jabberd2  2.3.4
s2s.h
Go to the documentation of this file.
1 /*
2  * jabberd - Jabber Open Source Server
3  * Copyright (c) 2002 Jeremie Miller, Thomas Muldowney,
4  * Ryan Eatmon, Robert Norris
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA02111-1307USA
19  */
20 
21 #ifdef HAVE_CONFIG_H
22 # include <config.h>
23 #endif
24 
25 #include "mio/mio.h"
26 #include "sx/sx.h"
27 
28 #ifdef HAVE_SIGNAL_H
29 # include <signal.h>
30 #endif
31 #ifdef HAVE_SYS_STAT_H
32 # include <sys/stat.h>
33 #endif
34 
35 #include <udns.h>
36 
37 /* forward decl */
38 typedef struct host_st *host_t;
39 typedef struct s2s_st *s2s_t;
40 typedef struct pkt_st *pkt_t;
41 typedef struct conn_st *conn_t;
42 typedef struct dnsquery_st *dnsquery_t;
43 typedef struct dnscache_st *dnscache_t;
44 typedef struct dnsres_st *dnsres_t;
45 
46 struct host_st {
48  const char *realm;
49 
51  const char *host_pemfile;
52 
54  const char *host_cachain;
55 
57  int host_verify_mode;
58 
61 
63  const char *host_ciphers;
64 };
65 
66 struct s2s_st {
68  const char *id;
69 
71  const char *router_ip;
73  const char *router_user;
74  const char *router_pass;
75  const char *router_pemfile;
76  const char *router_cachain;
78  const char *router_ciphers;
80 
83 
89 
93 
96 
99 
102 
105  const char *log_facility;
106  const char *log_ident;
107 
109  long long int packet_count;
110  const char *packet_stats;
111 
117 
119  const char *local_ip;
121 
123  const char **origin_ips;
125 
127  const char *local_secret;
128 
130  const char *local_pemfile;
131 
134 
136  const char *local_cachain;
137 
140 
142  const char *local_ciphers;
143 
146 
149 
152 
155 
157  const char **lookup_srv;
159 
162 
166 
169 
178 
181 
182  time_t next_check;
183  time_t next_expiry;
184 
188  /*const*/ char **whitelist_domains; // TODO clarify if need to be const
190 
193 
196 
198  int started;
199 
201  int online;
202 
205 
208 
211 
214 
217 
220 
222  int udns_fd;
224 
228 
232 };
233 
234 struct pkt_st {
235  nad_t nad;
236 
237  jid_t from;
238  jid_t to;
239 
240  int db;
241 
243  int port;
244 };
245 
246 typedef enum {
251 } conn_state_t;
252 
253 struct conn_st {
254  s2s_t s2s;
255 
256  const char *key;
257  const char *dkey;
258 
261 
263  int port;
264 
267 
270 
273 
274  time_t init_time;
275 
276  int online;
277 
279  int verify;
280  time_t last_verify;
281 
284  time_t last_packet;
285 
286  unsigned int packet_count;
287 };
288 
289 #define DNS_MAX_RESULTS 50
290 
292 struct dnsquery_st {
293  s2s_t s2s;
294 
296  const char *name;
297 
299  int srv_i;
300 
303 
305  const char *cur_host;
306 
308  int cur_port;
309 
311  time_t cur_expiry;
312 
314  int cur_prio;
315 
318 
321 
323  time_t expiry;
324 
326  struct dns_query *query;
327 };
328 
330 struct dnscache_st {
332  char name[1024];
333 
336 
338  time_t expiry;
339 
340  time_t init_time;
341 
343  int pending;
344  dnsquery_t query;
345 };
346 
348 struct dnsres_st {
350  const char *key;
351 
353  int prio;
354 
356  int weight;
357 
359  time_t expiry;
360 };
361 
362 extern sig_atomic_t s2s_lost_router;
363 
364 int s2s_router_mio_callback(mio_t m, mio_action_t a, mio_fd_t fd, void *data, void *arg);
365 int s2s_router_sx_callback(sx_t s, sx_event_t e, void *data, void *arg);
366 int s2s_domain_in_whitelist(s2s_t s2s, const char *in_domain);
367 
368 char *s2s_route_key(pool_t p, const char *local, const char *remote);
369 int s2s_route_key_match(char *local, const char *remote, const char *rkey, int rkeylen);
370 char *s2s_db_key(pool_t p, const char *secret, const char *remote, const char *id);
371 char *dns_make_ipport(const char* host, int port);
372 
373 int out_packet(s2s_t s2s, pkt_t pkt);
374 int out_route(s2s_t s2s, const char *route, int routelen, conn_t *out, int allow_bad);
375 int dns_select(s2s_t s2s, char* ip, int* port, time_t now, dnscache_t dns, int allow_bad);
376 void dns_resolve_domain(s2s_t s2s, dnscache_t dns);
