ZNC  trunk
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
Socket.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2004-2018 ZNC, see the NOTICE file for details.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef ZNC_SOCKET_H
18 #define ZNC_SOCKET_H
19 
20 #include <znc/zncconfig.h>
21 #include <znc/Csocket.h>
22 #include <znc/Threads.h>
23 #include <znc/Translation.h>
24 
25 class CModule;
26 
27 class CZNCSock : public Csock, protected CCoreTranslationMixin {
28  public:
29  CZNCSock(int timeout = 60);
30  CZNCSock(const CString& sHost, u_short port, int timeout = 60);
31  ~CZNCSock() {}
32 
33  int ConvertAddress(const struct sockaddr_storage* pAddr, socklen_t iAddrLen,
34  CString& sIP, u_short* piPort) const override;
35 #ifdef HAVE_LIBSSL
36  int VerifyPeerCertificate(int iPreVerify,
37  X509_STORE_CTX* pStoreCTX) override;
38  void SSLHandShakeFinished() override;
39  bool SNIConfigureClient(CString& sHostname) override;
40 #endif
41  void SetHostToVerifySSL(const CString& sHost) {
42  m_sHostToVerifySSL = sHost;
43  }
46  m_ssTrustedFingerprints = ssFPs;
47  }
48 
49  void SetTrustAllCerts(bool bTrustAll) { m_bTrustAllCerts = bTrustAll; }
50  bool GetTrustAllCerts() const { return m_bTrustAllCerts; }
51 
52  void SetTrustPKI(bool bTrustPKI) { m_bTrustPKI = bTrustPKI; }
53  bool GetTrustPKI() const { return m_bTrustPKI; }
54 
55  void SetEncoding(const CString&);
56 
57  virtual CString GetRemoteIP() const { return Csock::GetRemoteIP(); }
58 
59  protected:
60  // All existing errno codes seem to be in range 1-300
61  enum {
62  errnoBadSSLCert = 12569,
63  };
64 
65  private:
66  CString m_sHostToVerifySSL;
67  SCString m_ssTrustedFingerprints;
68  SCString m_ssCertVerificationErrors;
69  bool m_bTrustAllCerts = false;
70  bool m_bTrustPKI = true;
71 };
72 
74 
75 class CSockManager : public TSocketManager<CZNCSock>,
76  private CCoreTranslationMixin {
77  public:
78  CSockManager();
79  virtual ~CSockManager();
80 
81  bool ListenHost(u_short iPort, const CString& sSockName,
82  const CString& sBindHost, bool bSSL = false,
83  int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,
84  u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {
85  CSListener L(iPort, sBindHost);
86 
87  L.SetSockName(sSockName);
88  L.SetIsSSL(bSSL);
89  L.SetTimeout(iTimeout);
90  L.SetMaxConns(iMaxConns);
91 
92 #ifdef HAVE_IPV6
93  switch (eAddr) {
94  case ADDR_IPV4ONLY:
96  break;
97  case ADDR_IPV6ONLY:
99  break;
100  case ADDR_ALL:
102  break;
103  }
104 #endif
105 
106  return Listen(L, pcSock);
107  }
108 
109  bool ListenAll(u_short iPort, const CString& sSockName, bool bSSL = false,
110  int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,
111  u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {
112  return ListenHost(iPort, sSockName, "", bSSL, iMaxConns, pcSock,
113  iTimeout, eAddr);
114  }
115 
116  u_short ListenRand(const CString& sSockName, const CString& sBindHost,
117  bool bSSL = false, int iMaxConns = SOMAXCONN,
118  CZNCSock* pcSock = nullptr, u_int iTimeout = 0,
119  EAddrType eAddr = ADDR_ALL) {
120  unsigned short uPort = 0;
121  CSListener L(0, sBindHost);
122 
123  L.SetSockName(sSockName);
124  L.SetIsSSL(bSSL);
125  L.SetTimeout(iTimeout);
126  L.SetMaxConns(iMaxConns);
127 
128 #ifdef HAVE_IPV6
129  switch (eAddr) {
130  case ADDR_IPV4ONLY:
132  break;
133  case ADDR_IPV6ONLY:
135  break;
136  case ADDR_ALL:
138  break;
139  }
140 #endif
141 
142  Listen(L, pcSock, &uPort);
143 
144  return uPort;
145  }
146 
147  u_short ListenAllRand(const CString& sSockName, bool bSSL = false,
148  int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,
149  u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {
150  return (ListenRand(sSockName, "", bSSL, iMaxConns, pcSock, iTimeout,
151  eAddr));
152  }
153 
154  void Connect(const CString& sHostname, u_short iPort,
155  const CString& sSockName, int iTimeout = 60, bool bSSL = false,
156  const CString& sBindHost = "", CZNCSock* pcSock = nullptr);
157 
158  unsigned int GetAnonConnectionCount(const CString& sIP) const;
159  void DelSockByAddr(Csock* pcSock) override;
160 
161  private:
162  void FinishConnect(const CString& sHostname, u_short iPort,
163  const CString& sSockName, int iTimeout, bool bSSL,
