Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 1 | /* |
| 2 | * include/types/connection.h |
| 3 | * This file describes the connection struct and associated constants. |
| 4 | * |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 5 | * Copyright (C) 2000-2014 Willy Tarreau - w@1wt.eu |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 6 | * |
| 7 | * This library is free software; you can redistribute it and/or |
| 8 | * modify it under the terms of the GNU Lesser General Public |
| 9 | * License as published by the Free Software Foundation, version 2.1 |
| 10 | * exclusively. |
| 11 | * |
| 12 | * This library is distributed in the hope that it will be useful, |
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15 | * Lesser General Public License for more details. |
| 16 | * |
| 17 | * You should have received a copy of the GNU Lesser General Public |
| 18 | * License along with this library; if not, write to the Free Software |
| 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 20 | */ |
| 21 | |
| 22 | #ifndef _TYPES_CONNECTION_H |
| 23 | #define _TYPES_CONNECTION_H |
| 24 | |
| 25 | #include <stdlib.h> |
| 26 | #include <sys/socket.h> |
| 27 | |
| 28 | #include <common/config.h> |
| 29 | |
Willy Tarreau | d1d5454 | 2012-09-12 22:58:11 +0200 | [diff] [blame] | 30 | #include <types/listener.h> |
Willy Tarreau | 3fdb366 | 2012-11-12 00:42:33 +0100 | [diff] [blame] | 31 | #include <types/obj_type.h> |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 32 | #include <types/port_range.h> |
Willy Tarreau | d1d5454 | 2012-09-12 22:58:11 +0200 | [diff] [blame] | 33 | #include <types/protocol.h> |
| 34 | |
Willy Tarreau | d2629f2 | 2016-08-10 18:57:38 +0200 | [diff] [blame] | 35 | #include <netinet/in_systm.h> |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 36 | #include <netinet/ip.h> |
| 37 | #include <netinet/ip6.h> |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 38 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 39 | /* referenced below */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 40 | struct connection; |
| 41 | struct buffer; |
| 42 | struct pipe; |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 43 | |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 44 | /* For each direction, we have a CO_FL_{SOCK,DATA}_<DIR>_ENA flag, which |
| 45 | * indicates if read or write is desired in that direction for the respective |
| 46 | * layers. The current status corresponding to the current layer being used is |
| 47 | * remembered in the CO_FL_CURR_<DIR>_ENA flag. The need to poll (ie receipt of |
| 48 | * EAGAIN) is remembered at the file descriptor level so that even when the |
| 49 | * activity is stopped and restarted, we still remember whether it was needed |
| 50 | * to poll before attempting the I/O. |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 51 | * |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 52 | * The CO_FL_CURR_<DIR>_ENA flag is set from the FD status in |
| 53 | * conn_refresh_polling_flags(). The FD state is updated according to these |
| 54 | * flags in conn_cond_update_polling(). |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 55 | */ |
| 56 | |
Willy Tarreau | 900bc93 | 2012-07-06 09:52:14 +0200 | [diff] [blame] | 57 | /* flags for use in connection->flags */ |
| 58 | enum { |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 59 | CO_FL_NONE = 0x00000000, /* Just for initialization purposes */ |
Willy Tarreau | c76ae33 | 2012-07-12 15:32:13 +0200 | [diff] [blame] | 60 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 61 | /* Do not change these values without updating conn_*_poll_changes() ! */ |
Willy Tarreau | c8dd77f | 2012-11-05 17:52:26 +0100 | [diff] [blame] | 62 | CO_FL_SOCK_RD_ENA = 0x00000001, /* receiving handshakes is allowed */ |
