#include "init.h"
#include "forward.h"
#include "mroute.h"
#include "mbuf.h"
#include "list.h"
#include "schedule.h"
#include "pool.h"
#include "mudp.h"
#include "mtcp.h"
#include "perf.h"
#include "vlan.h"
#include "reflect_filter.h"

Include dependency graph for multi.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	multi_reap

struct	deferred_signal_schedule_entry

struct	client_connect_defer_state
	Detached client connection state. More...

struct	multi_instance
	Server-mode state structure for one single VPN tunnel. More...

struct	multi_context
	Main OpenVPN server state structure. More...

struct	multi_route

Macros
#define	MULTI_PREFIX_MAX_LENGTH 256

#define	MULTI_ROUTE_CACHE (1<<0)

#define	MULTI_ROUTE_AGEABLE (1<<1)

#define	MPP_PRE_SELECT (1<<0)

#define	MPP_CONDITIONAL_PRE_SELECT (1<<1)

#define	MPP_CLOSE_ON_SIGNAL (1<<2)

#define	MPP_RECORD_TOUCH (1<<3)

#define	REAP_MAX_WAKEUP 10 /* Do reap pass at least once per n seconds */

#define	REAP_DIVISOR 256 /* How many passes to cover whole hash table */

#define	REAP_MIN 16 /* Minimum number of buckets per pass */

#define	REAP_MAX 1024 /* Maximum number of buckets per pass */

#define	MULTI_CACHE_ROUTE_TTL 60

#define	CLIENT_CONNECT_OPT_MASK

#define	MULTI_CHECK_SIG(m) EVENT_LOOP_CHECK_SIGNAL(&(m)->top, multi_process_signal, (m))

Enumerations
enum	client_connect_return { CC_RET_FAILED, CC_RET_SUCCEEDED, CC_RET_DEFERRED, CC_RET_SKIPPED }
	Return values used by the client connect call-back functions. More...

Functions
void	tunnel_server (struct context *top)
	Main event loop for OpenVPN in server mode. More...

const char *	multi_instance_string (const struct multi_instance mi, bool null, struct gc_arena gc)

void	multi_init (struct multi_context m, struct context t, bool tcp_mode)

void	multi_uninit (struct multi_context *m)

void	multi_top_init (struct multi_context m, struct context top)

void	multi_top_free (struct multi_context *m)

struct multi_instance *	multi_create_instance (struct multi_context m, const struct mroute_addr real)

void	multi_close_instance (struct multi_context m, struct multi_instance mi, bool shutdown)

bool	multi_process_timeout (struct multi_context *m, const unsigned int mpp_flags)

void	multi_process_float (struct multi_context m, struct multi_instance mi)
	Handles peer floating. More...

bool	multi_process_post (struct multi_context m, struct multi_instance mi, const unsigned int flags)
	Perform postprocessing of a VPN tunnel instance. More...

bool	multi_process_incoming_dco (struct multi_context *m)
	Process an incoming DCO message (from kernel space). More...

bool	multi_process_incoming_link (struct multi_context m, struct multi_instance instance, const unsigned int mpp_flags)
	Demultiplex and process a packet received over the external network interface. More...

bool	multi_process_incoming_tun (struct multi_context *m, const unsigned int mpp_flags)
	Determine the destination VPN tunnel of a packet received over the virtual tun/tap network interface and then process it accordingly. More...

void	multi_process_drop_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags)

void	multi_print_status (struct multi_context m, struct status_output so, const int version)

struct multi_instance *	multi_get_queue (struct mbuf_set *ms)

void	multi_add_mbuf (struct multi_context m, struct multi_instance mi, struct mbuf_buffer *mb)

void	multi_ifconfig_pool_persist (struct multi_context *m, bool force)

bool	multi_process_signal (struct multi_context *m)

void	multi_close_instance_on_signal (struct multi_context m, struct multi_instance mi)

void	init_management_callback_multi (struct multi_context *m)

static bool	multi_output_queue_ready (const struct multi_context m, const struct multi_instance mi)

static struct multi_instance *	multi_process_outgoing_link_pre (struct multi_context *m)

void	route_quota_exceeded (const struct multi_instance *mi)

