xref: /titanic_44/usr/src/cmd/sendmail/src/ratectrl.c (revision 7c478bd95313f5f23a4c958a745db2134aa03244)
1 /*
2  * Copyright (c) 2003 Sendmail, Inc. and its suppliers.
3  *	All rights reserved.
4  *
5  * By using this file, you agree to the terms and conditions set
6  * forth in the LICENSE file which can be found at the top level of
7  * the sendmail distribution.
8  *
9  * Contributed by Jose Marcio Martins da Cruz - Ecole des Mines de Paris
10  *   Jose-Marcio.Martins@ensmp.fr
11  */
12 
13 /* a part of this code is based on inetd.c for which this copyright applies: */
14 /*
15  * Copyright (c) 1983, 1991, 1993, 1994
16  *      The Regents of the University of California.  All rights reserved.
17  *
18  * Redistribution and use in source and binary forms, with or without
19  * modification, are permitted provided that the following conditions
20  * are met:
21  * 1. Redistributions of source code must retain the above copyright
22  *    notice, this list of conditions and the following disclaimer.
23  * 2. Redistributions in binary form must reproduce the above copyright
24  *    notice, this list of conditions and the following disclaimer in the
25  *    documentation and/or other materials provided with the distribution.
26  * 3. All advertising materials mentioning features or use of this software
27  *    must display the following acknowledgement:
28  *      This product includes software developed by the University of
29  *      California, Berkeley and its contributors.
30  * 4. Neither the name of the University nor the names of its contributors
31  *    may be used to endorse or promote products derived from this software
32  *    without specific prior written permission.
33  *
34  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
35  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
36  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
38  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
39  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
40  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
41  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
42  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
43  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
44  * SUCH DAMAGE.
45  */
46 
47 #pragma ident	"%Z%%M%	%I%	%E% SMI"
48 
49 #include <sendmail.h>
50 SM_RCSID("@(#)$Id: ratectrl.c,v 8.9 2004/07/07 21:23:57 ca Exp $")
51 
52 /*
53 **  stuff included - given some warnings (inet_ntoa)
54 **	- surely not everything is needed
55 */
56 
57 #if NETINET || NETINET6
58 # include <arpa/inet.h>
59 #endif	/* NETINET || NETINET6 */
60 
61 #include <sys/time.h>
62 
63 #ifndef HASH_ALG
64 # define HASH_ALG	2
65 #endif /* HASH_ALG */
66 
67 #ifndef RATECTL_DEBUG
68 # define RATECTL_DEBUG  0
69 #endif /* RATECTL_DEBUG */
70 
71 /* forward declarations */
72 static int client_rate __P((time_t, SOCKADDR *, bool));
73 static int total_rate __P((time_t, bool));
74 #if 0
75 static int sockaddrcmp __P((SOCKADDR *, SOCKADDR *));
76 #endif /* 0 */
77 
78 /*
79 **  CONNECTION_RATE_CHECK - updates connection history data
80 **      and computes connection rate for the given host
81 **
82 **    Parameters:
83 **      hostaddr -- ip address of smtp client
84 **      e -- envelope
85 **
86 **    Returns:
87 **      true (always)
88 **
89 **    Side Effects:
90 **      updates connection history
91 **
92 **    Warnings:
93 **      For each connection, this call shall be
94 **      done only once with the value true for the
95 **      update parameter.
96 **      Typically, this call is done with the value
97 **      true by the father, and once again with
98 **      the value false by the children.
