1*4c75e3aaSDag-Erling Smørgrav /* 2*4c75e3aaSDag-Erling Smørgrav * daemon/tcp_conn_limit.h - client TCP connection limit storage for the server. 3*4c75e3aaSDag-Erling Smørgrav * 4*4c75e3aaSDag-Erling Smørgrav * Copyright (c) 2018, NLnet Labs. All rights reserved. 5*4c75e3aaSDag-Erling Smørgrav * 6*4c75e3aaSDag-Erling Smørgrav * This software is open source. 7*4c75e3aaSDag-Erling Smørgrav * 8*4c75e3aaSDag-Erling Smørgrav * Redistribution and use in source and binary forms, with or without 9*4c75e3aaSDag-Erling Smørgrav * modification, are permitted provided that the following conditions 10*4c75e3aaSDag-Erling Smørgrav * are met: 11*4c75e3aaSDag-Erling Smørgrav * 12*4c75e3aaSDag-Erling Smørgrav * Redistributions of source code must retain the above copyright notice, 13*4c75e3aaSDag-Erling Smørgrav * this list of conditions and the following disclaimer. 14*4c75e3aaSDag-Erling Smørgrav * 15*4c75e3aaSDag-Erling Smørgrav * Redistributions in binary form must reproduce the above copyright notice, 16*4c75e3aaSDag-Erling Smørgrav * this list of conditions and the following disclaimer in the documentation 17*4c75e3aaSDag-Erling Smørgrav * and/or other materials provided with the distribution. 18*4c75e3aaSDag-Erling Smørgrav * 19*4c75e3aaSDag-Erling Smørgrav * Neither the name of the NLNET LABS nor the names of its contributors may 20*4c75e3aaSDag-Erling Smørgrav * be used to endorse or promote products derived from this software without 21*4c75e3aaSDag-Erling Smørgrav * specific prior written permission. 22*4c75e3aaSDag-Erling Smørgrav * 23*4c75e3aaSDag-Erling Smørgrav * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24*4c75e3aaSDag-Erling Smørgrav * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25*4c75e3aaSDag-Erling Smørgrav * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26*4c75e3aaSDag-Erling Smørgrav * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27*4c75e3aaSDag-Erling Smørgrav * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28*4c75e3aaSDag-Erling Smørgrav * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29*4c75e3aaSDag-Erling Smørgrav * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30*4c75e3aaSDag-Erling Smørgrav * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31*4c75e3aaSDag-Erling Smørgrav * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32*4c75e3aaSDag-Erling Smørgrav * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33*4c75e3aaSDag-Erling Smørgrav * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34*4c75e3aaSDag-Erling Smørgrav */ 35*4c75e3aaSDag-Erling Smørgrav 36*4c75e3aaSDag-Erling Smørgrav /** 37*4c75e3aaSDag-Erling Smørgrav * \file 38*4c75e3aaSDag-Erling Smørgrav * 39*4c75e3aaSDag-Erling Smørgrav * This file keeps track of the limit on the number of TCP connections 40*4c75e3aaSDag-Erling Smørgrav * each client makes the server. 41*4c75e3aaSDag-Erling Smørgrav */ 42*4c75e3aaSDag-Erling Smørgrav 43*4c75e3aaSDag-Erling Smørgrav #ifndef DAEMON_TCP_CONN_LIMIT_H 44*4c75e3aaSDag-Erling Smørgrav #define DAEMON_TCP_CONN_LIMIT_H 45*4c75e3aaSDag-Erling Smørgrav #include "util/storage/dnstree.h" 46*4c75e3aaSDag-Erling Smørgrav #include "util/locks.h" 47*4c75e3aaSDag-Erling Smørgrav struct config_file; 48*4c75e3aaSDag-Erling Smørgrav struct regional; 49*4c75e3aaSDag-Erling Smørgrav 50*4c75e3aaSDag-Erling Smørgrav /** 51*4c75e3aaSDag-Erling Smørgrav * TCP connection limit storage structure 52*4c75e3aaSDag-Erling Smørgrav */ 53*4c75e3aaSDag-Erling Smørgrav struct tcl_list { 54*4c75e3aaSDag-Erling Smørgrav /** regional for allocation */ 55*4c75e3aaSDag-Erling Smørgrav struct regional* region; 56*4c75e3aaSDag-Erling Smørgrav /** 57*4c75e3aaSDag-Erling Smørgrav * Tree of the addresses that are TCP connection limited. 