2004-09-13 18:17:41 +04:00
/*
Unix SMB / CIFS implementation .
Socket functions
Copyright ( C ) Stefan Metzmacher 2004
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 06:07:03 +04:00
the Free Software Foundation ; either version 3 of the License , or
2004-09-13 18:17:41 +04:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 06:07:03 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2004-09-13 18:17:41 +04:00
*/
# ifndef _SAMBA_SOCKET_H
# define _SAMBA_SOCKET_H
2008-12-29 22:24:57 +03:00
struct tevent_context ;
2009-01-03 14:47:24 +03:00
struct tevent_fd ;
2004-09-13 18:17:41 +04:00
struct socket_context ;
enum socket_type {
2005-01-19 06:20:20 +03:00
SOCKET_TYPE_STREAM ,
SOCKET_TYPE_DGRAM
2004-09-13 18:17:41 +04:00
} ;
2006-01-10 01:12:53 +03:00
struct socket_address {
const char * family ;
char * addr ;
int port ;
struct sockaddr * sockaddr ;
size_t sockaddrlen ;
} ;
2004-09-13 18:17:41 +04:00
struct socket_ops {
const char * name ;
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_init ) ( struct socket_context * sock ) ;
2004-09-13 18:17:41 +04:00
/* client ops */
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_connect ) ( struct socket_context * sock ,
2006-01-10 01:12:53 +03:00
const struct socket_address * my_address ,
const struct socket_address * server_address ,
uint32_t flags ) ;
2004-09-13 18:17:41 +04:00
2005-01-15 13:28:08 +03:00
/* complete a non-blocking connect */
NTSTATUS ( * fn_connect_complete ) ( struct socket_context * sock ,
uint32_t flags ) ;
2004-09-13 18:17:41 +04:00
/* server ops */
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_listen ) ( struct socket_context * sock ,
2006-01-10 01:12:53 +03:00
const struct socket_address * my_address ,
int queue_size , uint32_t flags ) ;
NTSTATUS ( * fn_accept ) ( struct socket_context * sock ,
struct socket_context * * new_sock ) ;
2004-09-13 18:17:41 +04:00
/* general ops */
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_recv ) ( struct socket_context * sock , void * buf ,
2006-04-30 09:58:31 +04:00
size_t wantlen , size_t * nread ) ;
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_send ) ( struct socket_context * sock ,
2006-04-30 09:58:31 +04:00
const DATA_BLOB * blob , size_t * sendlen ) ;
2005-01-19 06:20:20 +03:00
NTSTATUS ( * fn_sendto ) ( struct socket_context * sock ,
2006-04-30 09:58:31 +04:00
const DATA_BLOB * blob , size_t * sendlen ,
2006-01-10 01:12:53 +03:00
const struct socket_address * dest_addr ) ;
2005-01-19 06:20:20 +03:00
NTSTATUS ( * fn_recvfrom ) ( struct socket_context * sock ,
2006-04-30 09:58:31 +04:00
void * buf , size_t wantlen , size_t * nread ,
2006-01-10 01:12:53 +03:00
TALLOC_CTX * addr_ctx , struct socket_address * * src_addr ) ;
2005-06-03 17:20:08 +04:00
NTSTATUS ( * fn_pending ) ( struct socket_context * sock , size_t * npending ) ;
2004-09-13 18:17:41 +04:00
2004-11-02 05:01:04 +03:00
void ( * fn_close ) ( struct socket_context * sock ) ;
2004-09-13 18:17:41 +04:00
2004-11-02 05:01:04 +03:00
NTSTATUS ( * fn_set_option ) ( struct socket_context * sock , const char * option , const char * val ) ;
2004-09-13 18:17:41 +04:00
2004-11-02 05:01:04 +03:00
char * ( * fn_get_peer_name ) ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
2006-01-10 01:12:53 +03:00
struct socket_address * ( * fn_get_peer_addr ) ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
struct socket_address * ( * fn_get_my_addr ) ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
2004-09-13 18:17:41 +04:00
2004-11-02 05:01:04 +03:00
int ( * fn_get_fd ) ( struct socket_context * sock ) ;
2004-09-13 18:17:41 +04:00
} ;
enum socket_state {
SOCKET_STATE_UNDEFINED ,
SOCKET_STATE_CLIENT_START ,
SOCKET_STATE_CLIENT_CONNECTED ,
SOCKET_STATE_CLIENT_STARTTLS ,
SOCKET_STATE_CLIENT_ERROR ,
SOCKET_STATE_SERVER_LISTEN ,
SOCKET_STATE_SERVER_CONNECTED ,
SOCKET_STATE_SERVER_STARTTLS ,
SOCKET_STATE_SERVER_ERROR
} ;
2004-10-28 11:55:33 +04:00
# define SOCKET_FLAG_PEEK 0x00000002
# define SOCKET_FLAG_TESTNONBLOCK 0x00000004
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
# define SOCKET_FLAG_ENCRYPT 0x00000008 / * This socket
* implementation requires
* that re - sends be
2023-08-03 15:32:27 +03:00
* consistent , because it
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
* is encrypting data .
