* Reimplement a number of socket option tests for autoconf-2.71.
* Reimplement configure test for IP DF.
* Use AC_PREREQ. Configuration scripts must be rebuilt with autoconf-2.71 or newer.
* Removed obsolete/unneeded tests and in general improve compatibility with autoconf-2.71.
* Draft release notes for iperf-3.10.
* iperf-3.10 version number bumps.
* Update using autoupdate-2.71 from Xcode 12 on macOS Big Sur.
* Regen.
* docs: Add release notes for recent changes.
tcp_info.snd_wnd is available on FreeBSD and NetBSD since TCP_INFO was
added. It was added to Linux 5.4 in late 2019 and becomes available
in Ubuntu 20.04 and Debian 11.
Tested on:
* Debian 11 running on x86-64 with this field.
* Debian 10 armv7 running on Raspberry Pi 2 without this field.
* NetBSD 9.2 armv7 running on Raspberry Pi 3 with this field.
* FreeBSD 13 aarch64 running on Raspberry Pi 4 with this field.
Adds an --dont-fragment flag that sets the DF flag in the header for UDP/IPv4 tests.
Co-authored-by: root <root@DESKTOP-L81E90U.localdomain>
Co-authored-by: Bruce A. Mah <bmah@es.net>
This lets iperf work better with multi-homed machines and
VRF.
Fixes#1089.
Based on a patch by Ben Greear <greearb@candelatech.com> via PR #817.
Co-authored-by: Ben Greear <greearb@candelatech.com>
The variable enable_profiling exists just because AC_ARG_ENABLE([profiling] is defined.
If it is redefined in the exist condition, the both enable and disable flags will enable the profiling,
just if the flag is missing it will be disabled.
Reference in Warning here: https://autotools.io/autoconf/arguments.html
The netinet/sctp.h header file defines HAVE_SCTP, so we have this
warning while building:
In file included from ../../src/iperf.h:30,
from ../../src/iperf_sctp.c:46:
./iperf_config.h:44: warning: "HAVE_SCTP" redefined
44 | #define HAVE_SCTP 1
|
In file included from ../../src/iperf_sctp.c:43:
/usr/include/netinet/sctp.h:56: note: this is the location of the previous definition
56 | #define HAVE_SCTP
|
This patch replaces our HAVE_SCTP definition with HAVE_SCTP_H to avoid
this warning.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
* feat: Add a mechanism to disable checks for SCTP (--without-sctp).
The use case for this is building a static iperf3 binary on CentOS 7,
on a system with SCTP installed (but it has no static SCTP libraries).
In that case we need to disable SCTP detection to prevent a linking
error at runtime.
While here, s/iperf /iperf3 / in a couple of help strings.
* EXIT_SUCCESS and EXIT_FAILURE are defined in stdlib.h, not sysexits.h
so no need to include the latter.
* No need to include pthread.h.
* Remove the no longer used delay() function.
This also removes the reliance on nanosleep().
* Remove get_tcp_windowsize() and set_tcp_windowsize() which are unused.
These days, iperf uses get/setsockopt() with SO_SNDBUF SO_RCVBUF directly.
* Fix warnings about _GNU_SOURCE being redefined.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* Fix warnings of format-specified mismatching type
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* Simplify endianness checks
Linux can be built with too many types of C run-time library and it's
not reasonable to have to enumerate all of them, especially since at
least one of them (MUSL) goes out of its way to not be easily
detectable.
Instead, leverage autoconf better for Linux/BSD to detect either
<endian.h> or <sys/endian.h> directly.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* Sys headers should not be included directly
There's usually a top-level header which then includes the sys/
descendent.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Don't make OpenSSL detection error out unless --with-openssl explicitly given.
This fixes the out-of-the-box build on macOS, which doesn't include
headers, etc. for OpenSSL by default. The configure script still
errors out if the user specifies a --with-openssl flag but for some
reason the build host's OpenSSL is broken or can't be used.
* Regen.
* fix: now --without-openssl configure flags works
enh: if openssl support is required and no valid installation is found, now it raise an error
* enh: added warning if building without openssl (iperf_auth disabled)
* Add configurable timeout for the setup of the control connection.
This is specified using the new --connect-timeout option, with an
integer parameter in ms. The iperf3 client will wait for this
amount of time for the setup of the control connection to the
server. If this option is not given, the OS default for TCP
connection setup is used. Specifying a smaller connection timeout
allows faster detection of a down / unresponsive iperf3 server.
The implementation uses a variation on the timeout_connect()
function from OpenBSD's netcat utility.
Fixes#216.
Add an optional mode that requires clients to authenticate with the server.
In this mode, clients need to provide a username and a password, which are checked against a password file on the server. The authentication credentials are protected by an RSA public keypair...the encrypted credentials are sent along with the test parameters.
Operationally the use of this feature places the following additional requirements on the build and installation of iperf3:
o The presence of the OpenSSL headers and libraries to build iperf3, and the libraries available on the client and server at runtime.
o Generation of an RSA public keypair; the private part is used by the server and the public part must be distributed to the clients.
o Username/password pairs for all authorized users, to be stored in a file on the server.
o Loose time synchronization between the server and clients (to within approximately 30 seconds).
o Appropriate command-line flags given on the client and server.
Note that iperf3 can be built and run as before, without fulfilling any of these requirements.
Partial documentation for this feature is included in this commit. It is anticipated that additional documentation text and editing will follow this merge.
Submitted by @ralcini. First suggested by @codyhanson in pull request #242.
* Remove unused hstrerror(), bad nanosleep() message in configure.ac (#503)
* Remove dead code involving h_errno and hstrerror()
h_errno was formerly set as a side effect of a failed
gethostbyname(3) call, but this function has been
deprecated.
malformed JSON string was passed on the control channel. This issue,
present in the cJSON library, was already fixed upstream, so was
addressed here in iperf3 by importing a newer version of cJSON (plus
local ESnet modifications).
Discovered and reported by Dave McDaniel, Cisco Talos.
Based on a patch by @dopheide-esnet, with input from @DaveGamble.
Cross-references: TALOS-CAN-0164, ESNET-SECADV-2016-0001,
CVE-2016-4303
