On Mon, Mar 07, 2011 at 04:23:08PM -0700, Theo de Raadt wrote: > I do not think "splice" should be an option that is exposed to > users.
That makes the diff much smaller. ok? Index: usr.sbin/relayd/relay.c =================================================================== RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/relayd/relay.c,v retrieving revision 1.128 diff -u -p -r1.128 relay.c --- usr.sbin/relayd/relay.c 20 Dec 2010 12:38:06 -0000 1.128 +++ usr.sbin/relayd/relay.c 7 Mar 2011 23:36:43 -0000 @@ -2328,6 +2328,22 @@ relay_connect(struct rsession *con) return (-1); } + if (rlay->rl_proto->type == RELAY_PROTO_TCP && + (rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT)) == 0) { + if (setsockopt(con->se_in.s, SOL_SOCKET, SO_SPLICE, + &con->se_out.s, sizeof(int)) == -1) { + log_debug("relay_connect: session %d: splice forward " + "failed: %s", con->se_id, strerror(errno)); + return (-1); + } + if (setsockopt(con->se_out.s, SOL_SOCKET, SO_SPLICE, + &con->se_in.s, sizeof(int)) == -1) { + log_debug("relay_connect: session %d: splice backward " + "failed: %s", con->se_id, strerror(errno)); + return (-1); + } + } + if (errno == EINPROGRESS) event_again(&con->se_ev, con->se_out.s, EV_WRITE|EV_TIMEOUT, relay_connected, &con->se_tv_start, &env->sc_timeout, con);