| 63 | CO_FL_DATA_RD_ENA = 0x00000002, /* receiving data is allowed */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 64 | CO_FL_CURR_RD_ENA = 0x00000004, /* receiving is currently allowed */ |
Willy Tarreau | 310987a | 2014-01-22 19:46:33 +0100 | [diff] [blame] | 65 | /* unused : 0x00000008 */ |
Willy Tarreau | c8dd77f | 2012-11-05 17:52:26 +0100 | [diff] [blame] | 66 | |
| 67 | CO_FL_SOCK_WR_ENA = 0x00000010, /* sending handshakes is desired */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 68 | CO_FL_DATA_WR_ENA = 0x00000020, /* sending data is desired */ |
Willy Tarreau | c8dd77f | 2012-11-05 17:52:26 +0100 | [diff] [blame] | 69 | CO_FL_CURR_WR_ENA = 0x00000040, /* sending is currently desired */ |
Willy Tarreau | 310987a | 2014-01-22 19:46:33 +0100 | [diff] [blame] | 70 | /* unused : 0x00000080 */ |
Willy Tarreau | c76ae33 | 2012-07-12 15:32:13 +0200 | [diff] [blame] | 71 | |
Willy Tarreau | f79c817 | 2013-10-21 16:30:56 +0200 | [diff] [blame] | 72 | /* These flags indicate whether the Control and Transport layers are initialized */ |
| 73 | CO_FL_CTRL_READY = 0x00000100, /* FD was registered, fd_delete() needed */ |
| 74 | CO_FL_XPRT_READY = 0x00000200, /* xprt_init() done, xprt_close() needed */ |
| 75 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 76 | /* These flags are used by data layers to indicate they had to stop |
| 77 | * sending data because a buffer was empty (WAIT_DATA) or stop receiving |
| 78 | * data because a buffer was full (WAIT_ROOM). The connection handler |
| 79 | * clears them before first calling the I/O and data callbacks. |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 80 | */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 81 | CO_FL_WAIT_DATA = 0x00000400, /* data source is empty */ |
| 82 | CO_FL_WAIT_ROOM = 0x00000800, /* data sink is full */ |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 83 | |
Willy Tarreau | 986a9d2 | 2012-08-30 21:11:38 +0200 | [diff] [blame] | 84 | /* These flags are used to report whether the from/to addresses are set or not */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 85 | CO_FL_ADDR_FROM_SET = 0x00001000, /* addr.from is set */ |
| 86 | CO_FL_ADDR_TO_SET = 0x00002000, /* addr.to is set */ |
| 87 | |
| 88 | /* flags indicating what event type the data layer is interested in */ |
| 89 | CO_FL_INIT_DATA = 0x00004000, /* initialize the data layer before using it */ |
| 90 | CO_FL_WAKE_DATA = 0x00008000, /* wake-up data layer upon activity at the transport layer */ |
Willy Tarreau | 2ba4465 | 2012-08-20 17:30:32 +0200 | [diff] [blame] | 91 | |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 92 | /* flags used to remember what shutdown have been performed/reported */ |
| 93 | CO_FL_DATA_RD_SH = 0x00010000, /* DATA layer was notified about shutr/read0 */ |
| 94 | CO_FL_DATA_WR_SH = 0x00020000, /* DATA layer asked for shutw */ |
| 95 | CO_FL_SOCK_RD_SH = 0x00040000, /* SOCK layer was notified about shutr/read0 */ |
| 96 | CO_FL_SOCK_WR_SH = 0x00080000, /* SOCK layer asked for shutw */ |
| 97 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 98 | /* flags used to report connection status and errors */ |
| 99 | CO_FL_ERROR = 0x00100000, /* a fatal error was reported */ |
| 100 | CO_FL_CONNECTED = 0x00200000, /* the connection is now established */ |
| 101 | CO_FL_WAIT_L4_CONN = 0x00400000, /* waiting for L4 to be connected */ |
| 102 | CO_FL_WAIT_L6_CONN = 0x00800000, /* waiting for L6 to be connected (eg: SSL) */ |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 103 | |
Willy Tarreau | 9e272bf | 2012-10-03 21:04:48 +0200 | [diff] [blame] | 104 | /* synthesis of the flags above */ |
| 105 | CO_FL_CONN_STATE = 0x00FF0000, /* all shut/connected flags */ |
| 106 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 107 | /*** All the flags below are used for connection handshakes. Any new |
| 108 | * handshake should be added after this point, and CO_FL_HANDSHAKE |
