/* Launch the two pipes. */
static int
launchpipes(struct conn_state * C)
{
int on = C->nokeepalive ? 0 : 1;
/*
* Attempt to turn keepalives on or off as requested. We ignore
* failures here since the sockets might not be of a type for which
* SO_KEEPALIVE is valid -- it is a socket level option, but protocol
* specific. In particular, it has no sensible meaning for UNIX
* sockets.
*/
(void)setsockopt(C->s, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on));
(void)setsockopt(C->t, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on));
/* Create two pipes. */
if ((C->pipe_f = proto_pipe(C->s, C->t, C->decr, C->k_f,
&C->stat_f, callback_pipestatus, C)) == NULL)
goto err0;
if ((C->pipe_r = proto_pipe(C->t, C->s, !C->decr, C->k_r,
&C->stat_r, callback_pipestatus, C)) == NULL)
goto err0;
/* Success! */
return (0);
err0:
/* Failure! */
return (-1);
}
/* Launch the two pipes. */
static int
launchpipes(struct conn_state * C)
{
int on = C->nokeepalive ? 0 : 1;
int one = 1;
/*
* Attempt to turn keepalives on or off as requested. We ignore
* failures here since the sockets might not be of a type for which
* SO_KEEPALIVE is valid -- it is a socket level option, but protocol
* specific. In particular, it has no sensible meaning for UNIX
* sockets.
*/
(void)setsockopt(C->s, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on));
(void)setsockopt(C->t, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on));
/**
* Attempt to turn off nagling on both sockets. If the TCP stack has
* enough window space that it is always able to send packets, then on
* the encrypted end this will result in every 1060-byte spiped packet
* getting its own TCP segment, including 40 bytes of TCP/IP headers;
* this is fine. On the unencrypted end, we might send a single byte
* of data with 40 bytes of TCP/IP headers; this is not so good.
*
* However, a write over the unencrypted connection will only happen
* after an spiped packet has been read from the encrypted connection,
* so the worst case is 80 bytes of TCP/IP headers per 1061 bytes of
* TCP/IP payload (this may still be only a single byte of spiped
* payload, but that is not relevant to the question of overhead from
* small TCP/IP segments); and while the two sockets might not be on
* the same network, if they are on different networks it is almost
* guaranteed that the network over which the encrypted connection is
* passing would be a wider-area network which is both less secure and
* more expensive. Consequently, the maximum TCP/IP overhead ratio of
* 80/1061 is almost certain to hold even with weighted byte costs.
*
* We ignore errors since (as with keep-alives) we may be dealing with
* a non-TCP socket; and also because while POSIX requires TCP_NODELAY
* to be defined, it is not required to be implemented as a socket
* option.
*/
(void)setsockopt(C->s, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one));
(void)setsockopt(C->t, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one));
/* Create two pipes. */
if ((C->pipe_f = proto_pipe(C->s, C->t, C->decr, C->k_f,
&C->stat_f, callback_pipestatus, C)) == NULL)
goto err0;
if ((C->pipe_r = proto_pipe(C->t, C->s, !C->decr, C->k_r,
&C->stat_r, callback_pipestatus, C)) == NULL)
goto err0;
/* Success! */
return (0);
err0:
/* Failure! */
return (-1);
}
/* Launch the two pipes. */
static int
launchpipes(struct conn_state * C)
{
/* Create two pipes. */
if ((C->pipe_f = proto_pipe(C->s, C->t, C->decr, C->k_f,
&C->stat_f, callback_pipestatus, C)) == NULL)
goto err0;
if ((C->pipe_r = proto_pipe(C->t, C->s, !C->decr, C->k_r,
&C->stat_r, callback_pipestatus, C)) == NULL)
goto err0;
/* Success! */
return (0);
err0:
/* Failure! */
return (-1);
}