164  const CString& sBindHost, CZNCSock* pcSock);
165 
166  std::map<Csock*, bool /* deleted */> m_InFlightDnsSockets;
167 
168 #ifdef HAVE_PTHREAD
170  friend class CThreadMonitorFD;
171 #endif
172 #ifdef HAVE_THREADED_DNS
173  struct TDNSTask {
174  TDNSTask()
175  : sHostname(""),
176  iPort(0),
177  sSockName(""),
178  iTimeout(0),
179  bSSL(false),
180  sBindhost(""),
181  pcSock(nullptr),
182  bDoneTarget(false),
183  bDoneBind(false),
184  aiTarget(nullptr),
185  aiBind(nullptr) {}
186 
187  TDNSTask(const TDNSTask&) = delete;
188  TDNSTask& operator=(const TDNSTask&) = delete;
189 
190  CString sHostname;
191  u_short iPort;
192  CString sSockName;
193  int iTimeout;
194  bool bSSL;
195  CString sBindhost;
196  CZNCSock* pcSock;
197 
198  bool bDoneTarget;
199  bool bDoneBind;
200  addrinfo* aiTarget;
201  addrinfo* aiBind;
202  };
203  class CDNSJob : public CJob {
204  public:
205  CDNSJob()
206  : sHostname(""),
207  task(nullptr),
208  pManager(nullptr),
209  bBind(false),
210  iRes(0),
211  aiResult(nullptr) {}
212 
213  CDNSJob(const CDNSJob&) = delete;
214  CDNSJob& operator=(const CDNSJob&) = delete;
215 
216  CString sHostname;
217  TDNSTask* task;
218  CSockManager* pManager;
219  bool bBind;
220 
221  int iRes;
222  addrinfo* aiResult;
223 
224  void runThread() override;
225  void runMain() override;
226  };
227  void StartTDNSThread(TDNSTask* task, bool bBind);
228  void SetTDNSThreadFinished(TDNSTask* task, bool bBind, addrinfo* aiResult);
229  static void* TDNSThread(void* argument);
230 #endif
231  protected:
232 };
233 
243 class CSocket : public CZNCSock {
244  public:
249  CSocket(CModule* pModule);
257  CSocket(CModule* pModule, const CString& sHostname, unsigned short uPort,
258  int iTimeout = 60);
259  virtual ~CSocket();
260 
261  CSocket(const CSocket&) = delete;
262  CSocket& operator=(const CSocket&) = delete;
263 
264  using Csock::Connect;
265  using Csock::Listen;
266 
268  void ReachedMaxBuffer() override;
269  void SockError(int iErrno, const CString& sDescription) override;
270 
272  bool ConnectionFrom(const CString& sHost, unsigned short uPort) override;
273 
275  bool Connect(const CString& sHostname, unsigned short uPort,
276  bool bSSL = false, unsigned int uTimeout = 60);
278  bool Listen(unsigned short uPort, bool bSSL, unsigned int uTimeout = 0);
279 
280  // Getters
281  CModule* GetModule() const;
282  // !Getters
283 
284 #ifndef SWIG
285  // Translation. As opposed to CCoreTranslationMixin, this one uses module.mo
286  CString t_s(const CString& sEnglish, const CString& sContext = "") const;
287  CInlineFormatMessage t_f(const CString& sEnglish,
288  const CString& sContext = "") const;
289  CInlineFormatMessage t_p(const CString& sEnglish, const CString& sEnglishes,
290  int iNum, const CString& sContext) const;
291  CDelayedTranslation t_d(const CString& sEnglish,
292  const CString& sContext = "") const;
293 #endif
294 
295  private:
296  protected:
297  CModule*
299 };
300 
305 class CIRCSocket : public CZNCSock {
306  public:
307 #ifdef HAVE_ICU
308 
318  void IcuExtToUCallback(UConverterToUnicodeArgs* toArgs,
319  const char* codeUnits, int32_t length,
320  UConverterCallbackReason reason,
321  UErrorCode* err) override;
322  void IcuExtFromUCallback(UConverterFromUnicodeArgs* fromArgs,
323  const UChar* codeUnits, int32_t length,
324  UChar32 codePoint, UConverterCallbackReason reason,
325  UErrorCode* err) override;
326 #endif
327 };
328 
329 #endif /* ZNC_SOCKET_H */
u_short ListenRand(const CString &sSockName, const CString &sBindHost, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition: Socket.h:116
Ease of use templated socket manager.
Definition: Csocket.h:1655
EAddrType
Definition: Socket.h:73
Definition: Csocket.h:223
bool GetTrustPKI() const
Definition: Socket.h:53
void IcuExtFromUCallback(UConverterFromUnicodeArgs *fromArgs, const UChar *codeUnits, int32_t length, UChar32 codePoint, UConverterCallbackReason reason, UErrorCode *err) override
void SetSSLTrustedPeerFingerprints(const SCString &ssFPs)
Definition: Socket.h:45
int VerifyPeerCertificate(int iPreVerify, X509_STORE_CTX *pStoreCTX) override
this is hooked in via SSL_set_verify, and be default it just returns 1 meaning success ...