| 109 | * should be updated. |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 110 | */ |
Willy Tarreau | 57cd3e4 | 2013-10-24 22:01:26 +0200 | [diff] [blame] | 111 | CO_FL_SEND_PROXY = 0x01000000, /* send a valid PROXY protocol header */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 112 | CO_FL_SSL_WAIT_HS = 0x02000000, /* wait for an SSL handshake to complete */ |
Willy Tarreau | 5f1504f | 2012-10-04 23:55:57 +0200 | [diff] [blame] | 113 | CO_FL_ACCEPT_PROXY = 0x04000000, /* receive a valid PROXY protocol header */ |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 114 | CO_FL_ACCEPT_CIP = 0x08000000, /* receive a valid NetScaler Client IP header */ |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 115 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 116 | /* below we have all handshake flags grouped into one */ |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 117 | CO_FL_HANDSHAKE = CO_FL_SEND_PROXY | CO_FL_SSL_WAIT_HS | CO_FL_ACCEPT_PROXY | CO_FL_ACCEPT_CIP, |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 118 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 119 | /* when any of these flags is set, polling is defined by socket-layer |
| 120 | * operations, as opposed to data-layer. Transport is explicitly not |
| 121 | * mentionned here to avoid any confusion, since it can be the same |
| 122 | * as DATA or SOCK on some implementations. |
| 123 | */ |
| 124 | CO_FL_POLL_SOCK = CO_FL_HANDSHAKE | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN, |
Willy Tarreau | 1e95491 | 2012-10-12 17:50:05 +0200 | [diff] [blame] | 125 | |
Willy Tarreau | 387ebf8 | 2015-08-04 19:24:13 +0200 | [diff] [blame] | 126 | /* This connection may not be shared between clients */ |
| 127 | CO_FL_PRIVATE = 0x10000000, |
| 128 | |
| 129 | /* unused : 0x20000000, 0x40000000 */ |
Willy Tarreau | f79c817 | 2013-10-21 16:30:56 +0200 | [diff] [blame] | 130 | |
Willy Tarreau | 1e95491 | 2012-10-12 17:50:05 +0200 | [diff] [blame] | 131 | /* This last flag indicates that the transport layer is used (for instance |
| 132 | * by logs) and must not be cleared yet. The last call to conn_xprt_close() |
| 133 | * must be done after clearing this flag. |
| 134 | */ |
| 135 | CO_FL_XPRT_TRACKED = 0x80000000, |
Willy Tarreau | 900bc93 | 2012-07-06 09:52:14 +0200 | [diff] [blame] | 136 | }; |
| 137 | |
Willy Tarreau | 14cba4b | 2012-11-30 17:33:05 +0100 | [diff] [blame] | 138 | |
| 139 | /* possible connection error codes */ |
| 140 | enum { |
| 141 | CO_ER_NONE, /* no error */ |
Willy Tarreau | 45b34e8 | 2014-01-24 16:06:50 +0100 | [diff] [blame] | 142 | |
| 143 | CO_ER_CONF_FDLIM, /* reached process' configured FD limitation */ |
| 144 | CO_ER_PROC_FDLIM, /* reached process' FD limitation */ |
| 145 | CO_ER_SYS_FDLIM, /* reached system's FD limitation */ |
| 146 | CO_ER_SYS_MEMLIM, /* reached system buffers limitation */ |
| 147 | CO_ER_NOPROTO, /* protocol not supported */ |
| 148 | CO_ER_SOCK_ERR, /* other socket error */ |
| 149 | |
| 150 | CO_ER_PORT_RANGE, /* source port range exhausted */ |
| 151 | CO_ER_CANT_BIND, /* can't bind to source address */ |
| 152 | CO_ER_FREE_PORTS, /* no more free ports on the system */ |
| 153 | CO_ER_ADDR_INUSE, /* local address already in use */ |
| 154 | |
Willy Tarreau | 8e3bf69 | 2012-12-03 15:41:18 +0100 | [diff] [blame] | 155 | CO_ER_PRX_EMPTY, /* nothing received in PROXY protocol header */ |
| 156 | CO_ER_PRX_ABORT, /* client abort during PROXY protocol header */ |
Willy Tarreau | 0af2912 | 2012-12-03 15:35:00 +0100 | [diff] [blame] | 157 | CO_ER_PRX_TIMEOUT, /* timeout while waiting for a PROXY header */ |
Willy Tarreau | 8e3bf69 | 2012-12-03 15:41:18 +0100 | [diff] [blame] | 158 | CO_ER_PRX_TRUNCATED, /* truncated PROXY protocol header */ |
| 159 | CO_ER_PRX_NOT_HDR, /* not a PROXY protocol header */ |
| 160 | CO_ER_PRX_BAD_HDR, /* bad PROXY protocol header */ |
