2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
13 #include <afsconfig.h>
14 #include "afs/param.h"
18 #include "afs/sysincludes.h" /* Standard vendor system headers */
21 #if !defined(AFS_LINUX_ENV)
24 #include <netinet/in.h>
27 #include "h/hashing.h"
29 #if !defined(AFS_HPUX110_ENV) && !defined(AFS_LINUX_ENV) && !defined(AFS_DARWIN_ENV)
30 #include <netinet/in_var.h>
31 #endif /* ! AFS_HPUX110_ENV */
32 #endif /* !defined(UKERNEL) */
34 #include "afsincludes.h" /* Afs-based standard headers */
35 #include "afs/afs_stats.h" /* afs statistics */
37 #if defined(AFS_SUN5_ENV)
39 #include <inet/common.h>
40 #include <netinet/ip6.h>
44 /* Exported variables */
45 afs_rwlock_t afs_xconn; /* allocation lock for new things */
46 afs_rwlock_t afs_xinterface; /* for multiple client address */
47 afs_int32 cryptall = 1; /* encrypt all communications */
49 /* some connection macros */
52 #define new_conn_vector(xcv) \
54 xcv = (struct sa_conn_vector *) \
55 afs_osi_Alloc(sizeof(struct sa_conn_vector)); \
57 memset((char *)xcv, 0, sizeof(struct sa_conn_vector)); \
61 /* select a connection to return (if no connection has lower utilization
63 #define conn_vec_select_conn(xcv, bix, conn) \
65 (bix) = ((xcv)->select_index)++ % CVEC_LEN; \
66 (conn) = &((xcv)->cvec[bix]); \
69 #define struct_conn(s) ((struct afs_conn *)(s))
71 #define REPORT_CONNECTIONS_ISSUED 0 /* enable to see utilization */
74 * Find a connection with call slots available, allocating one
75 * if nothing is available and we find an allocated slot
76 * @param xcv A connection vector
77 * @param create If set, a new connection may be created
79 static struct afs_conn *
80 find_preferred_connection(struct sa_conn_vector *xcv, int create)
83 struct afs_conn *tc = NULL;
86 for(cix = 0; cix < CVEC_LEN; ++cix) {
87 tc = &(xcv->cvec[cix]);
91 tc->forceConnectFS = 1;
97 if (tc->refCount < (RX_MAXCALLS-1)) {
100 } else if (cix == (CVEC_LEN-1))
101 conn_vec_select_conn(xcv, bix, tc);
103 } /* for cix < CVEC_LEN */
114 #if REPORT_CONNECTIONS_ISSUED
115 afs_warn("Issuing conn %d refCount=%d parent refCount=%d\n", bix,
116 tc->refCount, xcv->refCount);
122 } /* find_preferred_connection */
126 * Release all connections for unix user xu at server xs
131 release_conns_user_server(struct unixuser *xu, struct server *xs)
136 struct sa_conn_vector *tcv, **lcv, *tcvn;
137 for (sa = (xs)->addr; sa; sa = sa->next_sa) {
139 for (tcv = *lcv; tcv; lcv = &tcv->next, tcv = *lcv) {
140 if (tcv->user == (xu) && tcv->refCount == 0) {
142 /* our old friend, the GLOCK */
143 glocked = ISAFS_GLOCK();
146 for(cix = 0; cix < CVEC_LEN; ++cix) {
147 tc = &(tcv->cvec[cix]);
149 rx_SetConnSecondsUntilNatPing(tc->id, 0);
150 rx_DestroyConnection(tc->id);
151 /* find another eligible connection */
152 if (sa->natping == tc) {
154 struct afs_conn *tcn;
156 for (tcvn = sa->conns; tcvn; tcvn = tcvn->next) {
157 if (sa->natping != NULL)
161 for(cin = 0; cin < CVEC_LEN; ++cin) {
162 tcn = &(tcvn->cvec[cin]);
163 if (tcn->activated) {
164 rx_SetConnSecondsUntilNatPing(tcn->id, 20);
175 afs_osi_Free(tcv, sizeof(struct sa_conn_vector));
176 break; /* at most one instance per server */
177 } /*Found unreferenced connection for user */
179 } /*For each connection on the server */
181 } /* release_conns_user_server */
185 release_conns_vector(struct sa_conn_vector *tcv)
189 struct sa_conn_vector *next;
191 while (tcv != NULL) {
194 /* you know it, you love it, the GLOCK */
195 glocked = ISAFS_GLOCK();
198 for(cix = 0; cix < CVEC_LEN; ++cix) {
199 tc = &(tcv->cvec[cix]);
201 rx_SetConnSecondsUntilNatPing(tc->id, 0);
202 rx_DestroyConnection(tc->id);
203 if (tcv->srvr->natping == tc)
204 tcv->srvr->natping = NULL;
209 afs_osi_Free(tcv, sizeof(struct sa_conn_vector));
213 } /* release_conns_vector */
216 unsigned int VNOSERVERS = 0;
