Testing the removal of the HPNBufferSize and TcpRcvBuf options as

rapier1 · rapier1 · commit e903aa1bd12b · 2023-10-10T16:25:56.000-04:00
a) they don't seem to have any sort of impact anymore. This was
   likely due to a change in the code sometime in the past 16 years
   that I overlooked.
b) the only reason to reimplement them is to create a bandwidth
   limiting service which can be implemented in other, more straighforward ways
The upside is that it decreases the codes complexity a bit along with making
it less likely to generate user confusion. Follow up is to see what else
can be simplified and possibly even removing options.hpn_buffer_size entirely.
It's still there because some code paths use it but I don't know if it makes
sense in those situations (like X11 forwarding).
diff --git a/channels.c b/channels.c
@@ -229,6 +229,7 @@ static int rdynamic_connect_finish(struct ssh *, Channel *);
 /* Setup helper */
 static void channel_handler_init(struct ssh_channels *sc);
 
+/* default values to enable hpn and the initial buffer size */
 static int hpn_disabled = 0;
 static int hpn_buffer_size = 2 * 1024 * 1024;
 
diff --git a/readconf.c b/readconf.c
@@ -170,7 +170,7 @@ typedef enum {
 	oHashKnownHosts,
 	oTunnel, oTunnelDevice,
 	oLocalCommand, oPermitLocalCommand, oRemoteCommand,
-	oTcpRcvBufPoll, oTcpRcvBuf, oHPNDisabled, oHPNBufferSize,
+	oTcpRcvBufPoll, oHPNDisabled,
 	oNoneEnabled, oNoneMacEnabled, oNoneSwitch, oHPNBufferLimit,
 	oMetrics, oMetricsPath, oMetricsInterval, oFallback, oFallbackPort,
 	oVisualHostKey,
@@ -339,9 +339,7 @@ static struct {
 	{ "securitykeyprovider", oSecurityKeyProvider },
 	{ "knownhostscommand", oKnownHostsCommand },
 	{ "tcprcvbufpoll", oTcpRcvBufPoll },
-	{ "tcprcvbuf", oTcpRcvBuf },
 	{ "hpndisabled", oHPNDisabled },
-	{ "hpnbuffersize", oHPNBufferSize },
 	{ "requiredrsasize", oRequiredRSASize },
 	{ "enableescapecommandline", oEnableEscapeCommandline },
 	{ "obscurekeystroketiming", oObscureKeystrokeTiming },
@@ -1238,10 +1236,6 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
 		intptr = &options->hpn_disabled;
 		goto parse_flag;
 
-	case oHPNBufferSize:
-		intptr = &options->hpn_buffer_size;
-		goto parse_int;
-
 	case oTcpRcvBufPoll:
 		intptr = &options->tcp_rcv_buf_poll;
 		goto parse_flag;
@@ -1553,10 +1547,6 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host,
 			*intptr = value;
 		break;
 
