• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * nghttp2 - HTTP/2 C Library
3  *
4  * Copyright (c) 2015 Tatsuhiro Tsujikawa
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining
7  * a copy of this software and associated documentation files (the
8  * "Software"), to deal in the Software without restriction, including
9  * without limitation the rights to use, copy, modify, merge, publish,
10  * distribute, sublicense, and/or sell copies of the Software, and to
11  * permit persons to whom the Software is furnished to do so, subject to
12  * the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be
15  * included in all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
21  * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
22  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
23  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24  */
25 #ifndef SHRPX_CONNECTION_H
26 #define SHRPX_CONNECTION_H
27 
28 #include "shrpx_config.h"
29 
30 #include <sys/uio.h>
31 
32 #include <ev.h>
33 
34 #include <openssl/ssl.h>
35 
36 #ifdef ENABLE_HTTP3
37 #  include <ngtcp2/ngtcp2_crypto.h>
38 #endif // ENABLE_HTTP3
39 
40 #include "shrpx_rate_limit.h"
41 #include "shrpx_error.h"
42 #include "memchunk.h"
43 
44 namespace shrpx {
45 
46 struct MemcachedRequest;
47 
48 namespace tls {
49 struct TLSSessionCache;
50 } // namespace tls
51 
52 enum class TLSHandshakeState {
53   NORMAL,
54   WAIT_FOR_SESSION_CACHE,
55   GOT_SESSION_CACHE,
56   CANCEL_SESSION_CACHE,
57   WRITE_STARTED,
58 };
59 
60 struct TLSConnection {
61   DefaultMemchunks wbuf;
62   DefaultPeekMemchunks rbuf;
63   // Stores TLSv1.3 early data.
64   DefaultMemchunks earlybuf;
65   SSL *ssl;
66   SSL_SESSION *cached_session;
67   MemcachedRequest *cached_session_lookup_req;
68   tls::TLSSessionCache *client_session_cache;
69   std::chrono::steady_clock::time_point last_write_idle;
70   size_t warmup_writelen;
71   // length passed to SSL_write and SSL_read last time.  This is
72   // required since these functions require the exact same parameters
73   // on non-blocking I/O.
74   size_t last_writelen, last_readlen;
75   TLSHandshakeState handshake_state;
76   bool initial_handshake_done;
77   bool reneg_started;
78   // true if ssl is prepared to do handshake as server.
79   bool server_handshake;
80   // true if ssl is initialized as server, and client requested
81   // signed_certificate_timestamp extension.
82   bool sct_requested;
83   // true if TLSv1.3 early data has been completely received.  Since
84   // SSL_read_early_data acts like SSL_do_handshake, this field may be
85   // true even if the negotiated TLS version is TLSv1.2 or earlier.
86   // This value is also true if this is client side connection for
87   // convenience.
88   bool early_data_finish;
89 };
90 
91 struct TCPHint {
92   size_t write_buffer_size;
93   uint32_t rwin;
94 };
95 
96 template <typename T> using EVCb = void (*)(struct ev_loop *, T *, int);
97 
98 using IOCb = EVCb<ev_io>;
99 using TimerCb = EVCb<ev_timer>;
100 
101 struct Connection {
102   Connection(struct ev_loop *loop, int fd, SSL *ssl, MemchunkPool *mcpool,
103              ev_tstamp write_timeout, ev_tstamp read_timeout,
104              const RateLimitConfig &write_limit,
105              const RateLimitConfig &read_limit, IOCb writecb, IOCb readcb,
106              TimerCb timeoutcb, void *data, size_t tls_dyn_rec_warmup_threshold,
107              ev_tstamp tls_dyn_rec_idle_timeout, Proto proto);
108   ~Connection();
109 
110   void disconnect();
111 
112   void prepare_client_handshake();
113   void prepare_server_handshake();
114 
115   int tls_handshake();
116   int tls_handshake_simple();
117   int write_tls_pending_handshake();
118 
119   int check_http2_requirement();
120 
121   // All write_* and writev_clear functions return number of bytes
122   // written.  If nothing cannot be written (e.g., there is no
123   // allowance in RateLimit or underlying connection blocks), return
124   // 0.  SHRPX_ERR_NETWORK is returned in case of error.
125   //
126   // All read_* functions return number of bytes read.  If nothing
127   // cannot be read (e.g., there is no allowance in Ratelimit or
128   // underlying connection blocks), return 0.  SHRPX_ERR_EOF is
129   // returned in case of EOF and no data was read.  Otherwise
130   // SHRPX_ERR_NETWORK is return in case of error.
131   ssize_t write_tls(const void *data, size_t len);
132   ssize_t read_tls(void *data, size_t len);
133 
134   size_t get_tls_write_limit();
135   // Updates the number of bytes written in warm up period.
136   void update_tls_warmup_writelen(size_t n);
137   // Tells there is no immediate write now.  This triggers timer to
138   // determine fallback to short record size mode.
139   void start_tls_write_idle();
140 
141   ssize_t write_clear(const void *data, size_t len);
142   ssize_t writev_clear(struct iovec *iov, int iovcnt);
143   ssize_t read_clear(void *data, size_t len);
144   // Read at most |len| bytes of data from socket without rate limit.
145   ssize_t read_nolim_clear(void *data, size_t len);
146   // Peek at most |len| bytes of data from socket without rate limit.
147   ssize_t peek_clear(void *data, size_t len);
148 
149   void handle_tls_pending_read();
150 
151   void set_ssl(SSL *ssl);
152 
153   int get_tcp_hint(TCPHint *hint) const;
154 
155   // These functions are provided for read timer which is frequently
156   // restarted.  We do a trick to make a bit more efficient than just
157   // calling ev_timer_again().
158 
159   // Restarts read timer with timeout value |t|.
160   void again_rt(ev_tstamp t);
161   // Restarts read timer without chainging timeout.
162   void again_rt();
163   // Returns true if read timer expired.
164   bool expired_rt();
165 
166 #ifdef ENABLE_HTTP3
167   // This must be the first member of Connection.
168   ngtcp2_crypto_conn_ref conn_ref;
169 #endif // ENABLE_HTTP3
170   TLSConnection tls;
171   ev_io wev;
172   ev_io rev;
173   ev_timer wt;
174   ev_timer rt;
175   RateLimit wlimit;
176   RateLimit rlimit;
177   struct ev_loop *loop;
178   void *data;
179   int fd;
180   size_t tls_dyn_rec_warmup_threshold;
181   std::chrono::steady_clock::duration tls_dyn_rec_idle_timeout;
182   // Application protocol used over the connection.  This field is not
183   // used in this object at the moment.  The rest of the program may
184   // use this value when it is useful.
185   Proto proto;
186   // The point of time when last read is observed.  Note: since we use
187   // |rt| as idle timer, the activity is not limited to read.
188   std::chrono::steady_clock::time_point last_read;
189   // Timeout for read timer |rt|.
190   ev_tstamp read_timeout;
191 };
192 
193 #ifdef ENABLE_HTTP3
194 static_assert(std::is_standard_layout<Connection>::value,
195               "Conneciton is not standard layout");
196 #endif // ENABLE_HTTP3
197 
198 // Creates BIO_method shared by all SSL objects.
199 BIO_METHOD *create_bio_method();
200 
201 } // namespace shrpx
202 
203 #endif // SHRPX_CONNECTION_H
204