[thirdparty/squid.git] / src / comm / Connection.h

/*
 * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/* DEBUG: section 05    Socket Functions */

#ifndef _SQUIDCONNECTIONDETAIL_H_
#define _SQUIDCONNECTIONDETAIL_H_

#include "comm/forward.h"
#include "defines.h"
#if USE_SQUID_EUI
#include "eui/Eui48.h"
#include "eui/Eui64.h"
#endif
#include "hier_code.h"
#include "ip/Address.h"
#include "ip/forward.h"
#include "mem/forward.h"
#include "SquidTime.h"

#include <iosfwd>
#include <ostream>

class CachePeer;

namespace Security
{
class NegotiationHistory;
};

namespace Comm
{

/* TODO: make these a struct of boolean flags members in the connection instead of a bitmap.
 * we can't do that until all non-comm code uses Commm::Connection objects to create FD
 * currently there is code still using comm_open() and comm_openex() synchronously!!
 */
#define COMM_UNSET              0x00
#define COMM_NONBLOCKING        0x01  // default flag.
#define COMM_NOCLOEXEC          0x02
#define COMM_REUSEADDR          0x04  // shared FD may be both accept()ing and read()ing
#define COMM_DOBIND             0x08  // requires a bind()
#define COMM_TRANSPARENT        0x10  // arrived via TPROXY
#define COMM_INTERCEPTION       0x20  // arrived via NAT

/**
 * Store data about the physical and logical attributes of a connection.
 *
 * Some link state can be infered from the data, however this is not an
 * object for state data. But a semantic equivalent for FD with easily
 * accessible cached properties not requiring repeated complex lookups.
 *
 * Connection properties may be changed until the connection is opened.
 * Properties should be considered read-only outside of the Comm layer
 * code once the connection is open.
 *
 * These objects should not be passed around directly,
 * but a Comm::ConnectionPointer should be passed instead.
 */
class Connection : public RefCountable
{
    MEMPROXY_CLASS(Comm::Connection);

public:
    Connection();

    /** Clear the connection properties and close any open socket. */
    ~Connection();

    /** Copy an existing connections IP and properties.
     * This excludes the FD. The new copy will be a closed connection.
     */
    ConnectionPointer copyDetails() const;

    /** Close any open socket. */
    void close();

    /** Synchronize with Comm: Somebody closed our connection. */
    void noteClosure();

    /** determine whether this object describes an active connection or not. */
    bool isOpen() const { return (fd >= 0); }

    /** Alter the stored IP address pair.
     * WARNING: Does not ensure matching IPv4/IPv6 are supplied.
     */
    void setAddrs(const Ip::Address &aLocal, const Ip::Address &aRemote) {local = aLocal; remote = aRemote;}

    /** retrieve the CachePeer pointer for use.
     * The caller is responsible for all CBDATA operations regarding the
     * used of the pointer returned.
     */
    CachePeer * getPeer() const;

    /** alter the stored CachePeer pointer.
     * Perform appropriate CBDATA operations for locking the CachePeer pointer
     */
    void setPeer(CachePeer * p);

    /** The time the connection started */
    time_t startTime() const {return startTime_;}

    /** The connection lifetime */
    time_t lifeTime() const {return squid_curtime - startTime_;}

    /** The time left for this connection*/
    time_t timeLeft(const time_t idleTimeout) const;

    /// Connection establishment timeout for callers that have already decided
    /// to connect(2), either for the first time or after checking
    /// EnoughTimeToReForward() during any re-forwarding attempts.
    /// \returns the time left for this connection to become connected
    /// \param fwdStart The start time of the peer selection/connection process.
    time_t connectTimeout(const time_t fwdStart) const;

    void noteStart() {startTime_ = squid_curtime;}

    Security::NegotiationHistory *tlsNegotiations();
    const Security::NegotiationHistory *hasTlsNegotiations() const {return tlsHistory;}

private:
    /** These objects may not be exactly duplicated. Use copyDetails() instead. */
    Connection(const Connection &c);

    /** These objects may not be exactly duplicated. Use copyDetails() instead. */
    Connection & operator =(const Connection &c);

public:
    /** Address/Port for the Squid end of a TCP link. */
    Ip::Address local;

    /** Address for the Remote end of a TCP link. */
    Ip::Address remote;

    /** Hierarchy code for this connection link */
    hier_code peerType;

    /** Socket used by this connection. Negative if not open. */
    int fd;

    /** Quality of Service TOS values currently sent on this connection */
    tos_t tos;

    /** Netfilter MARK values currently sent on this connection
     * In case of FTP, the MARK will be sent on data connections as well.
     */
    nfmark_t nfmark;

    /** Netfilter CONNMARK value previously retrieved from this connection
     * In case of FTP, the CONNMARK will NOT be applied to data connections, for one main reason:
     * the CONNMARK could be set by a third party like iptables and overwriting it in squid may
     * cause side effects and break CONNMARK-based policy. In other words, data connection is
     * related to control connection, but it's not the same.
     */
    nfmark_t nfConnmark = 0;

