Socket_8h_source.html

/*

 * Copyright (C) 2004-2025 ZNC, see the NOTICE file for details.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */


#ifndef ZNC_SOCKET_H

#define ZNC_SOCKET_H


#include <znc/zncconfig.h>

#include <znc/Csocket.h>

#include <znc/Threads.h>

#include <znc/Translation.h>


class CModule;


class CZNCSock : public Csock, protected CCoreTranslationMixin {

  public:

    CZNCSock(int timeout = 60);

    CZNCSock(const CString& sHost, u_short port, int timeout = 60);

    ~CZNCSock() {}


    int ConvertAddress(const struct sockaddr_storage* pAddr, socklen_t iAddrLen,

                       CString& sIP, u_short* piPort) const override;

#ifdef HAVE_LIBSSL

    int VerifyPeerCertificate(int iPreVerify,

                              X509_STORE_CTX* pStoreCTX) override;

    void SSLHandShakeFinished() override;

    bool CheckSSLCert(X509* pCert);

    virtual void SSLCertError(X509* pCert) {}

    bool SNIConfigureClient(CString& sHostname) override;

    CString GetSSLPeerFingerprint(X509* pCert = nullptr) const;

#else

    CString GetSSLPeerFingerprint() const { return ""; }

#endif


    void SetHostToVerifySSL(const CString& sHost) {

        m_sHostToVerifySSL = sHost;

    }


    void SetSSLTrustedPeerFingerprints(const SCString& ssFPs) {

        m_ssTrustedFingerprints = ssFPs;

    }


    void SetTrustAllCerts(bool bTrustAll) { m_bTrustAllCerts = bTrustAll; }

    bool GetTrustAllCerts() const { return m_bTrustAllCerts; }


    void SetTrustPKI(bool bTrustPKI) { m_bTrustPKI = bTrustPKI; }

    bool GetTrustPKI() const { return m_bTrustPKI; }


    void SetEncoding(const CString&);


    virtual CString GetRemoteIP() const { return Csock::GetRemoteIP(); }


  protected:

    // All existing errno codes seem to be in range 1-300

    enum {

        errnoBadSSLCert = 12569,

    };


  private:

    CString m_sHostToVerifySSL;

    SCString m_ssTrustedFingerprints;

    SCString m_ssCertVerificationErrors;

    bool m_bTrustAllCerts = false;

    bool m_bTrustPKI = true;

};


enum EAddrType { ADDR_IPV4ONLY, ADDR_IPV6ONLY, ADDR_ALL };


class CSockManager : public TSocketManager<CZNCSock>,

                     private CCoreTranslationMixin {

  public:

    CSockManager();

    virtual ~CSockManager();


    bool ListenHost(u_short iPort, const CString& sSockName,

                    const CString& sBindHost, bool bSSL = false,

                    int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,

                    u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {

        CSListener L(iPort, sBindHost);


        L.SetSockName(sSockName);

        L.SetIsSSL(bSSL);

        L.SetTimeout(iTimeout);

        L.SetMaxConns(iMaxConns);


#ifdef HAVE_IPV6

        switch (eAddr) {

            case ADDR_IPV4ONLY:

                L.SetAFRequire(CSSockAddr::RAF_INET);

                break;

            case ADDR_IPV6ONLY:

                L.SetAFRequire(CSSockAddr::RAF_INET6);

                break;

            case ADDR_ALL:

                L.SetAFRequire(CSSockAddr::RAF_ANY);

                break;

        }

#endif


        return Listen(L, pcSock);

    }


    bool ListenAll(u_short iPort, const CString& sSockName, bool bSSL = false,

                   int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,

                   u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {

        return ListenHost(iPort, sSockName, "", bSSL, iMaxConns, pcSock,

                          iTimeout, eAddr);

    }


    u_short ListenRand(const CString& sSockName, const CString& sBindHost,

                       bool bSSL = false, int iMaxConns = SOMAXCONN,

                       CZNCSock* pcSock = nullptr, u_int iTimeout = 0,

                       EAddrType eAddr = ADDR_ALL) {

        unsigned short uPort = 0;

        CSListener L(0, sBindHost);


        L.SetSockName(sSockName);

        L.SetIsSSL(bSSL);

        L.SetTimeout(iTimeout);

        L.SetMaxConns(iMaxConns);


#ifdef HAVE_IPV6

        switch (eAddr) {

            case ADDR_IPV4ONLY:

                L.SetAFRequire(CSSockAddr::RAF_INET);

                break;

            case ADDR_IPV6ONLY:

                L.SetAFRequire(CSSockAddr::RAF_INET6);

                break;

            case ADDR_ALL:

                L.SetAFRequire(CSSockAddr::RAF_ANY);

                break;

