Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 1 | /* |
| 2 | * include/types/connection.h |
| 3 | * This file describes the connection struct and associated constants. |
| 4 | * |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 5 | * Copyright (C) 2000-2014 Willy Tarreau - w@1wt.eu |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 6 | * |
| 7 | * This library is free software; you can redistribute it and/or |
| 8 | * modify it under the terms of the GNU Lesser General Public |
| 9 | * License as published by the Free Software Foundation, version 2.1 |
| 10 | * exclusively. |
| 11 | * |
| 12 | * This library is distributed in the hope that it will be useful, |
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15 | * Lesser General Public License for more details. |
| 16 | * |
| 17 | * You should have received a copy of the GNU Lesser General Public |
| 18 | * License along with this library; if not, write to the Free Software |
| 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 20 | */ |
| 21 | |
| 22 | #ifndef _TYPES_CONNECTION_H |
| 23 | #define _TYPES_CONNECTION_H |
| 24 | |
| 25 | #include <stdlib.h> |
| 26 | #include <sys/socket.h> |
| 27 | |
Willy Tarreau | 4c7e4b7 | 2020-05-27 12:58:42 +0200 | [diff] [blame] | 28 | #include <haproxy/api-t.h> |
Willy Tarreau | eb6f701 | 2020-05-27 16:21:26 +0200 | [diff] [blame] | 29 | #include <import/ist.h> |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 30 | |
Willy Tarreau | d1d5454 | 2012-09-12 22:58:11 +0200 | [diff] [blame] | 31 | #include <types/listener.h> |
Willy Tarreau | 3fdb366 | 2012-11-12 00:42:33 +0100 | [diff] [blame] | 32 | #include <types/obj_type.h> |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 33 | #include <types/port_range.h> |
Willy Tarreau | 2dd7c35 | 2020-06-03 15:26:55 +0200 | [diff] [blame] | 34 | #include <haproxy/protocol-t.h> |
Willy Tarreau | d1d5454 | 2012-09-12 22:58:11 +0200 | [diff] [blame] | 35 | |
Willy Tarreau | d2629f2 | 2016-08-10 18:57:38 +0200 | [diff] [blame] | 36 | #include <netinet/in_systm.h> |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 37 | #include <netinet/ip.h> |
| 38 | #include <netinet/ip6.h> |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 39 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 40 | /* referenced below */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 41 | struct connection; |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 42 | struct conn_stream; |
Christopher Faulet | 3bc1b11 | 2018-11-29 11:29:26 +0100 | [diff] [blame] | 43 | struct cs_info; |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 44 | struct buffer; |
Willy Tarreau | 175a2bb | 2018-09-12 12:02:05 +0200 | [diff] [blame] | 45 | struct proxy; |
Willy Tarreau | d84dab7 | 2016-12-22 21:13:18 +0100 | [diff] [blame] | 46 | struct server; |
Olivier Houchard | f502aca | 2018-12-14 19:42:40 +0100 | [diff] [blame] | 47 | struct session; |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 48 | struct pipe; |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 49 | |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 50 | /* socks4 upstream proxy definitions */ |
| 51 | struct socks4_request { |
| 52 | uint8_t version; /* SOCKS version number, 1 byte, must be 0x04 for this version */ |
| 53 | uint8_t command; /* 0x01 = establish a TCP/IP stream connection */ |
| 54 | uint16_t port; /* port number, 2 bytes (in network byte order) */ |
| 55 | uint32_t ip; /* IP address, 4 bytes (in network byte order) */ |
| 56 | char user_id[8]; /* the user ID string, variable length, terminated with a null (0x00); Using "HAProxy\0" */ |
| 57 | }; |
| 58 | |
Willy Tarreau | 4f6516d | 2018-12-19 13:59:17 +0100 | [diff] [blame] | 59 | /* Note: subscribing to these events is only valid after the caller has really |
| 60 | * attempted to perform the operation, and failed to proceed or complete. |
| 61 | */ |
Olivier Houchard | e1c6dbc | 2018-08-01 17:06:43 +0200 | [diff] [blame] | 62 | enum sub_event_type { |
Willy Tarreau | 4f6516d | 2018-12-19 13:59:17 +0100 | [diff] [blame] | 63 | SUB_RETRY_RECV = 0x00000001, /* Schedule the tasklet when we can attempt to recv again */ |
| 64 | SUB_RETRY_SEND = 0x00000002, /* Schedule the tasklet when we can attempt to send again */ |
Olivier Houchard | e1c6dbc | 2018-08-01 17:06:43 +0200 | [diff] [blame] | 65 | }; |
| 66 | |
Willy Tarreau | 7872d1f | 2020-01-10 07:06:05 +0100 | [diff] [blame] | 67 | /* Describes a set of subscriptions. Multiple events may be registered at the |
| 68 | * same time. The callee should assume everything not pending for completion is |
| 69 | * implicitly possible. It's illegal to change the tasklet if events are still |
| 70 | * registered. |
| 71 | */ |
Olivier Houchard | fa8aa86 | 2018-10-10 18:25:41 +0200 | [diff] [blame] | 72 | struct wait_event { |
Willy Tarreau | 3c39a7d | 2019-06-14 14:42:29 +0200 | [diff] [blame] | 73 | struct tasklet *tasklet; |
Willy Tarreau | 4f6516d | 2018-12-19 13:59:17 +0100 | [diff] [blame] | 74 | int events; /* set of enum sub_event_type above */ |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 75 | }; |
Willy Tarreau | 585744b | 2017-08-24 14:31:19 +0200 | [diff] [blame] | 76 | |
Bertrand Jacquin | d5e4de8 | 2018-10-13 16:06:18 +0100 | [diff] [blame] | 77 | /* A connection handle is how we differentiate two connections on the lower |
Willy Tarreau | 585744b | 2017-08-24 14:31:19 +0200 | [diff] [blame] | 78 | * layers. It usually is a file descriptor but can be a connection id. |
| 79 | */ |
| 80 | union conn_handle { |
| 81 | int fd; /* file descriptor, for regular sockets */ |
| 82 | }; |
| 83 | |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 84 | /* conn_stream flags */ |
| 85 | enum { |
| 86 | CS_FL_NONE = 0x00000000, /* Just for initialization purposes */ |
Willy Tarreau | 79dadb5 | 2017-10-05 15:06:07 +0200 | [diff] [blame] | 87 | CS_FL_SHRD = 0x00000010, /* read shut, draining extra data */ |
| 88 | CS_FL_SHRR = 0x00000020, /* read shut, resetting extra data */ |
| 89 | CS_FL_SHR = CS_FL_SHRD | CS_FL_SHRR, /* read shut status */ |
| 90 | |
| 91 | CS_FL_SHWN = 0x00000040, /* write shut, verbose mode */ |
| 92 | CS_FL_SHWS = 0x00000080, /* write shut, silent mode */ |
