[thirdparty/squid.git] / src / comm / Connection.h

/*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/* DEBUG: section 05    Socket Functions */

#ifndef _SQUIDCONNECTIONDETAIL_H_
#define _SQUIDCONNECTIONDETAIL_H_

#include "base/CodeContext.h"
#include "base/InstanceId.h"
#include "comm/forward.h"
#include "defines.h"
#if USE_SQUID_EUI
#include "eui/Eui48.h"
#include "eui/Eui64.h"
#endif
#include "hier_code.h"
#include "ip/Address.h"
#include "ip/forward.h"
#include "mem/forward.h"
#include "SquidTime.h"

#include <iosfwd>
#include <ostream>

class CachePeer;

namespace Security
{
class NegotiationHistory;
};

namespace Comm
{

/* TODO: make these a struct of boolean flags members in the connection instead of a bitmap.
 * we can't do that until all non-comm code uses Commm::Connection objects to create FD
 * currently there is code still using comm_open() and comm_openex() synchronously!!
 */
#define COMM_UNSET              0x00
#define COMM_NONBLOCKING        0x01  // default flag.
#define COMM_NOCLOEXEC          0x02
#define COMM_REUSEADDR          0x04  // shared FD may be both accept()ing and read()ing
#define COMM_DOBIND             0x08  // requires a bind()
#define COMM_TRANSPARENT        0x10  // arrived via TPROXY
#define COMM_INTERCEPTION       0x20  // arrived via NAT

/**
 * Store data about the physical and logical attributes of a connection.
 *
 * Some link state can be infered from the data, however this is not an
 * object for state data. But a semantic equivalent for FD with easily
 * accessible cached properties not requiring repeated complex lookups.
 *
 * Connection properties may be changed until the connection is opened.
 * Properties should be considered read-only outside of the Comm layer
 * code once the connection is open.
 *
 * These objects should not be passed around directly,
 * but a Comm::ConnectionPointer should be passed instead.
 */
class Connection: public CodeContext
{
    MEMPROXY_CLASS(Comm::Connection);

public:
    Connection();

    /** Clear the connection properties and close any open socket. */
    virtual ~Connection();

    /** Copy an existing connections IP and properties.
     * This excludes the FD. The new copy will be a closed connection.
     */
    ConnectionPointer copyDetails() const;

    /** Close any open socket. */
    void close();

    /** Synchronize with Comm: Somebody closed our connection. */
    void noteClosure();

    /** determine whether this object describes an active connection or not. */
    bool isOpen() const { return (fd >= 0); }

    /** Alter the stored IP address pair.
     * WARNING: Does not ensure matching IPv4/IPv6 are supplied.
     */
    void setAddrs(const Ip::Address &aLocal, const Ip::Address &aRemote) {local = aLocal; remote = aRemote;}

    /** retrieve the CachePeer pointer for use.
     * The caller is responsible for all CBDATA operations regarding the
     * used of the pointer returned.
     */
    CachePeer * getPeer() const;

    /** alter the stored CachePeer pointer.
     * Perform appropriate CBDATA operations for locking the CachePeer pointer
     */
    void setPeer(CachePeer * p);

    /** The time the connection started */
    time_t startTime() const {return startTime_;}

    /** The connection lifetime */
    time_t lifeTime() const {return squid_curtime - startTime_;}

    /** The time left for this connection*/
    time_t timeLeft(const time_t idleTimeout) const;

    /// Connection establishment timeout for callers that have already decided
    /// to connect(2), either for the first time or after checking
    /// EnoughTimeToReForward() during any re-forwarding attempts.
    /// \returns the time left for this connection to become connected
    /// \param fwdStart The start time of the peer selection/connection process.
    time_t connectTimeout(const time_t fwdStart) const;

    void noteStart() {startTime_ = squid_curtime;}

    Security::NegotiationHistory *tlsNegotiations();
    const Security::NegotiationHistory *hasTlsNegotiations() const {return tlsHistory;}