        }

#endif


        Listen(L, pcSock, &uPort);


        return uPort;

    }


    u_short ListenAllRand(const CString& sSockName, bool bSSL = false,

                          int iMaxConns = SOMAXCONN, CZNCSock* pcSock = nullptr,

                          u_int iTimeout = 0, EAddrType eAddr = ADDR_ALL) {

        return (ListenRand(sSockName, "", bSSL, iMaxConns, pcSock, iTimeout,

                           eAddr));

    }


    void Connect(const CString& sHostname, u_short iPort,

                 const CString& sSockName, int iTimeout = 60, bool bSSL = false,

                 const CString& sBindHost = "", CZNCSock* pcSock = nullptr);


    unsigned int GetAnonConnectionCount(const CString& sIP) const;

    void DelSockByAddr(Csock* pcSock) override;


  private:

    void FinishConnect(const CString& sHostname, u_short iPort,

                       const CString& sSockName, int iTimeout, bool bSSL,

                       const CString& sBindHost, CZNCSock* pcSock);


    std::map<Csock*, bool /* deleted */> m_InFlightDnsSockets;


#ifdef HAVE_PTHREAD

    class CThreadMonitorFD;

    friend class CThreadMonitorFD;

#endif

#ifdef HAVE_THREADED_DNS

    struct TDNSTask {

        TDNSTask()

            : sHostname(""),

              iPort(0),

              sSockName(""),

              iTimeout(0),

              bSSL(false),

              sBindhost(""),

              pcSock(nullptr),

              bDoneTarget(false),

              bDoneBind(false),

              aiTarget(nullptr),

              aiBind(nullptr) {}


        TDNSTask(const TDNSTask&) = delete;

        TDNSTask& operator=(const TDNSTask&) = delete;


        CString sHostname;

        u_short iPort;

        CString sSockName;

        int iTimeout;

        bool bSSL;

        CString sBindhost;

        CZNCSock* pcSock;


        bool bDoneTarget;

        bool bDoneBind;

        addrinfo* aiTarget;

        addrinfo* aiBind;

    };

    class CDNSJob : public CJob {

      public:

        CDNSJob()

            : sHostname(""),

              task(nullptr),

              pManager(nullptr),

              bBind(false),

              iRes(0),

              aiResult(nullptr) {}


        CDNSJob(const CDNSJob&) = delete;

        CDNSJob& operator=(const CDNSJob&) = delete;


        CString sHostname;

        TDNSTask* task;

        CSockManager* pManager;

        bool bBind;


        int iRes;

        addrinfo* aiResult;


        void runThread() override;

        void runMain() override;

    };

    void StartTDNSThread(TDNSTask* task, bool bBind);

    void SetTDNSThreadFinished(TDNSTask* task, bool bBind, addrinfo* aiResult);

    static void* TDNSThread(void* argument);

#endif

  protected:

};


class CSocket : public CZNCSock {

  public:

    CSocket(CModule* pModule);

    CSocket(CModule* pModule, const CString& sHostname, unsigned short uPort,

            int iTimeout = 60);

    virtual ~CSocket();


    CSocket(const CSocket&) = delete;

    CSocket& operator=(const CSocket&) = delete;


    using Csock::Connect;

    using Csock::Listen;


    void ReachedMaxBuffer() override;

    void SockError(int iErrno, const CString& sDescription) override;


    bool ConnectionFrom(const CString& sHost, unsigned short uPort) override;


    bool Connect(const CString& sHostname, unsigned short uPort,

                 bool bSSL = false, unsigned int uTimeout = 60);

    bool Listen(unsigned short uPort, bool bSSL, unsigned int uTimeout = 0);


    // Getters

    CModule* GetModule() const;

    // !Getters


#ifndef SWIG

    // Translation. As opposed to CCoreTranslationMixin, this one uses module.mo

    CString t_s(const CString& sEnglish, const CString& sContext = "") const;

    CInlineFormatMessage t_f(const CString& sEnglish,

                             const CString& sContext = "") const;

    CInlineFormatMessage t_p(const CString& sEnglish, const CString& sEnglishes,

                             int iNum, const CString& sContext) const;

    CDelayedTranslation t_d(const CString& sEnglish,

                            const CString& sContext = "") const;

#endif


  private:

  protected:

    CModule*

        m_pModule;

};


class CIRCSocket : public CZNCSock {

  public:

#ifdef HAVE_ICU

    void IcuExtToUCallback(UConverterToUnicodeArgs* toArgs,

                           const char* codeUnits, int32_t length,

                           UConverterCallbackReason reason,

                           UErrorCode* err) override;

    void IcuExtFromUCallback(UConverterFromUnicodeArgs* fromArgs,

                             const UChar* codeUnits, int32_t length,

                             UChar32 codePoint, UConverterCallbackReason reason,

                             UErrorCode* err) override;