static void	route_quota_inc (struct multi_instance *mi)

static void	route_quota_dec (struct multi_instance *mi)

static bool	route_quota_test (const struct multi_instance *mi)

static void	multi_instance_inc_refcount (struct multi_instance *mi)

static void	multi_instance_dec_refcount (struct multi_instance *mi)

static void	multi_route_del (struct multi_route *route)

static bool	multi_route_defined (const struct multi_context m, const struct multi_route r)

void	ungenerate_prefix (struct multi_instance *mi)

static void	set_prefix (struct multi_instance *mi)

static void	clear_prefix (void)

void	multi_reap_process_dowork (const struct multi_context *m)

void	multi_process_per_second_timers_dowork (struct multi_context *m)

static void	multi_reap_process (const struct multi_context *m)

static void	multi_process_per_second_timers (struct multi_context *m)

static void	multi_get_timeout (struct multi_context m, struct timeval dest)

static bool	multi_process_outgoing_tun (struct multi_context *m, const unsigned int mpp_flags)
	Send a packet over the virtual tun/tap network interface to its locally reachable destination. More...

static bool	multi_process_outgoing_link_dowork (struct multi_context m, struct multi_instance mi, const unsigned int mpp_flags)

static void	multi_set_pending (struct multi_context m, struct multi_instance mi)

void	multi_assign_peer_id (struct multi_context m, struct multi_instance mi)
	Assigns a peer-id to a a client and adds the instance to the the instances array of the `multi_context` structure. More...

Macro Definition Documentation

◆ CLIENT_CONNECT_OPT_MASK

#define CLIENT_CONNECT_OPT_MASK

Value:

                                 (OPT_P_INSTANCE | OPT_P_INHERIT   \
                                 |OPT_P_PUSH | OPT_P_TIMER | OPT_P_CONFIG   \
                                 |OPT_P_ECHO | OPT_P_COMP | OPT_P_SOCKFLAGS)

Definition at line 671 of file multi.h.

◆ MPP_CLOSE_ON_SIGNAL

#define MPP_CLOSE_ON_SIGNAL (1<<2)

Definition at line 289 of file multi.h.

◆ MPP_CONDITIONAL_PRE_SELECT

#define MPP_CONDITIONAL_PRE_SELECT (1<<1)

Definition at line 288 of file multi.h.

◆ MPP_PRE_SELECT

#define MPP_PRE_SELECT (1<<0)

Definition at line 287 of file multi.h.

◆ MPP_RECORD_TOUCH

#define MPP_RECORD_TOUCH (1<<3)

Definition at line 290 of file multi.h.

◆ MULTI_CACHE_ROUTE_TTL

#define MULTI_CACHE_ROUTE_TTL 60

Definition at line 575 of file multi.h.

◆ MULTI_CHECK_SIG

#define MULTI_CHECK_SIG ( m ) EVENT_LOOP_CHECK_SIGNAL(&(m)->top, multi_process_signal, (m))

Definition at line 689 of file multi.h.

◆ MULTI_PREFIX_MAX_LENGTH

#define MULTI_PREFIX_MAX_LENGTH 256

Definition at line 44 of file multi.h.

◆ MULTI_ROUTE_AGEABLE

#define MULTI_ROUTE_AGEABLE (1<<1)

Definition at line 234 of file multi.h.

◆ MULTI_ROUTE_CACHE

#define MULTI_ROUTE_CACHE (1<<0)

Definition at line 233 of file multi.h.

◆ REAP_DIVISOR

#define REAP_DIVISOR 256 /* How many passes to cover whole hash table */

Definition at line 567 of file multi.h.

◆ REAP_MAX

#define REAP_MAX 1024 /* Maximum number of buckets per pass */

Definition at line 569 of file multi.h.

◆ REAP_MAX_WAKEUP

#define REAP_MAX_WAKEUP 10 /* Do reap pass at least once per n seconds */

Definition at line 566 of file multi.h.

◆ REAP_MIN

#define REAP_MIN 16 /* Minimum number of buckets per pass */

Definition at line 568 of file multi.h.

Enumeration Type Documentation

◆ client_connect_return

enum client_connect_return

Return values used by the client connect call-back functions.