219 * Pick a security object to use for a connection to a given server,
223 * The AFS connection for which the security object is required
224 * @param[out] secLevel
225 * The security level of the returned object
228 * An rx security object. This function is guaranteed to return
229 * an object, although that object may be rxnull (with a secLevel
232 static struct rx_securityClass *
233 afs_pickSecurityObject(struct afs_conn *conn, int *secLevel)
235 struct rx_securityClass *secObj = NULL;
236 union tokenUnion *token;
238 /* Do we have tokens ? */
239 if (conn->parent->user->states & UHasTokens) {
240 token = afs_FindToken(conn->parent->user->tokens, RX_SECIDX_KAD);
242 *secLevel = RX_SECIDX_KAD;
243 /* kerberos tickets on channel 2 */
244 secObj = rxkad_NewClientSecurityObject(
245 cryptall ? rxkad_crypt : rxkad_clear,
246 (struct ktc_encryptionKey *)
247 token->rxkad.clearToken.HandShakeKey,
248 token->rxkad.clearToken.AuthHandle,
249 token->rxkad.ticketLen, token->rxkad.ticket);
250 /* We're going to use this token, so populate the viced */
251 conn->parent->user->viceId = token->rxkad.clearToken.ViceId;
254 if (secObj == NULL) {
256 secObj = rxnull_NewClientSecurityObject();
264 * Try setting up a connection to the server containing the specified fid.
265 * Gets the volume, checks if it's up and does the connection by server address.
268 * @param areq Request filled in by the caller.
269 * @param locktype Type of lock that will be used.
271 * @return The conn struct, or NULL.
274 afs_Conn(struct VenusFid *afid, struct vrequest *areq,
275 afs_int32 locktype, struct rx_connection **rxconn)
277 u_short fsport = AFS_FSPORT;
279 struct afs_conn *tconn = NULL;
280 struct srvAddr *lowp = NULL;
284 struct srvAddr *sa1p;
285 afs_int32 replicated = -1; /* a single RO will increment to 0 */
289 AFS_STATCNT(afs_Conn);
290 /* Get fid's volume. */
291 tv = afs_GetVolume(afid, areq, READ_LOCK);
294 afs_FinalizeReq(areq);
295 areq->volumeError = 1;
300 if (tv->serverHost[0] && tv->serverHost[0]->cell) {
301 fsport = tv->serverHost[0]->cell->fsport;
306 /* First is always lowest rank, if it's up */
307 if ((tv->status[0] == not_busy) && tv->serverHost[0]
308 && tv->serverHost[0]->addr
309 && !(tv->serverHost[0]->addr->sa_flags & SRVR_ISDOWN) &&
310 !(((areq->idleError > 0) || (areq->tokenError > 0))
311 && (areq->skipserver[0] == 1)))
312 lowp = tv->serverHost[0]->addr;
314 /* Otherwise we look at all of them. There are seven levels of
315 * not_busy. This means we will check a volume seven times before it
316 * is marked offline. Ideally, we only need two levels, but this
317 * serves a second purpose of waiting some number of seconds before
318 * the client decides the volume is offline (ie: a clone could finish
321 for (notbusy = not_busy; (!lowp && (notbusy <= end_not_busy)); notbusy++) {
322 for (i = 0; i < AFS_MAXHOSTS && tv->serverHost[i]; i++) {
323 if (tv->states & VRO)
325 if (((areq->tokenError > 0)||(areq->idleError > 0))
326 && (areq->skipserver[i] == 1))
328 if (tv->status[i] != notbusy) {
329 if (tv->status[i] == rd_busy || tv->status[i] == rdwr_busy) {
330 if (!areq->busyCount)
332 } else if (tv->status[i] == offline) {
333 if (!areq->volumeError)
334 areq->volumeError = VOLMISSING;
338 for (sa1p = tv->serverHost[i]->addr; sa1p; sa1p = sa1p->next_sa) {
339 if (sa1p->sa_flags & SRVR_ISDOWN)
341 if (!lowp || (lowp->sa_iprank > sa1p->sa_iprank))
346 if ((replicated == -1) && (tv->states & VRO)) {
347 for (i = 0; i < AFS_MAXHOSTS && tv->serverHost[i]; i++) {
348 if (tv->states & VRO)
354 afs_PutVolume(tv, READ_LOCK);
357 tu = afs_GetUser(areq->uid, afid->Cell, SHARED_LOCK);
358 tconn = afs_ConnBySA(lowp, fsport, afid->Cell, tu, 0 /*!force */ ,
359 1 /*create */ , locktype, replicated, rxconn);
361 afs_PutUser(tu, SHARED_LOCK);
369 * Connects to a server by it's server address.
