From patchwork Sun Apr 12 12:53:50 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4886 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:b0d8:b0:84a:48f:a1fd with SMTP id p24csp664093maw; Sun, 12 Apr 2026 05:54:17 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWj5LA7BbLUJHm2VxpIkB9RszuEeDOgMBvroeyfdsWrETV2AAq5EdX1H6cXLDeoM58C8jFCNaZwjPc=@openvpn.net X-Received: by 2002:a05:6870:1e84:b0:417:46dc:3cc0 with SMTP id 586e51a60fabf-423e0db3d98mr5153405fac.7.1775998457698; Sun, 12 Apr 2026 05:54:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1775998457; cv=none; d=google.com; s=arc-20240605; b=ZOX8AEcCoybZkUw0XSkrOux1yZ71c8H4WjXaKHdZjC2q46JszGDeiC6kUHT3BShDCK cJ9475yPI4LrZ3/+85CvsabL8mSvjrXYhK07vkiHD/50HENHnOtD05VuQDp31x8Sbe1U DKFzrT+IfXBYS0YQjwuHbJGrH0yNE/fL45HzCPOavWEgrSM+Rj/7jl6QORke8i9HEKCO 8+2v2YWL57jokklCbO/s76fM1kyEP1GgBX7CHpOAGdmxmTswTjC7DRcOIclOy4VU82sf dpuW1NiwAoKDuxsR8xu5DRY/C+wJkRfJ1S530hwPMg5PBz+S8XJxSEvIam29KaEmBhYc 9ptQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=80BZHmzKmmpGaVAioLorwBKDc6uFQGmyrW3+X+dNC+k=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=gHrYiwPcQUvXiCgnvnYDw8EaKspYdm/gWq9fVLAV6Rl4v2bHFkq8zdBeCY7L4oe1CQ Vol2RcbNnOC994vaQiswZjsTtFEkyTfodLA04vN60ryF5w9/J09tOwTD39jYltLgH/dL 0p2ZeCmAE1nXRJWjzbdGX5Qz+1XlHuH/lp7h2ipP2dqDFd9EfTUY2GtaxmW25wyhWI7N aedUnw3NsCn2D2VUgj2fBgbyZeH7jOU5ko/NvYdRBVkOsjJE0AmKzM7FMkTl+2byNMhe /quQSXDQx9D+n/DfwhoQm7JKpM5bZzbwRhff/RbS/jA8GPvhaHdSrE9fe5Jg++J6IOhp 11Sg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=KBd4rEmp; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=brblBlvJ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cH6pgxli; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-423ddb9d998si6987810fac.145.2026.04.12.05.54.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 12 Apr 2026 05:54:17 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=KBd4rEmp; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=brblBlvJ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=cH6pgxli; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=80BZHmzKmmpGaVAioLorwBKDc6uFQGmyrW3+X+dNC+k=; b=KBd4rEmpZtc/kagKz4c7/Uyiw2 00eu49rI1vGSPzcl+mo7GGSOFAqstcX6NUs7PIiY59RZG+TsHAH4IfT0pJ7+oTcVagFTsmOgYX3hm seS/cW3JLlYYHk0+EtV/cH83edCZGK9UxcqKT3ZiHKHF/1U9z2k5co0wg5sspVMyVfN8=; Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1wBuKF-0002gE-M0; Sun, 12 Apr 2026 12:54:07 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1wBuKC-0002g5-VD for openvpn-devel@lists.sourceforge.net; Sun, 12 Apr 2026 12:54:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Tl5EHKutNIiV4dLxuiH3vkmfZuqpQxTx28pZXTT3pDU=; b=brblBlvJ+jPaKnWZM1SqA1n5rl Vez+GfybT9So9gpkPLwEm+jCoV86xEzvYbVpuUvZkuAX79Mo1HW6JA4BB69rXy7UT8GwF5s0j2kp6 COcUquZ40oDqte1G21RlUJ7EI8Xs6RNmxmE/xJAy1yTj7HCfqxQ1q32uPJhr6CNyEImA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Tl5EHKutNIiV4dLxuiH3vkmfZuqpQxTx28pZXTT3pDU=; b=cH6pgxlifsLrJipB/61V1X8A4k F2SxzYBJDUYh6qt/WexoHtrHQytjfI0f6QXIusyC3aDDkZ0T/IHPil4XtAtao3hifaTkQ5Am406k7 vYpyIe3ewzrGhuCgMT3BUqssAxYwEG4LD971s1YH9K3tMB0xdvGVVIetE2tsGziX/yqk=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1wBuKB-0005n6-Me for openvpn-devel@lists.sourceforge.net; Sun, 12 Apr 2026 12:54:04 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 63CCru5I032279 for ; Sun, 12 Apr 2026 14:53:56 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 63CCruCe032278 for openvpn-devel@lists.sourceforge.net; Sun, 12 Apr 2026 14:53:56 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Sun, 12 Apr 2026 14:53:50 +0200 Message-ID: <20260412125356.32261-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Arne Schwabe This keeps track of the highest peer id that is currently allocated to avoid iterating over the empty tail of the m->instances array. Change-Id: If797f3fe178fba3f43fb12898e5484bfb38f05c3 Signed-off-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1557 --- Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1wBuKB-0005n6-Me Subject: [Openvpn-devel] [PATCH v7] Optimise iterating over all clients by remembering highest peer id X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1858931657719291690?