| 93 | CS_FL_SHW = CS_FL_SHWN | CS_FL_SHWS, /* write shut status */ |
| 94 | |
| 95 | |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 96 | CS_FL_ERROR = 0x00000100, /* a fatal error was reported */ |
Olivier Houchard | d247be0 | 2018-12-06 16:22:29 +0100 | [diff] [blame] | 97 | CS_FL_RCV_MORE = 0x00000200, /* We may have more bytes to transfert */ |
| 98 | CS_FL_WANT_ROOM = 0x00000400, /* More bytes to transfert, but not enough room */ |
Olivier Houchard | 71748cb | 2018-12-17 14:16:46 +0100 | [diff] [blame] | 99 | CS_FL_ERR_PENDING = 0x00000800, /* An error is pending, but there's still data to be read */ |
Willy Tarreau | a3f7efe | 2018-03-02 12:25:45 +0100 | [diff] [blame] | 100 | CS_FL_EOS = 0x00001000, /* End of stream delivered to data layer */ |
Willy Tarreau | 7bb39d7 | 2019-06-03 14:23:33 +0200 | [diff] [blame] | 101 | /* unused: 0x00002000 */ |
Christopher Faulet | 87a8f35 | 2019-03-22 14:51:36 +0100 | [diff] [blame] | 102 | CS_FL_EOI = 0x00004000, /* end-of-input reached */ |
Willy Tarreau | 17ccd1a | 2020-01-17 16:19:34 +0100 | [diff] [blame] | 103 | CS_FL_MAY_SPLICE = 0x00008000, /* caller may use rcv_pipe() only if this flag is set */ |
Olivier Houchard | 6fa63d9 | 2017-11-27 18:41:32 +0100 | [diff] [blame] | 104 | CS_FL_WAIT_FOR_HS = 0x00010000, /* This stream is waiting for handhskae */ |
Willy Tarreau | 51d0a7e | 2019-01-31 19:09:59 +0100 | [diff] [blame] | 105 | CS_FL_KILL_CONN = 0x00020000, /* must kill the connection when the CS closes */ |
Christopher Faulet | 08088e7 | 2018-10-01 12:10:13 +0200 | [diff] [blame] | 106 | |
Christopher Faulet | effc375 | 2018-10-31 08:53:54 +0100 | [diff] [blame] | 107 | /* following flags are supposed to be set by the mux and read/unset by |
| 108 | * the stream-interface : |
| 109 | */ |
| 110 | CS_FL_NOT_FIRST = 0x00100000, /* this stream is not the first one */ |
Joseph Herlant | 8a95a6e | 2018-11-25 13:21:12 -0800 | [diff] [blame] | 111 | CS_FL_READ_PARTIAL = 0x00200000, /* some data were received (not necessarily xferred) */ |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 112 | }; |
Willy Tarreau | 585744b | 2017-08-24 14:31:19 +0200 | [diff] [blame] | 113 | |
Willy Tarreau | 79dadb5 | 2017-10-05 15:06:07 +0200 | [diff] [blame] | 114 | /* cs_shutr() modes */ |
| 115 | enum cs_shr_mode { |
| 116 | CS_SHR_DRAIN = 0, /* read shutdown, drain any extra stuff */ |
| 117 | CS_SHR_RESET = 1, /* read shutdown, reset any extra stuff */ |
| 118 | }; |
| 119 | |
| 120 | /* cs_shutw() modes */ |
| 121 | enum cs_shw_mode { |
| 122 | CS_SHW_NORMAL = 0, /* regular write shutdown */ |
| 123 | CS_SHW_SILENT = 1, /* imminent close, don't notify peer */ |
| 124 | }; |
| 125 | |
Willy Tarreau | 3381bf8 | 2020-01-17 17:39:35 +0100 | [diff] [blame] | 126 | /* For each direction, we have a CO_FL_XPRT_<DIR>_ENA flag, which |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 127 | * indicates if read or write is desired in that direction for the respective |
| 128 | * layers. The current status corresponding to the current layer being used is |
Willy Tarreau | 3381bf8 | 2020-01-17 17:39:35 +0100 | [diff] [blame] | 129 | * remembered in the CO_FL_XPRT_<DIR>_ENA flag. The need to poll (ie receipt of |
Willy Tarreau | baf5b9b | 2014-01-23 15:26:18 +0100 | [diff] [blame] | 130 | * EAGAIN) is remembered at the file descriptor level so that even when the |
| 131 | * activity is stopped and restarted, we still remember whether it was needed |
| 132 | * to poll before attempting the I/O. |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 133 | * |
Willy Tarreau | 3381bf8 | 2020-01-17 17:39:35 +0100 | [diff] [blame] | 134 | * The FD state is updated according to CO_FL_XPRT_<DIR>_ENA in |
| 135 | * conn_cond_update_polling(). |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 136 | */ |
| 137 | |
Willy Tarreau | 900bc93 | 2012-07-06 09:52:14 +0200 | [diff] [blame] | 138 | /* flags for use in connection->flags */ |
| 139 | enum { |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 140 | CO_FL_NONE = 0x00000000, /* Just for initialization purposes */ |
Willy Tarreau | c76ae33 | 2012-07-12 15:32:13 +0200 | [diff] [blame] | 141 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 142 | /* Do not change these values without updating conn_*_poll_changes() ! */ |
Olivier Houchard | d2489e0 | 2020-03-10 18:04:37 +0100 | [diff] [blame] | 143 | CO_FL_SAFE_LIST = 0x00000001, /* 0 = not in any list, 1 = in safe_list */ |
| 144 | CO_FL_IDLE_LIST = 0x00000002, /* 2 = in idle_list, 3 = invalid */ |
| 145 | CO_FL_LIST_MASK = 0x00000003, /* Is the connection in any server-managed list ? */ |
| 146 | |
Willy Tarreau | 3381bf8 | 2020-01-17 17:39:35 +0100 | [diff] [blame] | 147 | /* unused : 0x00000004, 0x00000008 */ |
Willy Tarreau | c8dd77f | 2012-11-05 17:52:26 +0100 | [diff] [blame] | 148 | |
Olivier Houchard | 03abf2d | 2019-05-28 10:12:02 +0200 | [diff] [blame] | 149 | /* unused : 0x00000010 */ |
Willy Tarreau | 19bc201 | 2020-02-21 08:46:19 +0100 | [diff] [blame] | 150 | /* unused : 0x00000020 */ |
Willy Tarreau | 3381bf8 | 2020-01-17 17:39:35 +0100 | [diff] [blame] | 151 | /* unused : 0x00000040, 0x00000080 */ |
Willy Tarreau | c76ae33 | 2012-07-12 15:32:13 +0200 | [diff] [blame] | 152 | |
Willy Tarreau | f79c817 | 2013-10-21 16:30:56 +0200 | [diff] [blame] | 153 | /* These flags indicate whether the Control and Transport layers are initialized */ |
| 154 | CO_FL_CTRL_READY = 0x00000100, /* FD was registered, fd_delete() needed */ |
| 155 | CO_FL_XPRT_READY = 0x00000200, /* xprt_init() done, xprt_close() needed */ |
| 156 | |
Willy Tarreau | 19bc201 | 2020-02-21 08:46:19 +0100 | [diff] [blame] | 157 | /* unused : 0x00000400 */ |
Willy Tarreau | 2686dca | 2017-04-26 16:25:12 +0200 | [diff] [blame] | 158 | |
| 159 | /* This flag is used by data layers to indicate they had to stop |
| 160 | * receiving data because a buffer was full. The connection handler |
| 161 | * clears it before first calling the I/O and data callbacks. |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 162 | */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 163 | CO_FL_WAIT_ROOM = 0x00000800, /* data sink is full */ |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 164 | |