377 void out_resolve(s2s_t s2s, const char *domain, xht results, time_t expiry);
378 void out_dialback(s2s_t s2s, pkt_t pkt);
379 int out_bounce_domain_queues(s2s_t s2s, const char *domain, int err);
380 int out_bounce_route_queue(s2s_t s2s, const char *rkey, int rkeylen, int err);
381 int out_bounce_conn_queues(conn_t out, int err);
382 void out_flush_domain_queues(s2s_t s2s, const char *domain);
383 void out_flush_route_queue(s2s_t s2s, const char *rkey, int rkeylen);
384 
385 int in_mio_callback(mio_t m, mio_action_t a, mio_fd_t fd, void *data, void *arg);
386 
387 /* sx flag for outgoing dialback streams */
388 #define S2S_DB_HEADER (1<<10)
389 
390 /* max length of FQDN for whitelist matching */
391 #define MAX_DOMAIN_LEN 1023
392 
393 int s2s_db_init(sx_env_t env, sx_plugin_t p, va_list args);
394 
395 /* union for xhash_iter_get to comply with strict-alias rules for gcc3 */
396 union xhashv
397 {
398  void **val;
399  char **char_val;
400  conn_t *conn_val;
403  dnscache_t *dns_val;
404  dnsres_t *dnsres_val;
405 };
406 
407 void out_pkt_free(pkt_t pkt);
#define INET6_ADDRSTRLEN
maximum length of the string representation of an IPv6 address
Definition: util_compat.h:46
Definition: nad.h:93
dns query data
Definition: s2s.h:292
int retry_init
connect retry
Definition: s2s.h:113
char ip[INET6_ADDRSTRLEN+1]
Definition: s2s.h:242
Definition: s2s.h:66
time_t last_invalid_check
Definition: s2s.h:180
unsigned int packet_count
Definition: s2s.h:286
char ip[INET6_ADDRSTRLEN+1]
Definition: s2s.h:262
const char * dkey
Definition: s2s.h:257
int enable_whitelist
Definition: s2s.h:187
sx_t router
router's conn
Definition: s2s.h:91
void out_dialback(s2s_t s2s, pkt_t pkt)
int check_dnscache
Definition: s2s.h:176
int db
Definition: s2s.h:240
const char * local_ip
ip/port to listen on
Definition: s2s.h:119
time_t expiry
time that this entry expires
Definition: s2s.h:359
log_t log
logging
Definition: s2s.h:101
const char * router_pass
Definition: s2s.h:74
int weight
host weight
Definition: s2s.h:356
const char * log_ident
Definition: s2s.h:106
xht hosts
srv lookup results (key host/port)
Definition: s2s.h:302
int s2s_db_init(sx_env_t env, sx_plugin_t p, va_list args)
Definition: db.c:55
int started
this is true if we've connected to the router at least once
Definition: s2s.h:198
jqueue_t dead
list of sx_t on the way out
Definition: s2s.h:192
struct dnsres_st * dnsres_t
Definition: s2s.h:44
char ** whitelist_domains
Definition: s2s.h:188
const char * host_ciphers
list of TLS ciphers
Definition: c2s.h:144
const char * router_ip
how to connect to the router
Definition: s2s.h:71
int port
Definition: s2s.h:263
an environment
Definition: sx.h:378
xht in_accept
incoming conns prior to stream initiation (key is ip/port)
Definition: s2s.h:219
int check_invalid
Definition: s2s.h:173
const char ** lookup_srv
srvs to lookup
Definition: s2s.h:157
const char * key
ip/port
Definition: s2s.h:350
xht hosts
hosts mapping
Definition: s2s.h:145
time_t next_check
Definition: s2s.h:182
mio_fd_t fd
Definition: s2s.h:92
int verify
number and last timestamp of outstanding db:verify requests
Definition: s2s.h:279
time_t expiry
time that all entries expire
Definition: s2s.h:323
char * host_private_key_password
private key password
Definition: c2s.h:135
struct host_st * host_t
Definition: s2s.h:38
a plugin
Definition: sx.h:343
dns resolution results
Definition: s2s.h:348
void out_pkt_free(pkt_t pkt)
Definition: out.c:601
holder for the config hash and nad
Definition: util.h:200
int in_mio_callback(mio_t m, mio_action_t a, mio_fd_t fd, void *data, void *arg)
Definition: in.c:63
int srv_i
srv lookup index
Definition: s2s.h:299
xht states
states of outgoing dialbacks (key is local/remote)
Definition: s2s.h:266
conn_state_t * state_val
Definition: s2s.h:401
struct pkt_st * pkt_t
Definition: s2s.h:40
struct conn_st * conn_t
Definition: s2s.h:41
mio_action_t
these are the actions and a handler type assigned by the applicaiton using mio
Definition: mio.h:106