99 **
100 */
101 
102 bool
103 connection_rate_check(hostaddr, e)
104 	SOCKADDR *hostaddr;
105 	ENVELOPE *e;
106 {
107 	time_t now;
108 	int totalrate, clientrate;
109 	static int clientconn = 0;
110 
111 	now = time(NULL);
112 #if RATECTL_DEBUG
113 	sm_syslog(LOG_INFO, NOQID, "connection_rate_check entering...");
114 #endif /* RATECTL_DEBUG */
115 
116 	/* update server connection rate */
117 	totalrate = total_rate(now, e == NULL);
118 #if RATECTL_DEBUG
119 	sm_syslog(LOG_INFO, NOQID, "global connection rate: %d", globalRate);
120 #endif /* RATECTL_DEBUG */
121 
122 	/* update client connection rate */
123 	clientrate = client_rate(now, hostaddr, e == NULL);
124 
125 	if (e == NULL)
126 		clientconn = count_open_connections(hostaddr);
127 
128 	if (e != NULL)
129 	{
130 		char s[16];
131 
132 		sm_snprintf(s, sizeof(s), "%d", clientrate);
133 		macdefine(&e->e_macro, A_TEMP, macid("{client_rate}"), s);
134 		sm_snprintf(s, sizeof(s), "%d", totalrate);
135 		macdefine(&e->e_macro, A_TEMP, macid("{total_rate}"), s);
136 		sm_snprintf(s, sizeof(s), "%d", clientconn);
137 		macdefine(&e->e_macro, A_TEMP, macid("{client_connections}"),
138 				s);
139 	}
140 	return true;
141 }
142 
143 /*
144 **  Data declarations needed to evaluate connection rate
145 */
146 
147 static int CollTime = 60;
148 
149 /* this should be a power of 2, otherwise CPMHMASK doesn't work well */
150 #ifndef CPMHSIZE
151 # define CPMHSIZE	1024
152 #endif /* CPMHSIZE */
153 
154 #define CPMHMASK	(CPMHSIZE-1)
155 
156 #ifndef MAX_CT_STEPS
157 # define MAX_CT_STEPS	10
158 #endif /* MAX_CT_STEPS */
159 
160 /*
161 **  time granularity: 10s (that's one "tick")
162 **  will be initialised to ConnectionRateWindowSize/CHTSIZE
163 **  before being used the first time
164 */
165 
166 static int ChtGran = -1;
167 
168 #define CHTSIZE		6
169 
170 /* Number of connections for a certain "tick" */
171 typedef struct CTime
172 {
173 	unsigned long	ct_Ticks;
174 	int		ct_Count;
175 }
176 CTime_T;
177 
178 typedef struct CHash
179 {
180 #if NETINET6 && NETINET
181 	union
182 	{
183 		struct in_addr	c4_Addr;
184 		struct in6_addr	c6_Addr;
185 	} cu_Addr;
186 # define ch_Addr4	cu_Addr.c4_Addr
187 # define ch_Addr6	cu_Addr.c6_Addr
188 #else /* NETINET6 && NETINET */
189 # if NETINET6
190 	struct in6_addr	ch_Addr;
191 #  define ch_Addr6	ch_Addr
192 # else /* NETINET6 */
193 	struct in_addr ch_Addr;
194 #  define ch_Addr4	ch_Addr
195 # endif /* NETINET6 */
196 #endif /* NETINET6 && NETINET */
197 
198 	int		ch_Family;
199 	time_t		ch_LTime;
200 	unsigned long	ch_colls;
201 
202 	/* 6 buckets for ticks: 60s */
203 	CTime_T		ch_Times[CHTSIZE];
204 }
205 CHash_T;
206 
207 static CHash_T CHashAry[CPMHSIZE];
208 static bool CHashAryOK = false;
209 
210 /*
211 **  CLIENT_RATE - Evaluate connection rate per smtp client
212 **
213 **	Parameters:
214 **		now - current time in secs
215 **		saddr - client address
216 **		update - update data / check only
217 **
218 **	Returns:
219 **		connection rate (connections / ConnectionRateWindowSize)
220 **
221 **	Side effects:
222 **		update static global data
223 **
224 */
225 
226 static int
227 client_rate(now, saddr, update)
228 	 time_t now;
229 	 SOCKADDR *saddr;
230 	 bool update;
231 {
232 	unsigned int hv;
233 	int i;
234 	int cnt;
235 	bool coll;
236 	CHash_T *chBest = NULL;
237 	unsigned int ticks;
238 