Willy Tarreau | 986a9d2 | 2012-08-30 21:11:38 +0200 | [diff] [blame] | 165 | /* These flags are used to report whether the from/to addresses are set or not */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 166 | CO_FL_ADDR_FROM_SET = 0x00001000, /* addr.from is set */ |
| 167 | CO_FL_ADDR_TO_SET = 0x00002000, /* addr.to is set */ |
| 168 | |
Olivier Houchard | c2aae74 | 2017-09-22 18:26:28 +0200 | [diff] [blame] | 169 | CO_FL_EARLY_SSL_HS = 0x00004000, /* We have early data pending, don't start SSL handshake yet */ |
| 170 | CO_FL_EARLY_DATA = 0x00008000, /* At least some of the data are early data */ |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 171 | CO_FL_SOCKS4_SEND = 0x00010000, /* handshaking with upstream SOCKS4 proxy, going to send the handshake */ |
| 172 | CO_FL_SOCKS4_RECV = 0x00020000, /* handshaking with upstream SOCKS4 proxy, going to check if handshake succeed */ |
Willy Tarreau | 2ba4465 | 2012-08-20 17:30:32 +0200 | [diff] [blame] | 173 | |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 174 | /* flags used to remember what shutdown have been performed/reported */ |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 175 | CO_FL_SOCK_RD_SH = 0x00040000, /* SOCK layer was notified about shutr/read0 */ |
| 176 | CO_FL_SOCK_WR_SH = 0x00080000, /* SOCK layer asked for shutw */ |
| 177 | |
Willy Tarreau | 3c0cc49 | 2017-03-19 07:54:28 +0100 | [diff] [blame] | 178 | /* flags used to report connection errors or other closing conditions */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 179 | CO_FL_ERROR = 0x00100000, /* a fatal error was reported */ |
Willy Tarreau | 8e3c6ce | 2017-08-28 15:46:01 +0200 | [diff] [blame] | 180 | CO_FL_NOTIFY_DONE = 0x001C0000, /* any xprt shut/error flags above needs to be reported */ |
Willy Tarreau | 3c0cc49 | 2017-03-19 07:54:28 +0100 | [diff] [blame] | 181 | |
| 182 | /* flags used to report connection status updates */ |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 183 | CO_FL_WAIT_L4_CONN = 0x00400000, /* waiting for L4 to be connected */ |
| 184 | CO_FL_WAIT_L6_CONN = 0x00800000, /* waiting for L6 to be connected (eg: SSL) */ |
Willy Tarreau | c192b0a | 2020-01-23 09:11:58 +0100 | [diff] [blame] | 185 | CO_FL_WAIT_L4L6 = 0x00C00000, /* waiting for L4 and/or L6 to be connected */ |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 186 | |
Willy Tarreau | 4450b58 | 2020-01-23 15:23:13 +0100 | [diff] [blame] | 187 | /* All the flags below are used for connection handshakes. Any new |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 188 | * handshake should be added after this point, and CO_FL_HANDSHAKE |
| 189 | * should be updated. |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 190 | */ |
Willy Tarreau | 57cd3e4 | 2013-10-24 22:01:26 +0200 | [diff] [blame] | 191 | CO_FL_SEND_PROXY = 0x01000000, /* send a valid PROXY protocol header */ |
Willy Tarreau | 4450b58 | 2020-01-23 15:23:13 +0100 | [diff] [blame] | 192 | CO_FL_ACCEPT_PROXY = 0x02000000, /* receive a valid PROXY protocol header */ |
| 193 | CO_FL_ACCEPT_CIP = 0x04000000, /* receive a valid NetScaler Client IP header */ |
Willy Tarreau | e9dfa79 | 2012-09-01 17:26:16 +0200 | [diff] [blame] | 194 | |
Willy Tarreau | f3a6d7e | 2012-10-03 20:00:18 +0200 | [diff] [blame] | 195 | /* below we have all handshake flags grouped into one */ |
Willy Tarreau | 4450b58 | 2020-01-23 15:23:13 +0100 | [diff] [blame] | 196 | CO_FL_HANDSHAKE = CO_FL_SEND_PROXY | CO_FL_ACCEPT_PROXY | CO_FL_ACCEPT_CIP | CO_FL_SOCKS4_SEND | CO_FL_SOCKS4_RECV, |
Willy Tarreau | 911db9b | 2020-01-23 16:27:54 +0100 | [diff] [blame] | 197 | CO_FL_WAIT_XPRT = CO_FL_WAIT_L4_CONN | CO_FL_HANDSHAKE | CO_FL_WAIT_L6_CONN, |
Willy Tarreau | 4450b58 | 2020-01-23 15:23:13 +0100 | [diff] [blame] | 198 | |
| 199 | CO_FL_SSL_WAIT_HS = 0x08000000, /* wait for an SSL handshake to complete */ |
Willy Tarreau | b5e2cbd | 2012-08-17 11:55:04 +0200 | [diff] [blame] | 200 | |
Willy Tarreau | 387ebf8 | 2015-08-04 19:24:13 +0200 | [diff] [blame] | 201 | /* This connection may not be shared between clients */ |
| 202 | CO_FL_PRIVATE = 0x10000000, |
| 203 | |
Emeric Brun | 4f60301 | 2017-01-05 15:11:44 +0100 | [diff] [blame] | 204 | /* This flag is used to know that a PROXY protocol header was sent by the client */ |
| 205 | CO_FL_RCVD_PROXY = 0x20000000, |
| 206 | |
Olivier Houchard | a2dbeb2 | 2018-12-28 18:50:57 +0100 | [diff] [blame] | 207 | /* The connection is unused by its owner */ |
| 208 | CO_FL_SESS_IDLE = 0x40000000, |
Willy Tarreau | f79c817 | 2013-10-21 16:30:56 +0200 | [diff] [blame] | 209 | |
Willy Tarreau | 1e95491 | 2012-10-12 17:50:05 +0200 | [diff] [blame] | 210 | /* This last flag indicates that the transport layer is used (for instance |
| 211 | * by logs) and must not be cleared yet. The last call to conn_xprt_close() |
| 212 | * must be done after clearing this flag. |
| 213 | */ |
| 214 | CO_FL_XPRT_TRACKED = 0x80000000, |
Willy Tarreau | 900bc93 | 2012-07-06 09:52:14 +0200 | [diff] [blame] | 215 | |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 216 | /* below we have all SOCKS handshake flags grouped into one */ |
| 217 | CO_FL_SOCKS4 = CO_FL_SOCKS4_SEND | CO_FL_SOCKS4_RECV, |
| 218 | }; |
Willy Tarreau | 14cba4b | 2012-11-30 17:33:05 +0100 | [diff] [blame] | 219 | |
| 220 | /* possible connection error codes */ |
| 221 | enum { |
| 222 | CO_ER_NONE, /* no error */ |
Willy Tarreau | 45b34e8 | 2014-01-24 16:06:50 +0100 | [diff] [blame] | 223 | |
| 224 | CO_ER_CONF_FDLIM, /* reached process' configured FD limitation */ |
| 225 | CO_ER_PROC_FDLIM, /* reached process' FD limitation */ |
| 226 | CO_ER_SYS_FDLIM, /* reached system's FD limitation */ |
| 227 | CO_ER_SYS_MEMLIM, /* reached system buffers limitation */ |
| 228 | CO_ER_NOPROTO, /* protocol not supported */ |
| 229 | CO_ER_SOCK_ERR, /* other socket error */ |
| 230 | |
| 231 | CO_ER_PORT_RANGE, /* source port range exhausted */ |
| 232 | CO_ER_CANT_BIND, /* can't bind to source address */ |
| 233 | CO_ER_FREE_PORTS, /* no more free ports on the system */ |
| 234 | CO_ER_ADDR_INUSE, /* local address already in use */ |
| 235 | |