#endif

};


#endif /* ZNC_SOCKET_H */

EAddrType
EAddrType
Definition Socket.h:77

ADDR_IPV6ONLY
@ ADDR_IPV6ONLY
Definition Socket.h:77

ADDR_ALL
@ ADDR_ALL
Definition Socket.h:77

ADDR_IPV4ONLY
@ ADDR_IPV4ONLY
Definition Socket.h:77

Threads.h

Translation.h

SCString
std::set< CString > SCString
Definition ZNCString.h:37

CCoreTranslationMixin
Definition Translation.h:103

CDelayedTranslation
Definition Translation.h:71

CIRCSocket
Base IRC socket for client<->ZNC, and ZNC<->server.
Definition Socket.h:309

CIRCSocket::IcuExtFromUCallback
void IcuExtFromUCallback(UConverterFromUnicodeArgs *fromArgs, const UChar *codeUnits, int32_t length, UChar32 codePoint, UConverterCallbackReason reason, UErrorCode *err) override

CIRCSocket::IcuExtToUCallback
void IcuExtToUCallback(UConverterToUnicodeArgs *toArgs, const char *codeUnits, int32_t length, UConverterCallbackReason reason, UErrorCode *err) override
Allow IRC control characters to appear even if protocol encoding explicitly disallows them.

CInlineFormatMessage
Definition ZNCString.h:673

CJob
A job is a task which should run without blocking the main thread.
Definition Threads.h:67

CModule
The base class for your own ZNC modules.
Definition Modules.h:420

CSListener
options container to create a listener
Definition Csocket.h:1355

CSListener::SetAFRequire
void SetAFRequire(CSSockAddr::EAFRequire iAFRequire)
sets the AF family type required
Definition Csocket.h:1409

CSListener::SetSockName
void SetSockName(const CS_STRING &sSockName)
sets the sock name for later reference (ie FindSockByName)
Definition Csocket.h:1399

CSListener::SetTimeout
void SetTimeout(uint32_t i)
sets the listen timeout. The listener class will close after timeout has been reached if not 0
Definition Csocket.h:1407

CSListener::SetIsSSL
void SetIsSSL(bool b)
set to true to enable SSL
Definition Csocket.h:1403

CSListener::SetMaxConns
void SetMaxConns(int i)
set max connections as called by accept()
Definition Csocket.h:1405

CSSockAddr::RAF_INET6
@ RAF_INET6
Definition Csocket.h:225

CSSockAddr::RAF_ANY
@ RAF_ANY
Definition Csocket.h:223

CSSockAddr::RAF_INET
@ RAF_INET
Definition Csocket.h:227

CSockManager
Definition Socket.h:80

CSockManager::GetAnonConnectionCount
unsigned int GetAnonConnectionCount(const CString &sIP) const

CSockManager::DelSockByAddr
void DelSockByAddr(Csock *pcSock) override
Delete a sock by addr its position is looked up the socket is deleted, the appropriate call backs are...

CSockManager::CThreadMonitorFD
friend class CThreadMonitorFD
Definition Socket.h:174

CSockManager::ListenAll
bool ListenAll(u_short iPort, const CString &sSockName, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition Socket.h:113

CSockManager::CSockManager
CSockManager()

CSockManager::ListenAllRand
u_short ListenAllRand(const CString &sSockName, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition Socket.h:151

CSockManager::~CSockManager
virtual ~CSockManager()

CSockManager::Connect
void Connect(const CString &sHostname, u_short iPort, const CString &sSockName, int iTimeout=60, bool bSSL=false, const CString &sBindHost="", CZNCSock *pcSock=nullptr)

CSockManager::ListenRand
u_short ListenRand(const CString &sSockName, const CString &sBindHost, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition Socket.h:120

CSockManager::ListenHost
bool ListenHost(u_short iPort, const CString &sSockName, const CString &sBindHost, bool bSSL=false, int iMaxConns=SOMAXCONN, CZNCSock *pcSock=nullptr, u_int iTimeout=0, EAddrType eAddr=ADDR_ALL)
Definition Socket.h:85

CSocketManager::Listen
virtual bool Listen(const CSListener &cListen, Csock *pcSock=NULL, uint16_t *piRandPort=NULL)
Sets up a listening socket.

