@@ -58,7 +58,7 @@ MAIN_NAME=ser

 VERSION = 0

 PATCHLEVEL = 10

 SUBLEVEL =   99

-EXTRAVERSION = -dev11-tcp

+EXTRAVERSION = -dev12-tcp

 RELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)

 OS = $(shell uname -s | sed -e s/SunOS/solaris/ | tr "[A-Z]" "[a-z]")

@@ -1140,6 +1140,9 @@ ifeq ($(OS), darwin)

 	else

 		LIBS= -lfl -lresolv  #dlopen is in libc

 	endif

+	ifeq ($(NO_KQUEUE),)

+		DEFS+=-DHAVE_KQUEUE

+	endif

 	ifeq ($(NO_SELECT),)

 		DEFS+=-DHAVE_SELECT

 	endif

@@ -7,18 +7,31 @@ $Id$

 new archs:

-  - powerpc64 support

-  - alpha experimental support

+

+core:

+ - tcp: - improved  performance (io event handling), using OS specific

+           optimizations

+        - 1024 connections limit removed (see tcp_max_connections)

+new config variables:

+   tcp_connection_lifetime = value (s) - how long the lifetime of a

+      tcp connection will be exteneded after an IO event (accept, connect, 

+      read, write). Default: 120 s.

+   tcp_poll_method = poll|select|epoll_et|epoll-lt|kqueue|devpoll - poll

+      method used (by default the best one for the current OS is selected)

+   tcp_max_connections = no - maximum number of tcp connections (if the number

+      is exceeded no new tcp connections will be accepted). Default: 2048.

-0.8.99-dev changes

+0.9.0 changes

 new archs:

+ - alpha experimental support

  - mips2/cobalt experimental support

  - x86_64 support

  - OS X (darwin) support

  - sparc32 single cpu highly experimental support

+ - ppc64 support

 modules:

  - enum - support for more than one NAPTR

@@ -52,6 +52,8 @@

  *  2004-10-08  more escapes: \", \xHH, \nnn and minor optimizations (andrei)

  *  2004-10-19  added FROM_URI and TO_URI (andrei)

  *  2004-11-30  added force_send_socket

+ *  2005-07-08  added tcp_connection_lifetime, tcp_poll_method,

+ *               tcp_max_connections (andrei)

  */

@@ -209,6 +211,9 @@ TCP_CHILDREN	"tcp_children"

 TCP_ACCEPT_ALIASES	"tcp_accept_aliases"

 TCP_SEND_TIMEOUT	"tcp_send_timeout"

 TCP_CONNECT_TIMEOUT	"tcp_connect_timeout"

+TCP_CON_LIFETIME	"tcp_connection_lifetime"

+TCP_POLL_METHOD		"tcp_poll_method"

+TCP_MAX_CONNECTIONS	"tcp_max_connections"

 DISABLE_TLS		"disable_tls"

 TLSLOG			"tlslog"|"tls_log"

 TLS_PORT_NO		"tls_port_no"

@@ -372,6 +377,12 @@ EAT_ABLE	[\ \t\b\r]

 									return TCP_SEND_TIMEOUT; }

 <INITIAL>{TCP_CONNECT_TIMEOUT}		{ count(); yylval.strval=yytext;

 									return TCP_CONNECT_TIMEOUT; }

+<INITIAL>{TCP_CON_LIFETIME}		{ count(); yylval.strval=yytext;

+									return TCP_CON_LIFETIME; }

+<INITIAL>{TCP_POLL_METHOD}		{ count(); yylval.strval=yytext;

+									return TCP_POLL_METHOD; }

+<INITIAL>{TCP_MAX_CONNECTIONS}	{ count(); yylval.strval=yytext;

+									return TCP_MAX_CONNECTIONS; }

 <INITIAL>{DISABLE_TLS}	{ count(); yylval.strval=yytext; return DISABLE_TLS; }

 <INITIAL>{TLSLOG}		{ count(); yylval.strval=yytext; return TLS_PORT_NO; }

 <INITIAL>{TLS_PORT_NO}	{ count(); yylval.strval=yytext; return TLS_PORT_NO; }

@@ -53,11 +53,13 @@

  * 2004-03-30  added DISABLE_CORE and OPEN_FD_LIMIT (andrei)

  * 2004-04-29  added SOCK_MODE, SOCK_USER & SOCK_GROUP (andrei)