Willy Tarreau | 8e3bf69 | 2012-12-03 15:41:18 +0100 | [diff] [blame] | 236 | CO_ER_PRX_EMPTY, /* nothing received in PROXY protocol header */ |
| 237 | CO_ER_PRX_ABORT, /* client abort during PROXY protocol header */ |
Willy Tarreau | 0af2912 | 2012-12-03 15:35:00 +0100 | [diff] [blame] | 238 | CO_ER_PRX_TIMEOUT, /* timeout while waiting for a PROXY header */ |
Willy Tarreau | 8e3bf69 | 2012-12-03 15:41:18 +0100 | [diff] [blame] | 239 | CO_ER_PRX_TRUNCATED, /* truncated PROXY protocol header */ |
| 240 | CO_ER_PRX_NOT_HDR, /* not a PROXY protocol header */ |
| 241 | CO_ER_PRX_BAD_HDR, /* bad PROXY protocol header */ |
| 242 | CO_ER_PRX_BAD_PROTO, /* unsupported protocol in PROXY header */ |
| 243 | |
Bertrand Jacquin | 93b227d | 2016-06-04 15:11:10 +0100 | [diff] [blame] | 244 | CO_ER_CIP_EMPTY, /* nothing received in NetScaler Client IP header */ |
| 245 | CO_ER_CIP_ABORT, /* client abort during NetScaler Client IP header */ |
| 246 | CO_ER_CIP_TIMEOUT, /* timeout while waiting for a NetScaler Client IP header */ |
| 247 | CO_ER_CIP_TRUNCATED, /* truncated NetScaler Client IP header */ |
| 248 | CO_ER_CIP_BAD_MAGIC, /* bad magic number in NetScaler Client IP header */ |
| 249 | CO_ER_CIP_BAD_PROTO, /* unsupported protocol in NetScaler Client IP header */ |
| 250 | |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 251 | CO_ER_SSL_EMPTY, /* client closed during SSL handshake */ |
| 252 | CO_ER_SSL_ABORT, /* client abort during SSL handshake */ |
Willy Tarreau | 0af2912 | 2012-12-03 15:35:00 +0100 | [diff] [blame] | 253 | CO_ER_SSL_TIMEOUT, /* timeout during SSL handshake */ |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 254 | CO_ER_SSL_TOO_MANY, /* too many SSL connections */ |
| 255 | CO_ER_SSL_NO_MEM, /* no more memory to allocate an SSL connection */ |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 256 | CO_ER_SSL_RENEG, /* forbidden client renegotiation */ |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 257 | CO_ER_SSL_CA_FAIL, /* client cert verification failed in the CA chain */ |
| 258 | CO_ER_SSL_CRT_FAIL, /* client cert verification failed on the certificate */ |
Willy Tarreau | 71d058c | 2017-07-26 20:09:56 +0200 | [diff] [blame] | 259 | CO_ER_SSL_MISMATCH, /* Server presented an SSL certificate different from the configured one */ |
| 260 | CO_ER_SSL_MISMATCH_SNI, /* Server presented an SSL certificate different from the expected one */ |
Willy Tarreau | 20879a0 | 2012-12-03 16:32:10 +0100 | [diff] [blame] | 261 | CO_ER_SSL_HANDSHAKE, /* SSL error during handshake */ |
Willy Tarreau | b396637 | 2014-04-25 18:54:29 +0200 | [diff] [blame] | 262 | CO_ER_SSL_HANDSHAKE_HB, /* SSL error during handshake with heartbeat present */ |
Willy Tarreau | f51c698 | 2014-04-25 20:02:39 +0200 | [diff] [blame] | 263 | CO_ER_SSL_KILLED_HB, /* Stopped a TLSv1 heartbeat attack (CVE-2014-0160) */ |
| 264 | CO_ER_SSL_NO_TARGET, /* unknown target (not client nor server) */ |
Olivier Houchard | 522eea7 | 2017-11-03 16:27:47 +0100 | [diff] [blame] | 265 | CO_ER_SSL_EARLY_FAILED, /* Server refused early data */ |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 266 | |
| 267 | CO_ER_SOCKS4_SEND, /* SOCKS4 Proxy write error during handshake */ |
| 268 | CO_ER_SOCKS4_RECV, /* SOCKS4 Proxy read error during handshake */ |
| 269 | CO_ER_SOCKS4_DENY, /* SOCKS4 Proxy deny the request */ |
| 270 | CO_ER_SOCKS4_ABORT, /* SOCKS4 Proxy handshake aborted by server */ |
Willy Tarreau | 14cba4b | 2012-11-30 17:33:05 +0100 | [diff] [blame] | 271 | }; |
| 272 | |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 273 | /* source address settings for outgoing connections */ |
| 274 | enum { |
| 275 | /* Tproxy exclusive values from 0 to 7 */ |
| 276 | CO_SRC_TPROXY_ADDR = 0x0001, /* bind to this non-local address when connecting */ |
| 277 | CO_SRC_TPROXY_CIP = 0x0002, /* bind to the client's IP address when connecting */ |
| 278 | CO_SRC_TPROXY_CLI = 0x0003, /* bind to the client's IP+port when connecting */ |
| 279 | CO_SRC_TPROXY_DYN = 0x0004, /* bind to a dynamically computed non-local address */ |
| 280 | CO_SRC_TPROXY_MASK = 0x0007, /* bind to a non-local address when connecting */ |
| 281 | |
| 282 | CO_SRC_BIND = 0x0008, /* bind to a specific source address when connecting */ |
| 283 | }; |
| 284 | |
Willy Tarreau | 337ea57 | 2018-06-19 06:23:38 +0200 | [diff] [blame] | 285 | /* flags that can be passed to xprt->rcv_buf() and mux->rcv_buf() */ |
| 286 | enum { |
| 287 | CO_RFL_BUF_WET = 0x0001, /* Buffer still has some output data present */ |
Christopher Faulet | c6618d6 | 2018-10-11 15:56:04 +0200 | [diff] [blame] | 288 | CO_RFL_BUF_FLUSH = 0x0002, /* Flush mux's buffers but don't read more data */ |
Willy Tarreau | 716bec2 | 2020-02-20 11:04:40 +0100 | [diff] [blame] | 289 | CO_RFL_READ_ONCE = 0x0004, /* don't loop even if the request/response is small */ |
Willy Tarreau | 337ea57 | 2018-06-19 06:23:38 +0200 | [diff] [blame] | 290 | }; |
| 291 | |
| 292 | /* flags that can be passed to xprt->snd_buf() and mux->snd_buf() */ |
Willy Tarreau | 1049b1f | 2014-02-02 01:51:17 +0100 | [diff] [blame] | 293 | enum { |
| 294 | CO_SFL_MSG_MORE = 0x0001, /* More data to come afterwards */ |
Willy Tarreau | 7bed945 | 2014-02-02 02:00:24 +0100 | [diff] [blame] | 295 | CO_SFL_STREAMER = 0x0002, /* Producer is continuously streaming data */ |
Willy Tarreau | 1049b1f | 2014-02-02 01:51:17 +0100 | [diff] [blame] | 296 | }; |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 297 | |
Willy Tarreau | 13e1410 | 2016-12-22 20:25:26 +0100 | [diff] [blame] | 298 | /* known transport layers (for ease of lookup) */ |
| 299 | enum { |
| 300 | XPRT_RAW = 0, |
| 301 | XPRT_SSL = 1, |
Olivier Houchard | fe50bfb | 2019-05-27 12:09:19 +0200 | [diff] [blame] | 302 | XPRT_HANDSHAKE = 2, |
Willy Tarreau | 13e1410 | 2016-12-22 20:25:26 +0100 | [diff] [blame] | 303 | XPRT_ENTRIES /* must be last one */ |
| 304 | }; |
| 305 | |
Willy Tarreau | 28f1cb9 | 2017-12-20 16:14:44 +0100 | [diff] [blame] | 306 | /* MUX-specific flags */ |
| 307 | enum { |
| 308 | MX_FL_NONE = 0x00000000, |
| 309 | MX_FL_CLEAN_ABRT = 0x00000001, /* abort is clearly reported as an error */ |
Christopher Faulet | 9f38f5a | 2019-04-03 09:53:32 +0200 | [diff] [blame] | 310 | MX_FL_HTX = 0x00000002, /* set if it is an HTX multiplexer */ |
