OpenVPN
diff --git a/‎src/openvpn/forward.c‎
Lines changed: 73 additions & 24 deletions b/‎src/openvpn/forward.c‎
Lines changed: 73 additions & 24 deletions
diff --git a/‎src/openvpn/forward.h‎
Lines changed: 9 additions & 5 deletions b/‎src/openvpn/forward.h‎
Lines changed: 9 additions & 5 deletions
diff --git a/‎src/openvpn/init.c‎
Lines changed: 28 additions & 2 deletions b/‎src/openvpn/init.c‎
Lines changed: 28 additions & 2 deletions
@@ -376,14 +376,13 @@ check_connection_established(struct context *c)
 #endif
 
 bool
-send_control_channel_string_dowork(struct tls_session *session, const char *str,
+send_control_channel_string_dowork(struct tls_session *session, struct key_state *ks, const char *str,
                                    msglvl_t msglevel)
 {
     struct gc_arena gc = gc_new();
     bool stat;
 
     ASSERT(session);
-    struct key_state *ks = &session->key[KS_PRIMARY];
 
     /* buffered cleartext write onto TLS control channel */
     stat = tls_send_payload(ks, (uint8_t *)str, strlen(str) + 1);
@@ -409,7 +408,18 @@ send_control_channel_string(struct context *c, const char *str, msglvl_t msgleve
     if (c->c2.tls_multi)
     {
         struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
-        bool ret = send_control_channel_string_dowork(session, str, msglevel);
+        struct key_state *ks = &session->key[KS_PRIMARY];
+        bool ret = send_control_channel_string_dowork(session, ks, str, msglevel);
+        reschedule_multi_process(c);
+
+        session = &c->c2.tls_multi->session[TM_THREADED];
+        ks = &session->key[KS_PRIMARY];
+        send_control_channel_string_dowork(session, ks, str, msglevel);
+        reschedule_multi_process(c);
+
+        session = &c->c2.tls_multi->session[TM_REKEYS];
+        ks = &session->key[KS_PRIMARY];
+        ret = send_control_channel_string_dowork(session, ks, str, msglevel);
         reschedule_multi_process(c);
 
         return ret;
@@ -2358,11 +2368,13 @@ get_io_flags_udp(struct context *c, struct multi_io *multi_io, const unsigned in
 }
 
 void
-io_wait_dowork(struct context *c, const unsigned int flags)
+io_wait_dowork(struct context *c, const unsigned int flags, int z)
 {
     unsigned int out_socket;
     unsigned int out_tuntap;
     struct event_set_return esr[4];
+    struct event_set *event_set = ((z & THREAD_RTWL) != 0) ? c->c2.event_set : c->c2.event_set2;
+    unsigned int *event_set_status = ((z & THREAD_RTWL) != 0) ? &(c->c2.event_set_status) : &(c->c2.event_set_status2);
 
     /* These shifts all depend on EVENT_READ and EVENT_WRITE */
     static uintptr_t socket_shift = SOCKET_SHIFT; /* depends on SOCKET_READ and SOCKET_WRITE */
@@ -2380,29 +2392,29 @@ io_wait_dowork(struct context *c, const unsigned int flags)
     /*
      * Decide what kind of events we want to wait for.
      */
-    event_reset(c->c2.event_set);
+    event_reset(event_set);
 
-    multi_io_process_flags(c, c->c2.event_set, flags, &out_socket, &out_tuntap);
+    multi_io_process_flags(c, event_set, flags, &out_socket, &out_tuntap);
 
 #if defined(TARGET_LINUX) || defined(TARGET_FREEBSD)
     if (out_socket & EVENT_READ && c->c2.did_open_tun)
     {
-        dco_event_set(&c->c1.tuntap->dco, c->c2.event_set, (void *)dco_shift);
+        dco_event_set(&c->c1.tuntap->dco, event_set, (void *)dco_shift);
     }
 #endif
 