    /** COMM flags set on this connection */
    int flags;

    char rfc931[USER_IDENT_SZ];

#if USE_SQUID_EUI
    Eui::Eui48 remoteEui48;
    Eui::Eui64 remoteEui64;
#endif

private:
    /** cache_peer data object (if any) */
    CachePeer *peer_;

    /** The time the connection object was created */
    time_t startTime_;

    /** TLS connection details*/
    Security::NegotiationHistory *tlsHistory;
};

}; // namespace Comm

std::ostream &operator << (std::ostream &os, const Comm::Connection &conn);

inline std::ostream &
operator << (std::ostream &os, const Comm::ConnectionPointer &conn)
{
    if (conn != NULL)
        os << *conn;
    return os;
}

#endif
Commit	Line	Data
ee0989f2	1	/*
f6e9a3ee	2	* Copyright (C) 1996-2019 The Squid Software Foundation and contributors
ee0989f2	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
ee0989f2	7	*/
ee0989f2	8
bbc27441 AJ	9	/* DEBUG: section 05 Socket Functions */
bbc27441 AJ	10
ee0989f2	11	#ifndef _SQUIDCONNECTIONDETAIL_H_
	12	#define _SQUIDCONNECTIONDETAIL_H_
	13
49ae8b95	14	#include "comm/forward.h"
582c2af2	15	#include "defines.h"
89aec9b6 AJ	16	#if USE_SQUID_EUI
	17	#include "eui/Eui48.h"
	18	#include "eui/Eui64.h"
	19	#endif
d35851f1 FC	20	#include "hier_code.h"
	21	#include "ip/Address.h"
	22	#include "ip/forward.h"
	23	#include "mem/forward.h"
8aec3e1b	24	#include "SquidTime.h"
cc192b50	25
5c336a3b	26	#include <iosfwd>
5c336a3b	27	#include <ostream>
5c336a3b	28
a3c6762c	29	class CachePeer;
cfd66529	30
2bcab852 CT	31	namespace Security
	32	{
	33	class NegotiationHistory;
	34	};
	35
dc49061a A	36	namespace Comm
dc49061a A	37	{
cfd66529	38
27d1f0a0 AJ	39	/* TODO: make these a struct of boolean flags members in the connection instead of a bitmap.
	40	* we can't do that until all non-comm code uses Commm::Connection objects to create FD
	41	* currently there is code still using comm_open() and comm_openex() synchronously!!
	42	*/
cfd66529	43	#define COMM_UNSET 0x00
40d34a62	44	#define COMM_NONBLOCKING 0x01 // default flag.
cfd66529	45	#define COMM_NOCLOEXEC 0x02
40d34a62 AJ	46	#define COMM_REUSEADDR 0x04 // shared FD may be both accept()ing and read()ing
	47	#define COMM_DOBIND 0x08 // requires a bind()
	48	#define COMM_TRANSPARENT 0x10 // arrived via TPROXY
	49	#define COMM_INTERCEPTION 0x20 // arrived via NAT
62e76326	50
739b352a AJ	51	/**
	52	* Store data about the physical and logical attributes of a connection.
	53	*
	54	* Some link state can be infered from the data, however this is not an
	55	* object for state data. But a semantic equivalent for FD with easily
	56	* accessible cached properties not requiring repeated complex lookups.
	57	*
50847dca	58	* Connection properties may be changed until the connection is opened.
e83cc785 AJ	59	* Properties should be considered read-only outside of the Comm layer
e83cc785 AJ	60	* code once the connection is open.
739b352a	61	*
1c8f25bb AJ	62	* These objects should not be passed around directly,
1c8f25bb AJ	63	* but a Comm::ConnectionPointer should be passed instead.
739b352a	64	*/
93ad6f77	65	class Connection : public RefCountable
cfd66529	66	{
fd7b48b9 AJ	67	MEMPROXY_CLASS(Comm::Connection);
fd7b48b9 AJ	68
741c2986	69	public:
cfd66529	70	Connection();
739b352a	71
aed188fd	72	/** Clear the connection properties and close any open socket. */
cfd66529 AJ	73	~Connection();
cfd66529 AJ	74
aed188fd AJ	75	/** Copy an existing connections IP and properties.
aed188fd AJ	76	* This excludes the FD. The new copy will be a closed connection.
739b352a	77	*/
5ae21d99	78	ConnectionPointer copyDetails() const;
aed188fd	79
aed188fd	80	/** Close any open socket. */
55cbb02b AJ	81	void close();
55cbb02b AJ	82
b54a7c5a CT	83	/** Synchronize with Comm: Somebody closed our connection. */
	84	void noteClosure();
	85
55cbb02b	86	/** determine whether this object describes an active connection or not. */
d6327017	87	bool isOpen() const { return (fd >= 0); }
55cbb02b	88
7fb5be3e AJ	89	/** Alter the stored IP address pair.
	90	* WARNING: Does not ensure matching IPv4/IPv6 are supplied.
	91	*/
