12c593315Sopenharmony_ci/*
22c593315Sopenharmony_ci * nghttp2 - HTTP/2 C Library
32c593315Sopenharmony_ci *
42c593315Sopenharmony_ci * Copyright (c) 2015 Tatsuhiro Tsujikawa
52c593315Sopenharmony_ci *
62c593315Sopenharmony_ci * Permission is hereby granted, free of charge, to any person obtaining
72c593315Sopenharmony_ci * a copy of this software and associated documentation files (the
82c593315Sopenharmony_ci * "Software"), to deal in the Software without restriction, including
92c593315Sopenharmony_ci * without limitation the rights to use, copy, modify, merge, publish,
102c593315Sopenharmony_ci * distribute, sublicense, and/or sell copies of the Software, and to
112c593315Sopenharmony_ci * permit persons to whom the Software is furnished to do so, subject to
122c593315Sopenharmony_ci * the following conditions:
132c593315Sopenharmony_ci *
142c593315Sopenharmony_ci * The above copyright notice and this permission notice shall be
152c593315Sopenharmony_ci * included in all copies or substantial portions of the Software.
162c593315Sopenharmony_ci *
172c593315Sopenharmony_ci * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
182c593315Sopenharmony_ci * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
192c593315Sopenharmony_ci * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
202c593315Sopenharmony_ci * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
212c593315Sopenharmony_ci * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
222c593315Sopenharmony_ci * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
232c593315Sopenharmony_ci * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
242c593315Sopenharmony_ci */
252c593315Sopenharmony_ci#ifndef SHRPX_CONNECTION_H
262c593315Sopenharmony_ci#define SHRPX_CONNECTION_H
272c593315Sopenharmony_ci
282c593315Sopenharmony_ci#include "shrpx_config.h"
292c593315Sopenharmony_ci
302c593315Sopenharmony_ci#include <sys/uio.h>
312c593315Sopenharmony_ci
322c593315Sopenharmony_ci#include <ev.h>
332c593315Sopenharmony_ci
342c593315Sopenharmony_ci#include <openssl/ssl.h>
352c593315Sopenharmony_ci
362c593315Sopenharmony_ci#ifdef ENABLE_HTTP3
372c593315Sopenharmony_ci#  include <ngtcp2/ngtcp2_crypto.h>
382c593315Sopenharmony_ci#endif // ENABLE_HTTP3
392c593315Sopenharmony_ci
402c593315Sopenharmony_ci#include "shrpx_rate_limit.h"
412c593315Sopenharmony_ci#include "shrpx_error.h"
422c593315Sopenharmony_ci#include "memchunk.h"
432c593315Sopenharmony_ci
442c593315Sopenharmony_cinamespace shrpx {
452c593315Sopenharmony_ci
462c593315Sopenharmony_cistruct MemcachedRequest;
472c593315Sopenharmony_ci
482c593315Sopenharmony_cinamespace tls {
492c593315Sopenharmony_cistruct TLSSessionCache;
502c593315Sopenharmony_ci} // namespace tls
512c593315Sopenharmony_ci
522c593315Sopenharmony_cienum class TLSHandshakeState {
532c593315Sopenharmony_ci  NORMAL,
542c593315Sopenharmony_ci  WAIT_FOR_SESSION_CACHE,
552c593315Sopenharmony_ci  GOT_SESSION_CACHE,
562c593315Sopenharmony_ci  CANCEL_SESSION_CACHE,
572c593315Sopenharmony_ci  WRITE_STARTED,
582c593315Sopenharmony_ci};
592c593315Sopenharmony_ci
602c593315Sopenharmony_cistruct TLSConnection {
612c593315Sopenharmony_ci  DefaultMemchunks wbuf;
622c593315Sopenharmony_ci  DefaultPeekMemchunks rbuf;
632c593315Sopenharmony_ci  // Stores TLSv1.3 early data.
642c593315Sopenharmony_ci  DefaultMemchunks earlybuf;
652c593315Sopenharmony_ci  SSL *ssl;
662c593315Sopenharmony_ci  SSL_SESSION *cached_session;
672c593315Sopenharmony_ci  MemcachedRequest *cached_session_lookup_req;
682c593315Sopenharmony_ci  tls::TLSSessionCache *client_session_cache;
692c593315Sopenharmony_ci  std::chrono::steady_clock::time_point last_write_idle;
702c593315Sopenharmony_ci  size_t warmup_writelen;
712c593315Sopenharmony_ci  // length passed to SSL_write and SSL_read last time.  This is
722c593315Sopenharmony_ci  // required since these functions require the exact same parameters
732c593315Sopenharmony_ci  // on non-blocking I/O.
