int main(int argc, char **argv)
{
bool slow = false, invoke_cpp = false, reseed = true;
int c, opt_index, i, j, vals[4] = {0}, irq;
char *confname = NULL, *ptr;
unsigned long cpus_tmp, orig_num = 0;
unsigned long long tx_packets, tx_bytes;
struct ctx ctx;
fmemset(&ctx, 0, sizeof(ctx));
ctx.cpus = get_number_cpus_online();
ctx.uid = getuid();
ctx.gid = getgid();
while ((c = getopt_long(argc, argv, short_options, long_options,
&opt_index)) != EOF) {
switch (c) {
case 'h':
help();
break;
case 'v':
version();
break;
case 'e':
example();
break;
case 'p':
invoke_cpp = true;
break;
case 'V':
ctx.verbose = true;
break;
case 'P':
cpus_tmp = strtoul(optarg, NULL, 0);
if (cpus_tmp > 0 && cpus_tmp < ctx.cpus)
ctx.cpus = cpus_tmp;
break;
case 'd':
case 'o':
ctx.device = xstrndup(optarg, IFNAMSIZ);
break;
case 'r':
ctx.rand = true;
break;
case 's':
slow = true;
ctx.cpus = 1;
ctx.smoke_test = true;
ctx.rhost = xstrdup(optarg);
break;
case 'R':
ctx.rfraw = true;
break;
case 'J':
ctx.jumbo_support = true;
break;
case 'c':
case 'i':
confname = xstrdup(optarg);
if (!strncmp("-", confname, strlen("-")))
ctx.cpus = 1;
break;
case 'u':
ctx.uid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 'g':
ctx.gid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 'k':
ctx.kpull = strtoul(optarg, NULL, 0);
break;
case 'E':
seed = strtoul(optarg, NULL, 0);
reseed = false;
break;
case 'n':
orig_num = strtoul(optarg, NULL, 0);
ctx.num = orig_num;
break;
case 't':
slow = true;
ctx.gap = strtoul(optarg, NULL, 0);
if (ctx.gap > 0)
/* Fall back to single core to not
* mess up correct timing. We are slow
* anyway!
*/
ctx.cpus = 1;
break;
case 'S':
ptr = optarg;
ctx.reserve_size = 0;
for (j = i = strlen(optarg); i > 0; --i) {
if (!isdigit(optarg[j - i]))
break;
ptr++;
}
if (!strncmp(ptr, "KiB", strlen("KiB")))
ctx.reserve_size = 1 << 10;
else if (!strncmp(ptr, "MiB", strlen("MiB")))
ctx.reserve_size = 1 << 20;
else if (!strncmp(ptr, "GiB", strlen("GiB")))
ctx.reserve_size = 1 << 30;
else
panic("Syntax error in ring size param!\n");
*ptr = 0;
ctx.reserve_size *= strtol(optarg, NULL, 0);
break;
case '?':
switch (optopt) {
case 'd':
case 'c':
case 'n':
case 'S':
case 's':
case 'P':
case 'o':
case 'E':
case 'i':
case 'k':
case 'u':
case 'g':
case 't':
panic("Option -%c requires an argument!\n",
optopt);
default:
if (isprint(optopt))
printf("Unknown option character `0x%X\'!\n", optopt);
die();
}
default:
break;
}
}
if (argc < 5)
help();
if (ctx.device == NULL)
panic("No networking device given!\n");
if (confname == NULL)
panic("No configuration file given!\n");
if (device_mtu(ctx.device) == 0)
panic("This is no networking device!\n");
register_signal(SIGINT, signal_handler);
register_signal(SIGHUP, signal_handler);
register_signal_f(SIGALRM, timer_elapsed, SA_SIGINFO);
set_system_socket_memory(vals, array_size(vals));
xlockme();
if (ctx.rfraw) {
ctx.device_trans = xstrdup(ctx.device);
xfree(ctx.device);
enter_rfmon_mac80211(ctx.device_trans, &ctx.device);
sleep(0);
}
irq = device_irq_number(ctx.device);
device_set_irq_affinity_list(irq, 0, ctx.cpus - 1);
stats = setup_shared_var(ctx.cpus);
for (i = 0; i < ctx.cpus; i++) {
