diff options
| author | brooks <brooks@FreeBSD.org> | 2011-08-03 19:14:22 +0000 |
|---|---|---|
| committer | brooks <brooks@FreeBSD.org> | 2011-08-03 19:14:22 +0000 |
| commit | 0f65fdcb29dbe4f29dde3b5ae94b071ac26bd281 (patch) | |
| tree | 8b4a106674838af0ac7eedd28b1ef001d98c7afa /crypto/openssh/servconf.c | |
| parent | de1f0b5343c3a7812121eff0346472c63e25046a (diff) | |
| download | FreeBSD-src-0f65fdcb29dbe4f29dde3b5ae94b071ac26bd281.zip FreeBSD-src-0f65fdcb29dbe4f29dde3b5ae94b071ac26bd281.tar.gz | |
Add support for dynamically adjusted buffers to allow the full use of
the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or
trans-continental links). Bandwidth-delay products up to 64MB are
supported.
Also add support (not compiled by default) for the None cypher. The
None cypher can only be enabled on non-interactive sessions (those
without a pty where -T was not used) and must be enabled in both
the client and server configuration files and on the client command
line. Additionally, the None cypher will only be activated after
authentication is complete. To enable the None cypher you must add
-DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in
/etc/make.conf.
This code is a style(9) compliant version of these features extracted
from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Merging this patch has been a collaboration between me and Bjoern.
Reviewed by: bz
Approved by: re (kib), des (maintainer)
Diffstat (limited to 'crypto/openssh/servconf.c')
| -rw-r--r-- | crypto/openssh/servconf.c | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index c742e130..96761e7 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -1,4 +1,5 @@ /* $OpenBSD: servconf.c,v 1.213 2010/11/13 23:27:50 djm Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -141,6 +142,12 @@ initialize_server_options(ServerOptions *options) options->authorized_principals_file = NULL; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; + options->hpn_disabled = -1; + options->hpn_buffer_size = -1; + options->tcp_rcv_buf_poll = -1; +#ifdef NONE_CIPHER_ENABLED + options->none_enabled = -1; +#endif } void @@ -283,6 +290,37 @@ fill_default_server_options(ServerOptions *options) options->ip_qos_interactive = IPTOS_LOWDELAY; if (options->ip_qos_bulk == -1) options->ip_qos_bulk = IPTOS_THROUGHPUT; + if (options->hpn_disabled == -1) + options->hpn_disabled = 0; + if (options->hpn_buffer_size == -1) { + /* + * HPN buffer size option not explicitly set. Try to figure + * out what value to use or resort to default. + */ + options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT; + if (!options->hpn_disabled) { + sock_get_rcvbuf(&options->hpn_buffer_size, 0); + debug ("HPN Buffer Size: %d", options->hpn_buffer_size); + } + } else { + /* + * In the case that the user sets both values in a + * contradictory manner hpn_disabled overrrides hpn_buffer_size. + */ + if (options->hpn_disabled <= 0) { + u_int maxlen; + + maxlen = buffer_get_max_len(); + if (options->hpn_buffer_size == 0) + options->hpn_buffer_size = 1; + /* Limit the maximum buffer to BUFFER_MAX_LEN. */ + if (options->hpn_buffer_size > maxlen / 1024) + options->hpn_buffer_size = maxlen; + else + options->hpn_buffer_size *= 1024; + } else + options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT; + } /* Turn privilege separation on by default */ if (use_privsep == -1) @@ -330,6 +368,10 @@ typedef enum { sZeroKnowledgePasswordAuthentication, sHostCertificate, sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile, sKexAlgorithms, sIPQoS, + sHPNDisabled, sHPNBufferSize, sTcpRcvBufPoll, +#ifdef NONE_CIPHER_ENABLED + sNoneEnabled, +#endif sVersionAddendum, sDeprecated, sUnsupported } ServerOpCodes; @@ -455,6 +497,12 @@ static struct { { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL }, { "ipqos", sIPQoS, SSHCFG_ALL }, + { "hpndisabled", sHPNDisabled, SSHCFG_ALL }, + { "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL }, + { "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL }, +#ifdef NONE_CIPHER_ENABLED + { "noneenabled", sNoneEnabled, SSHCFG_ALL }, +#endif { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, { NULL, sBadOption, 0 } }; @@ -1409,6 +1457,24 @@ process_server_config_line(ServerOptions *options, char *line, } while (arg != NULL && *arg != '\0'); break; + case sHPNDisabled: + intptr = &options->hpn_disabled; + goto parse_flag; + + case sHPNBufferSize: + intptr = &options->hpn_buffer_size; + goto parse_int; + + case sTcpRcvBufPoll: + intptr = &options->tcp_rcv_buf_poll; + goto parse_flag; + +#ifdef NONE_CIPHER_ENABLED + case sNoneEnabled: + intptr = &options->none_enabled; + goto parse_flag; +#endif + case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); |
