From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.2 required=3.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF shortcircuit=no autolearn=ham autolearn_force=no version=3.4.6 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 9004E1F55F for ; Tue, 3 Oct 2023 09:26:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=80x24.org; s=selector1; t=1696325161; bh=aaeAxq6kq+H7jJmv2oPkxCMhJynKODQq1aWk1p+ovaA=; h=From:To:Subject:Date:From; b=M/9agWpmiEuvRJ76FlOMm/ecc26hVu2KdfyWoLOv0RM/p9tdYGN8CMKmqW4mHps3t jYMNUB2blaO+0XIP7hqO2J275UPsRbzGmFxbaeMrCQhEu6XWsTWa0HGfiHdvBHPIA9 XMOLyN3bAPhvRnnL4oSixC7zRHdQ9JYYm77WOGHI= From: Eric Wong To: meta@public-inbox.org Subject: [PATCH] daemon: enable SO_ACCEPTFILTER on NetBSD Date: Tue, 3 Oct 2023 09:26:01 +0000 Message-ID: <20231003092601.3006135-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: NetBSD 5.0+ has accept filter support from FreeBSD; and I I think we can assume all NetBSD is 5.0+ (released in 2009) nowadays if we're already depending on Perl 5.12 from 2010. --- lib/PublicInbox/Daemon.pm | 2 +- lib/PublicInbox/TestCommon.pm | 12 ++++++++++++ t/httpd-corner.t | 27 ++++++++++++++------------- t/httpd-https.t | 5 +---- t/httpd.t | 5 +---- t/imapd-tls.t | 5 +---- t/nntpd-tls.t | 5 +---- t/pop3d.t | 4 +--- 8 files changed, 32 insertions(+), 33 deletions(-) diff --git a/lib/PublicInbox/Daemon.pm b/lib/PublicInbox/Daemon.pm index 07883153..7546105e 100644 --- a/lib/PublicInbox/Daemon.pm +++ b/lib/PublicInbox/Daemon.pm @@ -641,7 +641,7 @@ sub defer_accept ($$) { my $sec = unpack('i', $x); return if $sec > 0; # systemd users may set a higher value setsockopt($s, IPPROTO_TCP, $TCP_DEFER_ACCEPT, 1); - } elsif ($^O eq 'freebsd') { + } elsif ($^O =~ /\A(?:freebsd|netbsd)\z/) { my $x = getsockopt($s, SOL_SOCKET, $SO_ACCEPTFILTER); return if defined $x; # don't change if set my $accf_arg = pack('a16a240', $af_name, ''); diff --git a/lib/PublicInbox/TestCommon.pm b/lib/PublicInbox/TestCommon.pm index 2c38500c..7d0eb2c4 100644 --- a/lib/PublicInbox/TestCommon.pm +++ b/lib/PublicInbox/TestCommon.pm @@ -133,6 +133,15 @@ my %IPv6_VERSION = ( 'Net::POP3' => 2.32, ); +sub need_accept_filter ($) { + my ($af) = @_; + return if $^O eq 'netbsd'; # since NetBSD 5.0 + skip 'SO_ACCEPTFILTER is FreeBSD/NetBSD-only' if $^O ne 'freebsd'; + state $tried = {}; + ($tried->{$af} //= system("kldstat -m $af >/dev/null")) and + skip "$af not loaded: kldload $af"; +} + sub require_mods { my @mods = @_; my $maybe = pop @mods if $mods[-1] =~ /\A[0-9]+\z/; @@ -166,6 +175,9 @@ sub require_mods { push @need, $msg; next; } + } elsif ($mod =~ /\A\+(accf_.*)\z/) { + need_accept_filter($1); + next } elsif (index($mod, '||') >= 0) { # "Foo||Bar" my $ok; for my $m (split(/\Q||\E/, $mod)) { diff --git a/t/httpd-corner.t b/t/httpd-corner.t index 7600c2b9..aab3635c 100644 --- a/t/httpd-corner.t +++ b/t/httpd-corner.t @@ -3,8 +3,9 @@ # License: AGPL-3.0+ # note: our HTTP server should be standalone and capable of running # generic PSGI/Plack apps. -use strict; use v5.10.1; use PublicInbox::TestCommon; +use v5.12; use PublicInbox::TestCommon; use Time::HiRes qw(gettimeofday tv_interval); +use autodie qw(getsockopt setsockopt); use PublicInbox::Spawn qw(spawn popen_rd); require_mods(qw(Plack::Util Plack::Builder HTTP::Date HTTP::Status)); use PublicInbox::SHA qw(sha1_hex); @@ -26,20 +27,21 @@ my @zmods = qw(PublicInbox::GzipFilter IO::Uncompress::Gunzip); # Make sure we don't clobber socket options set by systemd or similar # using socket activation: my ($defer_accept_val, $accf_arg, $TCP_DEFER_ACCEPT); -if ($^O eq 'linux') { +SKIP: { + skip 'TCP_DEFER_ACCEPT is Linux-only' if $^O ne 'linux'; $TCP_DEFER_ACCEPT = eval { Socket::TCP_DEFER_ACCEPT() } // 9; - setsockopt($sock, IPPROTO_TCP, $TCP_DEFER_ACCEPT, 5) or die; + setsockopt($sock, IPPROTO_TCP, $TCP_DEFER_ACCEPT, 5); my $x = getsockopt($sock, IPPROTO_TCP, $TCP_DEFER_ACCEPT); - defined $x or die "getsockopt: $!"; $defer_accept_val = unpack('i', $x); - if ($defer_accept_val <= 0) { - die "unexpected TCP_DEFER_ACCEPT value: $defer_accept_val"; - } -} elsif ($^O eq 'freebsd' && system('kldstat -m accf_data >/dev/null') == 0) { + ok($defer_accept_val > 0, 'TCP_DEFER_ACCEPT val non-zero') or + xbail "unexpected TCP_DEFER_ACCEPT value: $defer_accept_val"; +} +SKIP: { + require_mods '+accf_data'; require PublicInbox::Daemon; my $var = $PublicInbox::Daemon::SO_ACCEPTFILTER; $accf_arg = pack('a16a240', 'dataready', ''); - setsockopt($sock, SOL_SOCKET, $var, $accf_arg) or die "setsockopt: $!"; + setsockopt($sock, SOL_SOCKET, $var, $accf_arg); } sub unix_server ($) { @@ -625,15 +627,14 @@ SKIP: { SKIP: { skip 'TCP_DEFER_ACCEPT is Linux-only', 1 if $^O ne 'linux'; my $var = $TCP_DEFER_ACCEPT; - defined(my $x = getsockopt($sock, IPPROTO_TCP, $var)) or die; + my $x = getsockopt($sock, IPPROTO_TCP, $var); is(unpack('i', $x), $defer_accept_val, 'TCP_DEFER_ACCEPT unchanged if previously set'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 1 if $^O ne 'freebsd'; - skip 'accf_data not loaded: kldload accf_data' if !defined $accf_arg; + require_mods '+accf_data'; my $var = $PublicInbox::Daemon::SO_ACCEPTFILTER; - defined(my $x = getsockopt($sock, SOL_SOCKET, $var)) or die; + my $x = getsockopt($sock, SOL_SOCKET, $var); is($x, $accf_arg, 'SO_ACCEPTFILTER unchanged if previously set'); }; diff --git a/t/httpd-https.t b/t/httpd-https.t index b0cd7eab..bf086123 100644 --- a/t/httpd-https.t +++ b/t/httpd-https.t @@ -102,10 +102,7 @@ for my $args ( ok(unpack('i', $x) > 0, 'TCP_DEFER_ACCEPT set on https'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 2 if $^O ne 'freebsd'; - if (system('kldstat -m accf_data >/dev/null')) { - skip 'accf_data not loaded? kldload accf_data', 2; - } + require_mods '+accf_data'; require PublicInbox::Daemon; ok(defined($PublicInbox::Daemon::SO_ACCEPTFILTER), 'SO_ACCEPTFILTER defined'); diff --git a/t/httpd.t b/t/httpd.t index aa601210..0421c7ea 100644 --- a/t/httpd.t +++ b/t/httpd.t @@ -104,10 +104,7 @@ SKIP: { ok(unpack('i', $x) > 0, 'TCP_DEFER_ACCEPT set'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 1 if $^O ne 'freebsd'; - if (system('kldstat -m accf_http >/dev/null') != 0) { - skip 'accf_http not loaded: kldload accf_http', 1; - } + require_mods '+accf_http'; require PublicInbox::Daemon; ok(defined($PublicInbox::Daemon::SO_ACCEPTFILTER), 'SO_ACCEPTFILTER defined'); diff --git a/t/imapd-tls.t b/t/imapd-tls.t index e432ef07..b95085a2 100644 --- a/t/imapd-tls.t +++ b/t/imapd-tls.t @@ -181,10 +181,7 @@ for my $args ( is(unpack('i', $x), 0, 'TCP_DEFER_ACCEPT is 0 on plain IMAP'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 2 if $^O ne 'freebsd'; - if (system('kldstat -m accf_data >/dev/null')) { - skip 'accf_data not loaded? kldload accf_data', 2; - } + require_mods '+accf_data'; require PublicInbox::Daemon; my $x = getsockopt($imaps, SOL_SOCKET, $PublicInbox::Daemon::SO_ACCEPTFILTER); diff --git a/t/nntpd-tls.t b/t/nntpd-tls.t index 21377fc0..cf3c95c9 100644 --- a/t/nntpd-tls.t +++ b/t/nntpd-tls.t @@ -175,10 +175,7 @@ for my $args ( is(unpack('i', $x), 0, 'TCP_DEFER_ACCEPT is 0 on plain NNTP'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 2 if $^O ne 'freebsd'; - if (system('kldstat -m accf_data >/dev/null')) { - skip 'accf_data not loaded? kldload accf_data', 2; - } + require_mods '+accf_data'; require PublicInbox::Daemon; my $x = getsockopt($nntps, SOL_SOCKET, $PublicInbox::Daemon::SO_ACCEPTFILTER); diff --git a/t/pop3d.t b/t/pop3d.t index 2a7a7c3f..fce4a788 100644 --- a/t/pop3d.t +++ b/t/pop3d.t @@ -268,9 +268,7 @@ EOF is(unpack('i', $x), 0, 'TCP_DEFER_ACCEPT is 0 on plain POP3'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 2 if $^O ne 'freebsd'; - system('kldstat -m accf_data >/dev/null') and - skip 'accf_data not loaded? kldload accf_data', 2; + require_mods '+accf_data'; require PublicInbox::Daemon; my $x = getsockopt($pop3s, SOL_SOCKET, $PublicInbox::Daemon::SO_ACCEPTFILTER);