| 161 | CO_ER_PRX_BAD_PROTO, /* unsupported protocol in PROXY header */ |
| 162 | |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 163 | CO_ER_CIP_EMPTY, /* nothing received in NetScaler Client IP header */ |
| 164 | CO_ER_CIP_ABORT, /* client abort during NetScaler Client IP header */ |
| 165 | CO_ER_CIP_TIMEOUT, /* timeout while waiting for a NetScaler Client IP header */ |
| 166 | CO_ER_CIP_TRUNCATED, /* truncated NetScaler Client IP header */ |
| 167 | CO_ER_CIP_BAD_MAGIC, /* bad magic number in NetScaler Client IP header */ |
| 168 | CO_ER_CIP_BAD_PROTO, /* unsupported protocol in NetScaler Client IP header */ |
| 169 | |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 170 | CO_ER_SSL_EMPTY, /* client closed during SSL handshake */ |
| 171 | CO_ER_SSL_ABORT, /* client abort during SSL handshake */ |
Willy Tarreau | 0af2912 | 2012-12-03 15:35:00 +0100 | [diff] [blame] | 172 | CO_ER_SSL_TIMEOUT, /* timeout during SSL handshake */ |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 173 | CO_ER_SSL_TOO_MANY, /* too many SSL connections */ |
| 174 | CO_ER_SSL_NO_MEM, /* no more memory to allocate an SSL connection */ |
| 175 | CO_ER_SSL_RENEG, /* forbidden client renegociation */ |
| 176 | CO_ER_SSL_CA_FAIL, /* client cert verification failed in the CA chain */ |
| 177 | CO_ER_SSL_CRT_FAIL, /* client cert verification failed on the certificate */ |
| 178 | CO_ER_SSL_HANDSHAKE, /* SSL error during handshake */ |
Willy Tarreau | b396637 | 2014-04-25 18:54:29 +0200 | [diff] [blame] | 179 | CO_ER_SSL_HANDSHAKE_HB, /* SSL error during handshake with heartbeat present */ |
Willy Tarreau | f51c698 | 2014-04-25 20:02:39 +0200 | [diff] [blame] | 180 | CO_ER_SSL_KILLED_HB, /* Stopped a TLSv1 heartbeat attack (CVE-2014-0160) */ |
| 181 | CO_ER_SSL_NO_TARGET, /* unknown target (not client nor server) */ |
Willy Tarreau | 14cba4b | 2012-11-30 17:33:05 +0100 | [diff] [blame] | 182 | }; |
| 183 | |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 184 | /* source address settings for outgoing connections */ |
| 185 | enum { |
| 186 | /* Tproxy exclusive values from 0 to 7 */ |
| 187 | CO_SRC_TPROXY_ADDR = 0x0001, /* bind to this non-local address when connecting */ |
| 188 | CO_SRC_TPROXY_CIP = 0x0002, /* bind to the client's IP address when connecting */ |
| 189 | CO_SRC_TPROXY_CLI = 0x0003, /* bind to the client's IP+port when connecting */ |
| 190 | CO_SRC_TPROXY_DYN = 0x0004, /* bind to a dynamically computed non-local address */ |
| 191 | CO_SRC_TPROXY_MASK = 0x0007, /* bind to a non-local address when connecting */ |
| 192 | |
| 193 | CO_SRC_BIND = 0x0008, /* bind to a specific source address when connecting */ |
| 194 | }; |
| 195 | |
Willy Tarreau | 1049b1f | 2014-02-02 01:51:17 +0100 | [diff] [blame] | 196 | /* flags that can be passed to xprt->snd_buf() */ |
| 197 | enum { |
| 198 | CO_SFL_MSG_MORE = 0x0001, /* More data to come afterwards */ |
Willy Tarreau | 7bed945 | 2014-02-02 02:00:24 +0100 | [diff] [blame] | 199 | CO_SFL_STREAMER = 0x0002, /* Producer is continuously streaming data */ |
Willy Tarreau | 1049b1f | 2014-02-02 01:51:17 +0100 | [diff] [blame] | 200 | }; |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 201 | |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 202 | /* xprt_ops describes transport-layer operations for a connection. They |
| 203 | * generally run over a socket-based control layer, but not always. Some |
| 204 | * of them are used for data transfer with the upper layer (rcv_*, snd_*) |
| 205 | * and the other ones are used to setup and release the transport layer. |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 206 | */ |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 207 | struct xprt_ops { |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 208 | int (*rcv_buf)(struct connection *conn, struct buffer *buf, int count); /* recv callback */ |