Enumerator
CC_RET_FAILED
CC_RET_SUCCEEDED
CC_RET_DEFERRED
CC_RET_SKIPPED

Definition at line 217 of file multi.h.

Function Documentation

◆ clear_prefix()

static void clear_prefix ( void )

inlinestatic

Definition at line 549 of file multi.h.

References msg_set_prefix().

Referenced by multi_close_instance_on_signal(), multi_get_queue(), multi_process_drop_outgoing_tun(), multi_process_incoming_link(), multi_process_incoming_tun(), multi_process_outgoing_link_dowork(), multi_process_outgoing_tun(), multi_process_timeout(), multi_tcp_dispatch(), and multi_tcp_process_outgoing_link().

◆ init_management_callback_multi()

void init_management_callback_multi ( struct multi_context * m )

Definition at line 4119 of file multi.c.

Referenced by tunnel_server_tcp(), and tunnel_server_udp().

◆ multi_add_mbuf()

void multi_add_mbuf	(	struct multi_context *	m,
		struct multi_instance *	mi,
		struct mbuf_buffer *	mb
	)

Definition at line 2881 of file multi.c.

References mbuf_item::buffer, D_MULTI_DROPPED, mbuf_item::instance, multi_context::mbuf, mbuf_add_item(), msg, and multi_output_queue_ready().

Referenced by multi_bcast(), and multi_unicast().

◆ multi_assign_peer_id()

void multi_assign_peer_id	(	struct multi_context *	m,
		struct multi_instance *	mi
	)

Assigns a peer-id to a a client and adds the instance to the the instances array of the multi_context structure.

Parameters

m	- The single `multi_context` structure.
mi	- The `multi_instance` of the VPN tunnel to be postprocessed.

Definition at line 4144 of file multi.c.

References ASSERT, context::c2, multi_instance::context, multi_context::instances, multi_context::max_clients, MAX_PEER_ID, tls_multi::peer_id, and context_2::tls_multi.

Referenced by multi_create_instance_tcp(), and multi_get_create_instance_udp().

◆ multi_close_instance()

void multi_close_instance	(	struct multi_context *	m,
		struct multi_instance *	mi,
		bool	shutdown
	)

Definition at line 602 of file multi.c.

References ASSERT, context::c2, CAS_CONNECT_DONE, CC_GC_FREE, man_def_auth_context::cid, multi_context::cid_hash, close_context(), multi_instance::context, D_MULTI_DEBUG, multi_instance::did_cid_hash, multi_instance::did_iter, multi_instance::did_real_hash, dmsg, multi_context::earliest_wakeup, multi_instance::halt, multi_context::hash, hash_remove(), multi_context::ifconfig_pool, ifconfig_pool_release(), multi_context::instances, multi_context::iter, MAX_PEER_ID, multi_context::mbuf, mbuf_dereference_instance(), context_2::mda_context, multi_context::mtcp, multi_client_disconnect_script(), multi_del_iroutes(), multi_instance_dec_refcount(), multi_set_pending(), tls_multi::multi_state, multi_tcp_dereference_instance(), multi_tcp_instance_specific_free(), multi_context::n_clients, multi_instance::n_clients_delta, tls_multi::peer_id, multi_context::pending, PERF_MULTI_CLOSE_INSTANCE, perf_pop(), perf_push(), multi_instance::real, multi_context::schedule, schedule_remove_entry(), set_cc_config(), context_2::tls_multi, ungenerate_prefix(), and update_mstat_n_clients().

Referenced by multi_close_instance_on_signal(), multi_create_instance(), multi_create_instance_tcp(), multi_delete_dup(), multi_process_float(), and multi_uninit().

◆ multi_close_instance_on_signal()

void multi_close_instance_on_signal	(	struct multi_context *	m,
		struct multi_instance *	mi
	)

Definition at line 3215 of file multi.c.

References clear_prefix(), multi_instance::context, D_MULTI_LOW, multi_close_instance(), print_signal(), remap_signal(), set_prefix(), and context::sig.

Referenced by multi_process_post(), multi_signal_instance(), and multi_tcp_action().

