@@ -56,7 +56,7 @@ openvpn_SOURCES = \

 	error.c error.h \

 	event.c event.h \

 	fdmisc.c fdmisc.h \

-	forward.c forward.h forward-inline.h \

+	forward.c forward.h \

 	fragment.c fragment.h \

 	gremlin.c gremlin.h \

 	helper.c helper.h \

@@ -81,7 +81,7 @@ openvpn_SOURCES = \

 	mudp.c mudp.h \

 	multi.c multi.h \

 	ntlm.c ntlm.h \

-	occ.c occ.h occ-inline.h \

+	occ.c occ.h \

 	openssl_compat.h \

 	pkcs11.c pkcs11.h pkcs11_backend.h \

 	pkcs11_openssl.c \

@@ -91,8 +91,8 @@ openvpn_SOURCES = \

 	otime.c otime.h \

 	packet_id.c packet_id.h \

 	perf.c perf.h \

-	pf.c pf.h pf-inline.h \

-	ping.c ping.h ping-inline.h \

+	pf.c pf.h \

+	ping.c ping.h \

 	plugin.c plugin.h \

 	pool.c pool.h \

 	proto.c proto.h \

deleted file mode 100644

@@ -1,335 +0,0 @@

-/*

- *  OpenVPN -- An application to securely tunnel IP networks

- *             over a single TCP/UDP port, with support for SSL/TLS-based

- *             session authentication and key exchange,

- *             packet encryption, packet authentication, and

- *             packet compression.

- *

- *  Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>

- *

- *  This program is free software; you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 2

- *  as published by the Free Software Foundation.

- *

- *  This program is distributed in the hope that it will be useful,

- *  but WITHOUT ANY WARRANTY; without even the implied warranty of

- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- *  GNU General Public License for more details.

- *

- *  You should have received a copy of the GNU General Public License along

- *  with this program; if not, write to the Free Software Foundation, Inc.,

- *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

- */

-

-#ifndef FORWARD_INLINE_H

-#define FORWARD_INLINE_H

-

-/*

- * Inline functions

- */

-

-/*

- * Does TLS session need service?

- */

-static inline void

-check_tls(struct context *c)

-{

-    void check_tls_dowork(struct context *c);

-

-    if (c->c2.tls_multi)

-    {

-        check_tls_dowork(c);

-    }

-}

-

-/*

- * TLS errors are fatal in TCP mode.

- * Also check for --tls-exit trigger.

- */

-static inline void

-check_tls_errors(struct context *c)

-{

-    void check_tls_errors_co(struct context *c);

-

-    void check_tls_errors_nco(struct context *c);

-

-    if (c->c2.tls_multi && c->c2.tls_exit_signal)

-    {

-        if (link_socket_connection_oriented(c->c2.link_socket))

-        {

-            if (c->c2.tls_multi->n_soft_errors)

-            {

-                check_tls_errors_co(c);

-            }

-        }

-        else

-        {

-            if (c->c2.tls_multi->n_hard_errors)

-            {

-                check_tls_errors_nco(c);

-            }

-        }

-    }

-}

-

-/*

- * Check for possible incoming configuration

- * messages on the control channel.

- */

-static inline void

-check_incoming_control_channel(struct context *c)

-{

-#if P2MP

-    void check_incoming_control_channel_dowork(struct context *c);

-

-    if (tls_test_payload_len(c->c2.tls_multi) > 0)

-    {

-        check_incoming_control_channel_dowork(c);

-    }

-#endif

-}

-

-/*

- * Options like --up-delay need to be triggered by this function which

- * checks for connection establishment.

- */

-static inline void

-check_connection_established(struct context *c)

-{

-    void check_connection_established_dowork(struct context *c);

-

-    if (event_timeout_defined(&c->c2.wait_for_connect))

-    {

-        check_connection_established_dowork(c);

-    }

-}

-

-/*

- * Should we add routes?