| 209 | int (*snd_buf)(struct connection *conn, struct buffer *buf, int flags); /* send callback */ |
| 210 | int (*rcv_pipe)(struct connection *conn, struct pipe *pipe, unsigned int count); /* recv-to-pipe callback */ |
| 211 | int (*snd_pipe)(struct connection *conn, struct pipe *pipe); /* send-to-pipe callback */ |
| 212 | void (*shutr)(struct connection *, int); /* shutr function */ |
| 213 | void (*shutw)(struct connection *, int); /* shutw function */ |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 214 | void (*close)(struct connection *); /* close the transport layer */ |
| 215 | int (*init)(struct connection *conn); /* initialize the transport layer */ |
Willy Tarreau | 8e0bb0a | 2016-11-24 16:58:12 +0100 | [diff] [blame] | 216 | char name[8]; /* transport layer name, zero-terminated */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 217 | }; |
| 218 | |
Willy Tarreau | 74beec3 | 2012-10-03 00:41:04 +0200 | [diff] [blame] | 219 | /* data_cb describes the data layer's recv and send callbacks which are called |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 220 | * when I/O activity was detected after the transport layer is ready. These |
| 221 | * callbacks are supposed to make use of the xprt_ops above to exchange data |
Willy Tarreau | 4aa3683 | 2012-10-02 20:07:22 +0200 | [diff] [blame] | 222 | * from/to buffers and pipes. The <wake> callback is used to report activity |
| 223 | * at the transport layer, which can be a connection opening/close, or any |
Willy Tarreau | f4e114f | 2012-10-03 01:12:30 +0200 | [diff] [blame] | 224 | * data movement. The <init> callback may be called by the connection handler |
| 225 | * at the end of a transport handshake, when it is about to transfer data and |
Willy Tarreau | 2396c1c | 2012-10-03 21:12:16 +0200 | [diff] [blame] | 226 | * the data layer is not ready yet. Both <wake> and <init> may abort a connection |
| 227 | * by returning < 0. |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 228 | */ |
Willy Tarreau | 74beec3 | 2012-10-03 00:41:04 +0200 | [diff] [blame] | 229 | struct data_cb { |
| 230 | void (*recv)(struct connection *conn); /* data-layer recv callback */ |
| 231 | void (*send)(struct connection *conn); /* data-layer send callback */ |
Willy Tarreau | 2396c1c | 2012-10-03 21:12:16 +0200 | [diff] [blame] | 232 | int (*wake)(struct connection *conn); /* data-layer callback to report activity */ |
Willy Tarreau | f4e114f | 2012-10-03 01:12:30 +0200 | [diff] [blame] | 233 | int (*init)(struct connection *conn); /* data-layer initialization */ |
Willy Tarreau | 8e0bb0a | 2016-11-24 16:58:12 +0100 | [diff] [blame] | 234 | char name[8]; /* data layer name, zero-terminated */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 235 | }; |
| 236 | |
David Carlier | 3015a2e | 2016-07-04 22:51:33 +0100 | [diff] [blame] | 237 | struct my_tcphdr { |
David Carlier | 327298c | 2016-11-20 10:42:38 +0000 | [diff] [blame] | 238 | uint16_t source; |
| 239 | uint16_t dest; |
David Carlier | 3015a2e | 2016-07-04 22:51:33 +0100 | [diff] [blame] | 240 | }; |
| 241 | |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 242 | /* a connection source profile defines all the parameters needed to properly |
| 243 | * bind an outgoing connection for a server or proxy. |
| 244 | */ |
| 245 | |
| 246 | struct conn_src { |
| 247 | unsigned int opts; /* CO_SRC_* */ |
| 248 | int iface_len; /* bind interface name length */ |
| 249 | char *iface_name; /* bind interface name or NULL */ |
| 250 | struct port_range *sport_range; /* optional per-server TCP source ports */ |
| 251 | struct sockaddr_storage source_addr; /* the address to which we want to bind for connect() */ |
Willy Tarreau | 29fbe51 | 2015-08-20 19:35:14 +0200 | [diff] [blame] | 252 | #if defined(CONFIG_HAP_TRANSPARENT) |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 253 | struct sockaddr_storage tproxy_addr; /* non-local address we want to bind to for connect() */ |