742c593315Sopenharmony_ci  size_t last_writelen, last_readlen;
752c593315Sopenharmony_ci  TLSHandshakeState handshake_state;
762c593315Sopenharmony_ci  bool initial_handshake_done;
772c593315Sopenharmony_ci  bool reneg_started;
782c593315Sopenharmony_ci  // true if ssl is prepared to do handshake as server.
792c593315Sopenharmony_ci  bool server_handshake;
802c593315Sopenharmony_ci  // true if ssl is initialized as server, and client requested
812c593315Sopenharmony_ci  // signed_certificate_timestamp extension.
822c593315Sopenharmony_ci  bool sct_requested;
832c593315Sopenharmony_ci  // true if TLSv1.3 early data has been completely received.  Since
842c593315Sopenharmony_ci  // SSL_read_early_data acts like SSL_do_handshake, this field may be
852c593315Sopenharmony_ci  // true even if the negotiated TLS version is TLSv1.2 or earlier.
862c593315Sopenharmony_ci  // This value is also true if this is client side connection for
872c593315Sopenharmony_ci  // convenience.
882c593315Sopenharmony_ci  bool early_data_finish;
892c593315Sopenharmony_ci};
902c593315Sopenharmony_ci
912c593315Sopenharmony_cistruct TCPHint {
922c593315Sopenharmony_ci  size_t write_buffer_size;
932c593315Sopenharmony_ci  uint32_t rwin;
942c593315Sopenharmony_ci};
952c593315Sopenharmony_ci
962c593315Sopenharmony_citemplate <typename T> using EVCb = void (*)(struct ev_loop *, T *, int);
972c593315Sopenharmony_ci
982c593315Sopenharmony_ciusing IOCb = EVCb<ev_io>;
992c593315Sopenharmony_ciusing TimerCb = EVCb<ev_timer>;
1002c593315Sopenharmony_ci
1012c593315Sopenharmony_cistruct Connection {
1022c593315Sopenharmony_ci  Connection(struct ev_loop *loop, int fd, SSL *ssl, MemchunkPool *mcpool,
1032c593315Sopenharmony_ci             ev_tstamp write_timeout, ev_tstamp read_timeout,
1042c593315Sopenharmony_ci             const RateLimitConfig &write_limit,
1052c593315Sopenharmony_ci             const RateLimitConfig &read_limit, IOCb writecb, IOCb readcb,
1062c593315Sopenharmony_ci             TimerCb timeoutcb, void *data, size_t tls_dyn_rec_warmup_threshold,
1072c593315Sopenharmony_ci             ev_tstamp tls_dyn_rec_idle_timeout, Proto proto);
1082c593315Sopenharmony_ci  ~Connection();
1092c593315Sopenharmony_ci
1102c593315Sopenharmony_ci  void disconnect();
1112c593315Sopenharmony_ci
1122c593315Sopenharmony_ci  void prepare_client_handshake();
1132c593315Sopenharmony_ci  void prepare_server_handshake();
1142c593315Sopenharmony_ci
1152c593315Sopenharmony_ci  int tls_handshake();
1162c593315Sopenharmony_ci  int tls_handshake_simple();
1172c593315Sopenharmony_ci  int write_tls_pending_handshake();
1182c593315Sopenharmony_ci
1192c593315Sopenharmony_ci  int check_http2_requirement();
1202c593315Sopenharmony_ci
1212c593315Sopenharmony_ci  // All write_* and writev_clear functions return number of bytes
1222c593315Sopenharmony_ci  // written.  If nothing cannot be written (e.g., there is no
1232c593315Sopenharmony_ci  // allowance in RateLimit or underlying connection blocks), return
1242c593315Sopenharmony_ci  // 0.  SHRPX_ERR_NETWORK is returned in case of error.
1252c593315Sopenharmony_ci  //
1262c593315Sopenharmony_ci  // All read_* functions return number of bytes read.  If nothing
1272c593315Sopenharmony_ci  // cannot be read (e.g., there is no allowance in Ratelimit or
1282c593315Sopenharmony_ci  // underlying connection blocks), return 0.  SHRPX_ERR_EOF is
1292c593315Sopenharmony_ci  // returned in case of EOF and no data was read.  Otherwise
1302c593315Sopenharmony_ci  // SHRPX_ERR_NETWORK is return in case of error.
1312c593315Sopenharmony_ci  ssize_t write_tls(const void *data, size_t len);
1322c593315Sopenharmony_ci  ssize_t read_tls(void *data, size_t len);
1332c593315Sopenharmony_ci
1342c593315Sopenharmony_ci  size_t get_tls_write_limit();
1352c593315Sopenharmony_ci  // Updates the number of bytes written in warm up period.
1362c593315Sopenharmony_ci  void update_tls_warmup_writelen(size_t n);
1372c593315Sopenharmony_ci  // Tells there is no immediate write now.  This triggers timer to
1382c593315Sopenharmony_ci  // determine fallback to short record size mode.
