
++
++	memset(&ifr, 0, sizeof(ifr));
++	strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
++
++	if (ioctl(sock, SIOCGIFMTU, (caddr_t)&ifr) == -1) {
++		Perror("[%s] %s: SIOCGIFMTU failed", ifname, __FUNCTION__);
++		return (0);
++	}
++	/* Let _exit() close sock */
++	return (ifr.ifr_mtu);
++}
+Index: src/util.h
+===================================================================
+--- src/util.h	(revision 2481)
++++ src/util.h	(revision 2483)
+@@ -98,6 +98,7 @@ extern u_int32_t GenerateMagic(void);
+ extern int GetAnyIpAddress(struct u_addr *ipaddr, const char *ifname);
+ extern int GetEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
+ extern int GetPeerEther(struct u_addr *addr, struct sockaddr_dl *hwaddr);
++extern uint16_t GetSystemIfaceMTU(const char *ifname);
+ extern void ppp_util_ascify(char *buf, size_t max, const char *bytes, size_t len);
+ extern int IfaceSetFlag(const char *ifname, unsigned value);
+
diff --git a/net/mpd5/files/patch-overhead b/net/mpd5/files/patch-overhead
@@ -0,0 +1,18 @@
+Index: src/bund.c
+===================================================================
+--- src/bund.c	(revision 2414)
++++ src/bund.c	(revision 2415)
+@@ -900,9 +900,11 @@ BundUpdateParams(Bund b)
+
+     /* Subtract to make room for various frame-bloating protocols */
+     if (b->n_up > 0) {
+-	if (Enabled(&b->conf.options, BUND_CONF_COMPRESSION))
++	if (Enabled(&b->conf.options, BUND_CONF_COMPRESSION) &&
++	    b->pppConfig.bund.enableCompression)
+     	    mtu = CcpSubtractBloat(b, mtu);
+-	if (Enabled(&b->conf.options, BUND_CONF_ENCRYPTION))
++	if (Enabled(&b->conf.options, BUND_CONF_ENCRYPTION) &&
++	    b->pppConfig.bund.enableEncryption)
+     	    mtu = EcpSubtractBloat(b, mtu);
+     }
+