2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
13 #include <afsconfig.h>
14 #include "afs/param.h"
18 #include "afs/sysincludes.h" /* Standard vendor system headers */
21 #if !defined(AFS_LINUX20_ENV)
24 #include <netinet/in.h>
27 #include "h/hashing.h"
29 #if !defined(AFS_HPUX110_ENV) && !defined(AFS_LINUX20_ENV) && !defined(AFS_DARWIN_ENV)
30 #include <netinet/in_var.h>
31 #endif /* ! AFS_HPUX110_ENV */
32 #endif /* !defined(UKERNEL) */
34 #include "afsincludes.h" /* Afs-based standard headers */
35 #include "afs/afs_stats.h" /* afs statistics */
37 #if defined(AFS_SUN5_ENV)
39 #include <inet/common.h>
40 #include <netinet/ip6.h>
44 /* Exported variables */
45 afs_rwlock_t afs_xconn
; /* allocation lock for new things */
46 afs_rwlock_t afs_xinterface
; /* for multiple client address */
47 afs_int32 cryptall
= 1; /* encrypt all communications */
49 /* some connection macros */
52 #define new_conn_vector(xcv) \
54 xcv = (struct sa_conn_vector *) \
55 afs_osi_Alloc(sizeof(struct sa_conn_vector)); \
57 memset((char *)xcv, 0, sizeof(struct sa_conn_vector)); \
61 /* select a connection to return (if no connection has lower utilization
63 #define conn_vec_select_conn(xcv, bix, conn) \
65 (bix) = ((xcv)->select_index)++ % CVEC_LEN; \
66 (conn) = &((xcv)->cvec[bix]); \
69 #define struct_conn(s) ((struct afs_conn *)(s))
71 #define REPORT_CONNECTIONS_ISSUED 0 /* enable to see utilization */
74 * Find a connection with call slots available, allocating one
75 * if nothing is available and we find an allocated slot
76 * @param xcv A connection vector
77 * @param create If set, a new connection may be created
79 static struct afs_conn
*
80 find_preferred_connection(struct sa_conn_vector
*xcv
, int create
)
83 struct afs_conn
*tc
= NULL
;
86 for(cix
= 0; cix
< CVEC_LEN
; ++cix
) {
87 tc
= &(xcv
->cvec
[cix
]);
91 tc
->forceConnectFS
= 1;
97 if (tc
->refCount
< (RX_MAXCALLS
-1)) {
100 } else if (cix
== (CVEC_LEN
-1))
101 conn_vec_select_conn(xcv
, bix
, tc
);
103 } /* for cix < CVEC_LEN */
114 #if REPORT_CONNECTIONS_ISSUED
115 afs_warn("Issuing conn %d refCount=%d parent refCount=%d\n", bix
,
116 tc
->refCount
, xcv
->refCount
);
122 } /* find_preferred_connection */
126 * Release all connections for unix user xu at server xs
131 release_conns_user_server(struct unixuser
*xu
, struct server
*xs
)
136 struct sa_conn_vector
*tcv
, **lcv
, *tcvn
;
137 for (sa
= (xs
)->addr
; sa
; sa
= sa
->next_sa
) {
139 for (tcv
= *lcv
; tcv
; lcv
= &tcv
->next
, tcv
= *lcv
) {
140 if (tcv
->user
== (xu
) && tcv
->refCount
== 0) {
142 /* our old friend, the GLOCK */
143 glocked
= ISAFS_GLOCK();
146 for(cix
= 0; cix
< CVEC_LEN
; ++cix
) {
147 tc
= &(tcv
->cvec
[cix
]);
149 rx_SetConnSecondsUntilNatPing(tc
->id
, 0);
150 rx_DestroyConnection(tc
->id
);
151 /* find another eligible connection */
152 if (sa
->natping
== tc
) {
154 struct afs_conn
*tcn
;
155 for (tcvn
= sa
->conns
; tcvn
; tcvn
= tcvn
->next
) {
158 for(cin
= 0; cin
< CVEC_LEN
; ++cin
) {
159 tcn
= &(tcvn
->cvec
[cin
]);
160 if (tcn
->activated
) {
161 rx_SetConnSecondsUntilNatPing(tcn
->id
, 20);
172 afs_osi_Free(tcv
, sizeof(struct sa_conn_vector
));