58*4c75e3aaSDag-Erling Smørgrav * contents of type tcl_addr. 59*4c75e3aaSDag-Erling Smørgrav */ 60*4c75e3aaSDag-Erling Smørgrav rbtree_type tree; 61*4c75e3aaSDag-Erling Smørgrav }; 62*4c75e3aaSDag-Erling Smørgrav 63*4c75e3aaSDag-Erling Smørgrav /** 64*4c75e3aaSDag-Erling Smørgrav * 65*4c75e3aaSDag-Erling Smørgrav * An address span with connection limit information 66*4c75e3aaSDag-Erling Smørgrav */ 67*4c75e3aaSDag-Erling Smørgrav struct tcl_addr { 68*4c75e3aaSDag-Erling Smørgrav /** node in address tree */ 69*4c75e3aaSDag-Erling Smørgrav struct addr_tree_node node; 70*4c75e3aaSDag-Erling Smørgrav /** lock on structure data */ 71*4c75e3aaSDag-Erling Smørgrav lock_quick_type lock; 72*4c75e3aaSDag-Erling Smørgrav /** connection limit on this netblock */ 73*4c75e3aaSDag-Erling Smørgrav uint32_t limit; 74*4c75e3aaSDag-Erling Smørgrav /** current connection count on this netblock */ 75*4c75e3aaSDag-Erling Smørgrav uint32_t count; 76*4c75e3aaSDag-Erling Smørgrav }; 77*4c75e3aaSDag-Erling Smørgrav 78*4c75e3aaSDag-Erling Smørgrav /** 79*4c75e3aaSDag-Erling Smørgrav * Create TCP connection limit structure 80*4c75e3aaSDag-Erling Smørgrav * @return new structure or NULL on error. 81*4c75e3aaSDag-Erling Smørgrav */ 82*4c75e3aaSDag-Erling Smørgrav struct tcl_list* tcl_list_create(void); 83*4c75e3aaSDag-Erling Smørgrav 84*4c75e3aaSDag-Erling Smørgrav /** 85*4c75e3aaSDag-Erling Smørgrav * Delete TCP connection limit structure. 86*4c75e3aaSDag-Erling Smørgrav * @param tcl: to delete. 87*4c75e3aaSDag-Erling Smørgrav */ 88*4c75e3aaSDag-Erling Smørgrav void tcl_list_delete(struct tcl_list* tcl); 89*4c75e3aaSDag-Erling Smørgrav 90*4c75e3aaSDag-Erling Smørgrav /** 91*4c75e3aaSDag-Erling Smørgrav * Process TCP connection limit config. 92*4c75e3aaSDag-Erling Smørgrav * @param tcl: where to store. 93*4c75e3aaSDag-Erling Smørgrav * @param cfg: config options. 94*4c75e3aaSDag-Erling Smørgrav * @return 0 on error. 95*4c75e3aaSDag-Erling Smørgrav */ 96*4c75e3aaSDag-Erling Smørgrav int tcl_list_apply_cfg(struct tcl_list* tcl, struct config_file* cfg); 97*4c75e3aaSDag-Erling Smørgrav 98*4c75e3aaSDag-Erling Smørgrav /** 99*4c75e3aaSDag-Erling Smørgrav * Increment TCP connection count if found, provided the 100*4c75e3aaSDag-Erling Smørgrav * count was below the limit. 101*4c75e3aaSDag-Erling Smørgrav * @param tcl: structure for tcl storage, or NULL. 102*4c75e3aaSDag-Erling Smørgrav * @return: 0 if limit reached, 1 if tcl was NULL or limit not reached. 103*4c75e3aaSDag-Erling Smørgrav */ 104*4c75e3aaSDag-Erling Smørgrav int tcl_new_connection(struct tcl_addr* tcl); 105*4c75e3aaSDag-Erling Smørgrav 106*4c75e3aaSDag-Erling Smørgrav /** 107*4c75e3aaSDag-Erling Smørgrav * Decrement TCP connection count if found. 108*4c75e3aaSDag-Erling Smørgrav * @param tcl: structure for tcl storage, or NULL. 109*4c75e3aaSDag-Erling Smørgrav */ 110*4c75e3aaSDag-Erling Smørgrav void tcl_close_connection(struct tcl_addr* tcl); 111*4c75e3aaSDag-Erling Smørgrav 112*4c75e3aaSDag-Erling Smørgrav /** 113*4c75e3aaSDag-Erling Smørgrav * Lookup address to see its TCP connection limit structure 114*4c75e3aaSDag-Erling Smørgrav * @param tcl: structure for address storage. 115*4c75e3aaSDag-Erling Smørgrav * @param addr: address to check 116*4c75e3aaSDag-Erling Smørgrav * @param addrlen: length of addr. 117*4c75e3aaSDag-Erling Smørgrav * @return: tcl structure from this address. 118*4c75e3aaSDag-Erling Smørgrav */ 119*4c75e3aaSDag-Erling Smørgrav struct tcl_addr* 120*4c75e3aaSDag-Erling Smørgrav tcl_addr_lookup(struct tcl_list* tcl, struct sockaddr_storage* addr, 121*4c75e3aaSDag-Erling Smørgrav socklen_t addrlen); 122*4c75e3aaSDag-Erling Smørgrav 123*4c75e3aaSDag-Erling Smørgrav /** 124*4c75e3aaSDag-Erling Smørgrav * Get memory used by TCP connection limit structure. 125*4c75e3aaSDag-Erling Smørgrav * @param tcl: structure for address storage. 126*4c75e3aaSDag-Erling Smørgrav * @return bytes in use. 127*4c75e3aaSDag-Erling Smørgrav */ 128*4c75e3aaSDag-Erling Smørgrav size_t tcl_list_get_mem(struct tcl_list* tcl); 129*4c75e3aaSDag-Erling Smørgrav 130*4c75e3aaSDag-Erling Smørgrav #endif /* DAEMON_TCP_CONN_LIMIT_H */ 131