 #ifdef ENABLE_MANAGEMENT
     if (management)
     {
-        management_socket_set(management, c->c2.event_set, (void *)management_shift, NULL);
+        management_socket_set(management, event_set, (void *)management_shift, NULL);
     }
 #endif
 
 #ifdef ENABLE_ASYNC_PUSH
     /* arm inotify watcher */
     if (c->options.mode == MODE_SERVER)
     {
-        event_ctl(c->c2.event_set, c->c2.inotify_fd, EVENT_READ, (void *)file_shift);
+        event_ctl(event_set, c->c2.inotify_fd, EVENT_READ, (void *)file_shift);
     }
 #endif
 
@@ -2416,7 +2428,7 @@ io_wait_dowork(struct context *c, const unsigned int flags)
      *  (6) timeout (tv) expired
      */
 
-    c->c2.event_set_status = ES_ERROR;
+    *event_set_status = ES_ERROR;
 
     if (!c->sig->signal_received)
     {
@@ -2434,14 +2446,14 @@ io_wait_dowork(struct context *c, const unsigned int flags)
             /*
              * Wait for something to happen.
              */
-            status = event_wait(c->c2.event_set, &c->c2.timeval, esr, SIZE(esr));
+            status = event_wait(event_set, &c->c2.timeval, esr, SIZE(esr));
 
             check_status(status, "event_wait", NULL, NULL);
 
             if (status > 0)
             {
                 int i;
-                c->c2.event_set_status = 0;
+                *event_set_status = 0;
                 for (i = 0; i < status; ++i)
                 {
                     const struct event_set_return *e = &esr[i];
@@ -2452,7 +2464,7 @@ io_wait_dowork(struct context *c, const unsigned int flags)
                         struct event_arg *ev_arg = (struct event_arg *)e->arg;
                         if (ev_arg->type != EVENT_ARG_LINK_SOCKET)
                         {
-                            c->c2.event_set_status = ES_ERROR;
+                            *event_set_status = ES_ERROR;
                             msg(D_LINK_ERRORS, "io_work: non socket event delivered");
                             return;
                         }
@@ -2464,30 +2476,30 @@ io_wait_dowork(struct context *c, const unsigned int flags)
                         shift = (uintptr_t)e->arg;
                     }
 
-                    c->c2.event_set_status |= ((e->rwflags & 3) << shift);
+                    *event_set_status |= ((e->rwflags & 3) << shift);
                 }
             }
             else if (status == 0)
             {
-                c->c2.event_set_status = ES_TIMEOUT;
+                *event_set_status = ES_TIMEOUT;
             }
         }
         else
         {
-            c->c2.event_set_status = SOCKET_READ;
+            *event_set_status = SOCKET_READ;
         }
     }
 
     /* 'now' should always be a reasonably up-to-date timestamp */
     update_time();
 
     /* set signal_received if a signal was received */
-    if (c->c2.event_set_status & ES_ERROR)
+    if (*event_set_status & ES_ERROR)
     {
         get_signal(&c->sig->signal_received);
     }
 
-    dmsg(D_EVENT_WAIT, "I/O WAIT status=0x%04x", c->c2.event_set_status);
+    dmsg(D_EVENT_WAIT, "I/O WAIT status=0x%04x", *event_set_status);
 }
 
 void threaded_fwd_inp_intf(struct context *c, struct link_socket *sock, struct thread_pointer *b)
@@ -2507,7 +2519,7 @@ void threaded_fwd_inp_intf(struct context *c, struct link_socket *sock, struct t
 }
 
 void
-process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b)
+process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b, int z)
 {
     const unsigned int status = c->c2.event_set_status;
 
@@ -2520,17 +2532,17 @@ process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b
 #endif
 
