Re: describe 'idle-timeout' exception in npppd.conf man page

Fri, 07 Aug 2020 13:30:22 -0700 

On Fri, Aug 07, 2020 at 10:19:05PM +0300, Vitaliy Makkoveev wrote:
> Some times ago we disabled in-kernel timeout for pppx(4) related
> pipex(4) sessions. We did this for prevent use after free issue caused
> by pipex_timer [1]. By default "idle-timeout" is not set in
> npppd.conf(5) and I guess this is reason for we forgot to describe this
> exception in npppd.conf(5).
> 
> But looks like one user caught this [2]. So I propose to describe this
> in BUGS section of npppd.conf(5).
> 
> Also current "idle-timeout" description looks incorrect. If this option
> is missing, there is not in-kernel timeout for this session, but
> npppd(8) uses it's own timeout for. And we can't configure this value.
> 
> YASUOKA, what do you think? May be we can kill in-kernel timeout feature
> for pipex(4)?, and make npppd(8)'s idle timeout configurable by this
> option?
> 
> 1. 
> https://cvsweb.openbsd.org/src/sys/net/if_pppx.c?rev=1.78&content-type=text/x-cvsweb-markup
> 2. https://marc.info/?l=openbsd-misc&m=159655468504864&w=2 
> 
> 
> Index: usr.sbin/npppd/npppd/npppd.conf.5
> ===================================================================
> RCS file: /cvs/src/usr.sbin/npppd/npppd/npppd.conf.5,v
> retrieving revision 1.27
> diff -u -p -r1.27 npppd.conf.5
> --- usr.sbin/npppd/npppd/npppd.conf.5 23 Apr 2020 21:10:54 -0000      1.27
> +++ usr.sbin/npppd/npppd/npppd.conf.5 7 Aug 2020 19:17:00 -0000
> @@ -699,3 +699,9 @@ The current version of
>  .Xr npppd 8
>  does not support adding or removing tunnel settings or changing listener
>  settings (listen address, port and l2tp-ipsec-require).
> +.Pp
> +This time
> +.Xr pppx 4
> +does not allow to create sessions with non null
> +.Ic idle-timeout
> +option. 
> 

is this an actual bug? i'm just asking - it might be that the
idle-timeout text is the best place to warn users, and not BUGS.

regarding your text:

- "this time" is better written as "At this time" or "currently".
- "allow to create" is not good sentence structure

i think the text would read better something like:

        .Xr pppx 4
        does not allow sessions with
        .Ic idle-timeout
        set to any value other than 0.

if the text was better placed in the idle-timeout section:

        This value must be 0 for
        .Xr pppx 4
        sessions.

jmc

Reply via email to