A job is a task which should run without blocking the main thread.
Definition: Threads.h:67
bool ListenHost(u_short iPort, const CString &sSockName, const CString &sBindHost, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition: Socket.h:81
CModule * GetModule() const
void SetTimeout(uint32_t i)
sets the listen timeout. The listener class will close after timeout has been reached if not 0 ...
Definition: Csocket.h:1408
CString GetSSLPeerFingerprint() const
CS_STRING GetRemoteIP() const
CZNCSock(int timeout=60)
CString t_s(const CString &sEnglish, const CString &sContext="") const
Base IRC socket for client<->ZNC, and ZNC<->server.
Definition: Socket.h:305
CDelayedTranslation t_d(const CString &sEnglish, const CString &sContext="") const
virtual CString GetRemoteIP() const
Definition: Socket.h:57
friend class CThreadMonitorFD
Definition: Socket.h:169
u_short ListenAllRand(const CString &sSockName, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition: Socket.h:147
void Connect(const CString &sHostname, u_short iPort, const CString &sSockName, int iTimeout=60, bool bSSL=false, const CString &sBindHost="", CZNCSock *pcSock=nullptr)
Definition: Socket.h:75
void SetTrustPKI(bool bTrustPKI)
Definition: Socket.h:52
bool ConnectionFrom(const CString &sHost, unsigned short uPort) override
This limits the global connections from this IP to defeat DoS attacks, feel free to override...
std::set< CString > SCString
Definition: ZNCString.h:35
Definition: Socket.h:27
CSocket(CModule *pModule)
ctor
Base Csock implementation to be used by modules.
Definition: Socket.h:243
int ConvertAddress(const struct sockaddr_storage *pAddr, socklen_t iAddrLen, CString &sIP, u_short *piPort) const override
Definition: Csocket.h:225
void SockError(int iErrno, const CString &sDescription) override
Basic socket class.
Definition: Csocket.h:564
Definition: Translation.h:70
void SetAFRequire(CSSockAddr::EAFRequire iAFRequire)
sets the AF family type required
Definition: Csocket.h:1410
void ReachedMaxBuffer() override
This defaults to closing the socket, feel free to override.
String class that is used inside ZNC.
Definition: ZNCString.h:68
void IcuExtToUCallback(UConverterToUnicodeArgs *toArgs, const char *codeUnits, int32_t length, UConverterCallbackReason reason, UErrorCode *err) override
Allow IRC control characters to appear even if protocol encoding explicitly disallows them...
bool Listen(unsigned short uPort, bool bSSL, unsigned int uTimeout=0)
Ease of use Listen, assigned to the manager and is subsequently tracked.
void SetMaxConns(int i)
set max connections as called by accept()
Definition: Csocket.h:1406
The base class for your own ZNC modules.
Definition: Modules.h:407
Definition: Socket.h:73
virtual bool Listen(const CSListener &cListen, Csock *pcSock=NULL, uint16_t *piRandPort=NULL)
Sets up a listening socket.
options container to create a listener
Definition: Csocket.h:1355
Definition: Socket.h:73
CInlineFormatMessage t_p(const CString &sEnglish, const CString &sEnglishes, int iNum, const CString &sContext) const
Definition: Socket.h:62
virtual bool Listen(uint16_t iPort, int iMaxConns=SOMAXCONN, const CS_STRING &sBindHost="", uint32_t iTimeout=0, bool bDetach=false)
Listens for connections.
CSocket & operator=(const CSocket &)=delete
void SetSockName(const CS_STRING &sSockName)
sets the sock name for later reference (ie FindSockByName)
Definition: Csocket.h:1400
virtual ~CSockManager()
Definition: Socket.h:73
unsigned int GetAnonConnectionCount(const CString &sIP) const
void DelSockByAddr(Csock *pcSock) override
Delete a sock by addr its position is looked up the socket is deleted, the appropriate call backs are...
void SSLHandShakeFinished() override
called once the SSL handshake is complete, this is triggered via SSL_CB_HANDSHAKE_DONE in SSL_set_inf...
void SetTrustAllCerts(bool bTrustAll)
Definition: Socket.h:49
CModule * m_pModule
pointer to the module that this sock instance belongs to
Definition: Socket.h:298
bool ListenAll(u_short iPort, const CString &sSockName, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition: Socket.h:109
void SetEncoding(const CString &)
void SetHostToVerifySSL(const CString &sHost)
Definition: Socket.h:41
Definition: Csocket.h:227
bool SNIConfigureClient(CString &sHostname) override
bool GetTrustAllCerts() const
Definition: Socket.h:50
~CZNCSock()
Definition: Socket.h:31
CInlineFormatMessage t_f(const CString &sEnglish, const CString &sContext="") const
virtual bool Connect()
Create the connection, this is used by the socket manager, and shouldn't be called directly by the us...
Definition: ZNCString.h:673
void SetIsSSL(bool b)
set to true to enable SSL
Definition: Csocket.h:1404
virtual ~CSocket()
Definition: Translation.h:104