     /* TCP/UDP port ready to accept write */
-    if (status & SOCKET_WRITE)
+    if ((status & SOCKET_WRITE) && ((z & THREAD_RTWL) != 0))
     {
         process_outgoing_link(c, sock);
     }
     /* TUN device ready to accept write */
-    else if (status & TUN_WRITE)
+    else if ((status & TUN_WRITE) && ((z & THREAD_RLWT) != 0))
     {
         process_outgoing_tun(c, sock);
     }
     /* Incoming data on TCP/UDP port */
-    else if (status & SOCKET_READ)
+    else if ((status & SOCKET_READ) && ((z & THREAD_RLWT) != 0))
     {
         read_incoming_link(c, sock);
         if (!IS_SIG(c))
@@ -2539,15 +2551,52 @@ process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b
         }
     }
     /* Incoming data on TUN device */
-    else if (status & TUN_READ)
+    else if ((status & TUN_READ) && ((z & THREAD_RTWL) != 0))
     {
         threaded_fwd_inp_intf(c, sock, b);
     }
-    else if (status & DCO_READ)
+    else if ((status & DCO_READ) && ((z & THREAD_RTWL) != 0))
     {
         if (!IS_SIG(c))
         {
             process_incoming_dco(c);
         }
     }
 }
+
+void threaded_dual_init(struct dual_args *d)
+{
+    if ((d->a == 0) && (d->c->c2.buffers))
+    {
+        if ((d->z & THREAD_RLWT) != 0)
+        {
+            d->c->c2.buffers->read_link_buf.len = 0;
+            d->c->c2.buf2 = d->c->c2.buffers->read_link_buf;
+            d->a = 1;
+        }
+        if ((d->z & THREAD_RTWL) != 0)
+        {
+            d->c->c2.buffers->read_tun_buf.len = 0;
+            d->c->c2.buf = d->c->c2.buffers->read_tun_buf;
+            d->a = 1;
+        }
+    }
+}
+
+void *threaded_process_io(void *a)
+{
+    struct dual_args *d = (struct dual_args *)a;
+    while (true)
+    {
+        if (d->b->p->z != 1) { break; }
+        pthread_mutex_lock(&(d->i));
+        if (d->b->p->z != 1) { break; }
+        threaded_dual_init(d);
+        if (d->a == 1)
+        {
+            process_io(d->c, d->c->c2.link_sockets[0], d->b, d->z);
+        }
+        pthread_mutex_unlock(&(d->o));
+    }
+    return NULL;
+}
@@ -77,11 +77,15 @@ void get_io_flags_dowork_udp(struct context *c, struct multi_io *multi_io,
 
 void get_io_flags_udp(struct context *c, struct multi_io *multi_io, const unsigned int flags);
 
-void io_wait_dowork(struct context *c, const unsigned int flags);
+void io_wait_dowork(struct context *c, const unsigned int flags, int z);
 
 void pre_select(struct context *c);
 
-void process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b);
+void process_io(struct context *c, struct link_socket *sock, struct thread_pointer *b, int z);
+
+void *threaded_process_io(void *a);
+
+void threaded_dual_init(struct dual_args *d);
 
 
 /**********************************************************************/
@@ -309,7 +313,7 @@ bool send_control_channel_string(struct context *c, const char *str, msglvl_t ms
  * @param msglevel   - Message level to use for logging
  */
 
-bool send_control_channel_string_dowork(struct tls_session *session, const char *str,
+bool send_control_channel_string_dowork(struct tls_session *session, struct key_state *ks, const char *str,
                                         msglvl_t msglevel);
 
 
@@ -386,7 +390,7 @@ p2p_iow_flags(const struct context *c)
  * for the top-level server sockets.
  */
 static inline void
-io_wait(struct context *c, const unsigned int flags)
+io_wait(struct context *c, const unsigned int flags, int z)
 {
     if (proto_is_dgram(c->c2.link_sockets[0]->info.proto) && c->c2.fast_io
         && (flags & (IOW_TO_TUN | IOW_TO_LINK | IOW_MBUF)))
@@ -406,7 +410,7 @@ io_wait(struct context *c, const unsigned int flags)
     else
     {
         /* slow path */
-        io_wait_dowork(c, flags);
+        io_wait_dowork(c, flags, z);
     }
 }
 
