OpenVPN
mtcp.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 */
23
24#ifdef HAVE_CONFIG_H
25#include "config.h"
26#endif
27
28#include "syshead.h"
29
30#include "multi.h"
31#include "forward.h"
32#include "mtcp.h"
33#include "multi_io.h"
34
35#include "memdbg.h"
36
37#ifdef HAVE_SYS_INOTIFY_H
38#include <sys/inotify.h>
39#endif
40
41struct ta_iow_flags
42{
43 unsigned int flags;
44 unsigned int ret;
45 unsigned int tun;
46 unsigned int sock;
47};
48
49struct multi_instance *
50multi_create_instance_tcp(struct multi_context *m, struct link_socket *sock)
51{
52 struct gc_arena gc = gc_new();
53 struct multi_instance *mi = NULL;
54 struct hash *hash = m->hash;
55
56 mi = multi_create_instance(m, NULL, sock);
57 if (mi)
58 {
59 mi->real.proto = sock->info.proto;
60 struct hash_element *he;
61 const uint32_t hv = hash_value(hash, &mi->real);
62 struct hash_bucket *bucket = hash_bucket(hash, hv);
63
64 multi_assign_peer_id(m, mi);
65
66 he = hash_lookup_fast(hash, bucket, &mi->real, hv);
67
68 if (he)
69 {
70 struct multi_instance *oldmi = (struct multi_instance *) he->value;
71 msg(D_MULTI_LOW, "MULTI TCP: new incoming client address matches existing client address -- new client takes precedence");
72 oldmi->did_real_hash = false;
73 multi_close_instance(m, oldmi, false);
74 he->key = &mi->real;
75 he->value = mi;
76 }
77 else
78 {
79 hash_add_fast(hash, bucket, &mi->real, hv, mi);
80 }
81
82 mi->did_real_hash = true;
83 }
84
85#ifdef ENABLE_DEBUG
86 if (mi)
87 {
88 dmsg(D_MULTI_DEBUG, "MULTI TCP: instance added: %s", mroute_addr_print(&mi->real, &gc));
89 }
90 else
91 {
92 dmsg(D_MULTI_DEBUG, "MULTI TCP: new client instance failed");
93 }
94#endif
95
96 gc_free(&gc);
97 ASSERT(!(mi && mi->halt));
98 return mi;
99}
100
101bool
102multi_tcp_instance_specific_init(struct multi_context *m, struct multi_instance *mi)
103{
104 /* buffer for queued TCP socket output packets */
105 mi->tcp_link_out_deferred = mbuf_init(m->top.options.n_bcast_buf);
106
107 ASSERT(mi->context.c2.link_sockets);
108 ASSERT(mi->context.c2.link_sockets[0]);
109 ASSERT(mi->context.c2.link_sockets[0]->info.lsa);
110 ASSERT(mi->context.c2.link_sockets[0]->mode == LS_MODE_TCP_ACCEPT_FROM);
111 ASSERT(mi->context.c2.link_sockets[0]->info.lsa->actual.dest.addr.sa.sa_family == AF_INET
112 || mi->context.c2.link_sockets[0]->info.lsa->actual.dest.addr.sa.sa_family == AF_INET6
113 );
114 mi->real.proto = mi->context.c2.link_sockets[0]->info.proto;
115 if (!mroute_extract_openvpn_sockaddr(&mi->real,
116 &mi->context.c2.link_sockets[0]->info.lsa->actual.dest,
117 true))
118 {
119 msg(D_MULTI_ERRORS, "MULTI TCP: TCP client address is undefined");
120 return false;
121 }
122 return true;
123}
124
125void
130
131void
132multi_tcp_delete_event(struct multi_io *multi_io, event_t event)
133{
134 if (multi_io && multi_io->es)
135 {
136 event_del(multi_io->es, event);
137 }
138}
139
140void
141multi_tcp_dereference_instance(struct multi_io *multi_io, struct multi_instance *mi)
142{
143 struct link_socket *sock = mi->context.c2.link_sockets[0];
144 if (sock && mi->socket_set_called)
145 {
146 event_del(multi_io->es, socket_event_handle(sock));
147 mi->socket_set_called = false;
148 }
149 multi_io->n_esr = 0;
150}
151
152bool
153multi_tcp_process_outgoing_link_ready(struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
154{
155 struct mbuf_item item;
156 bool ret = true;
157 ASSERT(mi);
158
159 /* extract from queue */
160 if (mbuf_extract_item(mi->tcp_link_out_deferred, &item)) /* ciphertext IP packet */
161 {
162 dmsg(D_MULTI_TCP, "MULTI TCP: transmitting previously deferred packet");
163
164 ASSERT(mi == item.instance);
165 mi->context.c2.to_link = item.buffer->buf;
166 ret = multi_process_outgoing_link_dowork(m, mi, mpp_flags);
167 if (!ret)
168 {
169 mi = NULL;
170 }
171 mbuf_free_buf(item.buffer);
172 }
173 return ret;
174}
175
176bool
177multi_tcp_process_outgoing_link(struct multi_context *m, bool defer, const unsigned int mpp_flags)
178{
179 struct multi_instance *mi = multi_process_outgoing_link_pre(m);
180 bool ret = true;
181
182 if (mi)