pid_t pid = fork();
switch (pid) {
case 0:
if (reseed)
seed = generate_srand_seed();
srand(seed);
cpu_affinity(i);
main_loop(&ctx, confname, slow, i, invoke_cpp, orig_num);
goto thread_out;
case -1:
panic("Cannot fork processes!\n");
}
}
for (i = 0; i < ctx.cpus; i++) {
int status;
wait(&status);
if (WEXITSTATUS(status) == EXIT_FAILURE)
die();
}
if (ctx.rfraw)
leave_rfmon_mac80211(ctx.device_trans, ctx.device);
reset_system_socket_memory(vals, array_size(vals));
for (i = 0, tx_packets = tx_bytes = 0; i < ctx.cpus; i++) {
while ((__get_state(i) & CPU_STATS_STATE_RES) == 0)
sched_yield();
tx_packets += stats[i].tx_packets;
tx_bytes += stats[i].tx_bytes;
}
fflush(stdout);
printf("\n");
printf("\r%12llu packets outgoing\n", tx_packets);
printf("\r%12llu bytes outgoing\n", tx_bytes);
for (i = 0; i < ctx.cpus; i++) {
printf("\r%12lu sec, %lu usec on CPU%d (%llu packets)\n",
stats[i].tv_sec, stats[i].tv_usec, i,
stats[i].tx_packets);
}
thread_out:
xunlockme();
destroy_shared_var(stats, ctx.cpus);
device_restore_irq_affinity_list();
free(ctx.device);
free(ctx.device_trans);
free(ctx.rhost);
free(confname);
return 0;
}
int server_main(char *home, char *dev, char *port, int udp, int ipv4, int log)
{
int lfd = -1, kdpfd, nfds, nfd, curfds, efd[2], refd[2], tunfd, i;
unsigned int cpus = 0, threads, udp_cpu = 0;
ssize_t ret;
struct epoll_event *events;
struct addrinfo hints, *ahead, *ai;
auth_log = !!log;
openlog("curvetun", LOG_PID | LOG_CONS | LOG_NDELAY, LOG_DAEMON);
syslog(LOG_INFO, "curvetun server booting!\n");
syslog_maybe(!auth_log, LOG_INFO, "curvetun user logging disabled!\n");
parse_userfile_and_generate_user_store_or_die(home);
memset(&hints, 0, sizeof(hints));
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM;
hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP;
hints.ai_flags = AI_PASSIVE;
ret = getaddrinfo(NULL, port, &hints, &ahead);
if (ret < 0)
syslog_panic("Cannot get address info!\n");
for (ai = ahead; ai != NULL && lfd < 0; ai = ai->ai_next) {
lfd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (lfd < 0)
continue;
if (ai->ai_family == AF_INET6) {
#ifdef IPV6_V6ONLY
ret = set_ipv6_only(lfd);
if (ret < 0) {
close(lfd);
lfd = -1;
continue;
}
#else
close(lfd);
lfd = -1;
continue;
#endif /* IPV6_V6ONLY */
}
set_reuseaddr(lfd);
set_mtu_disc_dont(lfd);
ret = bind(lfd, ai->ai_addr, ai->ai_addrlen);
if (ret < 0) {
close(lfd);
lfd = -1;
continue;
}
if (!udp) {
ret = listen(lfd, 5);
if (ret < 0) {
close(lfd);
lfd = -1;
continue;
}
}
if (ipv4 == -1) {
ipv4 = (ai->ai_family == AF_INET6 ? 0 :
(ai->ai_family == AF_INET ? 1 : -1));
}
syslog_maybe(auth_log, LOG_INFO, "curvetun on IPv%d via %s "
"on port %s!\n", ai->ai_family == AF_INET ? 4 : 6,
udp ? "UDP" : "TCP", port);
syslog_maybe(auth_log, LOG_INFO, "Allowed overlay proto is "
"IPv%d!\n", ipv4 ? 4 : 6);
}
freeaddrinfo(ahead);
if (lfd < 0 || ipv4 < 0)
syslog_panic("Cannot create socket!\n");
tunfd = tun_open_or_die(dev ? dev : DEVNAME_SERVER, IFF_TUN | IFF_NO_PI);
pipe_or_die(efd, O_NONBLOCK);
pipe_or_die(refd, O_NONBLOCK);
set_nonblocking(lfd);
events = xzmalloc(MAX_EPOLL_SIZE * sizeof(*events));
