search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cosmetics
[tomato.git] / release / src / router / openvpn / multi.h
blobad26c12731fa1ddee3c61d4073a5a70114944515
1 /*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program (see the file COPYING included with this
21 * distribution); if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25 #ifndef MULTI_H
26 #define MULTI_H
27
28 #if P2MP_SERVER
29
30 #include "init.h"
31 #include "forward.h"
32 #include "mroute.h"
33 #include "mbuf.h"
34 #include "list.h"
35 #include "schedule.h"
36 #include "pool.h"
37 #include "mudp.h"
38 #include "mtcp.h"
39 #include "perf.h"
40
41 /*
42 * Walk (don't run) through the routing table,
43 * deleting old entries, and possibly multi_instance
44 * structs as well which have been marked for deletion.
45 */
46 struct multi_reap
47 {
48 int bucket_base;
49 int buckets_per_pass;
50 time_t last_call;
51 };
52
53 /*
54 * One multi_instance object per client instance.
55 */
56 struct multi_instance {
57 struct schedule_entry se; /* this must be the first element of the structure */
58 struct gc_arena gc;
59 MUTEX_DEFINE (mutex);
60 bool defined;
61 bool halt;
62 int refcount;
63 int route_count; /* number of routes (including cached routes) owned by this instance */
64 time_t created;
65 struct timeval wakeup; /* absolute time */
66 struct mroute_addr real;
67 ifconfig_pool_handle vaddr_handle;
68 const char *msg_prefix;
69
70 /* queued outgoing data in Server/TCP mode */
71 unsigned int tcp_rwflags;
72 struct mbuf_set *tcp_link_out_deferred;
73 bool socket_set_called;
74
75 in_addr_t reporting_addr; /* IP address shown in status listing */
76
77 bool did_open_context;
78 bool did_real_hash;
79 bool did_iter;
80 #ifdef MANAGEMENT_DEF_AUTH
81 bool did_cid_hash;
82 struct buffer_list *cc_config;
83 #endif
84 bool connection_established_flag;
85 bool did_iroutes;
86 int n_clients_delta; /* added to multi_context.n_clients when instance is closed */
87
88 struct context context;
89 };
90
91 /*
92 * One multi_context object per server daemon thread.
93 */
94 struct multi_context {
95 # define MC_UNDEF 0
96 # define MC_SINGLE_THREADED (1<<0)
97 # define MC_MULTI_THREADED_MASTER (1<<1)
98 # define MC_MULTI_THREADED_WORKER (1<<2)
99 # define MC_MULTI_THREADED_SCHEDULER (1<<3)
100 # define MC_WORK_THREAD (MC_MULTI_THREADED_WORKER|MC_MULTI_THREADED_SCHEDULER)
101 int thread_mode;
102
103 struct hash *hash; /* client instances indexed by real address */
104 struct hash *vhash; /* client instances indexed by virtual address */
105 struct hash *iter; /* like real address hash but optimized for iteration */
106 struct schedule *schedule;
107 struct mbuf_set *mbuf;
108 struct multi_tcp *mtcp;
109 struct ifconfig_pool *ifconfig_pool;
110 struct frequency_limit *new_connection_limiter;
111 struct mroute_helper *route_helper;
112 struct multi_reap *reaper;
113 struct mroute_addr local;
114 bool enable_c2c;
115 int max_clients;
116 int tcp_queue_limit;
117 int status_file_version;
118 int n_clients; /* current number of authenticated clients */
119
120 #ifdef MANAGEMENT_DEF_AUTH
121 struct hash *cid_hash;
122 unsigned long cid_counter;
123 #endif
124
125 struct multi_instance *pending;
126 struct multi_instance *earliest_wakeup;
127 struct multi_instance **mpp_touched;
128 struct context_buffers *context_buffers;
129 time_t per_second_trigger;
130
131 struct context top;
132 };
133
134 /*
135 * Host route
136 */
137 struct multi_route
138 {
139 struct mroute_addr addr;
140 struct multi_instance *instance;
141
142 # define MULTI_ROUTE_CACHE (1<<0)
143 # define MULTI_ROUTE_AGEABLE (1<<1)
144 unsigned int flags;
145
146 unsigned int cache_generation;
147 time_t last_reference;
148 };
149
150 /*
151 * top level function, called by openvpn.c
152 */
153 void tunnel_server (struct context *top);
154
155 const char *multi_instance_string (const struct multi_instance *mi, bool null, struct gc_arena *gc);
156
157 /*
158 * Called by mtcp.c, mudp.c, or other (to be written) protocol drivers
159 */
160
161 void multi_init (struct multi_context *m, struct context *t, bool tcp_mode, int thread_mode);
162 void multi_uninit (struct multi_context *m);
163