= X-GMAIL-MSGID: =?utf-8?q?1862269358477248552?= From: Arne Schwabe This keeps track of the highest peer id that is currently allocated to avoid iterating over the empty tail of the m->instances array. Change-Id: If797f3fe178fba3f43fb12898e5484bfb38f05c3 Signed-off-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1557 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1557 This mail reflects revision 7 of this Change. Acked-by according to Gerrit (reflected above): diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index 9d4ea49..c03e821 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -601,6 +601,13 @@ if (mi->context.c2.tls_multi->peer_id != MAX_PEER_ID) { m->instances[mi->context.c2.tls_multi->peer_id] = NULL; + + /* Adjust the max_peerid as this might have been the highest + * peer id instance */ + while (m->max_peerid > 0 && m->instances[m->max_peerid] == NULL) + { + m->max_peerid--; + } } schedule_remove_entry(m->schedule, (struct schedule_entry *)mi); @@ -652,7 +659,7 @@ { if (m->hash) { - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; if (mi) @@ -1326,7 +1333,7 @@ { int count = 0; - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; if (mi && mi != new_mi && !mi->halt) @@ -2885,7 +2892,7 @@ #endif mb = mbuf_alloc_buf(buf); - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; @@ -3794,7 +3801,7 @@ multi_push_restart_schedule_exit(struct multi_context *m, bool next_server) { /* tell all clients to restart */ - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; if (mi && !mi->halt && proto_is_dgram(mi->context.c2.link_sockets[0]->info.proto)) @@ -3876,7 +3883,7 @@ struct multi_context *m = (struct multi_context *)arg; int count = 0; - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; if (mi && !mi->halt) @@ -3907,7 +3914,7 @@ maddr.proto = proto; if (mroute_extract_openvpn_sockaddr(&maddr, &saddr, true)) { - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *mi = m->instances[i]; if (mi && !mi->halt && mroute_addr_equal(&maddr, &mi->real)) @@ -4100,8 +4107,14 @@ } /* should not really end up here, since multi_create_instance returns null - * if amount of clients exceeds max_clients */ + * if amount of clients exceeds max_clients and this method would then + * also not have been called */ ASSERT(mi->context.c2.tls_multi->peer_id < m->max_clients); + + if (mi->context.c2.tls_multi->peer_id > m->max_peerid) + { + m->max_peerid = mi->context.c2.tls_multi->peer_id; + } } #if defined(__GNUC__) || defined(__clang__) diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h index 498409d..4acb364 100644 --- a/src/openvpn/multi.h +++ b/src/openvpn/multi.h @@ -160,9 +160,12 @@ */ struct multi_context { - struct multi_instance **instances; /**< Array of multi_instances. An instance can be + struct multi_instance **instances; /**< Array of multi_instances with the size of + * max_clients. An instance can be * accessed using peer-id as an index. */ - + uint32_t max_peerid; /**< highest currently allocated peer-id + * and maximum allocated/valid index in + * instances */ struct hash *hash; /**< VPN tunnel instances indexed by real * address of the remote peer. */ struct hash *vhash; /**< VPN tunnel instances indexed by diff --git a/src/openvpn/push_util.c b/src/openvpn/push_util.c index 6456554..529cc39 100644 --- a/src/openvpn/push_util.c +++ b/src/openvpn/push_util.c @@ -317,7 +317,7 @@ int count = 0; - for (int i = 0; i < m->max_clients; i++) + for (uint32_t i = 0; i <= m->max_peerid; i++) { struct multi_instance *curr_mi = m->instances[i];