kernel-pfkey: Add option to set receive buffer size of event socket
authorTobias Brunner <tobias@strongswan.org>
Mon, 15 Dec 2014 15:43:03 +0000 (16:43 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 6 Mar 2015 15:45:22 +0000 (16:45 +0100)
If many requests are sent to the kernel the events generated by these
requests may fill the receive buffer before the daemon is able to read
these messages.

Fixes #783.

conf/Makefile.am
conf/plugins/kernel-pfkey.opt [new file with mode: 0644]
src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c

index c6f8741..f10af25 100644 (file)
@@ -64,6 +64,7 @@ plugins = \
        plugins/led.opt \
        plugins/kernel-libipsec.opt \
        plugins/kernel-netlink.opt \
+       plugins/kernel-pfkey.opt \
        plugins/kernel-pfroute.opt \
        plugins/load-tester.opt \
        plugins/lookip.opt \
diff --git a/conf/plugins/kernel-pfkey.opt b/conf/plugins/kernel-pfkey.opt
new file mode 100644 (file)
index 0000000..ec05215
--- /dev/null
@@ -0,0 +1,7 @@
+charon.plugins.kernel-pfkey.events_buffer_size = 0
+       Size of the receive buffer for the event socket (0 for default size).
+
+       Size of the receive buffer for the event socket (0 for default size).
+       Because events are received asynchronously installing e.g. lots of policies
+       may require a larger buffer than the default on certain platforms in order
+       to receive all messages.
index 8b893f4..423b57e 100644 (file)
@@ -2988,6 +2988,7 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
 {
        private_kernel_pfkey_ipsec_t *this;
        bool register_for_events = TRUE;
+       int rcv_buffer;
 
        INIT(this,
                .public = {
@@ -3044,6 +3045,18 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create()
                        return NULL;
                }
 
+               rcv_buffer = lib->settings->get_int(lib->settings,
+                                       "%s.plugins.kernel-pfkey.events_buffer_size", 0, lib->ns);
+               if (rcv_buffer > 0)
+               {
+                       if (setsockopt(this->socket_events, SOL_SOCKET, SO_RCVBUF,
+                                                  &rcv_buffer, sizeof(rcv_buffer)) == -1)
+                       {
+                               DBG1(DBG_KNL, "unable to set receive buffer size on PF_KEY "
+                                        "event socket: %s", strerror(errno));
+                       }
+               }
+
                /* register the event socket */
                if (register_pfkey_socket(this, SADB_SATYPE_ESP) != SUCCESS ||
                        register_pfkey_socket(this, SADB_SATYPE_AH) != SUCCESS)