Willy Tarreau | 28f1cb9 | 2017-12-20 16:14:44 +0100 | [diff] [blame] | 311 | }; |
| 312 | |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 313 | /* xprt_ops describes transport-layer operations for a connection. They |
| 314 | * generally run over a socket-based control layer, but not always. Some |
| 315 | * of them are used for data transfer with the upper layer (rcv_*, snd_*) |
| 316 | * and the other ones are used to setup and release the transport layer. |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 317 | */ |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 318 | struct xprt_ops { |
Olivier Houchard | e179d0e | 2019-03-21 18:27:17 +0100 | [diff] [blame] | 319 | size_t (*rcv_buf)(struct connection *conn, void *xprt_ctx, struct buffer *buf, size_t count, int flags); /* recv callback */ |
| 320 | size_t (*snd_buf)(struct connection *conn, void *xprt_ctx, const struct buffer *buf, size_t count, int flags); /* send callback */ |
| 321 | int (*rcv_pipe)(struct connection *conn, void *xprt_ctx, struct pipe *pipe, unsigned int count); /* recv-to-pipe callback */ |
| 322 | int (*snd_pipe)(struct connection *conn, void *xprt_ctx, struct pipe *pipe); /* send-to-pipe callback */ |
| 323 | void (*shutr)(struct connection *conn, void *xprt_ctx, int); /* shutr function */ |
| 324 | void (*shutw)(struct connection *conn, void *xprt_ctx, int); /* shutw function */ |
| 325 | void (*close)(struct connection *conn, void *xprt_ctx); /* close the transport layer */ |
| 326 | int (*init)(struct connection *conn, void **ctx); /* initialize the transport layer */ |
Willy Tarreau | 5aacf78 | 2016-12-22 17:19:24 +0100 | [diff] [blame] | 327 | int (*prepare_bind_conf)(struct bind_conf *conf); /* prepare a whole bind_conf */ |
Willy Tarreau | fa983d3 | 2016-12-22 17:30:20 +0100 | [diff] [blame] | 328 | void (*destroy_bind_conf)(struct bind_conf *conf); /* destroy a whole bind_conf */ |
Willy Tarreau | d84dab7 | 2016-12-22 21:13:18 +0100 | [diff] [blame] | 329 | int (*prepare_srv)(struct server *srv); /* prepare a server context */ |
| 330 | void (*destroy_srv)(struct server *srv); /* destroy a server context */ |
Olivier Houchard | e179d0e | 2019-03-21 18:27:17 +0100 | [diff] [blame] | 331 | int (*get_alpn)(const struct connection *conn, void *xprt_ctx, const char **str, int *len); /* get application layer name */ |
Willy Tarreau | 8e0bb0a | 2016-11-24 16:58:12 +0100 | [diff] [blame] | 332 | char name[8]; /* transport layer name, zero-terminated */ |
Willy Tarreau | ee1a6fc | 2020-01-17 07:52:13 +0100 | [diff] [blame] | 333 | int (*subscribe)(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es); /* Subscribe <es> to events, such as "being able to send" */ |
| 334 | int (*unsubscribe)(struct connection *conn, void *xprt_ctx, int event_type, struct wait_event *es); /* Unsubscribe <es> from events */ |
Olivier Houchard | 5149b59 | 2019-05-23 17:47:36 +0200 | [diff] [blame] | 335 | int (*remove_xprt)(struct connection *conn, void *xprt_ctx, void *toremove_ctx, const struct xprt_ops *newops, void *newctx); /* Remove an xprt from the connection, used by temporary xprt such as the handshake one */ |
Olivier Houchard | 2e05548 | 2019-05-27 19:50:12 +0200 | [diff] [blame] | 336 | int (*add_xprt)(struct connection *conn, void *xprt_ctx, void *toadd_ctx, const struct xprt_ops *toadd_ops, void **oldxprt_ctx, const struct xprt_ops **oldxprt_ops); /* Add a new XPRT as the new xprt, and return the old one */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 337 | }; |
| 338 | |
Olivier Houchard | 9b8e11e | 2019-10-25 16:19:26 +0200 | [diff] [blame] | 339 | enum mux_ctl_type { |
| 340 | MUX_STATUS, /* Expects an int as output, sets it to a combinaison of MUX_STATUS flags */ |
| 341 | }; |
| 342 | |
| 343 | #define MUX_STATUS_READY (1 << 0) |
| 344 | |
Willy Tarreau | 53a4766 | 2017-08-28 10:53:00 +0200 | [diff] [blame] | 345 | /* mux_ops describes the mux operations, which are to be performed at the |
| 346 | * connection level after data are exchanged with the transport layer in order |
| 347 | * to propagate them to streams. The <init> function will automatically be |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 348 | * called once the mux is instantiated by the connection's owner at the end |
Willy Tarreau | 53a4766 | 2017-08-28 10:53:00 +0200 | [diff] [blame] | 349 | * of a transport handshake, when it is about to transfer data and the data |
| 350 | * layer is not ready yet. |
| 351 | */ |
| 352 | struct mux_ops { |
Christopher Faulet | 51f73eb | 2019-04-08 11:22:47 +0200 | [diff] [blame] | 353 | int (*init)(struct connection *conn, struct proxy *prx, struct session *sess, struct buffer *input); /* early initialization */ |
Willy Tarreau | 53a4766 | 2017-08-28 10:53:00 +0200 | [diff] [blame] | 354 | int (*wake)(struct connection *conn); /* mux-layer callback to report activity, mandatory */ |
Willy Tarreau | 7f3225f | 2018-06-19 06:15:17 +0200 | [diff] [blame] | 355 | size_t (*rcv_buf)(struct conn_stream *cs, struct buffer *buf, size_t count, int flags); /* Called from the upper layer to get data */ |
Christopher Faulet | d44a9b3 | 2018-07-27 11:59:41 +0200 | [diff] [blame] | 356 | size_t (*snd_buf)(struct conn_stream *cs, struct buffer *buf, size_t count, int flags); /* Called from the upper layer to send data */ |
Olivier Houchard | 8e61472 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 357 | int (*rcv_pipe)(struct conn_stream *cs, struct pipe *pipe, unsigned int count); /* recv-to-pipe callback */ |
| 358 | int (*snd_pipe)(struct conn_stream *cs, struct pipe *pipe); /* send-to-pipe callback */ |
Willy Tarreau | ecdb3fe | 2017-10-05 15:25:48 +0200 | [diff] [blame] | 359 | void (*shutr)(struct conn_stream *cs, enum cs_shr_mode); /* shutr function */ |
| 360 | void (*shutw)(struct conn_stream *cs, enum cs_shw_mode); /* shutw function */ |
Olivier Houchard | 8e61472 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 361 | |
Olivier Houchard | f502aca | 2018-12-14 19:42:40 +0100 | [diff] [blame] | 362 | struct conn_stream *(*attach)(struct connection *, struct session *sess); /* Create and attach a conn_stream to an outgoing connection */ |
