diff options
author | Timo Teras <timo.teras@iki.fi> | 2010-03-09 09:53:54 +0200 |
---|---|---|
committer | Timo Teras <timo.teras@iki.fi> | 2010-03-09 09:53:54 +0200 |
commit | a545b8247822fa8d51168f5e3869e8a898f01933 (patch) | |
tree | f7850c24e17fd415c493f6f18cec5cfe0058e21c /main/ipsec-tools | |
parent | cab470b7a8cb5091f683190fc2baf31114c91b1e (diff) | |
download | aports-a545b8247822fa8d51168f5e3869e8a898f01933.tar.bz2 aports-a545b8247822fa8d51168f5e3869e8a898f01933.tar.xz |
main/ipsec-tools: add patch for fd priorities
it improves admin port responsiveness under high load.
Diffstat (limited to 'main/ipsec-tools')
-rw-r--r-- | main/ipsec-tools/APKBUILD | 6 | ||||
-rw-r--r-- | main/ipsec-tools/fd-priorities.patch | 285 |
2 files changed, 289 insertions, 2 deletions
diff --git a/main/ipsec-tools/APKBUILD b/main/ipsec-tools/APKBUILD index b01973470a..a3da4fc175 100644 --- a/main/ipsec-tools/APKBUILD +++ b/main/ipsec-tools/APKBUILD @@ -2,7 +2,7 @@ pkgname=ipsec-tools pkgver=0.8_alpha20090903 _myver=0.8-alpha20090903 -pkgrel=5 +pkgrel=6 pkgdesc="User-space IPsec tools for various IPsec implementations" url="http://ipsec-tools.sourceforge.net/" license="BSD" @@ -15,6 +15,7 @@ source="http://downloads.sourceforge.net/$pkgname/$pkgname-$_myver.tar.gz 50-reverse-connect.patch 60-debug-quick.patch initial-contact-fix.diff + fd-priorities.patch " _builddir="$srcdir"/$pkgname-$_myver @@ -60,4 +61,5 @@ md5sums="8ec28d4e89c0f5e49ae2caa7463fbcfd ipsec-tools-0.8-alpha20090903.tar.gz 2d00250cf72da7f2f559c91b65a48747 racoon.confd 13bda94a598aabf593280e04ea16065d 50-reverse-connect.patch baa13d7f0f48955c792f7fcd42a8587a 60-debug-quick.patch -69e06c5cc3a0c1cc8b10ddc89d1e644b initial-contact-fix.diff" +69e06c5cc3a0c1cc8b10ddc89d1e644b initial-contact-fix.diff +c1e8b8dc80ef4b5d79fece52a4865e68 fd-priorities.patch" diff --git a/main/ipsec-tools/fd-priorities.patch b/main/ipsec-tools/fd-priorities.patch new file mode 100644 index 0000000000..68fc4b3455 --- /dev/null +++ b/main/ipsec-tools/fd-priorities.patch @@ -0,0 +1,285 @@ +? .msg +? ChangeLog +? alpine-config +? commiters.txt +? fd-priorities-2.patch +? fd-priorities.patch +? ipsec-tools-0.8-alpha20090820.tar.bz2 +? ipsec-tools-0.8-alpha20090903.tar.bz2 +? local-changes.diff +? patch-to-support-cast128-cbc-algorithm.patch +? racoon.txt +? rpm/Makefile +? rpm/Makefile.in +? rpm/ipsec-tools.spec +? rpm/suse/Makefile +? rpm/suse/Makefile.in +? rpm/suse/ipsec-tools.spec +? src/Makefile +? src/Makefile.in +? src/include-glibc/.includes +? src/include-glibc/Makefile +? src/include-glibc/Makefile.in +? src/libipsec/.deps +? src/libipsec/.libs +? src/libipsec/Makefile +? src/libipsec/Makefile.in +? src/libipsec/ipsec_dump_policy.lo +? src/libipsec/ipsec_get_policylen.lo +? src/libipsec/ipsec_strerror.lo +? src/libipsec/key_debug.lo +? src/libipsec/libipsec.la +? src/libipsec/pfkey.lo +? src/libipsec/pfkey_dump.lo +? src/libipsec/policy_parse.c +? src/libipsec/policy_parse.h +? src/libipsec/policy_parse.lo +? src/libipsec/policy_token.c +? src/libipsec/policy_token.lo +? src/racoon/.deps +? src/racoon/.libs +? src/racoon/Makefile +? src/racoon/Makefile.in +? src/racoon/cfparse.c +? src/racoon/cfparse.h +? src/racoon/cftoken.c +? src/racoon/eaytest +? src/racoon/libracoon.la +? src/racoon/libracoon_la-kmpstat.lo +? src/racoon/libracoon_la-misc.lo +? src/racoon/libracoon_la-sockmisc.lo +? src/racoon/libracoon_la-vmbuf.lo +? src/racoon/plainrsa-gen +? src/racoon/prsa_par.c +? src/racoon/prsa_par.h +? src/racoon/prsa_tok.c +? src/racoon/racoon +? src/racoon/racoonctl +? src/racoon/samples/psk.txt +? src/racoon/samples/racoon.conf +? src/setkey/.deps +? src/setkey/.libs +? src/setkey/Makefile +? src/setkey/Makefile.in +? src/setkey/parse.c +? src/setkey/parse.h +? src/setkey/setkey +? src/setkey/token.c +Index: src/racoon/admin.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/admin.c,v +retrieving revision 1.32 +diff -u -r1.32 admin.c +--- a/src/racoon/admin.c 3 Sep 2009 09:29:07 -0000 1.32 ++++ b/src/racoon/admin.c 9 Mar 2010 07:50:46 -0000 +@@ -734,7 +734,7 @@ + return -1; + } + +- monitor_fd(lcconf->sock_admin, admin_handler, NULL); ++ monitor_fd(lcconf->sock_admin, admin_handler, NULL, 0); + plog(LLV_DEBUG, LOCATION, NULL, + "open %s as racoon management.\n", sunaddr.sun_path); + +Index: src/racoon/evt.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/evt.c,v +retrieving revision 1.9 +diff -u -r1.9 evt.c +--- a/src/racoon/evt.c 23 Jan 2009 08:05:58 -0000 1.9 ++++ b/src/racoon/evt.c 9 Mar 2010 07:50:46 -0000 +@@ -373,7 +373,7 @@ + + LIST_INSERT_HEAD(list, l, ll_chain); + l->fd = fd; +- monitor_fd(l->fd, evt_unsubscribe_cb, l); ++ monitor_fd(l->fd, evt_unsubscribe_cb, l, 0); + + plog(LLV_DEBUG, LOCATION, NULL, + "[%d] admin connection is polling events\n", fd); +Index: src/racoon/grabmyaddr.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/grabmyaddr.c,v +retrieving revision 1.23 +diff -u -r1.23 grabmyaddr.c +--- a/src/racoon/grabmyaddr.c 3 Jul 2009 06:41:46 -0000 1.23 ++++ b/src/racoon/grabmyaddr.c 9 Mar 2010 07:50:46 -0000 +@@ -296,7 +296,7 @@ + lcconf->rtsock = kernel_open_socket(); + if (lcconf->rtsock < 0) + return -1; +- monitor_fd(lcconf->rtsock, kernel_receive, NULL); ++ monitor_fd(lcconf->rtsock, kernel_receive, NULL, 0); + } else { + lcconf->rtsock = -1; + if (!myaddr_open_all_configured(NULL)) +Index: src/racoon/isakmp.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp.c,v +retrieving revision 1.60 +diff -u -r1.60 isakmp.c +--- a/src/racoon/isakmp.c 3 Sep 2009 09:29:07 -0000 1.60 ++++ b/src/racoon/isakmp.c 9 Mar 2010 07:50:48 -0000 +@@ -1720,7 +1720,7 @@ + "%s used as isakmp port (fd=%d)\n", + saddr2str(addr), fd); + +- monitor_fd(fd, isakmp_handler, NULL); ++ monitor_fd(fd, isakmp_handler, NULL, 1); + return fd; + + err: +Index: src/racoon/pfkey.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/pfkey.c,v +retrieving revision 1.52 +diff -u -r1.52 pfkey.c +--- a/src/racoon/pfkey.c 9 Feb 2010 23:05:16 -0000 1.52 ++++ b/src/racoon/pfkey.c 9 Mar 2010 07:50:49 -0000 +@@ -487,7 +487,7 @@ + return -1; + } + #endif +- monitor_fd(lcconf->sock_pfkey, pfkey_handler, NULL); ++ monitor_fd(lcconf->sock_pfkey, pfkey_handler, NULL, 0); + return 0; + } + +Index: src/racoon/session.c +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/session.c,v +retrieving revision 1.27 +diff -u -r1.27 session.c +--- a/src/racoon/session.c 4 Mar 2010 15:13:53 -0000 1.27 ++++ b/src/racoon/session.c 9 Mar 2010 07:50:50 -0000 +@@ -103,8 +103,13 @@ + struct fd_monitor { + int (*callback)(void *ctx, int fd); + void *ctx; ++ int prio; ++ int fd; ++ TAILQ_ENTRY(fd_monitor) chain; + }; + ++#define NUM_PRIORITIES 2 ++ + static void close_session __P((void)); + static void initfds __P((void)); + static void init_signal __P((void)); +@@ -115,13 +120,14 @@ + + static fd_set preset_mask, active_mask; + static struct fd_monitor fd_monitors[FD_SETSIZE]; ++static TAILQ_HEAD(fd_monitor_list, fd_monitor) fd_monitor_tree[NUM_PRIORITIES]; + static int nfds = 0; + + static volatile sig_atomic_t sigreq[NSIG + 1]; + static struct sched scflushsa = SCHED_INITIALIZER(); + + void +-monitor_fd(int fd, int (*callback)(void *, int), void *ctx) ++monitor_fd(int fd, int (*callback)(void *, int), void *ctx, int priority) + { + if (fd < 0 || fd >= FD_SETSIZE) { + plog(LLV_ERROR, LOCATION, NULL, "fd_set overrun"); +@@ -131,9 +137,17 @@ + FD_SET(fd, &preset_mask); + if (fd > nfds) + nfds = fd; ++ if (priority <= 0) ++ priority = 0; ++ if (priority >= NUM_PRIORITIES) ++ priority = NUM_PRIORITIES - 1; + + fd_monitors[fd].callback = callback; + fd_monitors[fd].ctx = ctx; ++ fd_monitors[fd].prio = priority; ++ fd_monitors[fd].fd = fd; ++ TAILQ_INSERT_TAIL(&fd_monitor_tree[priority], ++ &fd_monitors[fd], chain); + } + + void +@@ -144,10 +158,15 @@ + exit(1); + } + ++ if (fd_monitors[fd].callback == NULL) ++ return; ++ + FD_CLR(fd, &preset_mask); + FD_CLR(fd, &active_mask); + fd_monitors[fd].callback = NULL; + fd_monitors[fd].ctx = NULL; ++ TAILQ_REMOVE(&fd_monitor_tree[fd_monitors[fd].prio], ++ &fd_monitors[fd], chain); + } + + int +@@ -158,11 +177,15 @@ + char pid_file[MAXPATHLEN]; + FILE *fp; + pid_t racoon_pid = 0; +- int i; ++ int i, count; ++ struct fd_monitor *fdm; + + nfds = 0; + FD_ZERO(&preset_mask); + ++ for (i = 0; i < NUM_PRIORITIES; i++) ++ TAILQ_INIT(&fd_monitor_tree[i]); ++ + /* initialize schedular */ + sched_init(); + init_signal(); +@@ -291,16 +314,24 @@ + /*NOTREACHED*/ + } + +- for (i = 0; i <= nfds; i++) { +- if (!FD_ISSET(i, &active_mask)) +- continue; +- +- if (fd_monitors[i].callback != NULL) +- fd_monitors[i].callback(fd_monitors[i].ctx, i); +- else +- plog(LLV_ERROR, LOCATION, NULL, +- "fd %d set, but no active callback\n", i); ++ count = 0; ++ for (i = 0; i < NUM_PRIORITIES; i++) { ++ TAILQ_FOREACH(fdm, &fd_monitor_tree[i], chain) { ++ if (!FD_ISSET(fdm->fd, &active_mask)) ++ continue; ++ ++ FD_CLR(fdm->fd, &active_mask); ++ if (fdm->callback != NULL) { ++ fdm->callback(fdm->ctx, fdm->fd); ++ count++; ++ } else ++ plog(LLV_ERROR, LOCATION, NULL, ++ "fd %d set, but no active callback\n", i); ++ } ++ if (count != 0) ++ break; + } ++ + } + } + +Index: src/racoon/session.h +=================================================================== +RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/session.h,v +retrieving revision 1.8 +diff -u -r1.8 session.h +--- a/src/racoon/session.h 23 Jan 2009 08:05:58 -0000 1.8 ++++ b/src/racoon/session.h 9 Mar 2010 07:50:50 -0000 +@@ -37,7 +37,7 @@ + extern int session __P((void)); + extern RETSIGTYPE signal_handler __P((int)); + +-extern void monitor_fd __P((int fd, int (*callback)(void *, int), void *ctx)); ++extern void monitor_fd __P((int fd, int (*callback)(void *, int), void *ctx, int priority)); + extern void unmonitor_fd __P((int fd)); + + #endif /* _SESSION_H */ |