183 {
184 if (defer || mbuf_defined(mi->tcp_link_out_deferred))
185 {
186 /* save to queue */
187 struct buffer *buf = &mi->context.c2.to_link;
188 if (BLEN(buf) > 0)
189 {
190 struct mbuf_buffer *mb = mbuf_alloc_buf(buf);
191 struct mbuf_item item;
192
193 set_prefix(mi);
194 dmsg(D_MULTI_TCP, "MULTI TCP: queuing deferred packet");
195 item.buffer = mb;
196 item.instance = mi;
197 mbuf_add_item(mi->tcp_link_out_deferred, &item);
198 mbuf_free_buf(mb);
199 buf_reset(buf);
200 ret = multi_process_post(m, mi, mpp_flags);
201 if (!ret)
202 {
203 mi = NULL;
204 }
205 clear_prefix();
206 }
207 }
208 else
209 {
210 ret = multi_process_outgoing_link_dowork(m, mi, mpp_flags);
211 if (!ret)
212 {
213 mi = NULL;
214 }
215 }
216 }
217 return ret;
218}
buf_reset
static void buf_reset(struct buffer *buf)
Definition buffer.h:303
BLEN
#define BLEN(buf)
Definition buffer.h:127
gc_free
static void gc_free(struct gc_arena *a)
Definition buffer.h:1033
gc_new
static struct gc_arena gc_new(void)
Definition buffer.h:1025
D_MULTI_ERRORS
#define D_MULTI_ERRORS
Definition errlevel.h:65
D_MULTI_DEBUG
#define D_MULTI_DEBUG
Definition errlevel.h:127
D_MULTI_TCP
#define D_MULTI_TCP
Definition errlevel.h:163
D_MULTI_LOW
#define D_MULTI_LOW
Definition errlevel.h:86
event_del
static void event_del(struct event_set *es, event_t event)
Definition event.h:175
forward.h
Interface functions to the internal and external multiplexers.
hash_lookup_fast
struct hash_element * hash_lookup_fast(struct hash *hash, struct hash_bucket *bucket, const void *key, uint32_t hv)
Definition list.c:83
hash_value
static uint32_t hash_value(const struct hash *hash, const void *key)
Definition list.h:116
hash_add_fast
static void hash_add_fast(struct hash *hash, struct hash_bucket *bucket, const void *key, uint32_t hv, void *value)
Definition list.h:158
mbuf_add_item
void mbuf_add_item(struct mbuf_set *ms, const struct mbuf_item *item)
Definition mbuf.c:89
mbuf_alloc_buf
struct mbuf_buffer * mbuf_alloc_buf(const struct buffer *buf)
Definition mbuf.c:65
mbuf_free_buf
void mbuf_free_buf(struct mbuf_buffer *mb)
Definition mbuf.c:76
mbuf_extract_item
bool mbuf_extract_item(struct mbuf_set *ms, struct mbuf_item *item)
Definition mbuf.c:111
mbuf_free
void mbuf_free(struct mbuf_set *ms)
Definition mbuf.c:49
mbuf_init
struct mbuf_set * mbuf_init(unsigned int size)
Definition mbuf.c:39
mbuf_defined
static bool mbuf_defined(const struct mbuf_set *ms)
Definition mbuf.h:80
mroute_extract_openvpn_sockaddr
bool mroute_extract_openvpn_sockaddr(struct mroute_addr *addr, const struct openvpn_sockaddr *osaddr, bool use_port)
Definition mroute.c:264
mroute_addr_print
const char * mroute_addr_print(const struct mroute_addr *ma, struct gc_arena *gc)
Definition mroute.c:384
multi_tcp_instance_specific_free
void multi_tcp_instance_specific_free(struct multi_instance *mi)
Definition mtcp.c:126
multi_create_instance_tcp
struct multi_instance * multi_create_instance_tcp(struct multi_context *m, struct link_socket *sock)
Definition mtcp.c:50
multi_tcp_delete_event
void multi_tcp_delete_event(struct multi_io *multi_io, event_t event)
Definition mtcp.c:132
multi_tcp_instance_specific_init
bool multi_tcp_instance_specific_init(struct multi_context *m, struct multi_instance *mi)
Definition mtcp.c:102
multi_tcp_process_outgoing_link
bool multi_tcp_process_outgoing_link(struct multi_context *m, bool defer, const unsigned int mpp_flags)
Definition mtcp.c:177
multi_tcp_process_outgoing_link_ready
bool multi_tcp_process_outgoing_link_ready(struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
Definition mtcp.c:153
multi_tcp_dereference_instance
void multi_tcp_dereference_instance(struct multi_io *multi_io, struct multi_instance *mi)
Definition mtcp.c:141
multi_create_instance
struct multi_instance * multi_create_instance(struct multi_context *m, const struct mroute_addr *real, struct link_socket *sock)
Definition multi.c:756
multi_process_post
bool multi_process_post(struct multi_context *m, struct multi_instance *mi, const unsigned int flags)
Perform postprocessing of a VPN tunnel instance.