- */

-static inline void

-check_add_routes(struct context *c)

-{

-    void check_add_routes_dowork(struct context *c);

-

-    if (event_timeout_trigger(&c->c2.route_wakeup, &c->c2.timeval, ETT_DEFAULT))

-    {

-        check_add_routes_dowork(c);

-    }

-}

-

-/*

- * Should we exit due to inactivity timeout?

- */

-static inline void

-check_inactivity_timeout(struct context *c)

-{

-    void check_inactivity_timeout_dowork(struct context *c);

-

-    if (c->options.inactivity_timeout

-        && event_timeout_trigger(&c->c2.inactivity_interval, &c->c2.timeval, ETT_DEFAULT))

-    {

-        check_inactivity_timeout_dowork(c);

-    }

-}

-

-#if P2MP

-

-static inline void

-check_server_poll_timeout(struct context *c)

-{

-    void check_server_poll_timeout_dowork(struct context *c);

-

-    if (c->options.ce.connect_timeout

-        && event_timeout_trigger(&c->c2.server_poll_interval, &c->c2.timeval, ETT_DEFAULT))

-    {

-        check_server_poll_timeout_dowork(c);

-    }

-}

-

-/*

- * Scheduled exit?

- */

-static inline void

-check_scheduled_exit(struct context *c)

-{

-    void check_scheduled_exit_dowork(struct context *c);

-

-    if (event_timeout_defined(&c->c2.scheduled_exit))

-    {

-        if (event_timeout_trigger(&c->c2.scheduled_exit, &c->c2.timeval, ETT_DEFAULT))

-        {

-            check_scheduled_exit_dowork(c);

-        }

-    }

-}

-#endif /* if P2MP */

-

-/*

- * Should we write timer-triggered status file.

- */

-static inline void

-check_status_file(struct context *c)

-{

-    void check_status_file_dowork(struct context *c);

-

-    if (c->c1.status_output)

-    {

-        if (status_trigger_tv(c->c1.status_output, &c->c2.timeval))

-        {

-            check_status_file_dowork(c);

-        }

-    }

-}

-

-#ifdef ENABLE_FRAGMENT

-/*

- * Should we deliver a datagram fragment to remote?

- */

-static inline void

-check_fragment(struct context *c)

-{

-    void check_fragment_dowork(struct context *c);

-

-    if (c->c2.fragment)

-    {

-        check_fragment_dowork(c);

-    }

-}

-#endif

-

-#if P2MP

-

-/*

- * see if we should send a push_request in response to --pull

- */

-static inline void

-check_push_request(struct context *c)

-{

-    void check_push_request_dowork(struct context *c);

-

-    if (event_timeout_trigger(&c->c2.push_request_interval, &c->c2.timeval, ETT_DEFAULT))

-    {

-        check_push_request_dowork(c);

-    }

-}

-

-#endif

-

-/*

- * Should we persist our anti-replay packet ID state to disk?

- */

-static inline void

-check_packet_id_persist_flush(struct context *c)

-{

-    if (packet_id_persist_enabled(&c->c1.pid_persist)

-        && event_timeout_trigger(&c->c2.packet_id_persist_interval, &c->c2.timeval, ETT_DEFAULT))

-    {

-        packet_id_persist_save(&c->c1.pid_persist);

-    }

-}

-

-/*

- * Set our wakeup to 0 seconds, so we will be rescheduled

- * immediately.

- */

-static inline void

-context_immediate_reschedule(struct context *c)

-{

-    c->c2.timeval.tv_sec = 0;  /* ZERO-TIMEOUT */

-    c->c2.timeval.tv_usec = 0;

-}

-

-static inline void

-context_reschedule_sec(struct context *c, int sec)

-{

-    if (sec < 0)

-    {

-        sec = 0;

-    }

-    if (sec < c->c2.timeval.tv_sec)

-    {

-        c->c2.timeval.tv_sec = sec;

-        c->c2.timeval.tv_usec = 0;

-    }

-}

-

-static inline struct link_socket_info *

-get_link_socket_info(struct context *c)

-{

-    if (c->c2.link_socket_info)

