2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // socks - socks version of IP sockets
22 // This Socks implementation replaces the TCP-functional layer of the socket interface
23 // (TCPClientSocket and TCPServerSocket), not the raw Socket layer. Remember what
24 // Socks was invented for -- it's NOT a generic socket abstraction layer, valiant efforts
25 // of the various -lsocks libraries nonwithstanding.
26 // Do note that these are not virtual overrides, but textual replacements.
28 // This implementation supports Socks versions 4 and 5, as well as direct (un-socksed) sockets.
29 // The choice is per socket object.
32 // SocksServer *server = SocksServer::make(version, IP-address);
33 // SocksServer::defaultServer(server); // for new sockets
34 // SocksClientSocket clientSocket(...);
35 // clientSocket.server(server); // for this socket
36 // SocksServerSocket serverSocket(...); // only supports .receive()
37 // Otherwise, Socks{Client,Server}Socket is functionally equivalent to {Client,Server}Socket.
38 // Sockets without a Server (explicit or by default) are direct.
40 // Minimum replacement strategy:
41 // #define TCPClientSocket SocksClientSocket
42 // #define TCPServerSocket SocksServerSocket
43 // SocksServer::defaultServer(SocksServer::make(...));
46 // There is no UDP Socks support.
47 // @@@ Nonblocking sockets may not work quite right.
49 #ifndef _H_SOCKSPLUSPLUS
50 #define _H_SOCKSPLUSPLUS
53 #include <Security/threading.h>
54 #include <Security/globalizer.h>
57 using namespace UnixPlusPlus
;
61 namespace IPPlusPlus
{
64 class SocksServerSocket
;
65 class SocksClientSocket
;
69 // A particular Socks server and version. Get one by calling SocksServer::make().
70 // You can express "no socks server" (direct connect) with a NULL pointer (or version==0).
74 class Support
; friend class Support
;
78 mutable Mutex lock
; // lock for mGlobalServerAddress
79 SocksServer
*mServer
; // global default server
80 ThreadNexus
<IPAddress
> lastConnected
; // last address connected to (for aux. bind)
82 Global() : mServer(NULL
) { }
84 void server(SocksServer
*srv
) { StLock
<Mutex
> _(lock
); mServer
= srv
; }
85 SocksServer
*server() const { StLock
<Mutex
> _(lock
); return mServer
; }
87 static ModuleNexus
<Global
> global
; // global state
90 typedef unsigned int Version
;
92 static SocksServer
*make(Version version
, const IPSockAddress
&addr
);
94 const IPSockAddress
&address() const { return mServerAddress
; }
95 Version
version() const { return mVersion
; }
98 static SocksServer
*defaultServer() { return global().server(); }
99 static void defaultServer(SocksServer
*server
) { global().server(server
); }
102 virtual void connect(SocksClientSocket
&me
, const IPSockAddress
&peer
) = 0;
103 virtual void connect(SocksClientSocket
&me
, const Host
&host
, IPPort port
) = 0;
104 virtual void bind(SocksServerSocket
&me
, const IPAddress
&peer
, IPPort port
) = 0;
105 virtual void receive(SocksServerSocket
&me
, SocksClientSocket
&receiver
) = 0;
107 SocksServer(Version v
, const IPSockAddress
&addr
) : mVersion(v
), mServerAddress(addr
) { }
111 IPSockAddress mServerAddress
;
116 SocksServer
*server() const { return mServer
; }
117 void server(SocksServer
*srv
) { mServer
= srv
; }
119 IPSockAddress
localAddress(const Socket
&me
) const;
120 IPSockAddress
peerAddress(const Socket
&me
) const;
123 Support() : mServer(defaultServer()) { }
125 void connect(SocksClientSocket
&me
, const IPSockAddress
&peer
)
126 { mServer
->connect(me
, peer
); }
127 void connect(SocksClientSocket
&me
, const Host
&host
, IPPort port
)
128 { mServer
->connect(me
, host
, port
); }
129 void bind(SocksServerSocket
&me
, const IPAddress
&peer
, IPPort port
)
130 { mServer
->bind(me
, peer
, port
); }
131 void receive(SocksServerSocket
&me
, SocksClientSocket
&receiver
)
132 { mServer
->receive(me
, receiver
); }
134 void lastConnected(IPAddress addr
) { global().lastConnected() = addr
; }
135 IPAddress
lastConnected() const { return global().lastConnected(); }
138 SocksServer
*mServer
; // server for this socket
139 IPSockAddress mLocalAddress
; // my own address, as reported by server
140 IPSockAddress mPeerAddress
; // peer address
146 // The Socks version of a TCPClientSocket
148 class SocksClientSocket
: public TCPClientSocket
, public SocksServer::Support
{
150 SocksClientSocket() { }
151 SocksClientSocket(const IPSockAddress
&peer
) { open(peer
); }
152 SocksClientSocket(const IPAddress
&addr
, IPPort port
) { open(addr
, port
); }
153 SocksClientSocket(const Host
&host
, IPPort port
) { open(host
, port
); }
155 void open(const IPSockAddress
&peer
);
156 void open(const IPAddress
&addr
, IPPort port
);
157 void open(const Host
&host
, IPPort port
);
159 IPSockAddress
localAddress() const { return Support::localAddress(*this); }
160 IPSockAddress
peerAddress() const { return Support::peerAddress(*this); }
163 void setFd(int fd
, const IPSockAddress
&local
, const IPSockAddress
&peer
);
168 // The Socks version of a TCPServerSocket.
169 // Note that this version only supports the receive() access method.
170 // By the nature of things, the queue-length argument is ignored (it's always 1).
172 // A note about setMainConnection: There is a structural problem
173 // with the Socks protocol. When a SocksServerSocket goes active,
174 // the protocol requires the IP address of the host the connection will be
175 // coming from. Typical Socks library layers simply assume that this will
176 // be the address of the last server connected to by another (TCP) socket.
177 // We do this heuristic too, but it's unreliable: it's a per-thread global, and will
178 // fail if you interleave multiple socks "sessions" in the same thread. For this
179 // case (or if you just want to be safe and explicit), you can call setMainConnection to
180 // explicitly link this socket to a TCPClientSocket whose peer we should use.
181 // Do note that this call does not exist in the plain (non-socks) socket layer.
183 class SocksServerSocket
: public TCPServerSocket
, public SocksServer::Support
{
185 SocksServerSocket() { }
186 SocksServerSocket(const IPSockAddress
&local
, int = 1) { open(local
); }
187 SocksServerSocket(IPPort port
, int = 1) { open(port
); }
189 void open(const IPSockAddress
&local
, int = 1);
190 void open(IPPort port
= 0, int = 1)
191 { open(IPSockAddress(IPAddress::any
, port
)); }
193 void receive(SocksClientSocket
&client
); // accept incoming and close listener
195 IPSockAddress
localAddress() const { return Support::localAddress(*this); }
196 IPSockAddress
peerAddress() const { return Support::peerAddress(*this); }
198 // this special call is not an overlay of TCPServerSocket - it exists only for Socks
199 void setMainConnection(TCPClientSocket
&main
)
200 { mConnectionPeer
= main
.peerAddress().address(); }
203 IPAddress mConnectionPeer
; // address to say we're peered with
206 void operator () (TCPClientSocket
&newClient
); // not supported by Socks
210 } // end namespace IPPlusPlus
211 } // end namespace Security
214 #endif //_H_IPPLUSPLUS
projects / apple / security.git / blob