173 break; /* at most one instance per server */
174 } /*Found unreferenced connection for user */
176 } /*For each connection on the server */
178 } /* release_conns_user_server */
182 release_conns_vector(struct sa_conn_vector
*tcv
)
186 struct sa_conn_vector
*next
;
188 while (tcv
!= NULL
) {
191 /* you know it, you love it, the GLOCK */
192 glocked
= ISAFS_GLOCK();
195 for(cix
= 0; cix
< CVEC_LEN
; ++cix
) {
196 tc
= &(tcv
->cvec
[cix
]);
198 rx_SetConnSecondsUntilNatPing(tc
->id
, 0);
199 rx_DestroyConnection(tc
->id
);
200 if (tcv
->srvr
->natping
== tc
)
201 tcv
->srvr
->natping
= NULL
;
206 afs_osi_Free(tcv
, sizeof(struct sa_conn_vector
));
210 } /* release_conns_vector */
213 unsigned int VNOSERVERS
= 0;
216 * Pick a security object to use for a connection to a given server,
220 * The AFS connection for which the security object is required
221 * @param[out] secLevel
222 * The security level of the returned object
225 * An rx security object. This function is guaranteed to return
226 * an object, although that object may be rxnull (with a secLevel
229 static struct rx_securityClass
*
230 afs_pickSecurityObject(struct afs_conn
*conn
, int *secLevel
)
232 struct rx_securityClass
*secObj
= NULL
;
233 union tokenUnion
*token
;
235 /* Do we have tokens ? */
236 if (conn
->parent
->user
->states
& UHasTokens
) {
237 token
= afs_FindToken(conn
->parent
->user
->tokens
, RX_SECIDX_KAD
);
239 *secLevel
= RX_SECIDX_KAD
;
240 /* kerberos tickets on channel 2 */
241 secObj
= rxkad_NewClientSecurityObject(
242 cryptall
? rxkad_crypt
: rxkad_clear
,
243 (struct ktc_encryptionKey
*)
244 token
->rxkad
.clearToken
.HandShakeKey
,
245 token
->rxkad
.clearToken
.AuthHandle
,
246 token
->rxkad
.ticketLen
, token
->rxkad
.ticket
);
247 /* We're going to use this token, so populate the viced */
248 conn
->parent
->user
->viceId
= token
->rxkad
.clearToken
.ViceId
;
251 if (secObj
== NULL
) {
253 secObj
= rxnull_NewClientSecurityObject();
261 * Try setting up a connection to the server containing the specified fid.
262 * Gets the volume, checks if it's up and does the connection by server address.
265 * @param areq Request filled in by the caller.
266 * @param locktype Type of lock that will be used.
268 * @return The conn struct, or NULL.
271 afs_Conn(struct VenusFid
*afid
, struct vrequest
*areq
,
272 afs_int32 locktype
, struct rx_connection
**rxconn
)
274 u_short fsport
= AFS_FSPORT
;
276 struct afs_conn
*tconn
= NULL
;
277 struct srvAddr
*lowp
= NULL
;
281 struct srvAddr
*sa1p
;
282 afs_int32 replicated
= -1; /* a single RO will increment to 0 */
286 AFS_STATCNT(afs_Conn
);
287 /* Get fid's volume. */
288 tv
= afs_GetVolume(afid
, areq
, READ_LOCK
);
291 afs_FinalizeReq(areq
);
292 areq
->volumeError
= 1;
297 if (tv
->serverHost
[0] && tv
->serverHost
[0]->cell
) {
298 fsport
= tv
->serverHost
[0]->cell
->fsport
;
303 /* First is always lowest rank, if it's up */
304 if ((tv
->status
[0] == not_busy
) && tv
->serverHost
[0]
305 && tv
->serverHost
[0]->addr
306 && !(tv
->serverHost
[0]->addr
->sa_flags
& SRVR_ISDOWN
) &&
307 !(((areq
->idleError
> 0) || (areq
->tokenError
> 0))
308 && (areq
->skipserver