-    {

-        return c->c2.link_socket_info;

-    }

-    else

-    {

-        return &c->c2.link_socket->info;

-    }

-}

-

-static inline void

-register_activity(struct context *c, const int size)

-{

-    if (c->options.inactivity_timeout)

-    {

-        c->c2.inactivity_bytes += size;

-        if (c->c2.inactivity_bytes >= c->options.inactivity_minimum_bytes)

-        {

-            c->c2.inactivity_bytes = 0;

-            event_timeout_reset(&c->c2.inactivity_interval);

-        }

-    }

-}

-

-/*

- * Return the io_wait() flags appropriate for

- * a point-to-point tunnel.

- */

-static inline unsigned int

-p2p_iow_flags(const struct context *c)

-{

-    unsigned int flags = (IOW_SHAPER|IOW_CHECK_RESIDUAL|IOW_FRAG|IOW_READ|IOW_WAIT_SIGNAL);

-    if (c->c2.to_link.len > 0)

-    {

-        flags |= IOW_TO_LINK;

-    }

-    if (c->c2.to_tun.len > 0)

-    {

-        flags |= IOW_TO_TUN;

-    }

-    return flags;

-}

-

-/*

- * This is the core I/O wait function, used for all I/O waits except

- * for TCP in server mode.

- */

-static inline void

-io_wait(struct context *c, const unsigned int flags)

-{

-    void io_wait_dowork(struct context *c, const unsigned int flags);

-

-    if (c->c2.fast_io && (flags & (IOW_TO_TUN|IOW_TO_LINK|IOW_MBUF)))

-    {

-        /* fast path -- only for TUN/TAP/UDP writes */

-        unsigned int ret = 0;

-        if (flags & IOW_TO_TUN)

-        {

-            ret |= TUN_WRITE;

-        }

-        if (flags & (IOW_TO_LINK|IOW_MBUF))

-        {

-            ret |= SOCKET_WRITE;

-        }

-        c->c2.event_set_status = ret;

-    }

-    else

-    {

-        /* slow path */

-        io_wait_dowork(c, flags);

-    }

-}

-

-#define CONNECTION_ESTABLISHED(c) (get_link_socket_info(c)->connection_established)

-

-#endif /* EVENT_INLINE_H */

@@ -35,6 +35,9 @@

 #include "gremlin.h"

 #include "mss.h"

 #include "event.h"

+#include "occ.h"

+#include "pf.h"

+#include "ping.h"

 #include "ps.h"

 #include "dhcp.h"

 #include "common.h"

@@ -42,9 +45,6 @@

 #include "memdbg.h"

-#include "forward-inline.h"

-#include "occ-inline.h"

-#include "ping-inline.h"

 #include "mstats.h"

 counter_type link_read_bytes_global;  /* GLOBAL */

@@ -78,6 +78,232 @@ show_wait_status(struct context *c)

 #endif /* ifdef ENABLE_DEBUG */

 /*

+ * Does TLS session need service?

+ */

+static inline void

+check_tls(struct context *c)

+{

+    void check_tls_dowork(struct context *c);

+

+    if (c->c2.tls_multi)

+    {

+        check_tls_dowork(c);

+    }

+}

+

+/*

+ * TLS errors are fatal in TCP mode.

+ * Also check for --tls-exit trigger.

+ */

+static inline void

+check_tls_errors(struct context *c)

+{

+    void check_tls_errors_co(struct context *c);

+

+    void check_tls_errors_nco(struct context *c);

+

+    if (c->c2.tls_multi && c->c2.tls_exit_signal)

+    {

+        if (link_socket_connection_oriented(c->c2.link_socket))

+        {

+            if (c->c2.tls_multi->n_soft_errors)

+            {

+                check_tls_errors_co(c);

+            }

+        }

+        else

+        {

+            if (c->c2.tls_multi->n_hard_errors)

+            {

+                check_tls_errors_nco(c);

+            }

+        }

+    }

+}

+

+/*

+ * Check for possible incoming configuration

+ * messages on the control channel.