371 * @param sap Server address.
372 * @param aport Server port.
374 * @param tu Connect as this user.
375 * @param force_if_down
378 * @param locktype Specifies type of lock to be used for this function.
380 * @return The new connection.
383 afs_ConnBySA(struct srvAddr *sap, unsigned short aport, afs_int32 acell,
384 struct unixuser *tu, int force_if_down, afs_int32 create,
385 afs_int32 locktype, afs_int32 replicated,
386 struct rx_connection **rxconn)
389 struct afs_conn *tc = NULL;
390 struct sa_conn_vector *tcv = NULL;
391 struct rx_securityClass *csec; /*Security class object */
392 int isec; /*Security index */
394 int isrep = (replicated > 0)?CONN_REPLICATED:0;
398 if (!sap || ((sap->sa_flags & SRVR_ISDOWN) && !force_if_down)) {
399 /* sa is known down, and we don't want to force it. */
403 /* find cached connection */
404 ObtainSharedLock(&afs_xconn, 15);
406 for (tcv = sap->conns; tcv; tcv = tcv->next) {
407 if (tcv->user == tu && tcv->port == aport &&
408 (isrep == (tcv->flags & CONN_REPLICATED))) {
409 /* return most eligible conn */
412 UpgradeSToWLock(&afs_xconn, 37);
413 tc = find_preferred_connection(tcv, create);
414 ConvertWToSLock(&afs_xconn);
419 if (!tc && !create) {
420 /* Not found and can't create a new one. */
421 ReleaseSharedLock(&afs_xconn);
425 if (AFS_IS_DISCONNECTED && !AFS_IN_SYNC) {
426 afs_warnuser("afs_ConnBySA: disconnected\n");
427 ReleaseSharedLock(&afs_xconn);
431 if (!foundvec && create) {
432 /* No such connection vector exists. Create one and splice it in.
433 * Make sure the server record has been marked as used (for the purposes
434 * of calculating up & down times, it's now considered to be an
435 * ``active'' server). Also make sure the server's lastUpdateEvalTime
436 * gets set, marking the time of its ``birth''.
438 UpgradeSToWLock(&afs_xconn, 37);
439 new_conn_vector(tcv);
444 tcv->next = sap->conns;
446 tcv->flags |= CONN_REPLICATED;
449 /* all struct afs_conn ptrs come from here */
450 tc = find_preferred_connection(tcv, create);
452 afs_ActivateServer(sap);
454 ConvertWToSLock(&afs_xconn);
455 } /* end of if (!tcv) */
458 /* Not found and no alternatives. */
459 ReleaseSharedLock(&afs_xconn);
463 if (tc->refCount > 10000) {
467 afs_warn("afs: Very high afs_conn refCount detected (conn %p, count %d)\n",
468 tc, (int)tc->refCount);
469 afs_warn("afs: Trying to continue, but this may indicate an issue\n");
470 afs_warn("afs: that may eventually crash the machine. Please file\n");
471 afs_warn("afs: a bug report.\n");
475 if (tu->states & UTokensBad) {
476 /* we may still have an authenticated RPC connection here,
477 * we'll have to create a new, unauthenticated, connection.
478 * Perhaps a better way to do this would be to set
479 * conn->forceConnectFS on all conns when the token first goes
480 * bad, but that's somewhat trickier, due to locking
481 * constraints (though not impossible).
483 if (tc->id && (rx_SecurityClassOf(tc->id) != RX_SECIDX_NULL)) {
484 tc->forceConnectFS = 1; /* force recreation of connection */
486 tu->states &= ~UHasTokens; /* remove the authentication info */
489 if (tc->forceConnectFS) {
490 UpgradeSToWLock(&afs_xconn, 38);
492 if (sap->natping == tc)
495 rx_SetConnSecondsUntilNatPing(tc->id, 0);
496 rx_DestroyConnection(tc->id);
500 * Stupid hack to determine if using vldb service or file system
503 if (aport == sap->server->cell->vlport)
509 csec = afs_pickSecurityObject(tc, &isec);
512 tc->id = rx_NewConnection(sap->sa_ip, aport, service, csec, isec);
515 rx_SetConnHardDeadTime(tc->id, afs_rx_harddead);
518 /* Setting idle dead time to non-zero activates idle-dead
519 * RX_CALL_TIMEOUT errors. */
521 rx_SetConnIdleDeadTime(tc->id, afs_rx_idledead_rep);
523 rx_SetConnIdleDeadTime(tc->id, afs_rx_idledead);
526 * Only do this for one connection
528 if ((service != 52) && (sap->natping == NULL)) {
531 rx_SetConnSecondsUntilNatPing(tc->id, 20);
535 tc->forceConnectFS = 0; /* apparently we're appropriately connected now */
538 ConvertWToSLock(&afs_xconn);
539 } /* end of if (tc->forceConnectFS)*/
543 rx_GetConnection(*rxconn);
546 ReleaseSharedLock(&afs_xconn);
551 * forceConnectFS is set whenever we must recompute the connection. UTokensBad
552 * is true only if we know that the tokens are bad. We thus clear this flag
553 * when we get a new set of tokens..
