From a302d7ba4d17e2a23d6e66c30769711199d59e4a Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Sun, 1 Dec 2024 14:50:49 +0800
Subject: [PATCH] enable DPLPMTUD on macOS dual-stack sockets (#4723)

* enable DPLPMTUD on macOS dual-stack sockets

https://datatracker.ietf.org/doc/draft-seemann-tsvwg-udp-fragmentation/
contains details on how IP fragmentation is handled on different
platforms.

* only enable DF on macOS Sequoia (and newer) dual-stack sockets

* fix macOS version numbers

* fix comment in MTU integration test

* skip dual-stack test on old macOS versions
---
 integrationtests/self/mtu_test.go |  2 +-
 sys_conn.go                       |  2 +-
 sys_conn_df_darwin.go             | 90 +++++++++++++++++-----------
 sys_conn_df_darwin_test.go        | 99 +++++++++++++++++++++++++++++++
 4 files changed, 155 insertions(+), 38 deletions(-)
 create mode 100644 sys_conn_df_darwin_test.go

diff --git a/integrationtests/self/mtu_test.go b/integrationtests/self/mtu_test.go
index 744d9fa04..cd96ad284 100644
--- a/integrationtests/self/mtu_test.go
+++ b/integrationtests/self/mtu_test.go
@@ -72,7 +72,7 @@ var _ = Describe("DPLPMTUD", func() {
 		defer proxy.Close()
 
 		// Make sure to use v4-only socket here.
-		// We can't reliably set the DF bit on dual-stack sockets on macOS.
+		// We can't reliably set the DF bit on dual-stack sockets on macOS before Sequoia (macOS 15).
 		udpConn, err := net.ListenUDP("udp4", &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0})
 		Expect(err).ToNot(HaveOccurred())
 		defer udpConn.Close()
diff --git a/sys_conn.go b/sys_conn.go
index 71cc46070..811131d94 100644
--- a/sys_conn.go
+++ b/sys_conn.go
@@ -58,8 +58,8 @@ func wrapConn(pc net.PacketConn) (rawConn, error) {
 			return nil, err
 		}
 
+		// only set DF on UDP sockets
 		if _, ok := pc.LocalAddr().(*net.UDPAddr); ok {
-			// Only set DF on sockets that we expect to be able to handle that configuration.
 			var err error
 			supportsDF, err = setDF(rawConn)
 			if err != nil {
diff --git a/sys_conn_df_darwin.go b/sys_conn_df_darwin.go
index b51cd8f1a..8ed273eed 100644
--- a/sys_conn_df_darwin.go
+++ b/sys_conn_df_darwin.go
@@ -4,47 +4,67 @@ package quic
 
 import (
 	"errors"
+	"fmt"
 	"strconv"
 	"strings"
 	"syscall"
 
 	"golang.org/x/sys/unix"
+)
 
-	"github.com/quic-go/quic-go/internal/utils"
+// for macOS versions, see https://en.wikipedia.org/wiki/Darwin_(operating_system)#Darwin_20_onwards
+const (
+	macOSVersion11 = 20
+	macOSVersion15 = 24
 )
 
 func setDF(rawConn syscall.RawConn) (bool, error) {
-	// Setting DF bit is only supported from macOS11
+	// Setting DF bit is only supported from macOS 11.
 	// https://github.com/chromium/chromium/blob/117.0.5881.2/net/socket/udp_socket_posix.cc#L555
-	if supportsDF, err := isAtLeastMacOS11(); !supportsDF || err != nil {
+	version, err := getMacOSVersion()
+	if err != nil || version < macOSVersion11 {
 		return false, err
 	}
 
-	// Enabling IP_DONTFRAG will force the kernel to return "sendto: message too long"
-	// and the datagram will not be fragmented
-	var errDFIPv4, errDFIPv6 error
+	var controlErr error
+	var disableDF bool
 	if err := rawConn.Control(func(fd uintptr) {
-		errDFIPv4 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_DONTFRAG, 1)
-		errDFIPv6 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_DONTFRAG, 1)
+		addr, err := unix.Getsockname(int(fd))
+		if err != nil {
+			controlErr = fmt.Errorf("getsockname: %w", err)
+			return
+		}
+
+		// Dual-stack sockets are effectively IPv6 sockets (with IPV6_ONLY set to 0).
+		// On macOS, the DF bit on dual-stack sockets is controlled by the IPV6_DONTFRAG option.
+		// See https://datatracker.ietf.org/doc/draft-seemann-tsvwg-udp-fragmentation/ for details.
+		switch addr.(type) {
+		case *unix.SockaddrInet4:
+			controlErr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_DONTFRAG, 1)
+		case *unix.SockaddrInet6:
+			controlErr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_DONTFRAG, 1)
+
+			// Setting the DF bit on dual-stack sockets works since macOS Sequoia.
+			// Disable DF on dual-stack sockets before Sequoia.
+			if version < macOSVersion15 {
+				// check if this is a dual-stack socket by reading the IPV6_V6ONLY flag
+				v6only, err := unix.GetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_V6ONLY)
+				if err != nil {
+					controlErr = fmt.Errorf("getting IPV6_V6ONLY: %w", err)
+					return
+				}
+				disableDF = v6only == 0
+			}
+		default:
+			controlErr = fmt.Errorf("unknown address type: %T", addr)
+		}
 	}); err != nil {
 		return false, err
 	}
-	switch {
-	case errDFIPv4 == nil && errDFIPv6 == nil:
-		utils.DefaultLogger.Debugf("Setting DF for IPv4 and IPv6.")
-	case errDFIPv4 == nil && errDFIPv6 != nil:
-		utils.DefaultLogger.Debugf("Setting DF for IPv4.")
-	case errDFIPv4 != nil && errDFIPv6 == nil:
-		utils.DefaultLogger.Debugf("Setting DF for IPv6.")
-		// On macOS, the syscall for setting DF bit for IPv4 fails on dual-stack listeners.
-		// Treat the connection as not having DF enabled, even though the DF bit will be set
-		// when used for IPv6.
-		// See https://github.com/quic-go/quic-go/issues/3793 for details.
-		return false, nil
-	case errDFIPv4 != nil && errDFIPv6 != nil:
-		return false, errors.New("setting DF failed for both IPv4 and IPv6")
+	if controlErr != nil {
+		return false, controlErr
 	}
-	return true, nil
+	return !disableDF, nil
 }
 