 
@@ -2322,14 +2322,23 @@ do_deferred_options_part2(struct context *c)
 #endif
 
     struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
-    if (!tls_session_update_crypto_params(c->c2.tls_multi, session, &c->options, &c->c2.frame,
+    struct key_state *ks = &session->key[KS_PRIMARY];
+    if (!tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame,
                                           frame_fragment, get_link_socket_info(c),
                                           &c->c1.tuntap->dco))
     {
         msg(D_TLS_ERRORS, "OPTIONS ERROR: failed to import crypto options");
         return false;
     }
 
+    session = &c->c2.tls_multi->session[TM_THREADED];
+    ks = &session->key[KS_PRIMARY];
+    tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame, frame_fragment, get_link_socket_info(c), &c->c1.tuntap->dco);
+
+    session = &c->c2.tls_multi->session[TM_REKEYS];
+    ks = &session->key[KS_PRIMARY];
+    tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame, frame_fragment, get_link_socket_info(c), &c->c1.tuntap->dco);
+
     return true;
 }
 
@@ -2548,6 +2557,7 @@ do_deferred_p2p_ncp(struct context *c)
     c->options.use_peer_id = c->c2.tls_multi->use_peer_id;
 
     struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
+    struct key_state *ks = &session->key[KS_PRIMARY];
 
     const char *ncp_cipher =
         get_p2p_ncp_cipher(session, c->c2.tls_multi->peer_info, &c->options.gc);
@@ -2572,13 +2582,22 @@ do_deferred_p2p_ncp(struct context *c)
     }
 #endif
 
-    if (!tls_session_update_crypto_params(c->c2.tls_multi, session, &c->options, &c->c2.frame,
+    if (!tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame,
                                           frame_fragment, get_link_socket_info(c),
                                           &c->c1.tuntap->dco))
     {
         msg(D_TLS_ERRORS, "ERROR: failed to set crypto cipher");
         return false;
     }
+
+    session = &c->c2.tls_multi->session[TM_THREADED];
+    ks = &session->key[KS_PRIMARY];
+    tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame, frame_fragment, get_link_socket_info(c), &c->c1.tuntap->dco);
+
+    session = &c->c2.tls_multi->session[TM_REKEYS];
+    ks = &session->key[KS_PRIMARY];
+    tls_session_update_crypto_params(c->c2.tls_multi, session, ks, &c->options, &c->c2.frame, frame_fragment, get_link_socket_info(c), &c->c1.tuntap->dco);
+
     return true;
 }
 
@@ -3438,6 +3457,8 @@ do_init_crypto_tls(struct context *c, const unsigned int flags)
     /* let the TLS engine know if keys have to be installed in DCO or not */
     to.dco_enabled = dco_enabled(options);
 
+    to.dual_mode = c->options.ce.dual_mode;
+
     /*
      * Initialize OpenVPN's master TLS-mode object.
      */
@@ -4111,6 +4132,7 @@ do_event_set_init(struct context *c, bool need_us_timeout)
     }
 
     c->c2.event_set = event_set_init(&c->c2.event_set_max, flags);
+    c->c2.event_set2 = event_set_init(&c->c2.event_set_max, flags);
     c->c2.event_set_owned = true;
 }
 