* This modifies the
* TESTNONBLOCK case */
2007-05-17 06:19:28 +04:00
# define SOCKET_FLAG_NOCLOSE 0x00000010 /* don't auto-close on free */
2004-09-13 18:17:41 +04:00
struct socket_context {
enum socket_type type ;
enum socket_state state ;
uint32_t flags ;
int fd ;
void * private_data ;
const struct socket_ops * ops ;
2005-08-28 06:37:38 +04:00
const char * backend_name ;
2007-10-07 01:31:00 +04:00
/* specific to the ip backend */
int family ;
2004-09-13 18:17:41 +04:00
} ;
2007-12-10 20:41:19 +03:00
struct resolve_context ;
2009-12-23 11:38:21 +03:00
struct tsocket_address ;
2005-02-10 09:59:29 +03:00
/* prototypes */
2006-05-03 00:15:47 +04:00
NTSTATUS socket_create_with_ops ( TALLOC_CTX * mem_ctx , const struct socket_ops * ops ,
struct socket_context * * new_sock ,
enum socket_type type , uint32_t flags ) ;
2018-02-15 18:43:59 +03:00
NTSTATUS socket_create ( TALLOC_CTX * mem_ctx ,
const char * name , enum socket_type type ,
2005-02-10 09:59:29 +03:00
struct socket_context * * new_sock , uint32_t flags ) ;
NTSTATUS socket_connect ( struct socket_context * sock ,
2006-01-10 01:12:53 +03:00
const struct socket_address * my_address ,
const struct socket_address * server_address ,
2005-02-10 09:59:29 +03:00
uint32_t flags ) ;
NTSTATUS socket_connect_complete ( struct socket_context * sock , uint32_t flags ) ;
2006-01-10 01:12:53 +03:00
NTSTATUS socket_listen ( struct socket_context * sock ,
const struct socket_address * my_address ,
int queue_size , uint32_t flags ) ;
2005-02-10 09:59:29 +03:00
NTSTATUS socket_accept ( struct socket_context * sock , struct socket_context * * new_sock ) ;
NTSTATUS socket_recv ( struct socket_context * sock , void * buf ,
2006-04-30 09:58:31 +04:00
size_t wantlen , size_t * nread ) ;
2005-02-10 09:59:29 +03:00
NTSTATUS socket_recvfrom ( struct socket_context * sock , void * buf ,
2006-04-30 09:58:31 +04:00
size_t wantlen , size_t * nread ,
2006-01-10 01:12:53 +03:00
TALLOC_CTX * addr_ctx , struct socket_address * * src_addr ) ;
2005-02-10 09:59:29 +03:00
NTSTATUS socket_send ( struct socket_context * sock ,
2006-04-30 09:58:31 +04:00
const DATA_BLOB * blob , size_t * sendlen ) ;
2005-02-10 09:59:29 +03:00
NTSTATUS socket_sendto ( struct socket_context * sock ,
2006-04-30 09:58:31 +04:00
const DATA_BLOB * blob , size_t * sendlen ,
2006-01-10 01:12:53 +03:00
const struct socket_address * dest_addr ) ;
2005-06-03 17:20:08 +04:00
NTSTATUS socket_pending ( struct socket_context * sock , size_t * npending ) ;
2005-02-10 09:59:29 +03:00
NTSTATUS socket_set_option ( struct socket_context * sock , const char * option , const char * val ) ;
char * socket_get_peer_name ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
2006-01-10 01:12:53 +03:00
struct socket_address * socket_get_peer_addr ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
struct socket_address * socket_get_my_addr ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
2009-12-23 11:38:21 +03:00
struct tsocket_address * socket_address_to_tsocket_address ( TALLOC_CTX * mem_ctx ,
const struct socket_address * a ) ;
struct socket_address * tsocket_address_to_socket_address ( TALLOC_CTX * mem_ctx ,
const struct tsocket_address * a ) ;
2009-12-23 12:43:05 +03:00
struct tsocket_address * socket_get_remote_addr ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
struct tsocket_address * socket_get_local_addr ( struct socket_context * sock , TALLOC_CTX * mem_ctx ) ;
2005-02-10 09:59:29 +03:00
int socket_get_fd ( struct socket_context * sock ) ;
NTSTATUS socket_dup ( struct socket_context * sock ) ;
2006-01-10 01:12:53 +03:00
struct socket_address * socket_address_from_strings ( TALLOC_CTX * mem_ctx ,
const char * type ,
const char * host ,
int port ) ;
struct socket_address * socket_address_from_sockaddr ( TALLOC_CTX * mem_ctx ,
struct sockaddr * sockaddr ,
size_t addrlen ) ;