  * 2004-05-03  applied multicast support patch (MCAST_LOOPBACK) from janakj

-               added MCAST_TTL (andrei)

+ *             added MCAST_TTL (andrei)

  * 2004-07-05  src_ip & dst_ip will detect ip addresses between quotes

  *              (andrei)

  * 2004-10-19  added FROM_URI, TO_URI (andrei)

  * 2004-11-30  added force_send_socket (andrei)

+ * 2005-07-08  added TCP_CON_LIFETIME, TCP_POLL_METHOD, TCP_MAX_CONNECTIONS

+ *              (andrei)

  */

@@ -224,6 +226,9 @@ static struct socket_id* mk_listen_id(char*, int, int);

 %token TCP_CHILDREN

 %token TCP_CONNECT_TIMEOUT

 %token TCP_SEND_TIMEOUT

+%token TCP_CON_LIFETIME

+%token TCP_POLL_METHOD

+%token TCP_MAX_CONNECTIONS

 %token DISABLE_TLS

 %token TLSLOG

 %token TLS_PORT_NO

@@ -490,6 +495,51 @@ assign_stm:	DEBUG EQUAL NUMBER { debug=$3; }

 									#endif

 									}

 		| TCP_SEND_TIMEOUT EQUAL error { yyerror("number expected"); }

+		| TCP_CON_LIFETIME EQUAL NUMBER {

+									#ifdef USE_TCP

+										tcp_con_lifetime=$3;

+									#else

+										warn("tcp support not compiled in");

+									#endif

+									}

+		| TCP_CON_LIFETIME EQUAL error { yyerror("number expected"); }

+		| TCP_POLL_METHOD EQUAL ID {

+									#ifdef USE_TCP

+										tcp_poll_method=get_poll_type($3);

+										if (tcp_poll_method==POLL_NONE){

+											LOG(L_CRIT, "bad poll method name:"

+													" %s\n, try one of %s.\n",

+													$3, poll_support);

+											yyerror("bad tcp_poll_method "

+													"value");

+										}

+									#else

+										warn("tcp support not compiled in");

+									#endif

+									}

+		| TCP_POLL_METHOD EQUAL STRING {

+									#ifdef USE_TCP

+										tcp_poll_method=get_poll_type($3);

+										if (tcp_poll_method==POLL_NONE){

+											LOG(L_CRIT, "bad poll method name:"

+													" %s\n, try one of %s.\n",

+													$3, poll_support);

+											yyerror("bad tcp_poll_method "

+													"value");

+										}

+									#else

+										warn("tcp support not compiled in");

+									#endif

+									}

+		| TCP_POLL_METHOD EQUAL error { yyerror("poll method name expected"); }

+		| TCP_MAX_CONNECTIONS EQUAL NUMBER {

+									#ifdef USE_TCP

+										tcp_max_connections=$3;

+									#else

+										warn("tcp support not compiled in");

+									#endif

+									}

+		| TCP_MAX_CONNECTIONS EQUAL error { yyerror("number expected"); }

 		| DISABLE_TLS EQUAL NUMBER {

 									#ifdef USE_TLS

 										tls_disable=$3;

@@ -81,8 +81,10 @@ extern int tcp_disable;

 extern int tcp_accept_aliases;

 extern int tcp_connect_timeout;

 extern int tcp_send_timeout;

+extern int tcp_con_lifetime; /* connection lifetime */

 extern enum poll_types tcp_poll_method;

 extern int tcp_max_fd_no;

+extern int tcp_max_connections;

 #endif

 #ifdef USE_TLS

 extern int tls_disable;

@@ -374,7 +374,7 @@ char* check_poll_method(enum poll_types poll_method)

 #ifndef HAVE_KQUEUE

 			ret="kqueue not supported, try re-compiling with -DHAVE_KQUEUE";

 #else

-		/* only in FreeBSD 4.1, NETBSD 2.0, OpenBSD ???, Darwin ??? FIXME */

+		/* only in FreeBSD 4.1, NETBSD 2.0, OpenBSD 2.9, Darwin */

 	#ifdef __OS_freebsd

 			if (os_ver<0x0401) /* if ver < 4.1 */

 				ret="kqueue not supported on FreeBSD < 4.1";

@@ -422,7 +422,7 @@ enum poll_types choose_poll_method()

 #endif

 #ifdef HAVE_KQUEUE

 	if (poll_method==0)

