On Mon, Mar 07, 2011 at 04:23:08PM -0700, Theo de Raadt wrote:
> I do not think "splice" should be an option that is exposed to
> users.
That makes the diff much smaller.
ok?
Index: usr.sbin/relayd/relay.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/relayd/relay.c,v
retrieving revision 1.128
diff -u -p -r1.128 relay.c
--- usr.sbin/relayd/relay.c 20 Dec 2010 12:38:06 -0000 1.128
+++ usr.sbin/relayd/relay.c 7 Mar 2011 23:36:43 -0000
@@ -2328,6 +2328,22 @@ relay_connect(struct rsession *con)
return (-1);
}
+ if (rlay->rl_proto->type == RELAY_PROTO_TCP &&
+ (rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT)) == 0) {
+ if (setsockopt(con->se_in.s, SOL_SOCKET, SO_SPLICE,
+ &con->se_out.s, sizeof(int)) == -1) {
+ log_debug("relay_connect: session %d: splice forward "
+ "failed: %s", con->se_id, strerror(errno));
+ return (-1);
+ }
+ if (setsockopt(con->se_out.s, SOL_SOCKET, SO_SPLICE,
+ &con->se_in.s, sizeof(int)) == -1) {
+ log_debug("relay_connect: session %d: splice backward "
+ "failed: %s", con->se_id, strerror(errno));
+ return (-1);
+ }
+ }
+
if (errno == EINPROGRESS)
event_again(&con->se_ev, con->se_out.s, EV_WRITE|EV_TIMEOUT,
relay_connected, &con->se_tv_start, &env->sc_timeout, con);
