openvpn/mtcp_8c_source.html

/*

 *  OpenVPN -- An application to securely tunnel IP networks

 *             over a single TCP/UDP port, with support for SSL/TLS-based

 *             session authentication and key exchange,

 *             packet encryption, packet authentication, and

 *             packet compression.

 *

 *  Copyright (C) 2002-2026 OpenVPN Inc <sales@openvpn.net>

 *

 *  This program is free software; you can redistribute it and/or modify

 *  it under the terms of the GNU General Public License version 2

 *  as published by the Free Software Foundation.

 *

 *  This program is distributed in the hope that it will be useful,

 *  but WITHOUT ANY WARRANTY; without even the implied warranty of

 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *  GNU General Public License for more details.

 *

 *  You should have received a copy of the GNU General Public License along

 *  with this program; if not, see <https://www.gnu.org/licenses/>.

 */


#ifdef HAVE_CONFIG_H

#include "config.h"

#endif


#include "syshead.h"


#include "multi.h"

#include "forward.h"

#include "mtcp.h"

#include "multi_io.h"


#include "memdbg.h"


#ifdef HAVE_SYS_INOTIFY_H

#include <sys/inotify.h>

#endif


struct multi_instance *


multi_create_instance_tcp(struct multi_context *m, struct link_socket *sock)

{

    struct gc_arena gc = gc_new();

    struct multi_instance *mi = NULL;

    struct hash *hash = m->hash;


    mi = multi_create_instance(m, NULL, sock);

    if (mi)

    {

        mi->real.proto = sock->info.proto;

        struct hash_element *he;

        const uint32_t hv = hash_value(hash, &mi->real);

        struct hash_bucket *bucket = hash_bucket(hash, hv);


        multi_assign_peer_id(m, mi);


        he = hash_lookup_fast(hash, bucket, &mi->real, hv);


        if (he)

        {

            struct multi_instance *oldmi = (struct multi_instance *)he->value;

            msg(D_MULTI_LOW,

                "MULTI TCP: new incoming client address matches existing client address -- new client takes precedence");

            oldmi->did_real_hash = false;

            multi_close_instance(m, oldmi, false);

            he->key = &mi->real;

            he->value = mi;

        }

        else

        {

            hash_add_fast(hash, bucket, &mi->real, hv, mi);

        }


        mi->did_real_hash = true;

    }


#ifdef ENABLE_DEBUG

    if (mi)

    {

        dmsg(D_MULTI_DEBUG, "MULTI TCP: instance added: %s", mroute_addr_print(&mi->real, &gc));

    }

    else

    {

        dmsg(D_MULTI_DEBUG, "MULTI TCP: new client instance failed");

    }

#endif


    gc_free(&gc);

    ASSERT(!(mi && mi->halt));

    return mi;

}


bool


multi_tcp_instance_specific_init(struct multi_context *m, struct multi_instance *mi)

{

    /* buffer for queued TCP socket output packets */

    mi->tcp_link_out_deferred = mbuf_init(m->top.options.n_bcast_buf);


    ASSERT(mi->context.c2.link_sockets);

    ASSERT(mi->context.c2.link_sockets[0]);

    ASSERT(mi->context.c2.link_sockets[0]->info.lsa);

    ASSERT(mi->context.c2.link_sockets[0]->mode == LS_MODE_TCP_ACCEPT_FROM);

    ASSERT(mi->context.c2.link_sockets[0]->info.lsa->actual.dest.addr.sa.sa_family == AF_INET

           || mi->context.c2.link_sockets[0]->info.lsa->actual.dest.addr.sa.sa_family == AF_INET6);

    mi->real.proto = mi->context.c2.link_sockets[0]->info.proto;

    if (!mroute_extract_openvpn_sockaddr(

            &mi->real, &mi->context.c2.link_sockets[0]->info.lsa->actual.dest, true))

    {

        msg(D_MULTI_ERRORS, "MULTI TCP: TCP client address is undefined");

        return false;

    }

    return true;

}


void


multi_tcp_instance_specific_free(struct multi_instance *mi)

{

    mbuf_free(mi->tcp_link_out_deferred);

}


void


multi_tcp_delete_event(struct multi_io *multi_io, event_t event)

{

    if (multi_io && multi_io->es)

    {

        event_del(multi_io->es, event);

    }

}


void


multi_tcp_dereference_instance(struct multi_io *multi_io, struct multi_instance *mi)

{

    struct link_socket *sock = mi->context.c2.link_sockets[0];

    if (sock && mi->socket_set_called)

    {

        event_del(multi_io->es, socket_event_handle(sock));

        mi->socket_set_called = false;

    }

    multi_io->n_esr = 0;

}


bool


multi_tcp_process_outgoing_link_ready(struct multi_context *m, struct multi_instance *mi,

                                      const unsigned int mpp_flags)

{

    struct mbuf_item item;

    bool ret = true;