◆ multi_create_instance()

struct multi_instance* multi_create_instance	(	struct multi_context *	m,
		const struct mroute_addr *	real
	)

Definition at line 753 of file multi.c.

References ALLOC_OBJ_CLEAR, context::c2, CAS_NOT_CONNECTED, man_def_auth_context::cid, multi_context::cid_counter, multi_context::cid_hash, multi_instance::context, multi_instance::created, D_MULTI_ERRORS, D_MULTI_LOW, D_MULTI_MEDIUM, multi_instance::did_cid_hash, multi_instance::did_iter, multi_instance::gc, gc_free(), gc_new(), generate_prefix(), multi_context::hash, hash_add(), hash_n_elements(), inherit_context_child(), IS_SIG, multi_context::iter, multi_context::max_clients, context_2::mda_context, MPP_PRE_SELECT, mroute_addr_init(), mroute_addr_print(), msg, multi_close_instance(), multi_instance_inc_refcount(), multi_process_post(), tls_multi::multi_state, multi_tcp_instance_specific_init(), now, PERF_MULTI_CREATE_INSTANCE, perf_pop(), perf_push(), context_2::push_request_received, multi_instance::real, context_2::tls_multi, multi_context::top, and multi_instance::vaddr_handle.

Referenced by multi_create_instance_tcp(), and multi_get_create_instance_udp().

◆ multi_get_queue()

struct multi_instance* multi_get_queue ( struct mbuf_set * ms )

Definition at line 3642 of file multi.c.

References mbuf_buffer::buf, context_2::buf, mbuf_item::buffer, context::c2, clear_prefix(), multi_instance::context, D_MULTI_DEBUG, dmsg, encrypt_sign(), mbuf_buffer::flags, mbuf_item::instance, mbuf_extract_item(), mbuf_free_buf(), MF_UNICAST, PIP_MSSFIX, PIPV4_PASSTOS, PIPV6_IMCP_NOHOST_SERVER, process_ip_header(), and set_prefix().

Referenced by multi_process_outgoing_link_pre().

◆ multi_get_timeout()

static void multi_get_timeout	(	struct multi_context *	m,
		struct timeval *	dest
	)

inlinestatic

Definition at line 609 of file multi.h.

References ASSERT, CLEAR, multi_context::earliest_wakeup, openvpn_gettimeofday(), REAP_MAX_WAKEUP, multi_context::schedule, schedule_get_earliest_wakeup(), and tv_delta().

Referenced by tunnel_server_tcp(), and tunnel_server_udp().

◆ multi_ifconfig_pool_persist()

void multi_ifconfig_pool_persist	(	struct multi_context *	m,
		bool	force
	)

Definition at line 163 of file multi.c.

References context::c1, multi_context::ifconfig_pool, context_1::ifconfig_pool_persist, ifconfig_pool_write(), ifconfig_pool_write_trigger(), and multi_context::top.

Referenced by multi_process_per_second_timers_dowork(), tunnel_server_tcp(), and tunnel_server_udp().

◆ multi_init()

void multi_init	(	struct multi_context *	m,
		struct context *	t,
		bool	tcp_mode
	)

Definition at line 292 of file multi.c.

