tools/squidclient/Transport.h

   1 /*
   2  * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H
  10 #define SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H
  11
  12 #include "tools/squidclient/Parameters.h"
  13
  14 #if HAVE_GNUTLS_GNUTLS_H
  15 #include <gnutls/gnutls.h>
  16 #endif
  17 #include <list>
  18 #include <string>
  19
  20 namespace Transport
  21 {
  22
  23 /// parameters controlling outgoing connection
  24 class TheConfig
  25 {
  26 public:
  27     TheConfig() :
  28         ioTimeout(120),
  29         localHost(NULL),
  30         port(CACHE_HTTP_PORT),
  31         tlsEnabled(false),
  32         tlsAnonymous(false) {
  33         params = "NORMAL";
  34         hostname = "localhost";
  35     }
  36
  37 // TODO: implicit transport options depending on the protocol-specific options
  38 //     ie --https enables TLS connection settings
  39
  40     /// display Transport Options command line help to stderr
  41     void usage();
  42
  43     /**
  44      * parse transport related command line options
  45      * \return true if there are other options still to parse
  46      */
  47     bool parseCommandOpts(int argc, char *argv[], int c, int &optIndex);
  48
  49     /// I/O operation timeout
  50     int ioTimeout;
  51
  52     /// the local hostname to bind as for outgoing IP
  53     const char *localHost;
  54
  55     /// the destination server host name to contact
  56     const char *hostname;
  57
  58     /// port on the server to contact
  59     uint16_t port;
  60
  61     /// whether to enable TLS on the server connection
  62     bool tlsEnabled;
  63
  64     /// whether to do anonymous TLS (non-authenticated)
  65     bool tlsAnonymous;
  66
  67     /// The TLS parameters (list of ciphers, versions, flags)
  68     /// Default is "NORMAL" unless tlsAnonymous is used,
  69     /// in which case it becomes "PERFORMANCE:+ANON-ECDH:+ANON-DH".
  70     /// see http://gnutls.org/manual/html_node/Priority-Strings.html
  71     const char *params;
  72
  73     // client certificate PEM file(s)
  74     std::list<std::string> certFiles;
  75
  76     // client trusted x509 certificate authorities file
  77     std::list<std::string> caFiles;
  78
  79 #if USE_GNUTLS
  80     /// anonymous client credentials
  81     gnutls_anon_client_credentials_t anonCredentials;
  82
  83     // client x509 certificate credentials
  84     gnutls_certificate_credentials_t certCredentials;
  85
  86     /// TLS session state
  87     gnutls_session_t session;
  88 #endif
  89 };
  90
  91 extern TheConfig Config;
  92
  93 /// locate and connect to the configured server
  94 bool Connect();
  95
  96 /// close the current connection
  97 void CloseConnection();
  98
  99 /// Initialize TLS library environment when necessary.
 100 void InitTls();
 101
 102 /// perform TLS handshake on the currently open connection if
 103 /// TLS library has been initialized.
 104 /// return false on errors, true otherwise even if TLS not performed.
 105 bool MaybeStartTls(const char *hostname);
 106
 107 /// De-initialize TLS library environment when necessary.
 108 void ShutdownTls();
 109
 110 /// write len bytes to the currently open connection.
 111 /// \return the number of bytes written, or -1 on errors
 112 ssize_t Write(const void *buf, size_t len);
 113
 114 /// read up to len bytes from the currently open connection.
 115 /// \return the number of bytes read, or -1 on errors
 116 ssize_t Read(void *buf, size_t len);
 117
 118 } // namespace Transport
 119
 120 #endif /* SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H */
 121