@@ -4120,7 +4142,9 @@ do_close_event_set(struct context *c)
     if (c->c2.event_set && c->c2.event_set_owned)
     {
         event_free(c->c2.event_set);
+        event_free(c->c2.event_set2);
         c->c2.event_set = NULL;
+        c->c2.event_set2 = NULL;
         c->c2.event_set_owned = false;
     }
 }
@@ -4925,6 +4949,7 @@ inherit_context_child(struct context *dest, const struct context *src, struct li
     options_detach(&dest->options);
 
     dest->c2.event_set = src->c2.event_set;
+    dest->c2.event_set2 = src->c2.event_set2;
 
     if (dest->mode == CM_CHILD_TCP)
     {
@@ -5016,6 +5041,7 @@ inherit_context_top(struct context *dest, const struct context *src)
     dest->c2.es_owned = false;
 
     dest->c2.event_set = NULL;
+    dest->c2.event_set2 = NULL;
     do_event_set_init(dest, false);
 
 #ifdef USE_COMP
Original file line number	Diff line number	Diff line change
`@@ -376,14 +376,13 @@ check_connection_established(struct context *c)`
`376`	`376`	`#endif`
`377`	`377`
`378`	`378`	`bool`
`379`		`-send_control_channel_string_dowork(struct tls_session session, const char str,`
	`379`	`+send_control_channel_string_dowork(struct tls_session session, struct key_state ks, const char *str,`
`380`	`380`	`msglvl_t msglevel)`
`381`	`381`	`{`
`382`	`382`	`struct gc_arena gc = gc_new();`
`383`	`383`	`bool stat;`
`384`	`384`
`385`	`385`	`ASSERT(session);`
`386`		`- struct key_state *ks = &session->key[KS_PRIMARY];`
`387`	`386`
`388`	`387`	`/* buffered cleartext write onto TLS control channel */`
`389`	`388`	`stat = tls_send_payload(ks, (uint8_t *)str, strlen(str) + 1);`
`@@ -409,7 +408,18 @@ send_control_channel_string(struct context c, const char str, msglvl_t msgleve`
`409`	`408`	`if (c->c2.tls_multi)`
`410`	`409`	`{`
`411`	`410`	`struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];`
`412`		`- bool ret = send_control_channel_string_dowork(session, str, msglevel);`
	`411`	`+ struct key_state *ks = &session->key[KS_PRIMARY];`
	`412`	`+ bool ret = send_control_channel_string_dowork(session, ks, str, msglevel);`
	`413`	`+ reschedule_multi_process(c);`
	`414`	`+`
	`415`	`+ session = &c->c2.tls_multi->session[TM_THREADED];`
	`416`	`+ ks = &session->key[KS_PRIMARY];`
	`417`	`+ send_control_channel_string_dowork(session, ks, str, msglevel);`
	`418`	`+ reschedule_multi_process(c);`
	`419`	`+`
	`420`	`+ session = &c->c2.tls_multi->session[TM_REKEYS];`
	`421`	`+ ks = &session->key[KS_PRIMARY];`
	`422`	`+ ret = send_control_channel_string_dowork(session, ks, str, msglevel);`
`413`	`423`	`reschedule_multi_process(c);`
`414`	`424`
`415`	`425`	`return ret;`
`@@ -2358,11 +2368,13 @@ get_io_flags_udp(struct context c, struct multi_io multi_io, const unsigned in`
`2358`	`2368`	`}`
`2359`	`2369`
`2360`	`2370`	`void`