-		/* only in FreeBSD 4.1, NETBSD 2.0, OpenBSD ???, Darwin ??? FIXME */

+		/* only in FreeBSD 4.1, NETBSD 2.0, OpenBSD 2.9, Darwin */

 	#ifdef __OS_freebsd

 		if (os_ver>=0x0401) /* if ver >= 4.1 */

 	#elif defined (__OS_netbsd)

@@ -44,13 +44,12 @@

 #define TCP_CON_MAX_ALIASES 4 /* maximum number of port aliases */

 #define TCP_BUF_SIZE 65535

-#define TCP_CON_TIMEOUT 120 /* in  seconds */

-#define TCP_CON_SEND_TIMEOUT 120 /* timeout after a send */

+#define DEFAULT_TCP_CONNECTION_LIFETIME 120 /* in  seconds */

 #define DEFAULT_TCP_SEND_TIMEOUT 10 /* if a send can't write for more then 10s,

 									   timeout */

 #define DEFAULT_TCP_CONNECT_TIMEOUT 10 /* if a connect doesn't complete in this

 										  time, timeout */

-#define DEFAULT_TCP_MAX_FD_NO 2048 /* maximum fd number */

+#define DEFAULT_TCP_MAX_CONNECTIONS 2048 /* maximum connections */

 #define TCP_CHILD_TIMEOUT 5 /* after 5 seconds, the child "returns" 

 							 the connection to the tcp master process */

 #define TCP_MAIN_SELECT_TIMEOUT 5 /* how often "tcp main" checks for timeout*/

@@ -56,6 +56,8 @@

  *               signals, poll & select (andrei)

  *  2005-06-26  *bsd kqueue support (andrei)

  *  2005-07-04  solaris /dev/poll support (andrei)

+ *  2005-07-08  tcp_max_connections, tcp_connection_lifetime, don't accept

+ *               more connections if tcp_max_connections is exceeded (andrei)

  */

@@ -133,8 +135,12 @@ struct tcp_child{

 int tcp_accept_aliases=0; /* by default don't accept aliases */

 int tcp_connect_timeout=DEFAULT_TCP_CONNECT_TIMEOUT;

 int tcp_send_timeout=DEFAULT_TCP_SEND_TIMEOUT;

+int tcp_con_lifetime=DEFAULT_TCP_CONNECTION_LIFETIME;

 enum poll_types tcp_poll_method=0; /* by default choose the best method */

-int tcp_max_fd_no=DEFAULT_TCP_MAX_FD_NO;

+int tcp_max_connections=DEFAULT_TCP_MAX_CONNECTIONS;

+int tcp_max_fd_no=0;

+

+static int tcp_connections_no=0; /* current open connections */

 /* connection hash table (after ip&port) , includes also aliases */

 struct tcp_conn_alias** tcpconn_aliases_hash=0;

@@ -412,10 +418,11 @@ struct tcp_connection* tcpconn_new(int sock, union sockaddr_union* su,

 		c->type=PROTO_TCP;

 		c->rcv.proto=PROTO_TCP;

 		c->flags=0;

-		c->timeout=get_ticks()+TCP_CON_TIMEOUT;

+		c->timeout=get_ticks()+tcp_con_lifetime;

 	}

+	tcp_connections_no++;

 	return c;

 error:

@@ -703,9 +710,9 @@ int tcp_send(int type, char* buf, unsigned len, union sockaddr_union* to,

 	if (to){

 		su2ip_addr(&ip, to);

 		port=su_getport(to);

-		c=tcpconn_get(id, &ip, port, TCP_CON_SEND_TIMEOUT); 

+		c=tcpconn_get(id, &ip, port, tcp_con_lifetime); 

 	}else if (id){

-		c=tcpconn_get(id, 0, 0, TCP_CON_SEND_TIMEOUT);

+		c=tcpconn_get(id, 0, 0, tcp_con_lifetime);

 	}else{

 		LOG(L_CRIT, "BUG: tcp_send called with null id & to\n");

 		return -1;

@@ -715,7 +722,7 @@ int tcp_send(int type, char* buf, unsigned len, union sockaddr_union* to,

 		if (c==0) {

 			if (to){

 				/* try again w/o id */

-				c=tcpconn_get(0, &ip, port, TCP_CON_SEND_TIMEOUT);

+				c=tcpconn_get(0, &ip, port, tcp_con_lifetime);

 				goto no_id;