Willy Tarreau | fafd398 | 2018-11-18 21:29:20 +0100 | [diff] [blame] | 363 | const struct conn_stream *(*get_first_cs)(const struct connection *); /* retrieves any valid conn_stream from this connection */ |
Olivier Houchard | 8e61472 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 364 | void (*detach)(struct conn_stream *); /* Detach a conn_stream from an outgoing connection, when the request is done */ |
Willy Tarreau | 83061a8 | 2018-07-13 11:56:34 +0200 | [diff] [blame] | 365 | void (*show_fd)(struct buffer *, struct connection *); /* append some data about connection into chunk for "show fd" */ |
Willy Tarreau | ee1a6fc | 2020-01-17 07:52:13 +0100 | [diff] [blame] | 366 | int (*subscribe)(struct conn_stream *cs, int event_type, struct wait_event *es); /* Subscribe <es> to events, such as "being able to send" */ |
| 367 | int (*unsubscribe)(struct conn_stream *cs, int event_type, struct wait_event *es); /* Unsubscribe <es> from events */ |
Olivier Houchard | d540b36 | 2018-11-05 18:37:53 +0100 | [diff] [blame] | 368 | int (*avail_streams)(struct connection *conn); /* Returns the number of streams still available for a connection */ |
Willy Tarreau | 00f18a3 | 2019-01-26 12:19:01 +0100 | [diff] [blame] | 369 | int (*used_streams)(struct connection *conn); /* Returns the number of streams in use on a connection. */ |
Christopher Faulet | 73c1207 | 2019-04-08 11:23:22 +0200 | [diff] [blame] | 370 | void (*destroy)(void *ctx); /* Let the mux know one of its users left, so it may have to disappear */ |
Olivier Houchard | 9a86fcb | 2018-12-11 16:47:14 +0100 | [diff] [blame] | 371 | void (*reset)(struct connection *conn); /* Reset the mux, because we're re-trying to connect */ |
Christopher Faulet | 3bc1b11 | 2018-11-29 11:29:26 +0100 | [diff] [blame] | 372 | const struct cs_info *(*get_cs_info)(struct conn_stream *cs); /* Return info on the specified conn_stream or NULL if not defined */ |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 373 | int (*ctl)(struct connection *conn, enum mux_ctl_type mux_ctl, void *arg); /* Provides information about the mux */ |
Olivier Houchard | 00bdce2 | 2020-02-19 17:18:57 +0100 | [diff] [blame] | 374 | int (*takeover)(struct connection *conn); /* Attempts to migrate the connection to the current thread */ |
Willy Tarreau | 28f1cb9 | 2017-12-20 16:14:44 +0100 | [diff] [blame] | 375 | unsigned int flags; /* some flags characterizing the mux's capabilities (MX_FL_*) */ |
Willy Tarreau | 53a4766 | 2017-08-28 10:53:00 +0200 | [diff] [blame] | 376 | char name[8]; /* mux layer name, zero-terminated */ |
| 377 | }; |
| 378 | |
Willy Tarreau | 74beec3 | 2012-10-03 00:41:04 +0200 | [diff] [blame] | 379 | /* data_cb describes the data layer's recv and send callbacks which are called |
Willy Tarreau | f7bc57c | 2012-10-03 00:19:48 +0200 | [diff] [blame] | 380 | * when I/O activity was detected after the transport layer is ready. These |
| 381 | * callbacks are supposed to make use of the xprt_ops above to exchange data |
Willy Tarreau | 4aa3683 | 2012-10-02 20:07:22 +0200 | [diff] [blame] | 382 | * from/to buffers and pipes. The <wake> callback is used to report activity |
| 383 | * at the transport layer, which can be a connection opening/close, or any |
Willy Tarreau | 8e3c6ce | 2017-08-28 15:46:01 +0200 | [diff] [blame] | 384 | * data movement. It may abort a connection by returning < 0. |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 385 | */ |
Willy Tarreau | 74beec3 | 2012-10-03 00:41:04 +0200 | [diff] [blame] | 386 | struct data_cb { |
Olivier Houchard | 9aaf778 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 387 | int (*wake)(struct conn_stream *cs); /* data-layer callback to report activity */ |
Willy Tarreau | 8e0bb0a | 2016-11-24 16:58:12 +0100 | [diff] [blame] | 388 | char name[8]; /* data layer name, zero-terminated */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 389 | }; |
| 390 | |
David Carlier | 3015a2e | 2016-07-04 22:51:33 +0100 | [diff] [blame] | 391 | struct my_tcphdr { |
David Carlier | 327298c | 2016-11-20 10:42:38 +0000 | [diff] [blame] | 392 | uint16_t source; |
| 393 | uint16_t dest; |
David Carlier | 3015a2e | 2016-07-04 22:51:33 +0100 | [diff] [blame] | 394 | }; |
| 395 | |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 396 | /* a connection source profile defines all the parameters needed to properly |
| 397 | * bind an outgoing connection for a server or proxy. |
| 398 | */ |
| 399 | |
| 400 | struct conn_src { |
| 401 | unsigned int opts; /* CO_SRC_* */ |
| 402 | int iface_len; /* bind interface name length */ |
| 403 | char *iface_name; /* bind interface name or NULL */ |
| 404 | struct port_range *sport_range; /* optional per-server TCP source ports */ |
| 405 | struct sockaddr_storage source_addr; /* the address to which we want to bind for connect() */ |
Willy Tarreau | 29fbe51 | 2015-08-20 19:35:14 +0200 | [diff] [blame] | 406 | #if defined(CONFIG_HAP_TRANSPARENT) |
Willy Tarreau | ef9a360 | 2012-12-08 22:29:20 +0100 | [diff] [blame] | 407 | struct sockaddr_storage tproxy_addr; /* non-local address we want to bind to for connect() */ |
| 408 | char *bind_hdr_name; /* bind to this header name if defined */ |
| 409 | int bind_hdr_len; /* length of the name of the header above */ |
| 410 | int bind_hdr_occ; /* occurrence number of header above: >0 = from first, <0 = from end, 0=disabled */ |
| 411 | #endif |
| 412 | }; |
| 413 | |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 414 | /* |
| 415 | * This structure describes the elements of a connection relevant to a stream |
| 416 | */ |
| 417 | struct conn_stream { |
| 418 | enum obj_type obj_type; /* differentiates connection from applet context */ |
Willy Tarreau | 5e1cc5e | 2018-03-02 10:43:58 +0100 | [diff] [blame] | 419 | /* 3 bytes hole here */ |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 420 | unsigned int flags; /* CS_FL_* */ |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 421 | struct connection *conn; /* xprt-level connection */ |
Olivier Houchard | e2b40b9 | 2017-09-13 18:30:23 +0200 | [diff] [blame] | 422 | void *data; /* pointer to upper layer's entity (eg: stream interface) */ |