-	case oTcpRcvBuf:
-		intptr = &options->tcp_rcv_buf;
-		goto parse_int;
-
 	case oCiphers:
 		arg = argv_next(&ac, &av);
 		if (!arg || *arg == '\0') {
@@ -2644,12 +2634,10 @@ initialize_options(Options * options)
 	options->metrics_path = NULL;
 	options->metrics_interval = -1;
 	options->hpn_disabled = -1;
-	options->hpn_buffer_size = -1;
 	options->hpn_buffer_limit = -1;
 	options->fallback = -1;
 	options->fallback_port = -1;
 	options->tcp_rcv_buf_poll = -1;
-	options->tcp_rcv_buf = -1;
 	options->session_type = -1;
 	options->stdin_null = -1;
 	options->fork_after_authentication = -1;
@@ -2821,24 +2809,8 @@ fill_default_options(Options * options)
 		options->server_alive_count_max = 3;
 	if (options->hpn_disabled == -1)
 		options->hpn_disabled = 0;
-	if (options->hpn_buffer_size > -1) {
-		/* if a user tries to set the size to 0 set it to 1KB */
-		if (options->hpn_buffer_size == 0)
-			options->hpn_buffer_size = 1;
-		/* limit the buffer to SSHBUF_SIZE_MAX (currently 256MB) */
-		if (options->hpn_buffer_size > (SSHBUF_SIZE_MAX / 1024)) {
-			options->hpn_buffer_size = SSHBUF_SIZE_MAX;
-			debug("User requested buffer larger than 256MB. Request reverted to 256MB");
-		} else
-			options->hpn_buffer_size *= 1024;
-		debug("hpn_buffer_size set to %d", options->hpn_buffer_size);
-	}
 	if (options->hpn_buffer_limit == -1)
 		options->hpn_buffer_limit = 0;
-	if (options->tcp_rcv_buf == 0)
-		options->tcp_rcv_buf = 1;
-	if (options->tcp_rcv_buf > -1)
-		options->tcp_rcv_buf *=1024;
 	if (options->tcp_rcv_buf_poll == -1)
 		options->tcp_rcv_buf_poll = 1;
 	if (options->none_switch == -1)
diff --git a/readconf.h b/readconf.h
@@ -50,10 +50,9 @@ typedef struct {
 	int     strict_host_key_checking;	/* Strict host key checking. */
 	int     compression;	/* Compress packets in both directions. */
 	int     tcp_keep_alive;	/* Set SO_KEEPALIVE. */
-	int     tcp_rcv_buf;      /* user switch to set tcp recv buffer */
 	int     tcp_rcv_buf_poll; /* Option to poll recv buf every window transfer */
 	int     hpn_disabled;     /* Switch to disable HPN buffer management */
-	int     hpn_buffer_size;  /* User definable size for HPN buffer window */
+	int     hpn_buffer_size;  /* Size of HPN buffer window */
 	int     hpn_buffer_limit; /* limit local_window_max to 1/2 receive buffer */
 	int	ip_qos_interactive;	/* IP ToS/DSCP/class for interactive */
 	int	ip_qos_bulk;		/* IP ToS/DSCP/class for bulk traffic */
diff --git a/servconf.c b/servconf.c
@@ -190,7 +190,6 @@ initialize_server_options(ServerOptions *options)
 	options->authorized_principals_command_user = NULL;
 	options->tcp_rcv_buf_poll = -1;
 	options->hpn_disabled = -1;
-	options->hpn_buffer_size = -1;
 	options->none_enabled = -1;
 	options->nonemac_enabled = -1;
 	options->hpn_buffer_limit = -1;
@@ -448,39 +447,6 @@ fill_default_server_options(ServerOptions *options)
 		options->hpn_disabled = 0;
 	if (options->hpn_buffer_limit == -1)
 		options->hpn_buffer_limit = 0;
-
-	if (options->hpn_buffer_size == -1) {
-		/* option not explicitly set. Now we have to figure out */
-		/* what value to use */
-		if (options->hpn_disabled == 1) {
-			options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT;
-		} else {
-			/* get the current RCV size and set it to that */
-			/*create a socket but don't connect it */
-			/* we use that the get the rcv socket size */
-			sock = socket(AF_INET, SOCK_STREAM, 0);
-			getsockopt(sock, SOL_SOCKET, SO_RCVBUF,
-				   &socksize, &socksizelen);
-			close(sock);
-			options->hpn_buffer_size = socksize;
-			debug("HPN Buffer Size: %d", options->hpn_buffer_size);
-		}
-	} else {
-		/* we have to do this in case the user sets both values in a contradictory */
-		/* manner. hpn_disabled overrrides hpn_buffer_size*/
-		if (options->hpn_disabled <= 0) {
-			if (options->hpn_buffer_size == 0)
-				options->hpn_buffer_size = 1;
-			/* limit the maximum buffer to SSHBUF_SIZE_MAX (currently 256MB) */
-			if (options->hpn_buffer_size > (SSHBUF_SIZE_MAX / 1024)) {
-				options->hpn_buffer_size = SSHBUF_SIZE_MAX;
-			} else {
-				options->hpn_buffer_size *= 1024;
-			}
-		} else
-			options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT;
-	}
-
 	if (options->ip_qos_interactive == -1)
 		options->ip_qos_interactive = IPTOS_DSCP_AF21;
 	if (options->ip_qos_bulk == -1)
@@ -563,7 +529,7 @@ typedef enum {
 	sKbdInteractiveAuthentication, sListenAddress, sAddressFamily,
 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
 	sNoneEnabled, sNoneMacEnabled, sHPNBufferLimit,
-	sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize,
+	sTcpRcvBufPoll, sHPNDisabled,
 	sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
 	sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,
 	sPermitUserEnvironment, sAllowTcpForwarding, sCompression,
@@ -731,7 +697,6 @@ static struct {
 	{ "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
 	{ "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
 	{ "hpndisabled", sHPNDisabled, SSHCFG_ALL },
-	{ "hpnbuffersize", sHPNBufferSize, SSHCFG_ALL },
 	{ "tcprcvbufpoll", sTcpRcvBufPoll, SSHCFG_ALL },
 	{ "noneenabled", sNoneEnabled, SSHCFG_ALL },
 	{ "nonemacenabled", sNoneMacEnabled, SSHCFG_ALL },
@@ -1632,10 +1597,6 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 		intptr = &options->hpn_disabled;
 		goto parse_flag;
 