[0] == 1)))
309 lowp
= tv
->serverHost
[0]->addr
;
311 /* Otherwise we look at all of them. There are seven levels of
312 * not_busy. This means we will check a volume seven times before it
313 * is marked offline. Ideally, we only need two levels, but this
314 * serves a second purpose of waiting some number of seconds before
315 * the client decides the volume is offline (ie: a clone could finish
318 for (notbusy
= not_busy
; (!lowp
&& (notbusy
<= end_not_busy
)); notbusy
++) {
319 for (i
= 0; i
< AFS_MAXHOSTS
&& tv
->serverHost
[i
]; i
++) {
320 if (tv
->states
& VRO
)
322 if (((areq
->tokenError
> 0)||(areq
->idleError
> 0))
323 && (areq
->skipserver
[i
] == 1))
325 if (tv
->status
[i
] != notbusy
) {
326 if (tv
->status
[i
] == rd_busy
|| tv
->status
[i
] == rdwr_busy
) {
327 if (!areq
->busyCount
)
329 } else if (tv
->status
[i
] == offline
) {
330 if (!areq
->volumeError
)
331 areq
->volumeError
= VOLMISSING
;
335 for (sa1p
= tv
->serverHost
[i
]->addr
; sa1p
; sa1p
= sa1p
->next_sa
) {
336 if (sa1p
->sa_flags
& SRVR_ISDOWN
)
338 if (!lowp
|| (lowp
->sa_iprank
> sa1p
->sa_iprank
))
343 if ((replicated
== -1) && (tv
->states
& VRO
)) {
344 for (i
= 0; i
< AFS_MAXHOSTS
&& tv
->serverHost
[i
]; i
++) {
345 if (tv
->states
& VRO
)
351 afs_PutVolume(tv
, READ_LOCK
);
354 tu
= afs_GetUser(areq
->uid
, afid
->Cell
, SHARED_LOCK
);
355 tconn
= afs_ConnBySA(lowp
, fsport
, afid
->Cell
, tu
, 0 /*!force */ ,
356 1 /*create */ , locktype
, replicated
, rxconn
);
358 afs_PutUser(tu
, SHARED_LOCK
);
366 * Connects to a server by it's server address.
368 * @param sap Server address.
369 * @param aport Server port.
371 * @param tu Connect as this user.
372 * @param force_if_down
375 * @param locktype Specifies type of lock to be used for this function.
377 * @return The new connection.
380 afs_ConnBySA(struct srvAddr
*sap
, unsigned short aport
, afs_int32 acell
,
381 struct unixuser
*tu
, int force_if_down
, afs_int32 create
,
382 afs_int32 locktype
, afs_int32 replicated
,
383 struct rx_connection
**rxconn
)
385 int glocked
, foundvec
;
386 struct afs_conn
*tc
= NULL
;
387 struct sa_conn_vector
*tcv
= NULL
;
388 struct rx_securityClass
*csec
; /*Security class object */
389 int isec
; /*Security index */
391 int isrep
= (replicated
> 0)?CONN_REPLICATED
:0;
395 if (!sap
|| ((sap
->sa_flags
& SRVR_ISDOWN
) && !force_if_down
)) {
396 /* sa is known down, and we don't want to force it. */
400 /* find cached connection */
401 ObtainSharedLock(&afs_xconn
, 15);
403 for (tcv
= sap
->conns
; tcv
; tcv
= tcv
->next
) {
404 if (tcv
->user
== tu
&& tcv
->port
== aport
&&
405 (isrep
== (tcv
->flags
& CONN_REPLICATED
))) {
406 /* return most eligible conn */
409 UpgradeSToWLock(&afs_xconn
, 37);
410 tc
= find_preferred_connection(tcv
, create
);
411 ConvertWToSLock(&afs_xconn
);
416 if (!tc
&& !create
) {
417 /* Not found and can't create a new one. */
418 ReleaseSharedLock(&afs_xconn
);
422 if (AFS_IS_DISCONNECTED
&& !AFS_IN_SYNC
) {
423 afs_warnuser("afs_ConnBySA: disconnected\n");
424 ReleaseSharedLock(&afs_xconn
);
428 if (!foundvec
&& create
) {
429 /* No such connection vector exists. Create one and splice it in.