| 423 | const struct data_cb *data_cb; /* data layer callbacks. Must be set before xprt->init() */ |
| 424 | void *ctx; /* mux-specific context */ |
| 425 | }; |
| 426 | |
Christopher Faulet | 3bc1b11 | 2018-11-29 11:29:26 +0100 | [diff] [blame] | 427 | /* |
| 428 | * This structure describes the info related to a conn_stream known by the mux |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 429 | * only but useful for the upper layer. |
Christopher Faulet | 3bc1b11 | 2018-11-29 11:29:26 +0100 | [diff] [blame] | 430 | * For now, only some dates and durations are reported. This structure will |
| 431 | * envolved. But for now, only the bare minimum is referenced. |
| 432 | */ |
| 433 | struct cs_info { |
| 434 | struct timeval create_date; /* Creation date of the conn_stream in user date */ |
| 435 | struct timeval tv_create; /* Creation date of the conn_stream in internal date (monotonic) */ |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 436 | long t_handshake; /* handshake duration, -1 if never occurs */ |
Christopher Faulet | 3bc1b11 | 2018-11-29 11:29:26 +0100 | [diff] [blame] | 437 | long t_idle; /* idle duration, -1 if never occurs */ |
| 438 | }; |
| 439 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 440 | /* This structure describes a connection with its methods and data. |
| 441 | * A connection may be performed to proxy or server via a local or remote |
| 442 | * socket, and can also be made to an internal applet. It can support |
Willy Tarreau | 51c2184 | 2013-09-29 09:06:42 +0200 | [diff] [blame] | 443 | * several transport schemes (raw, ssl, ...). It can support several |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 444 | * connection control schemes, generally a protocol for socket-oriented |
Olivier Houchard | 477902b | 2020-01-22 18:08:48 +0100 | [diff] [blame] | 445 | * connections, but other methods for applets. |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 446 | */ |
| 447 | struct connection { |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 448 | /* first cache line */ |
Willy Tarreau | 51c2184 | 2013-09-29 09:06:42 +0200 | [diff] [blame] | 449 | enum obj_type obj_type; /* differentiates connection from applet context */ |
Willy Tarreau | ad5281c | 2013-12-06 21:09:57 +0100 | [diff] [blame] | 450 | unsigned char err_code; /* CO_ER_* */ |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 451 | signed short send_proxy_ofs; /* <0 = offset to (re)send from the end, >0 = send all (reused for SOCKS4) */ |
Willy Tarreau | b8020ce | 2013-10-24 21:10:08 +0200 | [diff] [blame] | 452 | unsigned int flags; /* CO_FL_* */ |
Willy Tarreau | c578891 | 2012-08-24 18:12:41 +0200 | [diff] [blame] | 453 | const struct protocol *ctrl; /* operations at the socket layer */ |
Willy Tarreau | 378e041 | 2012-10-13 14:33:58 +0200 | [diff] [blame] | 454 | const struct xprt_ops *xprt; /* operations at the transport layer */ |
Ilya Shipitsin | 856aabc | 2020-04-16 23:51:34 +0500 | [diff] [blame] | 455 | const struct mux_ops *mux; /* mux layer operations. Must be set before xprt->init() */ |
Willy Tarreau | 378e041 | 2012-10-13 14:33:58 +0200 | [diff] [blame] | 456 | void *xprt_ctx; /* general purpose pointer, initialized to NULL */ |
Willy Tarreau | 3d2ee55 | 2018-12-19 14:12:10 +0100 | [diff] [blame] | 457 | void *ctx; /* highest level context (usually the mux), initialized to NULL */ |
Olivier Houchard | f3e65b0 | 2018-12-02 00:35:08 +0100 | [diff] [blame] | 458 | void *owner; /* pointer to the owner session, or NULL */ |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 459 | enum obj_type *target; /* the target to connect to (server, proxy, applet, ...) */ |
| 460 | |
| 461 | /* second cache line */ |
Willy Tarreau | 7872d1f | 2020-01-10 07:06:05 +0100 | [diff] [blame] | 462 | struct wait_event *subs; /* Task to wake when awaited events are ready */ |
Olivier Houchard | f0d4dff | 2020-03-06 18:12:03 +0100 | [diff] [blame] | 463 | struct mt_list list; /* attach point to various connection lists (idle, ...) */ |
Olivier Houchard | 00cf70f | 2018-11-30 17:24:55 +0100 | [diff] [blame] | 464 | struct list session_list; /* List of attached connections to a session */ |
Willy Tarreau | 585744b | 2017-08-24 14:31:19 +0200 | [diff] [blame] | 465 | union conn_handle handle; /* connection handle at the socket layer */ |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 466 | const struct netns_entry *proxy_netns; |
Olivier Houchard | 6ff2039 | 2018-07-17 18:46:31 +0200 | [diff] [blame] | 467 | |
| 468 | /* third cache line and beyond */ |
Willy Tarreau | 436d333 | 2017-10-08 11:16:46 +0200 | [diff] [blame] | 469 | void (*destroy_cb)(struct connection *conn); /* callback to notify of imminent death of the connection */ |
Willy Tarreau | 1ef4cbc | 2019-07-17 14:33:15 +0200 | [diff] [blame] | 470 | struct sockaddr_storage *src; /* source address (pool), when known, otherwise NULL */ |
| 471 | struct sockaddr_storage *dst; /* destination address (pool), when known, otherwise NULL */ |
Geoff Simmons | 7185b78 | 2019-08-27 18:31:16 +0200 | [diff] [blame] | 472 | char *proxy_authority; /* Value of authority TLV received via PROXYv2 */ |
Olivier Houchard | 006e310 | 2018-12-10 18:30:32 +0100 | [diff] [blame] | 473 | unsigned int idle_time; /* Time the connection was added to the idle list, or 0 if not in the idle list */ |
Geoff Simmons | 7185b78 | 2019-08-27 18:31:16 +0200 | [diff] [blame] | 474 | uint8_t proxy_authority_len; /* Length of authority TLV received via PROXYv2 */ |
Tim Duesterhus | d1b15b6 | 2020-03-13 12:34:23 +0100 | [diff] [blame] | 475 | struct ist proxy_unique_id; /* Value of the unique ID TLV received via PROXYv2 */ |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 476 | }; |
| 477 | |
Christopher Faulet | 32f61c0 | 2018-04-10 14:33:41 +0200 | [diff] [blame] | 478 | /* PROTO token registration */ |
| 479 | enum proto_proxy_mode { |
| 480 | PROTO_MODE_NONE = 0, |
| 481 | PROTO_MODE_TCP = 1 << 0, // must not be changed! |
| 482 | PROTO_MODE_HTTP = 1 << 1, // must not be changed! |
Christopher Faulet | c985f6c | 2019-07-15 11:42:52 +0200 | [diff] [blame] | 483 | PROTO_MODE_ANY = PROTO_MODE_TCP | PROTO_MODE_HTTP, |
Willy Tarreau | 2386be6 | 2017-09-21 19:40:52 +0200 | [diff] [blame] | 484 | }; |