for (i = 0; i < MAX_EPOLL_SIZE; ++i)
events[i].data.fd = -1;
kdpfd = epoll_create(MAX_EPOLL_SIZE);
if (kdpfd < 0)
syslog_panic("Cannot create socket!\n");
set_epoll_descriptor(kdpfd, EPOLL_CTL_ADD, lfd,
udp ? EPOLLIN | EPOLLET | EPOLLONESHOT : EPOLLIN);
set_epoll_descriptor(kdpfd, EPOLL_CTL_ADD, efd[0], EPOLLIN);
set_epoll_descriptor(kdpfd, EPOLL_CTL_ADD, refd[0], EPOLLIN);
set_epoll_descriptor(kdpfd, EPOLL_CTL_ADD, tunfd,
EPOLLIN | EPOLLET | EPOLLONESHOT);
curfds = 4;
trie_init();
cpus = get_number_cpus_online();
threads = cpus * THREADS_PER_CPU;
if (!ispow2(threads))
syslog_panic("Thread number not power of two!\n");
threadpool = xzmalloc(sizeof(*threadpool) * threads);
thread_spawn_or_panic(cpus, efd[1], refd[1], tunfd, ipv4, udp);
init_cpusched(threads);
register_socket(tunfd);
register_socket(lfd);
syslog(LOG_INFO, "curvetun up and running!\n");
while (likely(!sigint)) {
nfds = epoll_wait(kdpfd, events, curfds, -1);
if (nfds < 0) {
syslog(LOG_ERR, "epoll_wait error: %s\n",
strerror(errno));
break;
}
for (i = 0; i < nfds; ++i) {
if (unlikely(events[i].data.fd < 0))
continue;
if (events[i].data.fd == lfd && !udp) {
int ncpu;
char hbuff[256], sbuff[256];
struct sockaddr_storage taddr;
socklen_t tlen;
tlen = sizeof(taddr);
nfd = accept(lfd, (struct sockaddr *) &taddr,
&tlen);
if (nfd < 0) {
syslog(LOG_ERR, "accept error: %s\n",
strerror(errno));
continue;
}
if (curfds + 1 > MAX_EPOLL_SIZE) {
close(nfd);
continue;
}
curfds++;
ncpu = register_socket(nfd);
memset(hbuff, 0, sizeof(hbuff));
memset(sbuff, 0, sizeof(sbuff));
getnameinfo((struct sockaddr *) &taddr, tlen,
hbuff, sizeof(hbuff),
sbuff, sizeof(sbuff),
NI_NUMERICHOST | NI_NUMERICSERV);
syslog_maybe(auth_log, LOG_INFO, "New connection "
"from %s:%s (%d active client connections) - id %d on CPU%d",
hbuff, sbuff, curfds-4, nfd, ncpu);
set_nonblocking(nfd);
set_socket_keepalive(nfd);
set_tcp_nodelay(nfd);
ret = set_epoll_descriptor2(kdpfd, EPOLL_CTL_ADD,
nfd, EPOLLIN | EPOLLET | EPOLLONESHOT);
if (ret < 0) {
close(nfd);
curfds--;
continue;
}
} else if (events[i].data.fd == refd[0]) {
int fd_one;
ret = read_exact(refd[0], &fd_one,
sizeof(fd_one), 1);
if (ret != sizeof(fd_one) || fd_one <= 0)
continue;
ret = set_epoll_descriptor2(kdpfd, EPOLL_CTL_MOD,
fd_one, EPOLLIN | EPOLLET | EPOLLONESHOT);
if (ret < 0) {
close(fd_one);
continue;
}
} else if (events[i].data.fd == efd[0]) {
int fd_del, test;
ret = read_exact(efd[0], &fd_del,
sizeof(fd_del), 1);
if (ret != sizeof(fd_del) || fd_del <= 0)
continue;
ret = read(fd_del, &test, sizeof(test));
if (ret < 0 && errno == EBADF)
continue;
ret = set_epoll_descriptor2(kdpfd, EPOLL_CTL_DEL,
fd_del, 0);
if (ret < 0) {
close(fd_del);
continue;
}
close(fd_del);
curfds--;
unregister_socket(fd_del);
syslog_maybe(auth_log, LOG_INFO, "Closed connection "
"with id %d (%d active client connections remain)\n", fd_del,
curfds-4);
} else {
int cpu, fd_work = events[i].data.fd;
if (!udp)
cpu = socket_to_cpu(fd_work);
else
udp_cpu = (udp_cpu + 1) & (threads - 1);
write_exact(threadpool[udp ? udp_cpu : cpu].efd[1],
&fd_work, sizeof(fd_work), 1);
}
}
}
syslog(LOG_INFO, "curvetun prepare shut down!\n");