430 * Make sure the server record has been marked as used (for the purposes
431 * of calculating up & down times, it's now considered to be an
432 * ``active'' server). Also make sure the server's lastUpdateEvalTime
433 * gets set, marking the time of its ``birth''.
435 UpgradeSToWLock(&afs_xconn
, 37);
436 new_conn_vector(tcv
);
441 tcv
->next
= sap
->conns
;
443 tcv
->flags
|= CONN_REPLICATED
;
446 /* all struct afs_conn ptrs come from here */
447 tc
= find_preferred_connection(tcv
, create
);
449 afs_ActivateServer(sap
);
451 ConvertWToSLock(&afs_xconn
);
452 } /* end of if (!tcv) */
455 /* Not found and no alternatives. */
456 ReleaseSharedLock(&afs_xconn
);
460 if (tc
->refCount
> 10000) {
464 afs_warn("afs: Very high afs_conn refCount detected (conn %p, count %d)\n",
465 tc
, (int)tc
->refCount
);
466 afs_warn("afs: Trying to continue, but this may indicate an issue\n");
467 afs_warn("afs: that may eventually crash the machine. Please file\n");
468 afs_warn("afs: a bug report.\n");
472 if (tu
->states
& UTokensBad
) {
473 /* we may still have an authenticated RPC connection here,
474 * we'll have to create a new, unauthenticated, connection.
475 * Perhaps a better way to do this would be to set
476 * conn->forceConnectFS on all conns when the token first goes
477 * bad, but that's somewhat trickier, due to locking
478 * constraints (though not impossible).
480 if (tc
->id
&& (rx_SecurityClassOf(tc
->id
) != RX_SECIDX_NULL
)) {
481 tc
->forceConnectFS
= 1; /* force recreation of connection */
483 tu
->states
&= ~UHasTokens
; /* remove the authentication info */
486 glocked
= ISAFS_GLOCK();
487 if (tc
->forceConnectFS
) {
488 UpgradeSToWLock(&afs_xconn
, 38);
490 if (sap
->natping
== tc
)
494 rx_SetConnSecondsUntilNatPing(tc
->id
, 0);
495 rx_DestroyConnection(tc
->id
);
500 * Stupid hack to determine if using vldb service or file system
503 if (aport
== sap
->server
->cell
->vlport
)
509 csec
= afs_pickSecurityObject(tc
, &isec
);
513 tc
->id
= rx_NewConnection(sap
->sa_ip
, aport
, service
, csec
, isec
);
517 rx_SetConnHardDeadTime(tc
->id
, afs_rx_harddead
);
520 /* Setting idle dead time to non-zero activates idle-dead
521 * RX_CALL_TIMEOUT errors. */
523 rx_SetConnIdleDeadTime(tc
->id
, afs_rx_idledead_rep
);
525 rx_SetConnIdleDeadTime(tc
->id
, afs_rx_idledead
);
528 * Only do this for one connection
530 if ((service
!= 52) && (sap
->natping
== NULL
)) {
532 rx_SetConnSecondsUntilNatPing(tc
->id
, 20);
535 tc
->forceConnectFS
= 0; /* apparently we're appropriately connected now */
538 ConvertWToSLock(&afs_xconn
);
539 } /* end of if (tc->forceConnectFS)*/
542 rx_GetConnection(*rxconn
);
544 ReleaseSharedLock(&afs_xconn
);
549 * forceConnectFS is set whenever we must recompute the connection. UTokensBad
550 * is true only if we know that the tokens are bad. We thus clear this flag
551 * when we get a new set of tokens..
552 * Having force... true and UTokensBad true simultaneously means that the tokens
553 * went bad and we're supposed to create a new, unauthenticated, connection.
555 * @param aserver Server to connect to.
556 * @param aport Connection port.
557 * @param acell The cell where all of this happens.
558 * @param areq The request.
559 * @param aforce Force connection?
560 * @param locktype Type of lock to be used.
563 * @return The established connection.