Definition multi.c:3048
multi_close_instance
void multi_close_instance(struct multi_context *m, struct multi_instance *mi, bool shutdown)
Definition multi.c:604
multi_assign_peer_id
void multi_assign_peer_id(struct multi_context *m, struct multi_instance *mi)
Assigns a peer-id to a a client and adds the instance to the the instances array of the multi_context...
Definition multi.c:4155
multi.h
Header file for server-mode related structures and functions.
set_prefix
static void set_prefix(struct multi_instance *mi)
Definition multi.h:544
clear_prefix
static void clear_prefix(void)
Definition multi.h:556
multi_process_outgoing_link_pre
static struct multi_instance * multi_process_outgoing_link_pre(struct multi_context *m)
Definition multi.h:432
multi_process_outgoing_link_dowork
static bool multi_process_outgoing_link_dowork(struct multi_context *m, struct multi_instance *mi, const unsigned int mpp_flags)
Definition multi.h:683
multi_io.h
dmsg
#define dmsg(flags,...)
Definition error.h:148
msg
#define msg(flags,...)
Definition error.h:144
ASSERT
#define ASSERT(x)
Definition error.h:195
socket_event_handle
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:1259
LS_MODE_TCP_ACCEPT_FROM
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:211
buffer
Wrapper structure for dynamically allocated memory.
Definition buffer.h:61
context_2::to_link
struct buffer to_link
Definition openvpn.h:377
context_2::link_sockets
struct link_socket ** link_sockets
Definition openvpn.h:237
context::c2
struct context_2 c2
Level 2 context.
Definition openvpn.h:514
context::options
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475
gc_arena
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:117
hash_bucket
Definition list.h:52
hash_element
Definition list.h:44
hash_element::value
void * value
Definition list.h:45
hash_element::key
const void * key
Definition list.h:46
hash
Definition list.h:57
link_socket_actual::dest
struct openvpn_sockaddr dest
Definition socket.h:90
link_socket_addr::actual
struct link_socket_actual actual
Definition socket.h:110
link_socket_info::lsa
struct link_socket_addr * lsa
Definition socket.h:115
link_socket_info::proto
int proto
Definition socket.h:120
link_socket
Definition socket.h:178
link_socket::info
struct link_socket_info info
Definition socket.h:179
link_socket::mode
int mode
Definition socket.h:212
mbuf_buffer
Definition mbuf.h:42
mbuf_buffer::buf
struct buffer buf
Definition mbuf.h:43
mbuf_item
Definition mbuf.h:51
mbuf_item::buffer
struct mbuf_buffer * buffer
Definition mbuf.h:52
mbuf_item::instance
struct multi_instance * instance
Definition mbuf.h:53
mroute_addr::proto
uint8_t proto
Definition mroute.h:80
multi_context
Main OpenVPN server state structure.
Definition multi.h:163
multi_context::hash
struct hash * hash
VPN tunnel instances indexed by real address of the remote peer.
Definition multi.h:167
multi_context::top
struct context top
Storage structure for process-wide configuration.
Definition multi.h:202
multi_instance
Server-mode state structure for one single VPN tunnel.
Definition multi.h:103
multi_instance::tcp_link_out_deferred
struct mbuf_set * tcp_link_out_deferred
Definition multi.h:129
multi_instance::real
struct mroute_addr real
External network address of the remote peer.
Definition multi.h:122
multi_instance::socket_set_called
bool socket_set_called
Definition multi.h:130
multi_instance::did_real_hash
bool did_real_hash
Definition multi.h:135
multi_instance::halt
bool halt
Definition multi.h:114
multi_instance::context
struct context context
The context structure storing state for this VPN tunnel.
Definition multi.h:144
multi_io
Definition multi_io.h:53
multi_io::es
struct event_set * es
Definition multi_io.h:54
multi_io::n_esr
int n_esr
Definition multi_io.h:56
openvpn_sockaddr::addr
union openvpn_sockaddr::@20 addr
openvpn_sockaddr::sa
struct sockaddr sa
Definition socket.h:69
options::n_bcast_buf
int n_bcast_buf
Definition options.h:508
rw_handle
Definition win32.h:79
ta_iow_flags
Definition mtcp.c:42
ta_iow_flags::flags
unsigned int flags
Definition mtcp.c:43
ta_iow_flags::ret
unsigned int ret
Definition mtcp.c:44
ta_iow_flags::tun
unsigned int tun
Definition mtcp.c:45
ta_iow_flags::sock
unsigned int sock
Definition mtcp.c:46
gc
struct gc_arena gc
Definition test_ssl.c:155
Generated by doxygen 1.9.8