    /* CodeContext API */
    virtual ScopedId codeContextGist() const override;
    virtual std::ostream &detailCodeContext(std::ostream &os) const override;

private:
    /** These objects may not be exactly duplicated. Use copyDetails() instead. */
    Connection(const Connection &c);

    /** These objects may not be exactly duplicated. Use copyDetails() instead. */
    Connection & operator =(const Connection &c);

public:
    /** Address/Port for the Squid end of a TCP link. */
    Ip::Address local;

    /** Address for the Remote end of a TCP link. */
    Ip::Address remote;

    /** Hierarchy code for this connection link */
    hier_code peerType;

    /** Socket used by this connection. Negative if not open. */
    int fd;

    /** Quality of Service TOS values currently sent on this connection */
    tos_t tos;

    /** Netfilter MARK values currently sent on this connection
     * In case of FTP, the MARK will be sent on data connections as well.
     */
    nfmark_t nfmark;

    /** Netfilter CONNMARK value previously retrieved from this connection
     * In case of FTP, the CONNMARK will NOT be applied to data connections, for one main reason:
     * the CONNMARK could be set by a third party like iptables and overwriting it in squid may
     * cause side effects and break CONNMARK-based policy. In other words, data connection is
     * related to control connection, but it's not the same.
     */
    nfmark_t nfConnmark = 0;

    /** COMM flags set on this connection */
    int flags;

    char rfc931[USER_IDENT_SZ];

#if USE_SQUID_EUI
    Eui::Eui48 remoteEui48;
    Eui::Eui64 remoteEui64;
#endif

    InstanceId<Connection> id;

private:
    /** cache_peer data object (if any) */
    CachePeer *peer_;

    /** The time the connection object was created */
    time_t startTime_;

    /** TLS connection details*/
    Security::NegotiationHistory *tlsHistory;
};

}; // namespace Comm

std::ostream &operator << (std::ostream &os, const Comm::Connection &conn);

inline std::ostream &
operator << (std::ostream &os, const Comm::ConnectionPointer &conn)
{
    if (conn != NULL)
        os << *conn;
    return os;
}