 func isSendMsgSizeErr(err error) bool {
@@ -53,22 +73,20 @@ func isSendMsgSizeErr(err error) bool {
 
 func isRecvMsgSizeErr(error) bool { return false }
 
-func isAtLeastMacOS11() (bool, error) {
+func getMacOSVersion() (int, error) {
 	uname := &unix.Utsname{}
-	err := unix.Uname(uname)
-	if err != nil {
-		return false, err
+	if err := unix.Uname(uname); err != nil {
+		return 0, err
 	}
 
 	release := string(uname.Release[:])
-	if idx := strings.Index(release, "."); idx != -1 {
-		version, err := strconv.Atoi(release[:idx])
-		if err != nil {
-			return false, err
-		}
-		// Darwin version 20 is macOS version 11
-		// https://en.wikipedia.org/wiki/Darwin_(operating_system)#Darwin_20_onwards
-		return version >= 20, nil
+	idx := strings.Index(release, ".")
+	if idx == -1 {
+		return 0, nil
 	}
-	return false, nil
+	version, err := strconv.Atoi(release[:idx])
+	if err != nil {
+		return 0, err
+	}
+	return version, nil
 }
diff --git a/sys_conn_df_darwin_test.go b/sys_conn_df_darwin_test.go
new file mode 100644
index 000000000..335003ef3
--- /dev/null
+++ b/sys_conn_df_darwin_test.go
@@ -0,0 +1,99 @@
+package quic
+
+import (
+	"net"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestIPFragmentation(t *testing.T) {
+	sink, err := net.ListenUDP("udp", &net.UDPAddr{Port: 0})
+	require.NoError(t, err)
+	t.Cleanup(func() { sink.Close() })
+	sinkPort := sink.LocalAddr().(*net.UDPAddr).Port
+
+	canSendIPv4 := func(conn *net.UDPConn) bool {
+		_, err := conn.WriteTo([]byte("hello"), &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: sinkPort})
+		return err == nil
+	}
+
+	canSendIPv6 := func(conn *net.UDPConn) bool {
+		_, err := conn.WriteTo([]byte("hello"), &net.UDPAddr{IP: net.IPv6loopback, Port: sinkPort})
+		return err == nil
+	}
+
+	t.Run("udp4", func(t *testing.T) {
+		conn, err := net.ListenUDP("udp4", &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0})
+		require.NoError(t, err)
+		defer conn.Close()
+
+		require.True(t, canSendIPv4(conn))
+		require.False(t, canSendIPv6(conn))
+
+		raw, err := conn.SyscallConn()
+		require.NoError(t, err)
+		canDF, _ := setDF(raw)
+		require.True(t, canDF)
+	})
+
+	t.Run("udp6", func(t *testing.T) {
+		conn, err := net.ListenUDP("udp6", &net.UDPAddr{IP: net.IPv6loopback, Port: 0})
+		require.NoError(t, err)
+		defer conn.Close()
+
+		require.False(t, canSendIPv4(conn))
+		require.True(t, canSendIPv6(conn))
+
+		raw, err := conn.SyscallConn()
+		require.NoError(t, err)
+		canDF, _ := setDF(raw)
+		require.True(t, canDF)
+	})
+
+	t.Run("udp, dual-stack", func(t *testing.T) {
+		if version, err := getMacOSVersion(); err != nil || version < macOSVersion15 {
+			t.Skipf("skipping on darwin %d", version-9)
+		}
+
+		conn, err := net.ListenUDP("udp", &net.UDPAddr{Port: 0})
+		require.NoError(t, err)
+		defer conn.Close()
+
+		require.True(t, canSendIPv4(conn))
+		require.True(t, canSendIPv6(conn))
+
+		raw, err := conn.SyscallConn()
+		require.NoError(t, err)
+		canDF, _ := setDF(raw)
+		require.True(t, canDF)
+	})
+
+	t.Run("udp, listening on IPv4", func(t *testing.T) {
+		conn, err := net.ListenUDP("udp", &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 0})
+		require.NoError(t, err)
+		defer conn.Close()
+
+		require.True(t, canSendIPv4(conn))
+		require.False(t, canSendIPv6(conn))
+
+		raw, err := conn.SyscallConn()
+		require.NoError(t, err)
+		canDF, _ := setDF(raw)
+		require.True(t, canDF)
+	})
+
+	t.Run("udp, listening on IPv6", func(t *testing.T) {
+		conn, err := net.ListenUDP("udp6", &net.UDPAddr{IP: net.IPv6loopback, Port: 0})
+		require.NoError(t, err)
+		defer conn.Close()
+
+		require.False(t, canSendIPv4(conn))
+		require.True(t, canSendIPv6(conn))
+
+		raw, err := conn.SyscallConn()
+		require.NoError(t, err)
+		canDF, _ := setDF(raw)
+		require.True(t, canDF)
+	})
+}