164 void multi_top_init (struct multi_context *m, const struct context *top, const bool alloc_buffers);
165 void multi_top_free (struct multi_context *m);
166
167 struct multi_instance *multi_create_instance (struct multi_context *m, const struct mroute_addr *real);
168 void multi_close_instance (struct multi_context *m, struct multi_instance *mi, bool shutdown);
169
170 bool multi_process_timeout (struct multi_context *m, const unsigned int mpp_flags);
171
172 #define MPP_PRE_SELECT (1<<0)
173 #define MPP_CONDITIONAL_PRE_SELECT (1<<1)
174 #define MPP_CLOSE_ON_SIGNAL (1<<2)
175 #define MPP_RECORD_TOUCH (1<<3)
176 bool multi_process_post (struct multi_context *m, struct multi_instance *mi, const unsigned int flags);
177
178 bool multi_process_incoming_link (struct multi_context *m, struct multi_instance *instance, const unsigned int mpp_flags);
179 bool multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flags);
180
181 void multi_process_drop_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags);
182
183 void multi_print_status (struct multi_context *m, struct status_output *so, const int version);
184
185 struct multi_instance *multi_get_queue (struct mbuf_set *ms);
186
187 void multi_add_mbuf (struct multi_context *m,
188 struct multi_instance *mi,
189 struct mbuf_buffer *mb);
190
191 void multi_ifconfig_pool_persist (struct multi_context *m, bool force);
192
193 bool multi_process_signal (struct multi_context *m);
194
195 void multi_close_instance_on_signal (struct multi_context *m, struct multi_instance *mi);
196
197 void init_management_callback_multi (struct multi_context *m);
198 void uninit_management_callback_multi (struct multi_context *m);
199
200 /*
201 * Return true if our output queue is not full
202 */
203 static inline bool
204 multi_output_queue_ready (const struct multi_context *m,
205 const struct multi_instance *mi)
206 {
207 if (mi->tcp_link_out_deferred)
208 return mbuf_len (mi->tcp_link_out_deferred) <= m->tcp_queue_limit;
209 else
210 return true;
211 }
212
213 /*
214 * Determine which instance has pending output
215 * and prepare the output for sending in
216 * the to_link buffer.
217 */
218 static inline struct multi_instance *
219 multi_process_outgoing_link_pre (struct multi_context *m)
220 {
221 struct multi_instance *mi = NULL;
222
223 if (m->pending)
224 mi = m->pending;
225 else if (mbuf_defined (m->mbuf))
226 mi = multi_get_queue (m->mbuf);
227 return mi;
228 }
229
230 /*
231 * Per-client route quota management
232 */
233
234 void route_quota_exceeded (const struct multi_context *m, const struct multi_instance *mi);
235
236 static inline void
237 route_quota_inc (struct multi_instance *mi)
238 {
239 ++mi->route_count;
240 }
241
242 static inline void
243 route_quota_dec (struct multi_instance *mi)
244 {
245 --mi->route_count;
246 }
247
248 /* can we add a new route? */
249 static inline bool
250 route_quota_test (const struct multi_context *m, const struct multi_instance *mi)
251 {
252 if (mi->route_count >= mi->context.options.max_routes_per_client)
253 {
254 route_quota_exceeded (m, mi);
255 return false;
256 }
257 else
258 return true;
259 }
260
261 /*
262 * Instance reference counting
263 */
264
265 static inline void
266 multi_instance_inc_refcount (struct multi_instance *mi)
267 {
268 ++mi->refcount;
269 }
270
271 static inline void
272 multi_instance_dec_refcount (struct multi_instance *mi)
273 {
274 if (--mi->refcount <= 0)
275 {
276 gc_free (&mi->gc);
277 mutex_destroy (&mi->mutex);
278 free (mi);
279 }
280 }
281
282 static inline void
283 multi_route_del (struct multi_route *route)
284 {
285 struct multi_instance *mi = route->instance;
286 route_quota_dec (mi);
287 multi_instance_dec_refcount (mi);
288 free (route);
289 }
290
291 static inline bool
292 multi_route_defined (const struct multi_context *m,
293 const struct multi_route *r)
294 {
295 if (r->instance->halt)
296 return false;
297 else if ((r->flags & MULTI_ROUTE_CACHE)
298 && r->cache_generation != m->route_helper->cache_generation)
299 return false;
300 else if ((r->flags & MULTI_ROUTE_AGEABLE)
301 && r->last_reference + m->route_helper->ageable_ttl_secs < now)
302 return false;
303 else
304 return true;
305 }
306
307 /*
308 * Set a msg() function prefix with our current client instance ID.