References ASSERT, context::c1, options::cf_initial_max, options::cf_initial_per, options::cf_max, options::cf_per, cid_compare_function(), multi_context::cid_hash, cid_hash_function(), CLEAR, D_MULTI_LOW, multi_context::deferred_shutdown_signal, options::dev, options::dev_type, dev_type_enum(), DEV_TYPE_TUN, DEV_TYPE_UNDEF, options::duplicate_cn, multi_context::enable_c2c, options::enable_c2c, event_timeout_init(), frequency_limit_init(), get_random(), multi_context::hash, hash_init(), options::ifconfig_ipv6_pool_base, options::ifconfig_ipv6_pool_defined, options::ifconfig_ipv6_pool_netbits, multi_context::ifconfig_pool, IFCONFIG_POOL_30NET, options::ifconfig_pool_defined, options::ifconfig_pool_end, IFCONFIG_POOL_INDIV, ifconfig_pool_init(), context_1::ifconfig_pool_persist, ifconfig_pool_read(), options::ifconfig_pool_start, initial_rate_limit_init(), multi_context::initial_rate_limiter, multi_context::instances, multi_context::iter, multi_context::local, tuntap::local, M_INFO, multi_context::max_clients, options::max_clients, multi_context::mbuf, mbuf_init(), mroute_addr_compare_function(), mroute_addr_hash_function(), mroute_extract_in_addr_t(), mroute_helper_init(), msg, multi_context::mtcp, MULTI_CACHE_ROUTE_TTL, multi_reap_new(), multi_tcp_init(), options::n_bcast_buf, multi_context::new_connection_limiter, context::options, options::real_hash_size, reap_buckets_per_pass(), multi_context::reaper, multi_context::route_helper, multi_context::schedule, schedule_init(), deferred_signal_schedule_entry::signal_received, options::stale_routes_ageing_time, multi_context::stale_routes_check_et, options::stale_routes_check_interval, multi_context::status_file_version, options::status_file_version, multi_context::tcp_queue_limit, options::tcp_queue_limit, TOP_NET30, options::topology, context_1::tuntap, multi_context::vhash, and options::virtual_hash_size.

Referenced by tunnel_server_tcp(), and tunnel_server_udp().

◆ multi_instance_dec_refcount()

static void multi_instance_dec_refcount ( struct multi_instance * mi )

inlinestatic

Definition at line 484 of file multi.h.

References multi_instance::gc, gc_free(), and multi_instance::refcount.

Referenced by multi_close_instance(), and multi_route_del().

◆ multi_instance_inc_refcount()

static void multi_instance_inc_refcount ( struct multi_instance * mi )

inlinestatic

Definition at line 478 of file multi.h.

References multi_instance::refcount.

Referenced by multi_create_instance(), and multi_learn_addr().

◆ multi_instance_string()

const char* multi_instance_string	(	const struct multi_instance *	mi,
		bool	null,
		struct gc_arena *	gc
	)

◆ multi_output_queue_ready()

static bool multi_output_queue_ready	(	const struct multi_context *	m,
		const struct multi_instance *	mi
	)

inlinestatic

Definition at line 406 of file multi.h.

References mbuf_len(), multi_instance::tcp_link_out_deferred, and multi_context::tcp_queue_limit.

Referenced by multi_add_mbuf(), and multi_process_incoming_tun().

◆ multi_print_status()

void multi_print_status	(	struct multi_context *	m,
		struct status_output *	so,
		const int	version
	)

Definition at line 843 of file multi.c.

References context::c1, context::c2, man_def_auth_context::cid, options::ciphername, multi_instance::context, counter_format, multi_instance::created, D_MULTI_DEBUG, tuntap::dco, dco_enabled(), dco_get_peer_stats_multi(), context_2::dco_read_bytes, context_2::dco_write_bytes, ENABLE_MANAGEMENT, multi_instance::gc, gc_free(), gc_new(), multi_instance::halt, multi_context::hash, hash_iterator_free(), hash_iterator_init(), hash_iterator_next(), hash_n_elements(), IA_EMPTY_IF_UNDEF, context_2::link_read_bytes, context_2::link_write_bytes, multi_context::mbuf, mbuf_maximum_queued(), context_2::mda_context, mroute_addr_print(), msg, MULTI_ROUTE_CACHE, multi_route_defined(), now, context::options, tls_multi::peer_id, print_in6_addr(), print_in_addr_t(), multi_instance::real, multi_instance::reporting_addr, multi_instance::reporting_addr_ipv6, route, status_flush(), status_printf(), status_reset(), time_string(), title_string, tls_common_name(), context_2::tls_multi, tls_username(), multi_context::top, translate_cipher_name_to_openvpn(), context_1::tuntap, hash_element::value, and multi_context::vhash.

Referenced by management_callback_status(), multi_process_per_second_timers_dowork(), and multi_process_signal().

◆ multi_process_drop_outgoing_tun()

void multi_process_drop_outgoing_tun	(	struct multi_context *	m,
		const unsigned int	mpp_flags
	)

Definition at line 3707 of file multi.c.