566 afs_ConnByHost(struct server
*aserver
, unsigned short aport
, afs_int32 acell
,
567 struct vrequest
*areq
, int aforce
, afs_int32 locktype
,
568 afs_int32 replicated
, struct rx_connection
**rxconn
)
571 struct afs_conn
*tc
= NULL
;
572 struct srvAddr
*sa
= NULL
;
576 AFS_STATCNT(afs_ConnByHost
);
578 if (AFS_IS_DISCONNECTED
&& !AFS_IN_SYNC
) {
579 afs_warnuser("afs_ConnByHost: disconnected\n");
584 1. look for an existing connection
585 2. create a connection at an address believed to be up
586 (if aforce is true, create a connection at the first address)
589 tu
= afs_GetUser(areq
->uid
, acell
, SHARED_LOCK
);
591 for (sa
= aserver
->addr
; sa
; sa
= sa
->next_sa
) {
592 tc
= afs_ConnBySA(sa
, aport
, acell
, tu
, aforce
,
593 0 /*don't create one */ ,
594 locktype
, replicated
, rxconn
);
600 for (sa
= aserver
->addr
; sa
; sa
= sa
->next_sa
) {
601 tc
= afs_ConnBySA(sa
, aport
, acell
, tu
, aforce
,
603 locktype
, replicated
, rxconn
);
609 afs_PutUser(tu
, SHARED_LOCK
);
612 } /*afs_ConnByHost */
616 * Connect by multiple hosts.
617 * Try to connect to one of the hosts from the ahosts array.
619 * @param ahosts Multiple hosts to connect to.
620 * @param aport Connection port.
621 * @param acell The cell where all of this happens.
622 * @param areq The request.
623 * @param locktype Type of lock to be used.
626 * @return The established connection or NULL.
629 afs_ConnByMHosts(struct server
*ahosts
[], unsigned short aport
,
630 afs_int32 acell
, struct vrequest
*areq
,
631 afs_int32 locktype
, afs_int32 replicated
,
632 struct rx_connection
**rxconn
)
635 struct afs_conn
*tconn
;
640 /* try to find any connection from the set */
641 AFS_STATCNT(afs_ConnByMHosts
);
642 for (i
= 0; i
< AFS_MAXCELLHOSTS
; i
++) {
643 if ((ts
= ahosts
[i
]) == NULL
)
645 tconn
= afs_ConnByHost(ts
, aport
, acell
, areq
, 0, locktype
,
653 } /*afs_ConnByMHosts */
657 * Decrement reference count to this connection.
662 afs_PutConn(struct afs_conn
*ac
, struct rx_connection
*rxconn
,
665 AFS_STATCNT(afs_PutConn
);
667 if (ac
->refCount
< 0) {
668 osi_Panic("afs_PutConn: refcount imbalance 0x%lx %d",
669 (unsigned long)(uintptrsz
)ac
, (int)ac
->refCount
);
671 ac
->parent
->refCount
--;
672 rx_PutConnection(rxconn
);
677 * Free up a connection vector, allowing, eg, code in afs_user.c
678 * to ignore how connections are stored/pooled
682 afs_ReleaseConns(struct sa_conn_vector
*tcv
) {
683 release_conns_vector(tcv
);
688 * Free connection vector(s) for a user
692 afs_ReleaseConnsUser(struct unixuser
*au
) {
697 for (i
= 0; i
< NSERVERS
; i
++) {
698 for (ts
= afs_servers
[i
]; ts
; ts
= ts
->next
) {
699 release_conns_user_server(au
, ts
);
700 } /*For each server on chain */
701 } /*For each chain */
706 * For multi homed clients, a RPC may timeout because of a
707 * client network interface going down. We need to reopen new
708 * connections in this case.
710 * @param sap Server address.
713 ForceNewConnections(struct srvAddr
*sap
)
716 struct afs_conn
*tc
= NULL
;
717 struct sa_conn_vector
*tcv
= NULL
;
720 return; /* defensive check */
722 ObtainWriteLock(&afs_xconn
, 413);
723 for (tcv
= sap
->conns
; tcv
; tcv
= tcv
->next
) {
724 for(cix
= 0; cix
< CVEC_LEN
; ++cix
) {
725 tc
= &(tcv
->cvec
[cix
]);
727 tc
->forceConnectFS
= 1;
730 ReleaseWriteLock(&afs_xconn
);