diff options
author | Stefan Eissing <stefan@eissing.org> | 2022-11-11 11:45:34 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2022-11-11 15:17:51 +0100 |
commit | dafdb20a26d0c890e83dea61a104b75408481ebd (patch) | |
tree | 40824f46de18cb7b7b47fb06a3be624c9c06961b /lib/cfilters.c | |
parent | 89ee5cfb38b22f9ff68c34aa55ca2c242be90826 (diff) | |
download | curl-dafdb20a26d0c890e83dea61a104b75408481ebd.tar.gz |
lib: connection filters (cfilter) addition to curl:
- general construct/destroy in connectdata
- default implementations of callback functions
- connect: cfilters for connect and accept
- socks: cfilter for socks proxying
- http_proxy: cfilter for http proxy tunneling
- vtls: cfilters for primary and proxy ssl
- change in general handling of data/conn
- Curl_cfilter_setup() sets up filter chain based on data settings,
if none are installed by the protocol handler setup
- Curl_cfilter_connect() boot straps filters into `connected` status,
used by handlers and multi to reach further stages
- Curl_cfilter_is_connected() to check if a conn is connected,
e.g. all filters have done their work
- Curl_cfilter_get_select_socks() gets the sockets and READ/WRITE
indicators for multi select to work
- Curl_cfilter_data_pending() asks filters if the have incoming
data pending for recv
- Curl_cfilter_recv()/Curl_cfilter_send are the general callbacks
installed in conn->recv/conn->send for io handling
- Curl_cfilter_attach_data()/Curl_cfilter_detach_data() inform filters
and addition/removal of a `data` from their connection
- adding vtl functions to prevent use of Curl_ssl globals directly
in other parts of the code.
Reviewed-by: Daniel Stenberg
Closes #9855
Diffstat (limited to 'lib/cfilters.c')
-rw-r--r-- | lib/cfilters.c | 435 |
1 files changed, 435 insertions, 0 deletions
diff --git a/lib/cfilters.c b/lib/cfilters.c new file mode 100644 index 000000000..822a9f504 --- /dev/null +++ b/lib/cfilters.c @@ -0,0 +1,435 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ + +#include "curl_setup.h" + +#include "urldata.h" +#include "strerror.h" +#include "cfilters.h" +#include "connect.h" +#include "url.h" /* for Curl_safefree() */ +#include "sendf.h" +#include "sockaddr.h" /* required for Curl_sockaddr_storage */ +#include "multiif.h" +#include "progress.h" +#include "warnless.h" +#include "http_proxy.h" +#include "socks.h" +#include "vtls/vtls.h" + +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" +#include "curl_memory.h" +#include "memdebug.h" + +#ifndef ARRAYSIZE +#define ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0])) +#endif + +#ifdef DEBUGBUILD +static void cf_debug(struct Curl_easy *data, const char *fname, + struct connectdata *conn, int index, CURLcode result) +{ + struct Curl_cfilter *cf; + char chain[128]; + size_t offset = 0, len; + + for(cf = conn->cfilter[index]; cf; cf = cf->next) { + len = strlen(cf->cft->name); + if(offset + len + 2 > sizeof(chain)) + break; + if(offset) { + chain[offset++] = '.'; + } + strcpy(chain + offset, cf->cft->name); + offset += len; + } + chain[offset] = 0; + infof(data, "%s(handle=%p, cfilter%d=[%s]) -> %d", + fname, data, index, chain, result); +} + +#endif + +void Curl_cf_def_destroy(struct Curl_cfilter *cf, struct Curl_easy *data) +{ + (void)cf; + (void)data; +} + +CURLcode Curl_cf_def_setup(struct Curl_cfilter *cf, + struct Curl_easy *data, + const struct Curl_dns_entry *remotehost) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->setup(cf->next, data, remotehost); +} + +void Curl_cf_def_attach_data(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + (void)cf; + (void)data; +} + +void Curl_cf_def_detach_data(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + (void)cf; + (void)data; +} + +void Curl_cf_def_close(struct Curl_cfilter *cf, struct Curl_easy *data) +{ + DEBUGASSERT(cf->next); + cf->connected = FALSE; + cf->next->cft->close(cf->next, data); +} + +CURLcode Curl_cf_def_connect(struct Curl_cfilter *cf, + struct Curl_easy *data, + bool