 			}else{

 				LOG(L_ERR, "ERROR: tcp_send: id %d not found, dropping\n",

@@ -983,6 +990,12 @@ static inline int handle_new_connect(struct socket_info* si)

 				" connection(%d): %s\n", errno, strerror(errno));

 		return -1;

 	}

+	if (tcp_connections_no>=tcp_max_connections){

+		LOG(L_ERR, "ERROR: maximum number of connections exceeded: %d/%d\n",

+					tcp_connections_no, tcp_max_connections);

+		close(new_sock);

+		return 1; /* success, because the accept was succesfull */

+	}

 	if (init_sock_opt(new_sock)<0){

 		LOG(L_ERR, "ERROR: handle_new_connect: init_sock_opt failed\n");

 		close(new_sock);

@@ -1037,6 +1050,7 @@ static void tcpconn_destroy(struct tcp_connection* tcpconn)

 #endif

 		_tcpconn_rm(tcpconn);

 		close(fd);

+		tcp_connections_no--;

 	}else{

 		/* force timeout */

 		tcpconn->timeout=0;

@@ -1175,7 +1189,7 @@ inline static int handle_tcp_child(struct tcp_child* tcp_c, int fd_i)

 				break;

 			}

 			/* update the timeout*/

-			tcpconn->timeout=get_ticks()+TCP_CON_TIMEOUT;

+			tcpconn->timeout=get_ticks()+tcp_con_lifetime;

 			tcpconn_put(tcpconn);

 			/* must be after the de-ref*/

 			io_watch_add(&io_h, tcpconn->s, F_TCPCONN, tcpconn);

@@ -1311,7 +1325,7 @@ inline static int handle_ser_child(struct process_table* p, int fd_i)

 			/* add tcpconn to the list*/

 			tcpconn_add(tcpconn);

 			/* update the timeout*/

-			tcpconn->timeout=get_ticks()+TCP_CON_TIMEOUT;

+			tcpconn->timeout=get_ticks()+tcp_con_lifetime;

 			io_watch_add(&io_h, tcpconn->s, F_TCPCONN, tcpconn);

 			break;

 		default:

@@ -1566,6 +1580,8 @@ void destroy_tcp()

 int init_tcp()

 {

+	char* poll_err;

+	

 	/* init lock */

 	tcpconn_lock=lock_alloc();

 	if (tcpconn_lock==0){

@@ -1604,6 +1620,25 @@ int init_tcp()

 	memset((void*)tcpconn_id_hash, 0, 

 			TCP_ID_HASH_SIZE * sizeof(struct tcp_connection*));

+	/* fix config variables */

+	/* they can have only positive values due the config parser so we can

+	 * ignore most of them */

+		poll_err=check_poll_method(tcp_poll_method);

+	

+	/* set an appropiate poll method */

+	if (poll_err || (tcp_poll_method==0)){

+		tcp_poll_method=choose_poll_method();

+		if (poll_err){

+			LOG(L_ERR, "ERROR: init_tcp: %s, using %s instead\n",

+					poll_err, poll_method_name(tcp_poll_method));

+		}else{

+			LOG(L_INFO, "init_tcp: using %s as the io watch method"

+					" (auto detected)\n", poll_method_name(tcp_poll_method));

+		}

+	}else{

+			LOG(L_INFO, "init_tcp: using %s io watch method (config)\n",

+					poll_method_name(tcp_poll_method));

+	}

 	return 0;

 error:

@@ -1621,7 +1656,20 @@ int tcp_init_children()

 	int sockfd[2];

 	int reader_fd[2]; /* for comm. with the tcp children read  */

 	pid_t pid;

+	struct socket_info *si;

+	

+	/* estimate max fd. no:

+	 * 1 tcp send unix socket/all_proc, 

+	 *  + 1 udp sock/udp proc + 1 tcp_child sock/tcp child*

+	 *  + no_listen_tcp */

+	for(r=0, si=tcp_listen; si; si=si->next, r++);

+#ifdef USE_TLS

+	if (! tls_disable)

+		for (si=tls_listen; si; si=si->next; r++);

+#endif

+	tcp_max_fd_no=process_count()*2 +r-1 /* timer */ +3; /* stdin/out/err*/

+	tcp_max_fd_no+=tcp_max_connections;

 	/* create the tcp sock_info structures */

 	/* copy the sockets --moved to main_loop*/