2011-05-12 14:29:21 +04:00
struct sockaddr_storage ;
struct socket_address * socket_address_from_sockaddr_storage ( TALLOC_CTX * mem_ctx ,
const struct sockaddr_storage * sockaddr ,
uint16_t port ) ;
2010-03-10 07:55:26 +03:00
_PUBLIC_ void socket_address_set_port ( struct socket_address * a ,
uint16_t port ) ;
2009-02-13 15:07:58 +03:00
struct socket_address * socket_address_copy ( TALLOC_CTX * mem_ctx ,
const struct socket_address * oaddr ) ;
2005-02-10 09:59:29 +03:00
const struct socket_ops * socket_getops_byname ( const char * name , enum socket_type type ) ;
2007-08-27 22:10:19 +04:00
bool socket_check_access ( struct socket_context * sock ,
2005-02-10 09:59:29 +03:00
const char * service_name ,
const char * * allow_list , const char * * deny_list ) ;
2005-10-24 13:34:12 +04:00
struct composite_context * socket_connect_send ( struct socket_context * sock ,
2006-01-10 01:12:53 +03:00
struct socket_address * my_address ,
struct socket_address * server_address ,
2005-10-24 13:34:12 +04:00
uint32_t flags ,
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ) ;
2005-10-24 13:34:12 +04:00
NTSTATUS socket_connect_recv ( struct composite_context * ctx ) ;
2005-06-16 09:39:40 +04:00
NTSTATUS socket_connect_ev ( struct socket_context * sock ,
2006-01-10 01:12:53 +03:00
struct socket_address * my_address ,
struct socket_address * server_address ,
2007-12-07 18:04:17 +03:00
uint32_t flags ,
2008-12-29 22:24:57 +03:00
struct tevent_context * ev ) ;
2005-06-16 09:39:40 +04:00
2011-11-29 19:25:03 +04:00
struct socket_connect_multi_ex {
void * private_data ;
struct tevent_req * ( * establish_send ) ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct socket_context * sock ,
struct socket_address * addr ,
void * private_data ) ;
NTSTATUS ( * establish_recv ) ( struct tevent_req * req ) ;
} ;
struct composite_context * socket_connect_multi_ex_send ( TALLOC_CTX * mem_ctx ,
const char * server_address ,
int num_server_ports ,
uint16_t * server_ports ,
struct resolve_context * resolve_ctx ,
struct tevent_context * event_ctx ,
struct socket_connect_multi_ex * ex ) ;
NTSTATUS socket_connect_multi_ex_recv ( struct composite_context * ctx ,
TALLOC_CTX * mem_ctx ,
struct socket_context * * result ,
uint16_t * port ) ;
NTSTATUS socket_connect_multi_ex ( TALLOC_CTX * mem_ctx , const char * server_address ,
int num_server_ports , uint16_t * server_ports ,
struct resolve_context * resolve_ctx ,
struct tevent_context * event_ctx ,
struct socket_connect_multi_ex * ex ,
struct socket_context * * result ,
uint16_t * port ) ;
2005-10-28 15:02:42 +04:00
struct composite_context * socket_connect_multi_send ( TALLOC_CTX * mem_ctx ,
const char * server_address ,
int num_server_ports ,
uint16_t * server_ports ,
2007-12-10 20:41:19 +03:00
struct resolve_context * resolve_ctx ,
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ) ;
2005-10-28 15:02:42 +04:00
NTSTATUS socket_connect_multi_recv ( struct composite_context * ctx ,
TALLOC_CTX * mem_ctx ,
struct socket_context * * result ,
uint16_t * port ) ;
NTSTATUS socket_connect_multi ( TALLOC_CTX * mem_ctx , const char * server_address ,
int num_server_ports , uint16_t * server_ports ,
2007-12-10 20:41:19 +03:00
struct resolve_context * resolve_ctx ,
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ,
2005-10-28 15:02:42 +04:00
struct socket_context * * result ,
uint16_t * port ) ;
2006-04-30 05:32:59 +04:00
void set_socket_options ( int fd , const char * options ) ;
2009-09-29 13:49:50 +04:00
void socket_set_flags ( struct socket_context * sock , unsigned flags ) ;
2005-10-28 15:02:42 +04:00
2009-01-03 14:47:24 +03:00
void socket_tevent_fd_close_fn ( struct tevent_context * ev ,
struct tevent_fd * fde ,
int fd ,
void * private_data ) ;
2008-11-02 03:15:42 +03:00
extern bool testnonblock ;
2004-09-13 18:17:41 +04:00
# endif /* _SAMBA_SOCKET_H */