References ASSERT, buf_reset(), context::c2, clear_prefix(), multi_instance::context, D_MULTI_ERRORS, buffer::len, msg, multi_process_post(), multi_context::pending, set_prefix(), and context_2::to_tun.

Referenced by multi_tcp_dispatch().

◆ multi_process_float()

void multi_process_float	(	struct multi_context *	m,
		struct multi_instance *	mi
	)

Handles peer floating.

If peer is floated to a taken address, either drops packet (if peer that owns address has different CN) or disconnects existing peer. Updates multi_instance with new address, updates hashtables in multi_context.

Definition at line 3138 of file multi.c.

References link_socket_addr::actual, ASSERT, context_2::buf, context::c2, cert_hash_compare(), man_def_auth_context::cid, multi_context::cid_hash, multi_instance::context, D_MULTI_LOW, D_MULTI_MEDIUM, link_socket_actual::dest, context_2::from, multi_instance::gc, gc_free(), gc_new(), generate_prefix(), multi_context::hash, hash_add(), hash_bucket(), hash_lookup_fast(), hash_remove(), hash_value(), multi_context::iter, buffer::len, context_2::link_socket, context_2::link_socket_info, link_socket_info::lsa, context_2::mda_context, mroute_addr_print(), mroute_extract_openvpn_sockaddr(), msg, multi_close_instance(), multi_instance_string(), tls_multi::peer_id, print_link_socket_actual(), multi_instance::real, tls_common_name(), context_2::tls_multi, tls_update_remote_addr(), context_2::to_link_addr, multi_context::top, and hash_element::value.

Referenced by multi_process_incoming_link().

◆ multi_process_incoming_dco()

bool multi_process_incoming_dco ( struct multi_context * m )

Process an incoming DCO message (from kernel space).

Parameters

m	- The single `multi_context` structur.e

Returns

True, if the message was received correctly.
False, if there was an error while reading the message.

Referenced by multi_process_io_udp(), and multi_tcp_process_io().

◆ multi_process_outgoing_link_dowork()

static bool multi_process_outgoing_link_dowork	(	struct multi_context *	m,
		struct multi_instance *	mi,
		const unsigned int	mpp_flags
	)

inlinestatic

Definition at line 676 of file multi.h.

References clear_prefix(), multi_instance::context, multi_process_post(), process_outgoing_link(), and set_prefix().

Referenced by multi_process_outgoing_link(), multi_tcp_process_outgoing_link(), and multi_tcp_process_outgoing_link_ready().

◆ multi_process_outgoing_link_pre()

static struct multi_instance* multi_process_outgoing_link_pre ( struct multi_context * m )

inlinestatic

Definition at line 425 of file multi.h.

References multi_context::mbuf, mbuf_defined(), multi_get_queue(), and multi_context::pending.

Referenced by multi_process_outgoing_link(), and multi_tcp_process_outgoing_link().

◆ multi_process_per_second_timers()

static void multi_process_per_second_timers ( struct multi_context * m )

inlinestatic

Definition at line 591 of file multi.h.

References multi_process_per_second_timers_dowork(), now, and multi_context::per_second_trigger.

Referenced by tunnel_server_tcp(), and tunnel_server_udp().

◆ multi_process_per_second_timers_dowork()

void multi_process_per_second_timers_dowork ( struct multi_context * m )

Definition at line 3787 of file multi.c.

References context::c1, check_stale_routes(), multi_ifconfig_pool_persist(), multi_print_status(), multi_reap_process(), context::options, stale_route_check_trigger(), options::stale_routes_check_interval, multi_context::status_file_version, context_1::status_output, status_trigger(), and multi_context::top.

Referenced by multi_process_per_second_timers().

◆ multi_process_post()

bool multi_process_post	(	struct multi_context *	m,
		struct multi_instance *	mi,
		const unsigned int	flags
	)

Perform postprocessing of a VPN tunnel instance.

After some VPN tunnel activity has taken place, the VPN tunnel's state may need updating and some follow-up action may be required. This function controls the necessary postprocessing. It is called by many other functions that handle VPN tunnel related activity, such as multi_process_incoming_link(), multi_process_outgoing_link(), multi_process_incoming_tun(), multi_process_outgoing_tun(), and multi_process_timeout(), among others.

Parameters