309 */
310
311 static inline void
312 set_prefix (struct multi_instance *mi)
313 {
314 #ifdef MULTI_DEBUG_EVENT_LOOP
315 if (mi->msg_prefix)
316 printf ("[%s]\n", mi->msg_prefix);
317 #endif
318 msg_set_prefix (mi->msg_prefix);
319 }
320
321 static inline void
322 clear_prefix (void)
323 {
324 #ifdef MULTI_DEBUG_EVENT_LOOP
325 printf ("[NULL]\n");
326 #endif
327 msg_set_prefix (NULL);
328 }
329
330 /*
331 * Instance Reaper
332 *
333 * Reaper constants. The reaper is the process where the virtual address
334 * and virtual route hash table is scanned for dead entries which are
335 * then removed. The hash table could potentially be quite large, so we
336 * don't want to reap in a single pass.
337 */
338
339 #define REAP_MAX_WAKEUP 10 /* Do reap pass at least once per n seconds */
340 #define REAP_DIVISOR 256 /* How many passes to cover whole hash table */
341 #define REAP_MIN 16 /* Minimum number of buckets per pass */
342 #define REAP_MAX 1024 /* Maximum number of buckets per pass */
343
344 /*
345 * Mark a cached host route for deletion after this
346 * many seconds without any references.
347 */
348 #define MULTI_CACHE_ROUTE_TTL 60
349
350 static inline void
351 multi_reap_process (const struct multi_context *m)
352 {
353 void multi_reap_process_dowork (const struct multi_context *m);
354 if (m->reaper->last_call != now)
355 multi_reap_process_dowork (m);
356 }
357
358 static inline void
359 multi_process_per_second_timers (struct multi_context *m)
360 {
361 if (m->per_second_trigger != now)
362 {
363 void multi_process_per_second_timers_dowork (struct multi_context *m);
364 multi_process_per_second_timers_dowork (m);
365 m->per_second_trigger = now;
366 }
367 }
368
369 /*
370 * Compute earliest timeout expiry from the set of
371 * all instances. Output:
372 *
373 * m->earliest_wakeup : instance needing the earliest service.
374 * dest : earliest timeout as a delta in relation
375 * to current time.
376 */
377 static inline void
378 multi_get_timeout (struct multi_context *m, struct timeval *dest)
379 {
380 struct timeval tv, current;
381
382 CLEAR (tv);
383 m->earliest_wakeup = (struct multi_instance *) schedule_get_earliest_wakeup (m->schedule, &tv);
384 if (m->earliest_wakeup)
385 {
386 ASSERT (!openvpn_gettimeofday (&current, NULL));
387 tv_delta (dest, &current, &tv);
388 if (dest->tv_sec >= REAP_MAX_WAKEUP)
389 {
390 m->earliest_wakeup = NULL;
391 dest->tv_sec = REAP_MAX_WAKEUP;
392 dest->tv_usec = 0;
393 }
394 }
395 else
396 {
397 dest->tv_sec = REAP_MAX_WAKEUP;
398 dest->tv_usec = 0;
399 }
400 }
401
402 /*
403 * Send a packet to TUN/TAP interface.
404 */
405 static inline bool
406 multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags)
407 {
408 struct multi_instance *mi = m->pending;
409 bool ret = true;
410
411 ASSERT (mi);
412 #ifdef MULTI_DEBUG_EVENT_LOOP
413 printf ("%s -> TUN len=%d\n",
414 id(mi),
415 mi->context.c2.to_tun.len);
416 #endif
417 set_prefix (mi);
418 process_outgoing_tun (&mi->context);
419 ret = multi_process_post (m, mi, mpp_flags);
420 clear_prefix ();
421 return ret;
422 }
423
424 static inline bool
425 multi_process_outgoing_link_dowork (struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
426 {
427 bool ret = true;
428 set_prefix (mi);
429 process_outgoing_link (&mi->context);
430 ret = multi_process_post (m, mi, mpp_flags);
431 clear_prefix ();
432 return ret;
433 }
434
435 /*
436 * Check for signals.
437 */
438 #define MULTI_CHECK_SIG(m) EVENT_LOOP_CHECK_SIGNAL (&(m)->top, multi_process_signal, (m))
439
440 static inline void
441 multi_set_pending (struct multi_context *m, struct multi_instance *mi)
442 {
443 m->pending = mi;
444 }
445
446 static inline void
447 multi_release_io_lock (struct multi_context *m)
448 {
449 }
450
451 #endif /* P2MP_SERVER */
452 #endif /* MULTI_H */
Tomato firmware and modifications.