554 * Having force... true and UTokensBad true simultaneously means that the tokens
555 * went bad and we're supposed to create a new, unauthenticated, connection.
557 * @param aserver Server to connect to.
558 * @param aport Connection port.
559 * @param acell The cell where all of this happens.
560 * @param areq The request.
561 * @param aforce Force connection?
562 * @param locktype Type of lock to be used.
565 * @return The established connection.
568 afs_ConnByHost(struct server *aserver, unsigned short aport, afs_int32 acell,
569 struct vrequest *areq, int aforce, afs_int32 locktype,
570 afs_int32 replicated, struct rx_connection **rxconn)
573 struct afs_conn *tc = NULL;
574 struct srvAddr *sa = NULL;
578 AFS_STATCNT(afs_ConnByHost);
580 if (AFS_IS_DISCONNECTED && !AFS_IN_SYNC) {
581 afs_warnuser("afs_ConnByHost: disconnected\n");
586 1. look for an existing connection
587 2. create a connection at an address believed to be up
588 (if aforce is true, create a connection at the first address)
591 tu = afs_GetUser(areq->uid, acell, SHARED_LOCK);
593 for (sa = aserver->addr; sa; sa = sa->next_sa) {
594 tc = afs_ConnBySA(sa, aport, acell, tu, aforce,
595 0 /*don't create one */ ,
596 locktype, replicated, rxconn);
602 for (sa = aserver->addr; sa; sa = sa->next_sa) {
603 tc = afs_ConnBySA(sa, aport, acell, tu, aforce,
605 locktype, replicated, rxconn);
611 afs_PutUser(tu, SHARED_LOCK);
614 } /*afs_ConnByHost */
618 * Connect by multiple hosts.
619 * Try to connect to one of the hosts from the ahosts array.
621 * @param ahosts Multiple hosts to connect to.
622 * @param aport Connection port.
623 * @param acell The cell where all of this happens.
624 * @param areq The request.
625 * @param locktype Type of lock to be used.
628 * @return The established connection or NULL.
631 afs_ConnByMHosts(struct server *ahosts[], unsigned short aport,
632 afs_int32 acell, struct vrequest *areq,
633 afs_int32 locktype, afs_int32 replicated,
634 struct rx_connection **rxconn)
637 struct afs_conn *tconn;
642 /* try to find any connection from the set */
643 AFS_STATCNT(afs_ConnByMHosts);
644 for (i = 0; i < AFS_MAXCELLHOSTS; i++) {
645 if ((ts = ahosts[i]) == NULL)
647 tconn = afs_ConnByHost(ts, aport, acell, areq, 0, locktype,
655 } /*afs_ConnByMHosts */
659 * Decrement reference count to this connection.
664 afs_PutConn(struct afs_conn *ac, struct rx_connection *rxconn,
667 AFS_STATCNT(afs_PutConn);
669 if (ac->refCount < 0) {
670 osi_Panic("afs_PutConn: refcount imbalance 0x%lx %d",
671 (unsigned long)(uintptrsz)ac, (int)ac->refCount);
673 ac->parent->refCount--;
675 rx_PutConnection(rxconn);
681 * Free up a connection vector, allowing, eg, code in afs_user.c
682 * to ignore how connections are stored/pooled
686 afs_ReleaseConns(struct sa_conn_vector *tcv) {
687 release_conns_vector(tcv);
692 * Free connection vector(s) for a user
696 afs_ReleaseConnsUser(struct unixuser *au) {
701 for (i = 0; i < NSERVERS; i++) {
702 for (ts = afs_servers[i]; ts; ts = ts->next) {
703 release_conns_user_server(au, ts);
704 } /*For each server on chain */
705 } /*For each chain */
710 * For multi homed clients, a RPC may timeout because of a
711 * client network interface going down. We need to reopen new
712 * connections in this case.
714 * @param sap Server address.
717 ForceNewConnections(struct srvAddr *sap)
720 struct afs_conn *tc = NULL;
721 struct sa_conn_vector *tcv = NULL;
724 return; /* defensive check */
726 ObtainWriteLock(&afs_xconn, 413);
727 for (tcv = sap->conns; tcv; tcv = tcv->next) {
728 for(cix = 0; cix < CVEC_LEN; ++cix) {
729 tc = &(tcv->cvec[cix]);
731 tc->forceConnectFS = 1;
734 ReleaseWriteLock(&afs_xconn);