+ */

+static inline void

+check_incoming_control_channel(struct context *c)

+{

+#if P2MP

+    void check_incoming_control_channel_dowork(struct context *c);

+

+    if (tls_test_payload_len(c->c2.tls_multi) > 0)

+    {

+        check_incoming_control_channel_dowork(c);

+    }

+#endif

+}

+

+/*

+ * Options like --up-delay need to be triggered by this function which

+ * checks for connection establishment.

+ */

+static inline void

+check_connection_established(struct context *c)

+{

+    void check_connection_established_dowork(struct context *c);

+

+    if (event_timeout_defined(&c->c2.wait_for_connect))

+    {

+        check_connection_established_dowork(c);

+    }

+}

+

+/*

+ * Should we add routes?

+ */

+static inline void

+check_add_routes(struct context *c)

+{

+    void check_add_routes_dowork(struct context *c);

+

+    if (event_timeout_trigger(&c->c2.route_wakeup, &c->c2.timeval, ETT_DEFAULT))

+    {

+        check_add_routes_dowork(c);

+    }

+}

+

+/*

+ * Should we exit due to inactivity timeout?

+ */

+static inline void

+check_inactivity_timeout(struct context *c)

+{

+    void check_inactivity_timeout_dowork(struct context *c);

+

+    if (c->options.inactivity_timeout

+        && event_timeout_trigger(&c->c2.inactivity_interval, &c->c2.timeval, ETT_DEFAULT))

+    {

+        check_inactivity_timeout_dowork(c);

+    }

+}

+

+#if P2MP

+

+static inline void

+check_server_poll_timeout(struct context *c)

+{

+    void check_server_poll_timeout_dowork(struct context *c);

+

+    if (c->options.ce.connect_timeout

+        && event_timeout_trigger(&c->c2.server_poll_interval, &c->c2.timeval, ETT_DEFAULT))

+    {

+        check_server_poll_timeout_dowork(c);

+    }

+}

+

+/*

+ * Scheduled exit?

+ */

+static inline void

+check_scheduled_exit(struct context *c)

+{

+    void check_scheduled_exit_dowork(struct context *c);

+

+    if (event_timeout_defined(&c->c2.scheduled_exit))

+    {

+        if (event_timeout_trigger(&c->c2.scheduled_exit, &c->c2.timeval, ETT_DEFAULT))

+        {

+            check_scheduled_exit_dowork(c);

+        }

+    }

+}

+#endif /* if P2MP */

+

+/*

+ * Should we write timer-triggered status file.

+ */

+static inline void

+check_status_file(struct context *c)

+{

+    void check_status_file_dowork(struct context *c);

+

+    if (c->c1.status_output)

+    {

+        if (status_trigger_tv(c->c1.status_output, &c->c2.timeval))

+        {

+            check_status_file_dowork(c);

+        }

+    }

+}

+

+#ifdef ENABLE_FRAGMENT

+/*

+ * Should we deliver a datagram fragment to remote?

+ */

+static inline void

+check_fragment(struct context *c)

+{

+    void check_fragment_dowork(struct context *c);

+

+    if (c->c2.fragment)

+    {

+        check_fragment_dowork(c);

+    }

+}

+#endif

+

+#if P2MP

+

+/*

+ * see if we should send a push_request in response to --pull

+ */

+static inline void

+check_push_request(struct context *c)

+{

+    void check_push_request_dowork(struct context *c);

+

+    if (event_timeout_trigger(&c->c2.push_request_interval, &c->c2.timeval, ETT_DEFAULT))

+    {

+        check_push_request_dowork(c);

+    }

+}

+

+#endif

+

+/*

+ * Should we persist our anti-replay packet ID state to disk?

+ */

+static inline void

+check_packet_id_persist_flush(struct context *c)

+{

+    if (packet_id_persist_enabled(&c->c1.pid_persist)

+        && event_timeout_trigger(&c->c2.packet_id_persist_interval, &c->c2.timeval, ETT_DEFAULT))

+    {

+        packet_id_persist_save(&c->c1.pid_persist);

+    }

+}

+

+/*

+ * Set our wakeup to 0 seconds, so we will be rescheduled

+ * immediately.