| 485 | |
Christopher Faulet | 32f61c0 | 2018-04-10 14:33:41 +0200 | [diff] [blame] | 486 | enum proto_proxy_side { |
| 487 | PROTO_SIDE_NONE = 0, |
| 488 | PROTO_SIDE_FE = 1, // same as PR_CAP_FE |
| 489 | PROTO_SIDE_BE = 2, // same as PR_CAP_BE |
| 490 | PROTO_SIDE_BOTH = PROTO_SIDE_FE | PROTO_SIDE_BE, |
Christopher Faulet | 2d5292a | 2018-03-06 14:43:47 +0100 | [diff] [blame] | 491 | }; |
| 492 | |
Christopher Faulet | 32f61c0 | 2018-04-10 14:33:41 +0200 | [diff] [blame] | 493 | struct mux_proto_list { |
Willy Tarreau | 2386be6 | 2017-09-21 19:40:52 +0200 | [diff] [blame] | 494 | const struct ist token; /* token name and length. Empty is catch-all */ |
Christopher Faulet | 32f61c0 | 2018-04-10 14:33:41 +0200 | [diff] [blame] | 495 | enum proto_proxy_mode mode; |
| 496 | enum proto_proxy_side side; |
Willy Tarreau | 2386be6 | 2017-09-21 19:40:52 +0200 | [diff] [blame] | 497 | const struct mux_ops *mux; |
| 498 | struct list list; |
| 499 | }; |
| 500 | |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 501 | /* proxy protocol v2 definitions */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 502 | #define PP2_SIGNATURE "\x0D\x0A\x0D\x0A\x00\x0D\x0A\x51\x55\x49\x54\x0A" |
| 503 | #define PP2_SIGNATURE_LEN 12 |
| 504 | #define PP2_HEADER_LEN 16 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 505 | |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 506 | /* ver_cmd byte */ |
| 507 | #define PP2_CMD_LOCAL 0x00 |
| 508 | #define PP2_CMD_PROXY 0x01 |
| 509 | #define PP2_CMD_MASK 0x0F |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 510 | |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 511 | #define PP2_VERSION 0x20 |
| 512 | #define PP2_VERSION_MASK 0xF0 |
| 513 | |
| 514 | /* fam byte */ |
| 515 | #define PP2_TRANS_UNSPEC 0x00 |
| 516 | #define PP2_TRANS_STREAM 0x01 |
| 517 | #define PP2_TRANS_DGRAM 0x02 |
| 518 | #define PP2_TRANS_MASK 0x0F |
| 519 | |
| 520 | #define PP2_FAM_UNSPEC 0x00 |
| 521 | #define PP2_FAM_INET 0x10 |
| 522 | #define PP2_FAM_INET6 0x20 |
| 523 | #define PP2_FAM_UNIX 0x30 |
| 524 | #define PP2_FAM_MASK 0xF0 |
| 525 | |
| 526 | #define PP2_ADDR_LEN_UNSPEC (0) |
| 527 | #define PP2_ADDR_LEN_INET (4 + 4 + 2 + 2) |
| 528 | #define PP2_ADDR_LEN_INET6 (16 + 16 + 2 + 2) |
| 529 | #define PP2_ADDR_LEN_UNIX (108 + 108) |
| 530 | |
| 531 | #define PP2_HDR_LEN_UNSPEC (PP2_HEADER_LEN + PP2_ADDR_LEN_UNSPEC) |
| 532 | #define PP2_HDR_LEN_INET (PP2_HEADER_LEN + PP2_ADDR_LEN_INET) |
| 533 | #define PP2_HDR_LEN_INET6 (PP2_HEADER_LEN + PP2_ADDR_LEN_INET6) |
| 534 | #define PP2_HDR_LEN_UNIX (PP2_HEADER_LEN + PP2_ADDR_LEN_UNIX) |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 535 | |
| 536 | struct proxy_hdr_v2 { |
| 537 | uint8_t sig[12]; /* hex 0D 0A 0D 0A 00 0D 0A 51 55 49 54 0A */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 538 | uint8_t ver_cmd; /* protocol version and command */ |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 539 | uint8_t fam; /* protocol family and transport */ |
| 540 | uint16_t len; /* number of following bytes part of the header */ |
Willy Tarreau | 8fccfa2 | 2014-06-14 08:28:06 +0200 | [diff] [blame] | 541 | union { |
| 542 | struct { /* for TCP/UDP over IPv4, len = 12 */ |
| 543 | uint32_t src_addr; |
| 544 | uint32_t dst_addr; |
| 545 | uint16_t src_port; |
| 546 | uint16_t dst_port; |
| 547 | } ip4; |
| 548 | struct { /* for TCP/UDP over IPv6, len = 36 */ |
| 549 | uint8_t src_addr[16]; |
| 550 | uint8_t dst_addr[16]; |
| 551 | uint16_t src_port; |
| 552 | uint16_t dst_port; |
| 553 | } ip6; |
| 554 | struct { /* for AF_UNIX sockets, len = 216 */ |
| 555 | uint8_t src_addr[108]; |
| 556 | uint8_t dst_addr[108]; |
| 557 | } unx; |
| 558 | } addr; |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 559 | }; |
| 560 | |
Emmanuel Hocdet | 58118b4 | 2017-10-13 12:15:28 +0200 | [diff] [blame] | 561 | #define PP2_TYPE_ALPN 0x01 |
| 562 | #define PP2_TYPE_AUTHORITY 0x02 |
| 563 | #define PP2_TYPE_CRC32C 0x03 |
| 564 | #define PP2_TYPE_NOOP 0x04 |
Tim Duesterhus | b435f77 | 2020-03-13 12:34:22 +0100 | [diff] [blame] | 565 | #define PP2_TYPE_UNIQUE_ID 0x05 |
Emmanuel Hocdet | 58118b4 | 2017-10-13 12:15:28 +0200 | [diff] [blame] | 566 | #define PP2_TYPE_SSL 0x20 |
| 567 | #define PP2_SUBTYPE_SSL_VERSION 0x21 |
| 568 | #define PP2_SUBTYPE_SSL_CN 0x22 |
| 569 | #define PP2_SUBTYPE_SSL_CIPHER 0x23 |
| 570 | #define PP2_SUBTYPE_SSL_SIG_ALG 0x24 |
| 571 | #define PP2_SUBTYPE_SSL_KEY_ALG 0x25 |
| 572 | #define PP2_TYPE_NETNS 0x30 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 573 | |
KOVACS Krisztian | b3e54fe | 2014-11-17 15:11:45 +0100 | [diff] [blame] | 574 | #define TLV_HEADER_SIZE 3 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 575 | struct tlv { |
| 576 | uint8_t type; |
| 577 | uint8_t length_hi; |
| 578 | uint8_t length_lo; |
| 579 | uint8_t value[0]; |
| 580 | }__attribute__((packed)); |
| 581 | |
| 582 | struct tlv_ssl { |
| 583 | struct tlv tlv; |
| 584 | uint8_t client; |
| 585 | uint32_t verify; |
| 586 | uint8_t sub_tlv[0]; |
| 587 | }__attribute__((packed)); |
| 588 | |
Dave McCowan | 328fb58 | 2014-07-30 10:39:13 -0400 | [diff] [blame] | 589 | #define PP2_CLIENT_SSL 0x01 |
| 590 | #define PP2_CLIENT_CERT_CONN 0x02 |
| 591 | #define PP2_CLIENT_CERT_SESS 0x04 |
David S | afb7683 | 2014-05-08 23:42:08 -0400 | [diff] [blame] | 592 | |
Geoff Simmons | 7185b78 | 2019-08-27 18:31:16 +0200 | [diff] [blame] | 593 | /* Max length of the authority TLV */ |
| 594 | #define PP2_AUTHORITY_MAX 255 |
Olivier Houchard | f886e34 | 2017-04-05 22:24:59 +0200 | [diff] [blame] | 595 | |
| 596 | /* |
| 597 | * Linux seems to be able to send 253 fds per sendmsg(), not sure |
| 598 | * about the other OSes. |
| 599 | */ |
| 600 | /* Max number of file descriptors we send in one sendmsg() */ |
| 601 | #define MAX_SEND_FD 253 |
| 602 | |
Alexander Liu | 2a54bb7 | 2019-05-22 19:44:48 +0800 | [diff] [blame] | 603 | #define SOCKS4_HS_RSP_LEN 8 |
| 604 | |
Willy Tarreau | 56e9c5e | 2012-07-06 09:47:57 +0200 | [diff] [blame] | 605 | #endif /* _TYPES_CONNECTION_H */ |
| 606 | |
| 607 | /* |
| 608 | * Local variables: |
| 609 | * c-indent-level: 8 |
| 610 | * c-basic-offset: 8 |
| 611 | * End: |
| 612 | */ |