close(lfd);
close(efd[0]);
close(efd[1]);
close(refd[0]);
close(refd[1]);
close(tunfd);
thread_finish(cpus);
xfree(threadpool);
xfree(events);
unregister_socket(lfd);
unregister_socket(tunfd);
destroy_cpusched();
trie_cleanup();
destroy_user_store();
syslog(LOG_INFO, "curvetun shut down!\n");
closelog();
return 0;
}
int main(int argc, char **argv)
{
bool slow = false, invoke_cpp = false, reseed = true, cpustats = true;
bool prio_high = false, set_irq_aff = true, set_sock_mem = true;
int c, opt_index, vals[4] = {0}, irq;
uint64_t gap = 0;
unsigned int i, j;
char *confname = NULL, *ptr;
unsigned long cpus_tmp, orig_num = 0;
unsigned long long tx_packets, tx_bytes;
struct ctx ctx;
fmemset(&ctx, 0, sizeof(ctx));
ctx.cpus = get_number_cpus_online();
ctx.uid = getuid();
ctx.gid = getgid();
ctx.qdisc_path = false;
/* Keep an initial small default size to reduce cache-misses. */
ctx.reserve_size = 512 * (1 << 10);
while ((c = getopt_long(argc, argv, short_options, long_options,
&opt_index)) != EOF) {
switch (c) {
case 'h':
help();
break;
case 'v':
version();
break;
case 'C':
cpustats = false;
break;
case 'e':
example();
break;
case 'p':
invoke_cpp = true;
break;
case 'V':
ctx.verbose = true;
break;
case 'P':
cpus_tmp = strtoul(optarg, NULL, 0);
if (cpus_tmp > 0 && cpus_tmp < ctx.cpus)
ctx.cpus = cpus_tmp;
break;
case 'd':
case 'o':
ctx.device = xstrndup(optarg, IFNAMSIZ);
break;
case 'H':
prio_high = true;
break;
case 'A':
set_sock_mem = false;
break;
case 'Q':
set_irq_aff = false;
break;
case 'q':
ctx.qdisc_path = true;
break;
case 'r':
ctx.rand = true;
break;
case 's':
slow = true;
ctx.cpus = 1;
ctx.smoke_test = true;
ctx.rhost = xstrdup(optarg);
break;
case 'R':
ctx.rfraw = true;
break;
case 'J':
ctx.jumbo_support = true;
break;
case 'c':
case 'i':
confname = xstrdup(optarg);
if (!strncmp("-", confname, strlen("-")))
ctx.cpus = 1;
break;
case 'u':
ctx.uid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 'g':
ctx.gid = strtoul(optarg, NULL, 0);
ctx.enforce = true;
break;
case 'k':
printf("Option -k/--kernel-pull is no longer used and "
"will be removed in a future release!\n");
break;
case 'E':
seed = strtoul(optarg, NULL, 0);
reseed = false;
break;
case 'n':
orig_num = strtoul(optarg, NULL, 0);
ctx.num = orig_num;
break;
case 't':
slow = true;
ptr = optarg;
prctl(PR_SET_TIMERSLACK, 1UL);
gap = strtoul(optarg, NULL, 0);
for (j = i = strlen(optarg); i > 0; --i) {
if (!isdigit(optarg[j - i]))
break;
ptr++;
}
if (!strncmp(ptr, "ns", strlen("ns"))) {
ctx.gap.tv_sec = gap / 1000000000;
ctx.gap.tv_nsec = gap % 1000000000;
} else if (*ptr == '\0' || !strncmp(ptr, "us", strlen("us"))) {
/* Default to microseconds for backwards
* compatibility if no postfix is given.
*/
ctx.gap.tv_sec = gap / 1000000;
ctx.gap.tv_nsec = (gap % 1000000) * 1000;
} else if (!strncmp(ptr, "ms", strlen("ms"))) {
ctx.gap.tv_sec = gap / 1000;
ctx.gap.tv_nsec = (gap % 1000) * 1000000;
} else if (!strncmp(ptr, "s", strlen("s"))) {
ctx.gap.tv_sec = gap;
ctx.gap.tv_nsec = 0;
} else
panic("Syntax error in time param!\n");
if (gap > 0)
/* Fall back to single core to not mess up
* correct timing. We are slow anyway!