`2361`		`-io_wait_dowork(struct context *c, const unsigned int flags)`
	`2371`	`+io_wait_dowork(struct context *c, const unsigned int flags, int z)`
`2362`	`2372`	`{`
`2363`	`2373`	`unsigned int out_socket;`
`2364`	`2374`	`unsigned int out_tuntap;`
`2365`	`2375`	`struct event_set_return esr[4];`
	`2376`	`+ struct event_set *event_set = ((z & THREAD_RTWL) != 0) ? c->c2.event_set : c->c2.event_set2;`
	`2377`	`+ unsigned int *event_set_status = ((z & THREAD_RTWL) != 0) ? &(c->c2.event_set_status) : &(c->c2.event_set_status2);`
`2366`	`2378`
`2367`	`2379`	`/* These shifts all depend on EVENT_READ and EVENT_WRITE */`
`2368`	`2380`	`static uintptr_t socket_shift = SOCKET_SHIFT; /* depends on SOCKET_READ and SOCKET_WRITE */`
`@@ -2380,29 +2392,29 @@ io_wait_dowork(struct context *c, const unsigned int flags)`
`2380`	`2392`	`/*`
`2381`	`2393`	`* Decide what kind of events we want to wait for.`
`2382`	`2394`	`*/`
`2383`		`- event_reset(c->c2.event_set);`
	`2395`	`+ event_reset(event_set);`
`2384`	`2396`
`2385`		`- multi_io_process_flags(c, c->c2.event_set, flags, &out_socket, &out_tuntap);`
	`2397`	`+ multi_io_process_flags(c, event_set, flags, &out_socket, &out_tuntap);`
`2386`	`2398`
`2387`	`2399`	`#if defined(TARGET_LINUX) \|\| defined(TARGET_FREEBSD)`
`2388`	`2400`	`if (out_socket & EVENT_READ && c->c2.did_open_tun)`
`2389`	`2401`	`{`
`2390`		`- dco_event_set(&c->c1.tuntap->dco, c->c2.event_set, (void *)dco_shift);`
	`2402`	`+ dco_event_set(&c->c1.tuntap->dco, event_set, (void *)dco_shift);`
`2391`	`2403`	`}`
`2392`	`2404`	`#endif`
`2393`	`2405`
`2394`	`2406`	`#ifdef ENABLE_MANAGEMENT`
`2395`	`2407`	`if (management)`
`2396`	`2408`	`{`
`2397`		`- management_socket_set(management, c->c2.event_set, (void *)management_shift, NULL);`
	`2409`	`+ management_socket_set(management, event_set, (void *)management_shift, NULL);`
`2398`	`2410`	`}`
`2399`	`2411`	`#endif`
`2400`	`2412`
`2401`	`2413`	`#ifdef ENABLE_ASYNC_PUSH`
`2402`	`2414`	`/* arm inotify watcher */`
`2403`	`2415`	`if (c->options.mode == MODE_SERVER)`
`2404`	`2416`	`{`
`2405`		`- event_ctl(c->c2.event_set, c->c2.inotify_fd, EVENT_READ, (void *)file_shift);`
	`2417`	`+ event_ctl(event_set, c->c2.inotify_fd, EVENT_READ, (void *)file_shift);`
`2406`	`2418`	`}`
`2407`	`2419`	`#endif`
`2408`	`2420`
`@@ -2416,7 +2428,7 @@ io_wait_dowork(struct context *c, const unsigned int flags)`
`2416`	`2428`	`* (6) timeout (tv) expired`
`2417`	`2429`	`*/`
`2418`	`2430`
`2419`		`- c->c2.event_set_status = ES_ERROR;`
	`2431`	`+ *event_set_status = ES_ERROR;`
`2420`	`2432`
`2421`	`2433`	`if (!c->sig->signal_received)`
`2422`	`2434`	`{`
`@@ -2434,14 +2446,14 @@ io_wait_dowork(struct context *c, const unsigned int flags)`
`2434`	`2446`	`/*`
`2435`	`2447`	`* Wait for something to happen.`