239 	cnt = 0;
240 	hv = 0xABC3D20F;
241 	if (ChtGran < 0)
242 		ChtGran = ConnectionRateWindowSize / CHTSIZE;
243 	if (ChtGran <= 0)
244 		ChtGran = 10;
245 
246 	ticks = now / ChtGran;
247 
248 	if (!CHashAryOK)
249 	{
250 		memset(CHashAry, 0, sizeof (CHashAry));
251 		CHashAryOK = true;
252 	}
253 
254 	{
255 		char *p;
256 		int addrlen;
257 #if HASH_ALG != 1
258 		int c, d;
259 #endif /* HASH_ALG != 1 */
260 
261 		switch (saddr->sa.sa_family)
262 		{
263 #if NETINET
264 		  case AF_INET:
265 			p = (char *)&saddr->sin.sin_addr;
266 			addrlen = sizeof(struct in_addr);
267 			break;
268 #endif /* NETINET */
269 #if NETINET6
270 		  case AF_INET6:
271 			p = (char *)&saddr->sin6.sin6_addr;
272 			addrlen = sizeof(struct in6_addr);
273 			break;
274 #endif /* NETINET6 */
275 		  default:
276 			/* should not happen */
277 			return -1;
278 		}
279 
280 		/* compute hash value */
281 		for (i = 0; i < addrlen; ++i, ++p)
282 #if HASH_ALG == 1
283 			hv = (hv << 5) ^ (hv >> 23) ^ *p;
284 		hv = (hv ^ (hv >> 16));
285 #elif HASH_ALG == 2
286 		{
287 			d = *p;
288 			c = d;
289 			c ^= c<<6;
290 			hv += (c<<11) ^ (c>>1);
291 			hv ^= (d<<14) + (d<<7) + (d<<4) + d;
292 		}
293 #elif HASH_ALG == 3
294 		{
295 			hv = (hv << 4) + *p;
296 			d = hv & 0xf0000000;
297 			if (d != 0)
298 			{
299 				hv ^= (d >> 24);
300 				hv ^= d;
301 			}
302 		}
303 #else /* HASH_ALG == 1 */
304 			hv = ((hv << 1) ^ (*p & 0377)) % cctx->cc_size;
305 #endif /* HASH_ALG == 1 */
306 	}
307 
308 	coll = true;
309 	for (i = 0; i < MAX_CT_STEPS; ++i)
310 	{
311 		CHash_T *ch = &CHashAry[(hv + i) & CPMHMASK];
312 
313 #if NETINET
314 		if (saddr->sa.sa_family == AF_INET &&
315 		    ch->ch_Family == AF_INET &&
316 		    (saddr->sin.sin_addr.s_addr == ch->ch_Addr4.s_addr ||
317 		     ch->ch_Addr4.s_addr == 0))
318 		{
319 			chBest = ch;
320 			coll = false;
321 			break;
322 		}
323 #endif /* NETINET */
324 #if NETINET6
325 		if (saddr->sa.sa_family == AF_INET6 &&
326 		    ch->ch_Family == AF_INET6 &&
327 		    (IN6_ARE_ADDR_EQUAL(&saddr->sin6.sin6_addr,
328 				       &ch->ch_Addr6) != 0 ||
329 		     IN6_IS_ADDR_UNSPECIFIED(&ch->ch_Addr6)))
330 		{
331 			chBest = ch;
332 			coll = false;
333 			break;
334 		}
335 #endif /* NETINET6 */
336 		if (chBest == NULL || ch->ch_LTime == 0 ||
337 		    ch->ch_LTime < chBest->ch_LTime)
338 			chBest = ch;
339 	}
340 
341 	/* Let's update data... */
342 	if (update)
343 	{
344 		if (coll && (now - chBest->ch_LTime < CollTime))
345 		{
346 			/*
347 			**  increment the number of collisions last
348 			**  CollTime for this client
349 			*/
350 
351 			chBest->ch_colls++;
352 
353 			/*
354 			**  Maybe shall log if collision rate is too high...
355 			**  and take measures to resize tables
356 			**  if this is the case
357 			*/
358 		}
359 
360 		/*
361 		**  If it's not a match, then replace the data.
362 		**  Note: this purges the history of a colliding entry,
363 		**  which may cause "overruns", i.e., if two entries are
364 		**  "cancelling" each other out, then they may exceed
365 		**  the limits that are set. This might be mitigated a bit
366 		**  by the above "best of 5" function however.
367 		**
368 		**  Alternative approach: just use the old data, which may
369 		**  cause false positives however.
370 		**  To activate this, change deactivate following memset call.