CSocket
Base Csock implementation to be used by modules.
Definition Socket.h:247

CSocket::t_d
CDelayedTranslation t_d(const CString &sEnglish, const CString &sContext="") const

CSocket::GetModule
CModule * GetModule() const

CSocket::m_pModule
CModule * m_pModule
pointer to the module that this sock instance belongs to
Definition Socket.h:302

CSocket::ConnectionFrom
bool ConnectionFrom(const CString &sHost, unsigned short uPort) override
This limits the global connections from this IP to defeat DoS attacks, feel free to override....

CSocket::CSocket
CSocket(CModule *pModule, const CString &sHostname, unsigned short uPort, int iTimeout=60)
ctor

CSocket::t_f
CInlineFormatMessage t_f(const CString &sEnglish, const CString &sContext="") const

CSocket::CSocket
CSocket(CModule *pModule)
ctor

CSocket::t_p
CInlineFormatMessage t_p(const CString &sEnglish, const CString &sEnglishes, int iNum, const CString &sContext) const

CSocket::Listen
bool Listen(unsigned short uPort, bool bSSL, unsigned int uTimeout=0)
Ease of use Listen, assigned to the manager and is subsequently tracked.

CSocket::CSocket
CSocket(const CSocket &)=delete

CSocket::operator=
CSocket & operator=(const CSocket &)=delete

CSocket::~CSocket
virtual ~CSocket()

CSocket::ReachedMaxBuffer
void ReachedMaxBuffer() override
This defaults to closing the socket, feel free to override.

CSocket::t_s
CString t_s(const CString &sEnglish, const CString &sContext="") const

CSocket::SockError
void SockError(int iErrno, const CString &sDescription) override

CSocket::Connect
bool Connect(const CString &sHostname, unsigned short uPort, bool bSSL=false, unsigned int uTimeout=60)
Ease of use Connect, assigns to the manager and is subsequently tracked.

CString
String class that is used inside ZNC.
Definition ZNCString.h:68

CZNCSock
Definition Socket.h:27

CZNCSock::SetHostToVerifySSL
void SetHostToVerifySSL(const CString &sHost)
Definition Socket.h:46

CZNCSock::SetTrustPKI
void SetTrustPKI(bool bTrustPKI)
Definition Socket.h:56

CZNCSock::CZNCSock
CZNCSock(const CString &sHost, u_short port, int timeout=60)

CZNCSock::SetSSLTrustedPeerFingerprints
void SetSSLTrustedPeerFingerprints(const SCString &ssFPs)
Definition Socket.h:49

CZNCSock::ConvertAddress
int ConvertAddress(const struct sockaddr_storage *pAddr, socklen_t iAddrLen, CString &sIP, u_short *piPort) const override

CZNCSock::SSLHandShakeFinished
void SSLHandShakeFinished() override
called once the SSL handshake is complete, this is triggered via SSL_CB_HANDSHAKE_DONE in SSL_set_inf...

CZNCSock::SetTrustAllCerts
void SetTrustAllCerts(bool bTrustAll)
Definition Socket.h:53

CZNCSock::~CZNCSock
~CZNCSock()
Definition Socket.h:31

CZNCSock::VerifyPeerCertificate
int VerifyPeerCertificate(int iPreVerify, X509_STORE_CTX *pStoreCTX) override
this is hooked in via SSL_set_verify, and be default it just returns 1 meaning success

CZNCSock::SSLCertError
virtual void SSLCertError(X509 *pCert)
Definition Socket.h:40

CZNCSock::GetTrustAllCerts
bool GetTrustAllCerts() const
Definition Socket.h:54

CZNCSock::GetSSLPeerFingerprint
CString GetSSLPeerFingerprint(X509 *pCert=nullptr) const

CZNCSock::GetRemoteIP
virtual CString GetRemoteIP() const
Definition Socket.h:61

CZNCSock::SetEncoding
void SetEncoding(const CString &)

CZNCSock::CZNCSock
CZNCSock(int timeout=60)

CZNCSock::SNIConfigureClient
bool SNIConfigureClient(CString &sHostname) override

CZNCSock::GetTrustPKI
bool GetTrustPKI() const
Definition Socket.h:57

CZNCSock::errnoBadSSLCert
@ errnoBadSSLCert
Definition Socket.h:66

CZNCSock::CheckSSLCert
bool CheckSSLCert(X509 *pCert)

Csock
Basic socket class.
Definition Csocket.h:564

Csock::Listen
virtual bool Listen(uint16_t iPort, int iMaxConns=SOMAXCONN, const CS_STRING &sBindHost="", uint32_t iTimeout=0, bool bDetach=false)
Listens for connections.

Csock::Connect
virtual bool Connect()
Create the connection, this is used by the socket manager, and shouldn't be called directly by the us...

Csock::GetRemoteIP
CS_STRING GetRemoteIP() const

TSocketManager
Ease of use templated socket manager.
Definition Csocket.h:1655