Prevent memory drain for long lasting floating sessions

For every float event we generate prefix, which allocates 256 + 64
bytes. That memory is reclaimed when client disconnects, so long lasting
and constantly floating sessions drain memory.

As a fix use preallocated buffer inside multi_instance for storing
multi_prefix.

Signed-off-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: 1418057325-13265-1-git-send-email-lstipakov@gmail.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/9321
Signed-off-by: David Sommerseth <davids@redhat.com>

diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index 853c08ce9d0eb37e41dca3ee68e354106f1767a1..3e3f75086af66733c3a7c6f6b81bdbe948a1c41c 100644 (file)
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -111,6 +111,10 @@ multi_get_create_instance_udp (struct multi_context *m, bool *floated)
                              break;
                            }
                        }
+
+                     /* should not really end up here, since multi_create_instance returns null
+                      * if amount of clients exceeds max_clients */
+                     ASSERT(i < m->max_clients);
                    }
                }
              else

diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index b7785c1aaf2ae894c4fc93a5e98221ece4d1516e..6ddfbb5992bd14f6709c80a56013ac8b798aed02 100644 (file)
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -403,7 +403,7 @@ multi_instance_string (const struct multi_instance *mi, bool null, struct gc_are
 {
   if (mi)
     {
-      struct buffer out = alloc_buf_gc (256, gc);
+      struct buffer out = alloc_buf_gc (MULTI_PREFIX_MAX_LENGTH, gc);
       const char *cn = tls_common_name (mi->context.c2.tls_multi, true);
 
       if (cn)
@@ -420,21 +420,27 @@ multi_instance_string (const struct multi_instance *mi, bool null, struct gc_are
 void
 generate_prefix (struct multi_instance *mi)
 {
-  mi->msg_prefix = multi_instance_string (mi, true, &mi->gc);
+  struct gc_arena gc = gc_new();
+  const char *prefix = multi_instance_string (mi, true, &gc);
+  if (prefix)
+    strncpynt(mi->msg_prefix, prefix, sizeof(mi->msg_prefix));
+  else
+    mi->msg_prefix[0] = '\0';
   set_prefix (mi);
+  gc_free(&gc);
 }
 
 void
 ungenerate_prefix (struct multi_instance *mi)
 {
-  mi->msg_prefix = NULL;
+  mi->msg_prefix[0] = '\0';
   set_prefix (mi);
 }
 
 static const char *
 mi_prefix (const struct multi_instance *mi)
 {
-  if (mi && mi->msg_prefix)
+  if (mi && mi->msg_prefix[0])
     return mi->msg_prefix;
   else
     return "UNDEF_I";

diff --git a/src/openvpn/multi.h b/src/openvpn/multi.h
index ad7f7001dac8c06e848640115805af960100dbd2..32b89d25e1c4748e3b6fb42163e0f1313f034711 100644 (file)
--- a/src/openvpn/multi.h
+++ b/src/openvpn/multi.h
@@ -42,6 +42,8 @@
 #include "mtcp.h"
 #include "perf.h"
 
+#define MULTI_PREFIX_MAX_LENGTH 256
+
 /*
  * Walk (don't run) through the routing table,
  * deleting old entries, and possibly multi_instance
@@ -80,7 +82,7 @@ struct multi_instance {
   struct mroute_addr real;      /**< External network address of the
                                  *   remote peer. */
   ifconfig_pool_handle vaddr_handle;
-  const char *msg_prefix;
+  char msg_prefix[MULTI_PREFIX_MAX_LENGTH];
 
   /* queued outgoing data in Server/TCP mode */
   unsigned int tcp_rwflags;
@@ -445,10 +447,10 @@ static inline void
 set_prefix (struct multi_instance *mi)
 {
 #ifdef MULTI_DEBUG_EVENT_LOOP
-  if (mi->msg_prefix)
+  if (mi->msg_prefix[0])
     printf ("[%s]\n", mi->msg_prefix);
 #endif
-  msg_set_prefix (mi->msg_prefix);
+  msg_set_prefix (mi->msg_prefix[0] ? mi->msg_prefix : NULL);
 }
 
 static inline void