1392c593315Sopenharmony_ci  void start_tls_write_idle();
1402c593315Sopenharmony_ci
1412c593315Sopenharmony_ci  ssize_t write_clear(const void *data, size_t len);
1422c593315Sopenharmony_ci  ssize_t writev_clear(struct iovec *iov, int iovcnt);
1432c593315Sopenharmony_ci  ssize_t read_clear(void *data, size_t len);
1442c593315Sopenharmony_ci  // Read at most |len| bytes of data from socket without rate limit.
1452c593315Sopenharmony_ci  ssize_t read_nolim_clear(void *data, size_t len);
1462c593315Sopenharmony_ci  // Peek at most |len| bytes of data from socket without rate limit.
1472c593315Sopenharmony_ci  ssize_t peek_clear(void *data, size_t len);
1482c593315Sopenharmony_ci
1492c593315Sopenharmony_ci  void handle_tls_pending_read();
1502c593315Sopenharmony_ci
1512c593315Sopenharmony_ci  void set_ssl(SSL *ssl);
1522c593315Sopenharmony_ci
1532c593315Sopenharmony_ci  int get_tcp_hint(TCPHint *hint) const;
1542c593315Sopenharmony_ci
1552c593315Sopenharmony_ci  // These functions are provided for read timer which is frequently
1562c593315Sopenharmony_ci  // restarted.  We do a trick to make a bit more efficient than just
1572c593315Sopenharmony_ci  // calling ev_timer_again().
1582c593315Sopenharmony_ci
1592c593315Sopenharmony_ci  // Restarts read timer with timeout value |t|.
1602c593315Sopenharmony_ci  void again_rt(ev_tstamp t);
1612c593315Sopenharmony_ci  // Restarts read timer without chainging timeout.
1622c593315Sopenharmony_ci  void again_rt();
1632c593315Sopenharmony_ci  // Returns true if read timer expired.
1642c593315Sopenharmony_ci  bool expired_rt();
1652c593315Sopenharmony_ci
1662c593315Sopenharmony_ci#ifdef ENABLE_HTTP3
1672c593315Sopenharmony_ci  // This must be the first member of Connection.
1682c593315Sopenharmony_ci  ngtcp2_crypto_conn_ref conn_ref;
1692c593315Sopenharmony_ci#endif // ENABLE_HTTP3
1702c593315Sopenharmony_ci  TLSConnection tls;
1712c593315Sopenharmony_ci  ev_io wev;
1722c593315Sopenharmony_ci  ev_io rev;
1732c593315Sopenharmony_ci  ev_timer wt;
1742c593315Sopenharmony_ci  ev_timer rt;
1752c593315Sopenharmony_ci  RateLimit wlimit;
1762c593315Sopenharmony_ci  RateLimit rlimit;
1772c593315Sopenharmony_ci  struct ev_loop *loop;
1782c593315Sopenharmony_ci  void *data;
1792c593315Sopenharmony_ci  int fd;
1802c593315Sopenharmony_ci  size_t tls_dyn_rec_warmup_threshold;
1812c593315Sopenharmony_ci  std::chrono::steady_clock::duration tls_dyn_rec_idle_timeout;
1822c593315Sopenharmony_ci  // Application protocol used over the connection.  This field is not
1832c593315Sopenharmony_ci  // used in this object at the moment.  The rest of the program may
1842c593315Sopenharmony_ci  // use this value when it is useful.
1852c593315Sopenharmony_ci  Proto proto;
1862c593315Sopenharmony_ci  // The point of time when last read is observed.  Note: since we use
1872c593315Sopenharmony_ci  // |rt| as idle timer, the activity is not limited to read.
1882c593315Sopenharmony_ci  std::chrono::steady_clock::time_point last_read;
1892c593315Sopenharmony_ci  // Timeout for read timer |rt|.
1902c593315Sopenharmony_ci  ev_tstamp read_timeout;
1912c593315Sopenharmony_ci};
1922c593315Sopenharmony_ci
1932c593315Sopenharmony_ci#ifdef ENABLE_HTTP3
1942c593315Sopenharmony_cistatic_assert(std::is_standard_layout<Connection>::value,
1952c593315Sopenharmony_ci              "Conneciton is not standard layout");
1962c593315Sopenharmony_ci#endif // ENABLE_HTTP3
1972c593315Sopenharmony_ci
1982c593315Sopenharmony_ci// Creates BIO_method shared by all SSL objects.
1992c593315Sopenharmony_ciBIO_METHOD *create_bio_method();
2002c593315Sopenharmony_ci
2012c593315Sopenharmony_ci} // namespace shrpx
2022c593315Sopenharmony_ci
2032c593315Sopenharmony_ci#endif // SHRPX_CONNECTION_H
204