#endif
Commit	Line	Data
ee0989f2	1	/*
77b1029d	2	* Copyright (C) 1996-2020 The Squid Software Foundation and contributors
ee0989f2	3	*
bbc27441 AJ	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
ee0989f2	7	*/
ee0989f2	8
bbc27441 AJ	9	/* DEBUG: section 05 Socket Functions */
bbc27441 AJ	10
ee0989f2	11	#ifndef _SQUIDCONNECTIONDETAIL_H_
	12	#define _SQUIDCONNECTIONDETAIL_H_
	13
ccfbe8f4 AR	14	#include "base/CodeContext.h"
ccfbe8f4 AR	15	#include "base/InstanceId.h"
49ae8b95	16	#include "comm/forward.h"
582c2af2	17	#include "defines.h"
89aec9b6 AJ	18	#if USE_SQUID_EUI
	19	#include "eui/Eui48.h"
	20	#include "eui/Eui64.h"
	21	#endif
d35851f1 FC	22	#include "hier_code.h"
	23	#include "ip/Address.h"
	24	#include "ip/forward.h"
	25	#include "mem/forward.h"
8aec3e1b	26	#include "SquidTime.h"
cc192b50	27
5c336a3b	28	#include <iosfwd>
5c336a3b	29	#include <ostream>
5c336a3b	30
a3c6762c	31	class CachePeer;
cfd66529	32
2bcab852 CT	33	namespace Security
	34	{
	35	class NegotiationHistory;
	36	};
	37
dc49061a A	38	namespace Comm
dc49061a A	39	{
cfd66529	40
27d1f0a0 AJ	41	/* TODO: make these a struct of boolean flags members in the connection instead of a bitmap.
	42	* we can't do that until all non-comm code uses Commm::Connection objects to create FD
	43	* currently there is code still using comm_open() and comm_openex() synchronously!!
	44	*/
cfd66529	45	#define COMM_UNSET 0x00
40d34a62	46	#define COMM_NONBLOCKING 0x01 // default flag.
cfd66529	47	#define COMM_NOCLOEXEC 0x02
40d34a62 AJ	48	#define COMM_REUSEADDR 0x04 // shared FD may be both accept()ing and read()ing
	49	#define COMM_DOBIND 0x08 // requires a bind()
	50	#define COMM_TRANSPARENT 0x10 // arrived via TPROXY
	51	#define COMM_INTERCEPTION 0x20 // arrived via NAT
62e76326	52
739b352a AJ	53	/**
	54	* Store data about the physical and logical attributes of a connection.
	55	*
	56	* Some link state can be infered from the data, however this is not an
	57	* object for state data. But a semantic equivalent for FD with easily
	58	* accessible cached properties not requiring repeated complex lookups.
	59	*
50847dca	60	* Connection properties may be changed until the connection is opened.
e83cc785 AJ	61	* Properties should be considered read-only outside of the Comm layer
e83cc785 AJ	62	* code once the connection is open.
739b352a	63	*
1c8f25bb AJ	64	* These objects should not be passed around directly,
1c8f25bb AJ	65	* but a Comm::ConnectionPointer should be passed instead.
739b352a	66	*/
ccfbe8f4	67	class Connection: public CodeContext
cfd66529	68	{
fd7b48b9 AJ	69	MEMPROXY_CLASS(Comm::Connection);
fd7b48b9 AJ	70
741c2986	71	public:
cfd66529	72	Connection();
739b352a	73
aed188fd	74	/** Clear the connection properties and close any open socket. */
ccfbe8f4	75	virtual ~Connection();
cfd66529	76
aed188fd AJ	77	/** Copy an existing connections IP and properties.
aed188fd AJ	78	* This excludes the FD. The new copy will be a closed connection.
739b352a	79	*/
5ae21d99	80	ConnectionPointer copyDetails() const;
aed188fd	81
aed188fd	82	/** Close any open socket. */
55cbb02b AJ	83	void close();
55cbb02b AJ	84
b54a7c5a CT	85	/** Synchronize with Comm: Somebody closed our connection. */
	86	void noteClosure();
	87
55cbb02b	88	/** determine whether this object describes an active connection or not. */
d6327017	89	bool isOpen() const { return (fd >= 0); }
55cbb02b	90
7fb5be3e AJ	91	/** Alter the stored IP address pair.
	92	* WARNING: Does not ensure matching IPv4/IPv6 are supplied.
	93	*/
	94	void setAddrs(const Ip::Address &aLocal, const Ip::Address &aRemote) {local = aLocal; remote = aRemote;}
	95
a3c6762c	96	/** retrieve the CachePeer pointer for use.
5229395c AJ	97	* The caller is responsible for all CBDATA operations regarding the
	98	* used of the pointer returned.
	99	*/
a3c6762c	100	CachePeer * getPeer() const;
5229395c	101
a3c6762c FC	102	/** alter the stored CachePeer pointer.
