From d8707c43361dc322859e5bdd3a55abc29c4d0c90 Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Sun, 3 Oct 2021 16:18:34 -0400
Subject: Remove TCP keepalive settings

TCP keepalives were originally enabled to solve the problem of
client connections staying idle for long periods of time, due to
pounce not relaying PINGs from the server. Long-idle TCP connections
are likely to be dropped by NAT routers, causing timeouts.

Unfortunately, the TCP_KEEPIDLE socket option is not available on
OpenBSD, so this was useless for pounce running there. The default
timeout before sending keepalives is 2 hours, which is far longer
than the timeout used by NAT routers, which seems to be 30 minutes.

Now that pounce sends its own PINGs to idle clients approximately
every 15 minutes, these TCP keepalive settings are unnecessary.
---
 local.c | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

(limited to 'local.c')

diff --git a/local.c b/local.c
index 92220c4..8d3ff4d 100644
--- a/local.c
+++ b/local.c
@@ -31,7 +31,6 @@
 #include <limits.h>
 #include <netdb.h>
 #include <netinet/in.h>
-#include <netinet/tcp.h>
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -49,10 +48,6 @@
 
 #include "bounce.h"
 
-#ifdef __APPLE__
-#define TCP_KEEPIDLE TCP_KEEPALIVE
-#endif
-
 static struct tls *server;
 
 static byte *readFile(size_t *len, FILE *file) {
@@ -248,17 +243,7 @@ int localAccept(struct tls **client, int bind) {
 		fd = sent;
 	}
 
-	int on = 1;
-	int error = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on));
-	if (error) err(EX_OSERR, "setsockopt");
-
-#ifdef TCP_KEEPIDLE
-	int idle = 15 * 60;
-	error = setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, &idle, sizeof(idle));
-	if (error) err(EX_OSERR, "setsockopt");
-#endif
-
-	error = tls_accept_socket(server, client, fd);
+	int error = tls_accept_socket(server, client, fd);
 	if (error) errx(EX_SOFTWARE, "tls_accept_socket: %s", tls_error(server));
 
 	return fd;
-- 
cgit 1.4.1