-	case sHPNBufferSize:
-		intptr = &options->hpn_buffer_size;
-		goto parse_int;
-
 	case sIgnoreUserKnownHosts:
 		intptr = &options->ignore_user_known_hosts;
  parse_flag:
diff --git a/servconf.h b/servconf.h
@@ -200,7 +200,7 @@ typedef struct {
 	int	use_pam;		/* Enable auth via PAM */
         int     tcp_rcv_buf_poll;       /* poll tcp rcv window in autotuning kernels*/
 	int	hpn_disabled;		/* disable hpn functionality. false by default */
-	int	hpn_buffer_size;	/* set the hpn buffer size - default 3MB */
+	int	hpn_buffer_size;	/* hpn buffer size - default 2MB */
 	int	none_enabled;		/* Enable NONE cipher switch */
 	int     nonemac_enabled;        /* Enable NONE MAC switch */
 	int     hpn_buffer_limit;       /* limit local_window_max to 1/2 receive buffer */
diff --git a/ssh.c b/ssh.c
@@ -2157,7 +2157,7 @@ hpn_options_init(struct ssh *ssh)
 	if (tty_flag)
 		options.hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT;
 	else
-		options.hpn_buffer_size = 2 * 1024 * 1024;
+		options.hpn_buffer_size = (2 * 1024 * 1024);
 
 	if (ssh->compat & SSH_BUG_LARGEWINDOW) {
 		debug("HPN to Non-HPN connection");
@@ -2177,30 +2177,6 @@ hpn_options_init(struct ssh *ssh)
 			debug("socksize %d", socksize);
 			options.hpn_buffer_size = socksize;
 			debug("HPNBufferSize set to TCP RWIN: %d", options.hpn_buffer_size);
-		} else {
-			if (options.tcp_rcv_buf > 0) {
-				/*
-				 * Create a socket but don't connect it:
-				 * we use that the get the rcv socket size
-				 */
-				sock = socket(AF_INET, SOCK_STREAM, 0);
-				/*
-				 * If they are using the tcp_rcv_buf option,
-				 * attempt to set the buffer size to that.
-				 */
-				if (options.tcp_rcv_buf) {
-					socksizelen = sizeof(options.tcp_rcv_buf);
-					setsockopt(sock, SOL_SOCKET, SO_RCVBUF,
-						   &options.tcp_rcv_buf, socksizelen);
-				}
-				socksizelen = sizeof(socksize);
-				getsockopt(sock, SOL_SOCKET, SO_RCVBUF,
-					   &socksize, &socksizelen);
-				close(sock);
-				debug("socksize %d", socksize);
-				options.hpn_buffer_size = socksize;
-				debug("HPNBufferSize set to user TCPRcvBuf: %d", options.hpn_buffer_size);
-			}
 		}
 	}
 
diff --git a/sshconnect.c b/sshconnect.c
@@ -343,30 +343,6 @@ check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs,
 }
 #endif
 
-/*
- * Set TCP receive buffer if requested.
- * Note: tuning needs to happen after the socket is
- * created but before the connection happens
- * so winscale is negotiated properly -cjr
- */
-static void
-ssh_set_socket_recvbuf(int sock)
-{
-	void *buf = (void *)&options.tcp_rcv_buf;
-	int sz = sizeof(options.tcp_rcv_buf);
-	int socksize;
-	int socksizelen = sizeof(int);
-
-	debug("setsockopt Attempting to set SO_RCVBUF to %d", options.tcp_rcv_buf);
-	if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, buf, sz) >= 0) {
-	  getsockopt(sock, SOL_SOCKET, SO_RCVBUF, &socksize, &socksizelen);
-	  debug("setsockopt SO_RCVBUF: %.100s %d", strerror(errno), socksize);
-	}
-	else
-		error("Couldn't set socket receive buffer to %d: %.100s",
-		    options.tcp_rcv_buf, strerror(errno));
-}
-
 /*
  * Creates a socket for use as the ssh connection.
  */
@@ -389,9 +365,6 @@ ssh_create_socket(struct addrinfo *ai)
 	}
 	(void)fcntl(sock, F_SETFD, FD_CLOEXEC);
 
-	if (options.tcp_rcv_buf > 0)
-		ssh_set_socket_recvbuf(sock);
-
 	/* Use interactive QOS (if specified) until authentication completed */
 	if (options.ip_qos_interactive != INT_MAX)
 		set_sock_tos(sock, options.ip_qos_interactive);