`2436`	`2448`	`*/`
`2437`		`- status = event_wait(c->c2.event_set, &c->c2.timeval, esr, SIZE(esr));`
	`2449`	`+ status = event_wait(event_set, &c->c2.timeval, esr, SIZE(esr));`
`2438`	`2450`
`2439`	`2451`	`check_status(status, "event_wait", NULL, NULL);`
`2440`	`2452`
`2441`	`2453`	`if (status > 0)`
`2442`	`2454`	`{`
`2443`	`2455`	`int i;`
`2444`		`- c->c2.event_set_status = 0;`
	`2456`	`+ *event_set_status = 0;`
`2445`	`2457`	`for (i = 0; i < status; ++i)`
`2446`	`2458`	`{`
`2447`	`2459`	`const struct event_set_return *e = &esr[i];`
`@@ -2452,7 +2464,7 @@ io_wait_dowork(struct context *c, const unsigned int flags)`
`2452`	`2464`	`struct event_arg ev_arg = (struct event_arg )e->arg;`
`2453`	`2465`	`if (ev_arg->type != EVENT_ARG_LINK_SOCKET)`
`2454`	`2466`	`{`
`2455`		`- c->c2.event_set_status = ES_ERROR;`
	`2467`	`+ *event_set_status = ES_ERROR;`
`2456`	`2468`	`msg(D_LINK_ERRORS, "io_work: non socket event delivered");`
`2457`	`2469`	`return;`
`2458`	`2470`	`}`
`@@ -2464,30 +2476,30 @@ io_wait_dowork(struct context *c, const unsigned int flags)`
`2464`	`2476`	`shift = (uintptr_t)e->arg;`
`2465`	`2477`	`}`
`2466`	`2478`
`2467`		`- c->c2.event_set_status \|= ((e->rwflags & 3) << shift);`
	`2479`	`+ *event_set_status \|= ((e->rwflags & 3) << shift);`
`2468`	`2480`	`}`
`2469`	`2481`	`}`
`2470`	`2482`	`else if (status == 0)`
`2471`	`2483`	`{`
`2472`		`- c->c2.event_set_status = ES_TIMEOUT;`
	`2484`	`+ *event_set_status = ES_TIMEOUT;`
`2473`	`2485`	`}`
`2474`	`2486`	`}`
`2475`	`2487`	`else`
`2476`	`2488`	`{`
`2477`		`- c->c2.event_set_status = SOCKET_READ;`
	`2489`	`+ *event_set_status = SOCKET_READ;`
`2478`	`2490`	`}`
`2479`	`2491`	`}`
`2480`	`2492`
`2481`	`2493`	`/* 'now' should always be a reasonably up-to-date timestamp */`
`2482`	`2494`	`update_time();`
`2483`	`2495`
`2484`	`2496`	`/* set signal_received if a signal was received */`
`2485`		`- if (c->c2.event_set_status & ES_ERROR)`
	`2497`	`+ if (*event_set_status & ES_ERROR)`
`2486`	`2498`	`{`
`2487`	`2499`	`get_signal(&c->sig->signal_received);`
`2488`	`2500`	`}`
`2489`	`2501`
`2490`		`- dmsg(D_EVENT_WAIT, "I/O WAIT status=0x%04x", c->c2.event_set_status);`
	`2502`	`+ dmsg(D_EVENT_WAIT, "I/O WAIT status=0x%04x", *event_set_status);`
`2491`	`2503`	`}`
`2492`	`2504`
`2493`	`2505`	`void threaded_fwd_inp_intf(struct context c, struct link_socket sock, struct thread_pointer *b)`
`@@ -2507,7 +2519,7 @@ void threaded_fwd_inp_intf(struct context c, struct link_socket sock, struct t`
`2507`	`2519`	`}`
`2508`	`2520`
`2509`	`2521`	`void`
`2510`		`-process_io(struct context c, struct link_socket sock, struct thread_pointer *b)`
	`2522`	`+process_io(struct context c, struct link_socket sock, struct thread_pointer *b, int z)`
`2511`	`2523`	`{`