blocking, bool *done) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->connect(cf->next, data, blocking, done); +} + +int Curl_cf_def_get_select_socks(struct Curl_cfilter *cf, + struct Curl_easy *data, + curl_socket_t *socks) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->get_select_socks(cf->next, data, socks); +} + +bool Curl_cf_def_data_pending(struct Curl_cfilter *cf, + const struct Curl_easy *data) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->has_data_pending(cf->next, data); +} + +ssize_t Curl_cf_def_send(struct Curl_cfilter *cf, struct Curl_easy *data, + const void *buf, size_t len, CURLcode *err) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->do_send(cf->next, data, buf, len, err); +} + +ssize_t Curl_cf_def_recv(struct Curl_cfilter *cf, struct Curl_easy *data, + char *buf, size_t len, CURLcode *err) +{ + DEBUGASSERT(cf->next); + return cf->next->cft->do_recv(cf->next, data, buf, len, err); +} + +void Curl_cfilter_destroy(struct Curl_easy *data, + struct connectdata *conn, int index) +{ + struct Curl_cfilter *cfn, *cf = conn->cfilter[index]; + + if(cf) { + DEBUGF(infof(data, "Curl_cfilter_destroy(handle=%p, connection=%ld, " + "index=%d)", data, conn->connection_id, index)); + conn->cfilter[index] = NULL; + while(cf) { + cfn = cf->next; + cf->cft->destroy(cf, data); + free(cf); + cf = cfn; + } + } +} + +void Curl_cfilter_close(struct Curl_easy *data, + struct connectdata *conn, int index) +{ + struct Curl_cfilter *cf; + + DEBUGASSERT(conn); + /* it is valid to call that without filters being present */ + cf = conn->cfilter[index]; + if(cf) { + DEBUGF(infof(data, "Curl_cfilter_close(handle=%p, index=%d)", + data, index)); + cf->cft->close(cf, data); + } +} + +ssize_t Curl_cfilter_recv(struct Curl_easy *data, int num, char *buf, + size_t len, CURLcode *code) +{ + struct Curl_cfilter *cf; + ssize_t nread; + + DEBUGASSERT(data); + DEBUGASSERT(data->conn); + cf = data->conn->cfilter[num]; + while(cf && !cf->connected) { + cf = cf->next; + } + if(cf) { + nread = cf->cft->do_recv(cf, data, buf, len, code); + /* DEBUGF(infof(data, "Curl_cfilter_recv(handle=%p, index=%d)" + "-> %ld, err=%d", data, num, nread, *code));*/ + return nread; + } + failf(data, "no filter connected, conn=%ld, sockindex=%d", + data->conn->connection_id, num); + *code = CURLE_FAILED_INIT; + return -1; +} + +ssize_t Curl_cfilter_send(struct Curl_easy *data, int num, + const void *mem, size_t len, CURLcode *code) +{ + struct Curl_cfilter *cf; + ssize_t nwritten; + + DEBUGASSERT(data); + DEBUGASSERT(data->conn); + cf = data->conn->cfilter[num]; + while(cf && !cf->connected) { + cf = cf->next; + } + if(cf) { + nwritten = cf->cft->do_send(cf, data, mem, len, code); + /* DEBUGF(infof(data, "Curl_cfilter_send(handle=%p, index=%d, len=%ld)" + " -> %ld, err=%d", data, num, len, nwritten, *code));*/ + return nwritten; + } + failf(data, "no filter connected, conn=%ld, sockindex=%d", + data->conn->connection_id, num); + *code = CURLE_FAILED_INIT; + return -1; +} + +CURLcode Curl_cfilter_create(struct Curl_cfilter **pcf, + struct Curl_easy *data, + struct connectdata *conn, + int sockindex, + const struct Curl_cftype *cft, + void *ctx) +{ + struct Curl_cfilter *cf; + CURLcode result = CURLE_OUT_OF_MEMORY; + + (void)data; + (void)conn; + DEBUGASSERT(cft); + cf = calloc(sizeof(*cf), 1); + if(!cf) + goto out; + + cf->cft = cft; + cf->conn = conn; + cf->sockindex = sockindex; + cf->ctx = ctx; + result = CURLE_OK; +out: + *pcf = cf; + return result; +} + +void Curl_cfilter_add(struct Curl_easy *data, struct connectdata *conn, + int index, struct Curl_cfilter *cf) +{ + (void)data; + DEBUGF(infof(data, "Curl_cfilter_add(conn=%ld, index=%d, filter=%s)", + conn->connection_id, index, cf->cft->name)); + + cf->next = conn->cfilter[index]; + cf->conn = conn; + cf->sockindex = index; + conn->cfilter[index] = cf; +} + +CURLcode Curl_cfilter_setup(struct Curl_easy *data, + struct connectdata *conn, int sockindex, + const struct Curl_dns_entry *remotehost, + int ssl_mode) +{ + struct Curl_cfilter *cf; + CURLcode result; + + DEBUGASSERT(data); + /* If no filter is set, we have the "default" setup of connection filters. + * The filter chain from botton to top will be: + * - SOCKET socket filter for outgoing connection to remotehost + * if http_proxy tunneling is engaged: + * - SSL if proxytype is CURLPROXY_HTTPS + * - HTTP_PROXY_TUNNEL + * otherwise, if socks_proxy is engaged: + * - SOCKS_PROXY_TUNNEL + * - SSL if conn->handler has PROTOPT_SSL + */ + if(!conn->cfilter[sockindex]) { + DEBUGF(infof(data, "Curl_cfilter_setup(conn #%ld, index=%d)", + conn->connection_id, sockindex)); + result = Curl_cfilter_socket_set(data, conn, sockindex); + if(result) + goto out; + +#ifndef CURL_DISABLE_PROXY + if(conn->bits.socksproxy) { + result = Curl_cfilter_socks_proxy_add(data, conn, sockindex); + if(result) + goto out; + } + + if(conn->bits.httpproxy) { +#ifdef USE_SSL + if(conn->http_proxy.proxytype == CURLPROXY_HTTPS) { + result = Curl_cfilter_ssl_proxy_add(data, conn, sockindex); + if(result) + goto out; + } +#endif /* USE_SSL */ + +#if !defined(CURL_DISABLE_HTTP) + if(conn->bits.tunnel_proxy) { + result = Curl_cfilter_http_proxy_add(data, conn, sockindex); + if(result) + goto out; + } +#endif /* !CURL_DISABLE_HTTP */ + } +#endif /* !CURL_DISABLE_PROXY */ + +#ifdef USE_SSL + if(ssl_mode == CURL_CF_SSL_ENABLE + || (ssl_mode != CURL_CF_SSL_DISABLE + && conn->handler->flags & PROTOPT_SSL)) { + result = Curl_cfilter_ssl_add(data, conn, sockindex); + if(result) + goto out; + } +#else + (void)ssl_mode; +#endif /* USE_SSL */ + } + DEBUGASSERT(conn->cfilter[sockindex]); + cf = data->conn->cfilter[sockindex]; + result = cf->cft->setup(cf, data, remotehost); +out: + DEBUGF(cf_debug(data, "Curl_cfilter_setup", conn, sockindex, result)); + return result; +} + +CURLcode Curl_cfilter_connect(struct Curl_easy *data, + struct connectdata *conn, int sockindex, + bool blocking, bool *done) +{ + struct Curl_cfilter *cf; + CURLcode result; + + DEBUGASSERT(data); + + cf = conn->cfilter[sockindex]; + DEBUGASSERT(cf); + result = cf->cft->connect(cf, data, blocking, done); + + DEBUGF(infof(data, "Curl_cfilter_connect(handle=%p, index=%d, block=%d) " + "-> %d, done=%d", data, sockindex, blocking, result, *done)); + return result; +} + +bool Curl_cfilter_is_connected(struct Curl_easy *data, + struct connectdata *conn, int sockindex) +{ + struct Curl_cfilter *cf; + + (void)data; + cf = conn->cfilter[sockindex]; + return cf && cf->connected; +} + +bool Curl_cfilter_data_pending(const struct Curl_easy *data, + struct connectdata *conn, int sockindex) +{ + struct Curl_cfilter *cf; + + DEBUGASSERT(data); + cf = conn->cfilter[sockindex]; + while(cf && !cf->connected) { + cf = cf->next; + } + if(cf) { + return cf->cft->has_data_pending(cf, data); + } + return FALSE; +} + +int Curl_cfilter_get_select_socks(struct Curl_easy *data, + struct connectdata *conn, int sockindex, + curl_socket_t *socks) +{ + struct Curl_cfilter *cf; + + DEBUGASSERT(data); + cf = conn->cfilter[sockindex]; + if(cf) { + return cf->cft->get_select_socks(cf, data, socks); + } + return GETSOCK_BLANK; +} + +void Curl_cfilter_attach_data(struct connectdata *conn, + struct Curl_easy *data) +{ + size_t i; + struct Curl_cfilter *cf; + + for(i = 0; i < ARRAYSIZE(conn->cfilter); ++i) { + cf = conn->cfilter[i]; + if(cf) { + DEBUGF(infof(data, "Curl_cfilter_attach(handle=%p, connection=%ld, " + "index=%d)", data, conn->connection_id, i)); + while(cf) { + cf->cft->attach_data(cf, data); + cf = cf->next; + } + } + } +} + +void Curl_cfilter_detach_data(struct connectdata *conn, + struct Curl_easy *data) +{ + size_t i; + struct Curl_cfilter *cf; + + for(i = 0; i < ARRAYSIZE(conn->cfilter); ++i) { + cf = conn->cfilter[i]; + if(cf) { + DEBUGF(infof(data, "Curl_cfilter_detach(handle=%p, connection=%ld, " + "index=%d)", data, conn->connection_id, i)); + while(cf) { + cf->cft->detach_data(cf, data); + cf = cf->next; + } + } + } +} + |