*/
ctx.cpus = 1;
break;
case 'S':
ptr = optarg;
for (j = i = strlen(optarg); i > 0; --i) {
if (!isdigit(optarg[j - i]))
break;
ptr++;
}
if (!strncmp(ptr, "KiB", strlen("KiB")))
ctx.reserve_size = 1 << 10;
else if (!strncmp(ptr, "MiB", strlen("MiB")))
ctx.reserve_size = 1 << 20;
else if (!strncmp(ptr, "GiB", strlen("GiB")))
ctx.reserve_size = 1 << 30;
else
panic("Syntax error in ring size param!\n");
ctx.reserve_size *= strtoul(optarg, NULL, 0);
break;
case '?':
switch (optopt) {
case 'd':
case 'c':
case 'n':
case 'S':
case 's':
case 'P':
case 'o':
case 'E':
case 'i':
case 'k':
case 'u':
case 'g':
case 't':
panic("Option -%c requires an argument!\n",
optopt);
default:
if (isprint(optopt))
printf("Unknown option character `0x%X\'!\n", optopt);
die();
}
default:
break;
}
}
if (argc < 5)
help();
if (ctx.device == NULL)
panic("No networking device given!\n");
if (confname == NULL)
panic("No configuration file given!\n");
if (device_mtu(ctx.device) == 0)
panic("This is no networking device!\n");
register_signal(SIGINT, signal_handler);
register_signal(SIGQUIT, signal_handler);
register_signal(SIGTERM, signal_handler);
register_signal(SIGHUP, signal_handler);
if (prio_high) {
set_proc_prio(-20);
set_sched_status(SCHED_FIFO, sched_get_priority_max(SCHED_FIFO));
}
if (set_sock_mem)
set_system_socket_memory(vals, array_size(vals));
xlockme();
if (ctx.rfraw) {
ctx.device_trans = xstrdup(ctx.device);
xfree(ctx.device);
enter_rfmon_mac80211(ctx.device_trans, &ctx.device);
panic_handler_add(on_panic_del_rfmon, ctx.device);
sleep(0);
}
/*
* If number of packets is smaller than number of CPUs use only as
* many CPUs as there are packets. Otherwise we end up sending more
* packets than intended or none at all.
*/
if (ctx.num)
ctx.cpus = min_t(unsigned int, ctx.num, ctx.cpus);
irq = device_irq_number(ctx.device);
if (set_irq_aff)
device_set_irq_affinity_list(irq, 0, ctx.cpus - 1);
stats = setup_shared_var(ctx.cpus);
for (i = 0; i < ctx.cpus; i++) {
pid_t pid = fork();
switch (pid) {
case 0:
if (reseed)
seed = generate_srand_seed();
srand(seed);
cpu_affinity(i);
main_loop(&ctx, confname, slow, i, invoke_cpp, orig_num);
goto thread_out;
case -1:
panic("Cannot fork processes!\n");
}
}
for (i = 0; i < ctx.cpus; i++) {
int status;
wait(&status);
if (WEXITSTATUS(status) == EXIT_FAILURE)
die();
}
if (ctx.rfraw)
leave_rfmon_mac80211(ctx.device);
if (set_sock_mem)
reset_system_socket_memory(vals, array_size(vals));
for (i = 0, tx_packets = tx_bytes = 0; i < ctx.cpus; i++) {
while ((__get_state(i) & CPU_STATS_STATE_RES) == 0)
sched_yield();
tx_packets += stats[i].tx_packets;
tx_bytes += stats[i].tx_bytes;
}
fflush(stdout);
printf("\n");
printf("\r%12llu packets outgoing\n", tx_packets);
printf("\r%12llu bytes outgoing\n", tx_bytes);
for (i = 0; cpustats && i < ctx.cpus; i++) {
printf("\r%12lu sec, %lu usec on CPU%d (%llu packets)\n",
stats[i].tv_sec, stats[i].tv_usec, i,
stats[i].tx_packets);
}
thread_out:
xunlockme();
destroy_shared_var(stats, ctx.cpus);
if (set_irq_aff)
device_restore_irq_affinity_list();
free(ctx.device);
free(ctx.device_trans);
free(ctx.rhost);
free(confname);
return 0;
}