From bae48c1d58d5592ffecca8a490c2440ec3afe959 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Wed, 25 Sep 2024 08:30:16 +0200 Subject: [PATCH] Ensure that the AF_UNIX socket pair has at least 65k of buffer space Without this change, pinging a lwipovpn client with something like a 3000 byte payload on macOS often fails as the default buffer sizes on macOS are 2048 for send and 4096 for receive. Change-Id: Ice015df81543c01094479929f0cb3075ca4f3813 Signed-off-by: Arne Schwabe Acked-by: Gert Doering Message-Id: <20240925063016.22532-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29413.html Signed-off-by: Gert Doering --- src/openvpn/socket.c | 15 +++++++++------ src/openvpn/socket.h | 12 ++++++++++++ src/openvpn/tun_afunix.c | 8 ++++++++ 3 files changed, 29 insertions(+), 6 deletions(-) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 6c790a0c458..7b1e6038faf 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -890,20 +890,23 @@ socket_set_rcvbuf(socket_descriptor_t sd, int size) #endif } -static void -socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs) +void +socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, + bool reduce_size) { if (sbs) { const int sndbuf_old = socket_get_sndbuf(fd); const int rcvbuf_old = socket_get_rcvbuf(fd); - if (sbs->sndbuf) + if (sbs->sndbuf + && (reduce_size || sndbuf_old < sbs->sndbuf)) { socket_set_sndbuf(fd, sbs->sndbuf); } - if (sbs->rcvbuf) + if (sbs->rcvbuf + && (reduce_size || rcvbuf_old < sbs->rcvbuf)) { socket_set_rcvbuf(fd, sbs->rcvbuf); } @@ -986,7 +989,7 @@ link_socket_update_buffer_sizes(struct link_socket *ls, int rcvbuf, int sndbuf) { ls->socket_buffer_sizes.sndbuf = sndbuf; ls->socket_buffer_sizes.rcvbuf = rcvbuf; - socket_set_buffers(ls->sd, &ls->socket_buffer_sizes); + socket_set_buffers(ls->sd, &ls->socket_buffer_sizes, true); } } @@ -1136,7 +1139,7 @@ create_socket(struct link_socket *sock, struct addrinfo *addr) sock->info.af = addr->ai_family; /* set socket buffers based on --sndbuf and --rcvbuf options */ - socket_set_buffers(sock->sd, &sock->socket_buffer_sizes); + socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true); /* set socket to --mark packets with given value */ socket_set_mark(sock->sd, sock->mark); diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index bbdabfb1354..2e583af5971 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -157,6 +157,18 @@ struct socket_buffer_size int sndbuf; }; +/** + * Sets the receive and send buffer sizes of a socket descriptor. + * + * @param fd The socket to modify + * @param sbs new sizes. + * @param reduce_size apply the new size even if smaller than current one + */ +void +socket_set_buffers(socket_descriptor_t fd, + const struct socket_buffer_size *sbs, + bool reduce_size); + /* * This is the main socket structure used by OpenVPN. The SOCKET_ * defines try to abstract away our implementation differences between diff --git a/src/openvpn/tun_afunix.c b/src/openvpn/tun_afunix.c index f4ce4b7f65f..6b6c1595588 100644 --- a/src/openvpn/tun_afunix.c +++ b/src/openvpn/tun_afunix.c @@ -35,6 +35,7 @@ #include "wfp_block.h" #include "argv.h" #include "options.h" +#include "socket.h" #ifndef WIN32 /* Windows does implement some AF_UNIX functionality but key features @@ -80,6 +81,13 @@ open_tun_afunix(struct options *o, return; } + + /* Ensure that the buffer sizes are decently sized. Otherwise macOS will + * just have 2048 */ + struct socket_buffer_size newsizes = {65536, 65536 }; + socket_set_buffers(fds[0], &newsizes, false); + socket_set_buffers(fds[1], &newsizes, false); + /* Use the first file descriptor for our side and avoid passing it * to the child */ tt->fd = fds[1];