a3c6762c FC	103	* Perform appropriate CBDATA operations for locking the CachePeer pointer
5229395c	104	*/
a3c6762c	105	void setPeer(CachePeer * p);
5229395c	106
8aec3e1b CT	107	/** The time the connection started */
	108	time_t startTime() const {return startTime_;}
	109
c5c06f02 CT	110	/** The connection lifetime */
	111	time_t lifeTime() const {return squid_curtime - startTime_;}
	112
	113	/** The time left for this connection*/
	114	time_t timeLeft(const time_t idleTimeout) const;
	115
0ce8e93b EB	116	/// Connection establishment timeout for callers that have already decided
	117	/// to connect(2), either for the first time or after checking
	118	/// EnoughTimeToReForward() during any re-forwarding attempts.
	119	/// \returns the time left for this connection to become connected
	120	/// \param fwdStart The start time of the peer selection/connection process.
	121	time_t connectTimeout(const time_t fwdStart) const;
	122
8aec3e1b	123	void noteStart() {startTime_ = squid_curtime;}
2bcab852 CT	124
	125	Security::NegotiationHistory *tlsNegotiations();
	126	const Security::NegotiationHistory *hasTlsNegotiations() const {return tlsHistory;}
	127
ccfbe8f4 AR	128	/* CodeContext API */
	129	virtual ScopedId codeContextGist() const override;
	130	virtual std::ostream &detailCodeContext(std::ostream &os) const override;
	131
5229395c AJ	132	private:
	133	/** These objects may not be exactly duplicated. Use copyDetails() instead. */
	134	Connection(const Connection &c);
	135
	136	/** These objects may not be exactly duplicated. Use copyDetails() instead. */
	137	Connection & operator =(const Connection &c);
	138
	139	public:
cfd66529 AJ	140	/** Address/Port for the Squid end of a TCP link. */
cfd66529 AJ	141	Ip::Address local;
62e76326	142
cfd66529 AJ	143	/** Address for the Remote end of a TCP link. */
cfd66529 AJ	144	Ip::Address remote;
2d8c0b1a	145
cfd66529	146	/** Hierarchy code for this connection link */
5229395c	147	hier_code peerType;
cfd66529	148
e83cc785	149	/** Socket used by this connection. Negative if not open. */
cfd66529 AJ	150	int fd;
cfd66529 AJ	151
739b352a	152	/** Quality of Service TOS values currently sent on this connection */
b5523edc AJ	153	tos_t tos;
b5523edc AJ	154
244da4ad AG	155	/** Netfilter MARK values currently sent on this connection
	156	* In case of FTP, the MARK will be sent on data connections as well.
	157	*/
b5523edc	158	nfmark_t nfmark;
cfd66529	159
244da4ad AG	160	/** Netfilter CONNMARK value previously retrieved from this connection
	161	* In case of FTP, the CONNMARK will NOT be applied to data connections, for one main reason:
	162	* the CONNMARK could be set by a third party like iptables and overwriting it in squid may
	163	* cause side effects and break CONNMARK-based policy. In other words, data connection is
	164	* related to control connection, but it's not the same.
	165	*/
	166	nfmark_t nfConnmark = 0;
	167
cfd66529 AJ	168	/** COMM flags set on this connection */
cfd66529 AJ	169	int flags;
739b352a	170
73c36fd9 AJ	171	char rfc931[USER_IDENT_SZ];
73c36fd9 AJ	172
89aec9b6 AJ	173	#if USE_SQUID_EUI
	174	Eui::Eui48 remoteEui48;
	175	Eui::Eui64 remoteEui64;
	176	#endif
	177
ccfbe8f4 AR	178	InstanceId<Connection> id;
ccfbe8f4 AR	179
739b352a AJ	180	private:
739b352a AJ	181	/** cache_peer data object (if any) */
a3c6762c	182	CachePeer *peer_;
8aec3e1b CT	183
	184	/** The time the connection object was created */
	185	time_t startTime_;
2bcab852 CT	186
	187	/** TLS connection details*/
	188	Security::NegotiationHistory *tlsHistory;
ee0989f2	189	};
ee0989f2	190
cfd66529 AJ	191	}; // namespace Comm
cfd66529 AJ	192
6043e368	193	std::ostream &operator << (std::ostream &os, const Comm::Connection &conn);
5c336a3b AJ	194
	195	inline std::ostream &
	196	operator << (std::ostream &os, const Comm::ConnectionPointer &conn)
	197	{
	198	if (conn != NULL)
	199	os << *conn;
	200	return os;
	201	}
	202
ee0989f2	203	#endif
f53969cc	204