	92	void setAddrs(const Ip::Address &aLocal, const Ip::Address &aRemote) {local = aLocal; remote = aRemote;}
	93
a3c6762c	94	/** retrieve the CachePeer pointer for use.
5229395c AJ	95	* The caller is responsible for all CBDATA operations regarding the
	96	* used of the pointer returned.
	97	*/
a3c6762c	98	CachePeer * getPeer() const;
5229395c	99
a3c6762c FC	100	/** alter the stored CachePeer pointer.
a3c6762c FC	101	* Perform appropriate CBDATA operations for locking the CachePeer pointer
5229395c	102	*/
a3c6762c	103	void setPeer(CachePeer * p);
5229395c	104
8aec3e1b CT	105	/** The time the connection started */
	106	time_t startTime() const {return startTime_;}
	107
c5c06f02 CT	108	/** The connection lifetime */
	109	time_t lifeTime() const {return squid_curtime - startTime_;}
	110
	111	/** The time left for this connection*/
	112	time_t timeLeft(const time_t idleTimeout) const;
	113
0ce8e93b EB	114	/// Connection establishment timeout for callers that have already decided
	115	/// to connect(2), either for the first time or after checking
	116	/// EnoughTimeToReForward() during any re-forwarding attempts.
	117	/// \returns the time left for this connection to become connected
	118	/// \param fwdStart The start time of the peer selection/connection process.
	119	time_t connectTimeout(const time_t fwdStart) const;
	120
8aec3e1b	121	void noteStart() {startTime_ = squid_curtime;}
2bcab852 CT	122
	123	Security::NegotiationHistory *tlsNegotiations();
	124	const Security::NegotiationHistory *hasTlsNegotiations() const {return tlsHistory;}
	125
5229395c AJ	126	private:
	127	/** These objects may not be exactly duplicated. Use copyDetails() instead. */
	128	Connection(const Connection &c);
	129
	130	/** These objects may not be exactly duplicated. Use copyDetails() instead. */
	131	Connection & operator =(const Connection &c);
	132
	133	public:
cfd66529 AJ	134	/** Address/Port for the Squid end of a TCP link. */
cfd66529 AJ	135	Ip::Address local;
62e76326	136
cfd66529 AJ	137	/** Address for the Remote end of a TCP link. */
cfd66529 AJ	138	Ip::Address remote;
2d8c0b1a	139
cfd66529	140	/** Hierarchy code for this connection link */
5229395c	141	hier_code peerType;
cfd66529	142
e83cc785	143	/** Socket used by this connection. Negative if not open. */
cfd66529 AJ	144	int fd;
cfd66529 AJ	145
739b352a	146	/** Quality of Service TOS values currently sent on this connection */
b5523edc AJ	147	tos_t tos;
b5523edc AJ	148
244da4ad AG	149	/** Netfilter MARK values currently sent on this connection
	150	* In case of FTP, the MARK will be sent on data connections as well.
	151	*/
b5523edc	152	nfmark_t nfmark;
cfd66529	153
244da4ad AG	154	/** Netfilter CONNMARK value previously retrieved from this connection
	155	* In case of FTP, the CONNMARK will NOT be applied to data connections, for one main reason:
	156	* the CONNMARK could be set by a third party like iptables and overwriting it in squid may
	157	* cause side effects and break CONNMARK-based policy. In other words, data connection is
	158	* related to control connection, but it's not the same.
	159	*/
	160	nfmark_t nfConnmark = 0;
	161
cfd66529 AJ	162	/** COMM flags set on this connection */
cfd66529 AJ	163	int flags;
739b352a	164
73c36fd9 AJ	165	char rfc931[USER_IDENT_SZ];
73c36fd9 AJ	166
89aec9b6 AJ	167	#if USE_SQUID_EUI
	168	Eui::Eui48 remoteEui48;
	169	Eui::Eui64 remoteEui64;
	170	#endif
	171
739b352a AJ	172	private:
739b352a AJ	173	/** cache_peer data object (if any) */
a3c6762c	174	CachePeer *peer_;
8aec3e1b CT	175
	176	/** The time the connection object was created */
	177	time_t startTime_;
2bcab852 CT	178
	179	/** TLS connection details*/
	180	Security::NegotiationHistory *tlsHistory;
ee0989f2	181	};
ee0989f2	182
cfd66529 AJ	183	}; // namespace Comm
cfd66529 AJ	184
6043e368	185	std::ostream &operator << (std::ostream &os, const Comm::Connection &conn);
5c336a3b AJ	186
	187	inline std::ostream &
	188	operator << (std::ostream &os, const Comm::ConnectionPointer &conn)
	189	{
	190	if (conn != NULL)
	191	os << *conn;
	192	return os;
	193	}
	194
ee0989f2	195	#endif
f53969cc	196