+ */

+static inline void

+context_immediate_reschedule(struct context *c)

+{

+    c->c2.timeval.tv_sec = 0;  /* ZERO-TIMEOUT */

+    c->c2.timeval.tv_usec = 0;

+}

+

+static inline void

+context_reschedule_sec(struct context *c, int sec)

+{

+    if (sec < 0)

+    {

+        sec = 0;

+    }

+    if (sec < c->c2.timeval.tv_sec)

+    {

+        c->c2.timeval.tv_sec = sec;

+        c->c2.timeval.tv_usec = 0;

+    }

+}

+

+/*

  * In TLS mode, let TLS level respond to any control-channel

  * packets which were received, or prepare any packets for

  * transmission.

@@ -31,9 +31,9 @@

 #ifndef FORWARD_H

 #define FORWARD_H

-#include "openvpn.h"

-#include "occ.h"

-#include "ping.h"

+/* the following macros must be defined before including any other header

+ * file

+ */

 #define TUN_OUT(c)      (BLEN(&(c)->c2.to_tun) > 0)

 #define LINK_OUT(c)     (BLEN(&(c)->c2.to_link) > 0)

@@ -47,6 +47,10 @@

 #define TO_LINK_DEF(c)  (LINK_OUT(c) || TO_LINK_FRAG(c))

+#include "openvpn.h"

+#include "occ.h"

+#include "ping.h"

+

 #define IOW_TO_TUN          (1<<0)

 #define IOW_TO_LINK         (1<<1)

 #define IOW_READ_TUN        (1<<2)

@@ -262,4 +266,82 @@ void schedule_exit(struct context *c, const int n_seconds, const int signal);

 #endif

+static inline struct link_socket_info *

+get_link_socket_info(struct context *c)

+{

+    if (c->c2.link_socket_info)

+    {

+        return c->c2.link_socket_info;

+    }

+    else

+    {

+        return &c->c2.link_socket->info;

+    }

+}

+

+static inline void

+register_activity(struct context *c, const int size)

+{

+    if (c->options.inactivity_timeout)

+    {

+        c->c2.inactivity_bytes += size;

+        if (c->c2.inactivity_bytes >= c->options.inactivity_minimum_bytes)

+        {

+            c->c2.inactivity_bytes = 0;

+            event_timeout_reset(&c->c2.inactivity_interval);

+        }

+    }

+}

+

+/*

+ * Return the io_wait() flags appropriate for

+ * a point-to-point tunnel.

+ */

+static inline unsigned int

+p2p_iow_flags(const struct context *c)

+{

+    unsigned int flags = (IOW_SHAPER|IOW_CHECK_RESIDUAL|IOW_FRAG|IOW_READ|IOW_WAIT_SIGNAL);

+    if (c->c2.to_link.len > 0)

+    {

+        flags |= IOW_TO_LINK;

+    }

+    if (c->c2.to_tun.len > 0)

+    {

+        flags |= IOW_TO_TUN;

+    }

+    return flags;

+}

+

+/*

+ * This is the core I/O wait function, used for all I/O waits except

+ * for TCP in server mode.

+ */

+static inline void

+io_wait(struct context *c, const unsigned int flags)

+{

+    void io_wait_dowork(struct context *c, const unsigned int flags);

+

+    if (c->c2.fast_io && (flags & (IOW_TO_TUN|IOW_TO_LINK|IOW_MBUF)))

+    {

+        /* fast path -- only for TUN/TAP/UDP writes */

+        unsigned int ret = 0;

+        if (flags & IOW_TO_TUN)

+        {

+            ret |= TUN_WRITE;

+        }

+        if (flags & (IOW_TO_LINK|IOW_MBUF))

+        {

+            ret |= SOCKET_WRITE;

+        }

+        c->c2.event_set_status = ret;