| 254 | char *bind_hdr_name; /* bind to this header name if defined */ |
| 255 | int bind_hdr_len; /* length of the name of the header above */ |
| 256 | int bind_hdr_occ; /* occurrence number of header above: >0 = from first, <0 = from end, 0=disabled */ |
| 257 | #endif |
| 258 | }; |
| 259 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 260 | /* This structure describes a connection with its methods and data. |
| 261 | * A connection may be performed to proxy or server via a local or remote |
| 262 | * socket, and can also be made to an internal applet. It can support |
Willy Tarreau | 51c2184 | 2013-09-29 09:06:42 +0200 | [diff] [blame] | 263 | * several transport schemes (raw, ssl, ...). It can support several |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 264 | * connection control schemes, generally a protocol for socket-oriented |
| 265 | * connections, but other methods for applets. |
| 266 | */ |
| 267 | struct connection { |
Willy Tarreau | 51c2184 | 2013-09-29 09:06:42 +0200 | [diff] [blame] | 268 | enum obj_type obj_type; /* differentiates connection from applet context */ |
Willy Tarreau | ad5281c | 2013-12-06 21:09:57 +0100 | [diff] [blame] | 269 | unsigned char err_code; /* CO_ER_* */ |
| 270 | signed short send_proxy_ofs; /* <0 = offset to (re)send from the end, >0 = send all */ |
Willy Tarreau | b8020ce | 2013-10-24 21:10:08 +0200 | [diff] [blame] | 271 | unsigned int flags; /* CO_FL_* */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 272 | const struct protocol *ctrl; /* operations at the socket layer */ |
Willy Tarreau | 378e041 | 2012-10-13 14:33:58 +0200 | [diff] [blame] | 273 | const struct xprt_ops *xprt; /* operations at the transport layer */ |
Willy Tarreau | f79c817 | 2013-10-21 16:30:56 +0200 | [diff] [blame] | 274 | const struct data_cb *data; /* data layer callbacks. Must be set before xprt->init() */ |
Willy Tarreau | 378e041 | 2012-10-13 14:33:58 +0200 | [diff] [blame] | 275 | void *xprt_ctx; /* general purpose pointer, initialized to NULL */ |
Willy Tarreau | cd37995 | 2012-09-27 22:14:33 +0200 | [diff] [blame] | 276 | void *owner; /* pointer to upper layer's entity (eg: stream interface) */ |
Willy Tarreau | b8020ce | 2013-10-24 21:10:08 +0200 | [diff] [blame] | 277 | int xprt_st; /* transport layer state, initialized to zero */ |
Willy Tarreau | ad5281c | 2013-12-06 21:09:57 +0100 | [diff] [blame] | 278 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 279 | union { /* definitions which depend on connection type */ |
| 280 | struct { /*** information used by socket-based connections ***/ |
| 281 | int fd; /* file descriptor for a stream driver when known */ |
| 282 | } sock; |
| 283 | } t; |
Willy Tarreau | 3fdb366 | 2012-11-12 00:42:33 +0100 | [diff] [blame] | 284 | enum obj_type *target; /* the target to connect to (server, proxy, applet, ...) */ |
Willy Tarreau | d75d40e | 2015-08-04 17:25:58 +0200 | [diff] [blame] | 285 | struct list list; /* attach point to various connection lists (idle, ...) */ |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 286 | const struct netns_entry *proxy_netns; |
Willy Tarreau | 986a9d2 | 2012-08-30 21:11:38 +0200 | [diff] [blame] | 287 | struct { |
| 288 | struct sockaddr_storage from; /* client address, or address to spoof when connecting to the server */ |
Willy Tarreau | cd37995 | 2012-09-27 22:14:33 +0200 | [diff] [blame] | 289 | struct sockaddr_storage to; /* address reached by the client, or address to connect to */ |
Willy Tarreau | 986a9d2 | 2012-08-30 21:11:38 +0200 | [diff] [blame] | 290 | } addr; /* addresses of the remote side, client for producer and server for consumer */ |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 291 | }; |
| 292 | |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 293 | /* proxy protocol v2 definitions */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 294 | #define PP2_SIGNATURE "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A" |