371 		*/
372 
373 		if (coll)
374 		{
375 #if NETINET
376 			if (saddr->sa.sa_family == AF_INET)
377 			{
378 				chBest->ch_Family = AF_INET;
379 				chBest->ch_Addr4 = saddr->sin.sin_addr;
380 			}
381 #endif /* NETINET */
382 #if NETINET6
383 			if (saddr->sa.sa_family == AF_INET6)
384 			{
385 				chBest->ch_Family = AF_INET6;
386 				chBest->ch_Addr6 = saddr->sin6.sin6_addr;
387 			}
388 #endif /* NETINET6 */
389 #if 1
390 			memset(chBest->ch_Times, '\0',
391 			       sizeof (chBest->ch_Times));
392 #endif /* 1 */
393 		}
394 
395 		chBest->ch_LTime = now;
396 		{
397 			CTime_T *ct = &chBest->ch_Times[ticks % CHTSIZE];
398 
399 			if (ct->ct_Ticks != ticks)
400 			{
401 				ct->ct_Ticks = ticks;
402 				ct->ct_Count = 0;
403 			}
404 			++ct->ct_Count;
405 		}
406 	}
407 
408 	/* Now let's count connections on the window */
409 	for (i = 0; i < CHTSIZE; ++i)
410 	{
411 		CTime_T *ct = &chBest->ch_Times[i];
412 
413 		if (ct->ct_Ticks <= ticks && ct->ct_Ticks >= ticks - CHTSIZE)
414 			cnt += ct->ct_Count;
415 	}
416 
417 #if RATECTL_DEBUG
418 	sm_syslog(LOG_WARNING, NOQID,
419 		"cln: cnt=(%d), CHTSIZE=(%d), ChtGran=(%d)",
420 		cnt, CHTSIZE, ChtGran);
421 #endif /* RATECTL_DEBUG */
422 	return cnt;
423 }
424 
425 /*
426 **  TOTAL_RATE - Evaluate global connection rate
427 **
428 **	Parameters:
429 **		now - current time in secs
430 **		update - update data / check only
431 **
432 **	Returns:
433 **		connection rate (connections / ConnectionRateWindowSize)
434 */
435 
436 static CTime_T srv_Times[CHTSIZE];
437 static bool srv_Times_OK = false;
438 
439 static int
440 total_rate(now, update)
441 	 time_t now;
442 	 bool update;
443 {
444 	int i;
445 	int cnt = 0;
446 	CTime_T *ct;
447 	unsigned int ticks;
448 
449 	if (ChtGran < 0)
450 		ChtGran = ConnectionRateWindowSize / CHTSIZE;
451 	if (ChtGran == 0)
452 		ChtGran = 10;
453 	ticks = now / ChtGran;
454 	if (!srv_Times_OK)
455 	{
456 		memset(srv_Times, 0, sizeof(srv_Times));
457 		srv_Times_OK = true;
458 	}
459 
460 	/* Let's update data */
461 	if (update)
462 	{
463 		ct = &srv_Times[ticks % CHTSIZE];
464 
465 		if (ct->ct_Ticks != ticks)
466 		{
467 			ct->ct_Ticks = ticks;
468 			ct->ct_Count = 0;
469 		}
470 		++ct->ct_Count;
471 	}
472 
473 	/* Let's count connections on the window */
474 	for (i = 0; i < CHTSIZE; ++i)
475 	{
476 		ct = &srv_Times[i];
477 
478 		if (ct->ct_Ticks <= ticks && ct->ct_Ticks >= ticks - CHTSIZE)
479 			cnt += ct->ct_Count;
480 	}
481 
482 #if RATECTL_DEBUG
483 	sm_syslog(LOG_WARNING, NOQID,
484 		"srv: cnt=(%d), CHTSIZE=(%d), ChtGran=(%d)",
485 		 cnt, CHTSIZE, ChtGran);
486 #endif /* RATECTL_DEBUG */
487 
488 	return cnt;
489 }
490 
491 #if 0
492 /*
493 ** SOCKADDRCMP - compare two SOCKADDR structures
494 **   this function may be used to compare SOCKADDR
495 **   structures when using bsearch and qsort functions
496 **   in the same way we do with strcmp
497 **
498 ** Parameters:
499 **   a, b - addresses
500 **
501 ** Returns:
502 **   1 if a > b
503 **  -1 if a < b
504 **   0 if a = b
505 **
506 ** OBS: This call isn't used at the moment, it will
507 ** be used when code will be extended to work with IPV6
508 */
509 
510 static int
511 sockaddrcmp(a, b)
512 	 SOCKADDR *a;
513 	 SOCKADDR *b;
514 {
515 	if (a->sa.sa_family > b->sa.sa_family)
516 		return 1;
517 	if (a->sa.sa_family < b->sa.sa_family)
518 		return -1;
519 
520 	switch (a->sa.sa_family)
521 	{
522 	  case AF_INET:
523 		if (a->sin.sin_addr.s_addr > b->sin.sin_addr.s_addr)
524 			return 1;
525 		if (a->sin.sin_addr.s_addr < b->sin.sin_addr.s_addr)
526 			return -1;
527 		return 0;
528 		break;
529 
530 	  case AF_INET6:
531 		/* TO BE DONE */
532 		break;
533 	}
534 	return 0;
535 }
536 #endif /* 0 */
537