+    }

+    else

+    {

+        /* slow path */

+        io_wait_dowork(c, flags);

+    }

+}

+

+#define CONNECTION_ESTABLISHED(c) (get_link_socket_info(c)->connection_established)

+

 #endif /* FORWARD_H */

@@ -42,6 +42,7 @@

 #include "otime.h"

 #include "pool.h"

 #include "gremlin.h"

+#include "occ.h"

 #include "pkcs11.h"

 #include "ps.h"

 #include "lladdr.h"

@@ -49,11 +50,10 @@

 #include "mstats.h"

 #include "ssl_verify.h"

 #include "tls_crypt.h"

-#include "forward-inline.h"

+#include "forward.h"

 #include "memdbg.h"

-#include "occ-inline.h"

 static struct context *static_context; /* GLOBAL */

@@ -32,7 +32,7 @@

 #if P2MP_SERVER

 #include "multi.h"

-#include "forward-inline.h"

+#include "forward.h"

 #include "memdbg.h"

@@ -33,7 +33,7 @@

 #include "multi.h"

 #include <inttypes.h>

-#include "forward-inline.h"

+#include "forward.h"

 #include "memdbg.h"

@@ -36,10 +36,12 @@

 #if P2MP_SERVER

+#include "forward.h"

 #include "multi.h"

 #include "push.h"

 #include "run_command.h"

 #include "otime.h"

+#include "pf.h"

 #include "gremlin.h"

 #include "mstats.h"

 #include "ssl_verify.h"

@@ -47,8 +49,6 @@

 #include "memdbg.h"

-#include "forward-inline.h"

-#include "pf-inline.h"

 #include "crypto_backend.h"

deleted file mode 100644

@@ -1,95 +0,0 @@

-/*

- *  OpenVPN -- An application to securely tunnel IP networks

- *             over a single TCP/UDP port, with support for SSL/TLS-based

- *             session authentication and key exchange,

- *             packet encryption, packet authentication, and

- *             packet compression.

- *

- *  Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>

- *

- *  This program is free software; you can redistribute it and/or modify

- *  it under the terms of the GNU General Public License version 2

- *  as published by the Free Software Foundation.

- *

- *  This program is distributed in the hope that it will be useful,

- *  but WITHOUT ANY WARRANTY; without even the implied warranty of

- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

- *  GNU General Public License for more details.

- *

- *  You should have received a copy of the GNU General Public License along

- *  with this program; if not, write to the Free Software Foundation, Inc.,

- *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

- */

-

-#ifndef OCC_INLINE_H

-#define OCC_INLINE_H

-

-#ifdef ENABLE_OCC

-

-/*

- * Inline functions

- */

-

-static inline int

-occ_reset_op(void)

-{

-    return -1;

-}

-

-/*

- * Should we send an OCC_REQUEST message?

- */

-static inline void

-check_send_occ_req(struct context *c)

-{

-    void check_send_occ_req_dowork(struct context *c);

-

-    if (event_timeout_defined(&c->c2.occ_interval)

-        && event_timeout_trigger(&c->c2.occ_interval,

-                                 &c->c2.timeval,

-                                 (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))

-    {

-        check_send_occ_req_dowork(c);

-    }

-}

-

-/*

- * Should we send an MTU load test?

- */

-static inline void

-check_send_occ_load_test(struct context *c)

-{

-    void check_send_occ_load_test_dowork(struct context *c);

-

-    if (event_timeout_defined(&c->c2.occ_mtu_load_test_interval)

-        && event_timeout_trigger(&c->c2.occ_mtu_load_test_interval,

-                                 &c->c2.timeval,

-                                 (!TO_LINK_DEF(c) && c->c2.occ_op < 0) ? ETT_DEFAULT : 0))

-    {

-        check_send_occ_load_test_dowork(c);

-    }

-}

-

-/*

- * Should we send an OCC message?

- */

-static inline void

-check_send_occ_msg(struct context *c)

-{

-    void check_send_occ_msg_dowork(struct context *c);