    ASSERT(mi);


    /* extract from queue */

    if (mbuf_extract_item(mi->tcp_link_out_deferred, &item)) /* ciphertext IP packet */

    {

        dmsg(D_MULTI_TCP, "MULTI TCP: transmitting previously deferred packet");


        ASSERT(mi == item.instance);

        mi->context.c2.to_link = item.buffer->buf;

        ret = multi_process_outgoing_link_dowork(m, mi, mpp_flags);

        mbuf_free_buf(item.buffer);

    }

    return ret;

}


bool


multi_tcp_process_outgoing_link(struct multi_context *m, bool defer, const unsigned int mpp_flags)

{

    struct multi_instance *mi = multi_process_outgoing_link_pre(m);

    bool ret = true;


    if (mi)

    {

        if ((defer && !proto_is_dgram(mi->context.c2.link_sockets[0]->info.proto))

            || mbuf_defined(mi->tcp_link_out_deferred))

        {

            /* save to queue */

            struct buffer *buf = &mi->context.c2.to_link;

            if (BLEN(buf) > 0)

            {

                struct mbuf_buffer *mb = mbuf_alloc_buf(buf);

                struct mbuf_item item;


                set_prefix(mi);

                dmsg(D_MULTI_TCP, "MULTI TCP: queuing deferred packet");

                item.buffer = mb;

                item.instance = mi;

                mbuf_add_item(mi->tcp_link_out_deferred, &item);

                mbuf_free_buf(mb);

                buf_reset(buf);

                ret = multi_process_post(m, mi, mpp_flags);

                if (!ret)

                {

                    mi = NULL;

                }

                clear_prefix();

            }

        }

        else

        {

            ret = multi_process_outgoing_link_dowork(m, mi, mpp_flags);

            if (!ret)

            {

                mi = NULL;

            }

        }

    }

    return ret;

}


buf_reset
static void buf_reset(struct buffer *buf)
Definition buffer.h:304

BLEN
#define BLEN(buf)
Definition buffer.h:126

gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1049

gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1041

D_MULTI_ERRORS
#define D_MULTI_ERRORS
Definition errlevel.h:64

D_MULTI_DEBUG
#define D_MULTI_DEBUG
Definition errlevel.h:126

D_MULTI_TCP
#define D_MULTI_TCP
Definition errlevel.h:162

D_MULTI_LOW
#define D_MULTI_LOW
Definition errlevel.h:85

event_del
static void event_del(struct event_set *es, event_t event)
Definition event.h:174

forward.h
Interface functions to the internal and external multiplexers.

hash_lookup_fast
struct hash_element * hash_lookup_fast(struct hash *hash, struct hash_bucket *bucket, const void *key, uint32_t hv)
Definition list.c:79

hash_value
static uint32_t hash_value(const struct hash *hash, const void *key)
Definition list.h:104

hash_add_fast
static void hash_add_fast(struct hash *hash, struct hash_bucket *bucket, const void *key, uint32_t hv, void *value)
Definition list.h:146

mbuf_add_item
void mbuf_add_item(struct mbuf_set *ms, const struct mbuf_item *item)
Definition mbuf.c:99

mbuf_alloc_buf
struct mbuf_buffer * mbuf_alloc_buf(const struct buffer *buf)
Definition mbuf.c:75

mbuf_free_buf
void mbuf_free_buf(struct mbuf_buffer *mb)
Definition mbuf.c:86

mbuf_extract_item
bool mbuf_extract_item(struct mbuf_set *ms, struct mbuf_item *item)
Definition mbuf.c:121

mbuf_free
void mbuf_free(struct mbuf_set *ms)
Definition mbuf.c:59

mbuf_init
struct mbuf_set * mbuf_init(unsigned int size)
Definition mbuf.c:43

mbuf_defined
static bool mbuf_defined(const struct mbuf_set *ms)
Definition mbuf.h:81

memdbg.h

mroute_extract_openvpn_sockaddr
bool mroute_extract_openvpn_sockaddr(struct mroute_addr *addr, const struct openvpn_sockaddr *osaddr, bool use_port)
Definition mroute.c:254

mroute_addr_print
const char * mroute_addr_print(const struct mroute_addr *ma, struct gc_arena *gc)
Definition mroute.c:371

multi_tcp_instance_specific_free
void multi_tcp_instance_specific_free(struct multi_instance *mi)
Definition mtcp.c:116

multi_create_instance_tcp
struct multi_instance * multi_create_instance_tcp(struct multi_context *m, struct link_socket *sock)
Definition mtcp.c:41

multi_tcp_delete_event
void multi_tcp_delete_event(struct multi_io *multi_io, event_t event)
Definition mtcp.c:122

multi_tcp_instance_specific_init
bool multi_tcp_instance_specific_init(struct multi_context *m, struct multi_instance *mi)
Definition mtcp.c:94