| 295 | #define PP2_SIGNATURE_LEN 12 |
| 296 | #define PP2_HEADER_LEN 16 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 297 | |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 298 | /* ver_cmd byte */ |
| 299 | #define PP2_CMD_LOCAL 0x00 |
| 300 | #define PP2_CMD_PROXY 0x01 |
| 301 | #define PP2_CMD_MASK 0x0F |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 302 | |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 303 | #define PP2_VERSION 0x20 |
| 304 | #define PP2_VERSION_MASK 0xF0 |
| 305 | |
| 306 | /* fam byte */ |
| 307 | #define PP2_TRANS_UNSPEC 0x00 |
| 308 | #define PP2_TRANS_STREAM 0x01 |
| 309 | #define PP2_TRANS_DGRAM 0x02 |
| 310 | #define PP2_TRANS_MASK 0x0F |
| 311 | |
| 312 | #define PP2_FAM_UNSPEC 0x00 |
| 313 | #define PP2_FAM_INET 0x10 |
| 314 | #define PP2_FAM_INET6 0x20 |
| 315 | #define PP2_FAM_UNIX 0x30 |
| 316 | #define PP2_FAM_MASK 0xF0 |
| 317 | |
| 318 | #define PP2_ADDR_LEN_UNSPEC (0) |
| 319 | #define PP2_ADDR_LEN_INET (4 + 4 + 2 + 2) |
| 320 | #define PP2_ADDR_LEN_INET6 (16 + 16 + 2 + 2) |
| 321 | #define PP2_ADDR_LEN_UNIX (108 + 108) |
| 322 | |
| 323 | #define PP2_HDR_LEN_UNSPEC (PP2_HEADER_LEN + PP2_ADDR_LEN_UNSPEC) |
| 324 | #define PP2_HDR_LEN_INET (PP2_HEADER_LEN + PP2_ADDR_LEN_INET) |
| 325 | #define PP2_HDR_LEN_INET6 (PP2_HEADER_LEN + PP2_ADDR_LEN_INET6) |
| 326 | #define PP2_HDR_LEN_UNIX (PP2_HEADER_LEN + PP2_ADDR_LEN_UNIX) |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 327 | |
| 328 | struct proxy_hdr_v2 { |
| 329 | uint8_t sig[12]; /* hex 0D 0A 0D 0A 00 0D 0A 51 55 49 54 0A */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 330 | uint8_t ver_cmd; /* protocol version and command */ |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 331 | uint8_t fam; /* protocol family and transport */ |
| 332 | uint16_t len; /* number of following bytes part of the header */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 333 | union { |
| 334 | struct { /* for TCP/UDP over IPv4, len = 12 */ |
| 335 | uint32_t src_addr; |
| 336 | uint32_t dst_addr; |
| 337 | uint16_t src_port; |
| 338 | uint16_t dst_port; |
| 339 | } ip4; |
| 340 | struct { /* for TCP/UDP over IPv6, len = 36 */ |
| 341 | uint8_t src_addr[16]; |
| 342 | uint8_t dst_addr[16]; |
| 343 | uint16_t src_port; |
| 344 | uint16_t dst_port; |
| 345 | } ip6; |
| 346 | struct { /* for AF_UNIX sockets, len = 216 */ |
| 347 | uint8_t src_addr[108]; |
| 348 | uint8_t dst_addr[108]; |
| 349 | } unx; |
| 350 | } addr; |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 351 | }; |
| 352 | |
| 353 | #define PP2_TYPE_SSL 0x20 |
| 354 | #define PP2_TYPE_SSL_VERSION 0x21 |
| 355 | #define PP2_TYPE_SSL_CN 0x22 |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 356 | #define PP2_TYPE_NETNS 0x30 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 357 | |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 358 | #define TLV_HEADER_SIZE 3 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 359 | struct tlv { |
| 360 | uint8_t type; |
| 361 | uint8_t length_hi; |
| 362 | uint8_t length_lo; |
| 363 | uint8_t value[0]; |
| 364 | }__attribute__((packed)); |
| 365 | |
| 366 | struct tlv_ssl { |
| 367 | struct tlv tlv; |
| 368 | uint8_t client; |
| 369 | uint32_t verify; |
| 370 | uint8_t sub_tlv[0]; |
| 371 | }__attribute__((packed)); |
| 372 | |
Dave McCowan | 328fb58 | 2014-07-30 10:39:13 -0400 | [diff] [blame] | 373 | #define PP2_CLIENT_SSL 0x01 |
| 374 | #define PP2_CLIENT_CERT_CONN 0x02 |
| 375 | #define PP2_CLIENT_CERT_SESS 0x04 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 376 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 377 | #endif /* _TYPES_CONNECTION_H */ |
| 378 | |
| 379 | /* |
| 380 | * Local variables: |
| 381 | * c-indent-level: 8 |
| 382 | * c-basic-offset: 8 |
| 383 | * End: |
| 384 | */ |