`2512`	`2524`	`const unsigned int status = c->c2.event_set_status;`
`2513`	`2525`
`@@ -2520,17 +2532,17 @@ process_io(struct context c, struct link_socket sock, struct thread_pointer *b`
`2520`	`2532`	`#endif`
`2521`	`2533`
`2522`	`2534`	`/* TCP/UDP port ready to accept write */`
`2523`		`- if (status & SOCKET_WRITE)`
	`2535`	`+ if ((status & SOCKET_WRITE) && ((z & THREAD_RTWL) != 0))`
`2524`	`2536`	`{`
`2525`	`2537`	`process_outgoing_link(c, sock);`
`2526`	`2538`	`}`
`2527`	`2539`	`/* TUN device ready to accept write */`
`2528`		`- else if (status & TUN_WRITE)`
	`2540`	`+ else if ((status & TUN_WRITE) && ((z & THREAD_RLWT) != 0))`
`2529`	`2541`	`{`
`2530`	`2542`	`process_outgoing_tun(c, sock);`
`2531`	`2543`	`}`
`2532`	`2544`	`/* Incoming data on TCP/UDP port */`
`2533`		`- else if (status & SOCKET_READ)`
	`2545`	`+ else if ((status & SOCKET_READ) && ((z & THREAD_RLWT) != 0))`
`2534`	`2546`	`{`
`2535`	`2547`	`read_incoming_link(c, sock);`
`2536`	`2548`	`if (!IS_SIG(c))`
`@@ -2539,15 +2551,52 @@ process_io(struct context c, struct link_socket sock, struct thread_pointer *b`
`2539`	`2551`	`}`
`2540`	`2552`	`}`
`2541`	`2553`	`/* Incoming data on TUN device */`
`2542`		`- else if (status & TUN_READ)`
	`2554`	`+ else if ((status & TUN_READ) && ((z & THREAD_RTWL) != 0))`
`2543`	`2555`	`{`
`2544`	`2556`	`threaded_fwd_inp_intf(c, sock, b);`
`2545`	`2557`	`}`
`2546`		`- else if (status & DCO_READ)`
	`2558`	`+ else if ((status & DCO_READ) && ((z & THREAD_RTWL) != 0))`
`2547`	`2559`	`{`
`2548`	`2560`	`if (!IS_SIG(c))`
`2549`	`2561`	`{`
`2550`	`2562`	`process_incoming_dco(c);`
`2551`	`2563`	`}`
`2552`	`2564`	`}`
`2553`	`2565`	`}`
	`2566`	`+`
	`2567`	`+void threaded_dual_init(struct dual_args *d)`
	`2568`	`+{`
	`2569`	`+ if ((d->a == 0) && (d->c->c2.buffers))`
	`2570`	`+ {`
	`2571`	`+ if ((d->z & THREAD_RLWT) != 0)`
	`2572`	`+ {`
	`2573`	`+ d->c->c2.buffers->read_link_buf.len = 0;`
	`2574`	`+ d->c->c2.buf2 = d->c->c2.buffers->read_link_buf;`
	`2575`	`+ d->a = 1;`
	`2576`	`+ }`
	`2577`	`+ if ((d->z & THREAD_RTWL) != 0)`
	`2578`	`+ {`
	`2579`	`+ d->c->c2.buffers->read_tun_buf.len = 0;`
	`2580`	`+ d->c->c2.buf = d->c->c2.buffers->read_tun_buf;`
	`2581`	`+ d->a = 1;`
	`2582`	`+ }`
	`2583`	`+ }`
	`2584`	`+}`
	`2585`	`+`
	`2586`	`+void threaded_process_io(void a)`
	`2587`	`+{`
	`2588`	`+ struct dual_args d = (struct dual_args )a;`
	`2589`	`+ while (true)`
	`2590`	`+ {`
	`2591`	`+ if (d->b->p->z != 1) { break; }`
	`2592`	`+ pthread_mutex_lock(&(d->i));`
	`2593`	`+ if (d->b->p->z != 1) { break; }`
	`2594`	`+ threaded_dual_init(d);`
	`2595`	`+ if (d->a == 1)`
	`2596`	`+ {`
	`2597`	`+ process_io(d->c, d->c->c2.link_sockets[0], d->b, d->z);`
	`2598`	`+ }`
	`2599`	`+ pthread_mutex_unlock(&(d->o));`
	`2600`	`+ }`
	`2601`	`+ return NULL;`
	`2602`	`+}`