multi_tcp_process_outgoing_link
bool multi_tcp_process_outgoing_link(struct multi_context *m, bool defer, const unsigned int mpp_flags)
Definition mtcp.c:164

multi_tcp_process_outgoing_link_ready
bool multi_tcp_process_outgoing_link_ready(struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
Definition mtcp.c:143

multi_tcp_dereference_instance
void multi_tcp_dereference_instance(struct multi_io *multi_io, struct multi_instance *mi)
Definition mtcp.c:131

mtcp.h

multi_create_instance
struct multi_instance * multi_create_instance(struct multi_context *m, const struct mroute_addr *real, struct link_socket *sock)
Definition multi.c:702

multi_process_post
bool multi_process_post(struct multi_context *m, struct multi_instance *mi, const unsigned int flags)
Perform postprocessing of a VPN tunnel instance.
Definition multi.c:2981

multi_close_instance
void multi_close_instance(struct multi_context *m, struct multi_instance *mi, bool shutdown)
Definition multi.c:558

multi_assign_peer_id
void multi_assign_peer_id(struct multi_context *m, struct multi_instance *mi)
Assigns a peer-id to a a client and adds the instance to the the instances array of the multi_context...
Definition multi.c:4080

multi.h
Header file for server-mode related structures and functions.

set_prefix
static void set_prefix(struct multi_instance *mi)
Definition multi.h:523

clear_prefix
static void clear_prefix(void)
Definition multi.h:535

multi_process_outgoing_link_pre
static struct multi_instance * multi_process_outgoing_link_pre(struct multi_context *m)
Definition multi.h:413

multi_process_outgoing_link_dowork
static bool multi_process_outgoing_link_dowork(struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
Definition multi.h:661

multi_io.h

dmsg
#define dmsg(flags,...)
Definition error.h:172

msg
#define msg(flags,...)
Definition error.h:152

ASSERT
#define ASSERT(x)
Definition error.h:219

socket_event_handle
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:796

LS_MODE_TCP_ACCEPT_FROM
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:199

proto_is_dgram
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
Definition socket_util.h:206

buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60

context_2::to_link
struct buffer to_link
Definition openvpn.h:377

context_2::link_sockets
struct link_socket ** link_sockets
Definition openvpn.h:237

context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:514

context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:472

gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116

hash_bucket
Definition list.h:48

hash_element
Definition list.h:40

hash_element::value
void * value
Definition list.h:41

hash_element::key
const void * key
Definition list.h:42

hash
Definition list.h:53

link_socket_actual::dest
struct openvpn_sockaddr dest
Definition socket_util.h:53

link_socket_addr::actual
struct link_socket_actual actual
Definition socket.h:82

link_socket_info::lsa
struct link_socket_addr * lsa
Definition socket.h:87

link_socket_info::proto
uint8_t proto
Definition socket.h:92

link_socket
Definition socket.h:166

link_socket::info
struct link_socket_info info
Definition socket.h:167

link_socket::mode
int mode
Definition socket.h:200

mbuf_buffer
Definition mbuf.h:43

mbuf_buffer::buf
struct buffer buf
Definition mbuf.h:44

mbuf_item
Definition mbuf.h:52

mbuf_item::buffer
struct mbuf_buffer * buffer
Definition mbuf.h:53

mbuf_item::instance
struct multi_instance * instance
Definition mbuf.h:54

mroute_addr::proto
uint8_t proto
Definition mroute.h:84

multi_context
Main OpenVPN server state structure.
Definition multi.h:162

multi_context::hash
struct hash * hash
VPN tunnel instances indexed by real address of the remote peer.
Definition multi.h:169

multi_context::top
struct context top
Storage structure for process-wide configuration.
Definition multi.h:201

multi_instance
Server-mode state structure for one single VPN tunnel.
Definition multi.h:102

multi_instance::tcp_link_out_deferred
struct mbuf_set * tcp_link_out_deferred
Definition multi.h:128

multi_instance::real
struct mroute_addr real
External network address of the remote peer.
Definition multi.h:121

multi_instance::socket_set_called
bool socket_set_called
Definition multi.h:129

multi_instance::did_real_hash
bool did_real_hash
Definition multi.h:134

multi_instance::halt
bool halt
Definition multi.h:113

multi_instance::context
struct context context
The context structure storing state for this VPN tunnel.
Definition multi.h:142

multi_io
Definition multi_io.h:52

multi_io::es
struct event_set * es
Definition multi_io.h:53

multi_io::n_esr
int n_esr
Definition multi_io.h:55

openvpn_sockaddr::addr
union openvpn_sockaddr::@27 addr

openvpn_sockaddr::sa
struct sockaddr sa
Definition socket_util.h:42

options::n_bcast_buf
int n_bcast_buf
Definition options.h:507

rw_handle
Definition win32.h:80

syshead.h

gc
struct gc_arena gc
Definition test_ssl.c:133