void out_flush_route_queue(s2s_t s2s, const char *rkey, int rkeylen)
Definition: out.c:1885
Definition: mio.h:109
int host_verify_mode
verify-mode
Definition: c2s.h:138
xht outq
queues of packets waiting to go out (key is route)
Definition: s2s.h:204
const char * packet_stats
Definition: s2s.h:110
time_t expiry
time that this entry expires
Definition: s2s.h:338
xht out_host
outgoing conns (key is ip/port)
Definition: s2s.h:210
int check_queue
Definition: s2s.h:172
time_t last_verify
Definition: s2s.h:280
long long int packet_count
packet counter
Definition: s2s.h:109
dnsquery_t query
Definition: s2s.h:344
xht dnscache
dns resolution cache
Definition: s2s.h:226
int cur_port
current host lookup port
Definition: s2s.h:308
xht out_dest
outgoing conns (key is dest)
Definition: s2s.h:213
int port
Definition: s2s.h:243
xht routes
routes that this conn handles (key is local/remote)
Definition: s2s.h:272
s2s_t s2s
Definition: s2s.h:254
dnsres_t * dnsres_val
Definition: s2s.h:404
sx_plugin_t sx_db
Definition: s2s.h:88
xht dns_bad
dns resolution bad host cache
Definition: s2s.h:230
int local_port
Definition: s2s.h:120
char * s2s_route_key(pool_t p, const char *local, const char *remote)
generate a local/remote route key
Definition: util.c:27
int router_port
Definition: s2s.h:72
sx_env_t sx_env
sx environment
Definition: s2s.h:85
int udns_fd
udns fds
Definition: s2s.h:222
int compression
enable Stream Compression
Definition: s2s.h:154
int etc_hosts_ttl
/etc/hosts ttl limits
Definition: s2s.h:168
s2s_t s2s
Definition: s2s.h:293
int pending
set when we're waiting for a resolve response
Definition: s2s.h:343
int online
Definition: s2s.h:276
mio - manage i/o
int stanza_size_limit
maximum stanza size
Definition: s2s.h:151
holds the state for a single stream
Definition: sx.h:252
int local_verify_mode
verify-mode
Definition: s2s.h:139
jid_t from
packet addressing (not used for routing)
Definition: sm.h:140
int dns_cache_enabled
Definition: s2s.h:227
int online
true if we're bound in the router
Definition: s2s.h:201
const char * local_cachain
certificate chain
Definition: s2s.h:136
conn_state_t
Definition: s2s.h:246
int out_bounce_domain_queues(s2s_t s2s, const char *domain, int err)
Definition: out.c:1798
void ** val
Definition: c2s.h:401
char * s2s_db_key(pool_t p, const char *secret, const char *remote, const char *id)
generate a dialback key
Definition: util.c:61
packet summary data wrapper
Definition: sm.h:129
struct _log_st * log_t
Definition: log.h:48
jqueue_t * jq_val
Definition: s2s.h:402
const char * key
Definition: s2s.h:256
mio_fd_t udns_mio_fd
Definition: s2s.h:223
int check_keepalive
Definition: s2s.h:174
nad_t nad
nad of the entire packet
Definition: sm.h:146
log_type_t
Definition: log.h:41
const char * log_facility
Definition: s2s.h:105
void out_flush_domain_queues(s2s_t s2s, const char *domain)
Definition: out.c:1867
xht results
results (key ip/port)
Definition: s2s.h:335
char name[1024]
the name proper
Definition: s2s.h:332
const char * realm
our realm (SASL)
Definition: c2s.h:126
int retry_limit
Definition: s2s.h:177
sx_plugin_t sx_ssl
Definition: s2s.h:86
jqueue_t dead_conn
list of conn_t on the way out
Definition: s2s.h:195
time_t init_time
Definition: s2s.h:340
time_t next_expiry
Definition: s2s.h:183
int out_route(s2s_t s2s, const char *route, int routelen, conn_t *out, int allow_bad)
find/make a connection for a route
Definition: out.c:406
sx_t s
Definition: s2s.h:259
xht states_time
time of the last state change (key is local/remote)
Definition: s2s.h:269
conn_t * conn_val
Definition: s2s.h:400
time_t cur_expiry
current host max expiry
Definition: s2s.h:311
Definition: s2s.h:247
Definition: jid.h:42
Definition: c2s.h:124
xht results
host lookup results (key ip/port)
Definition: s2s.h:320
const char * local_secret
dialback secret
Definition: s2s.h:127
dnscache_t * dns_val
Definition: s2s.h:403
const char * host_pemfile
starttls pemfile
Definition: c2s.h:129
int dns_max_ttl
Definition: s2s.h:165
int router_default
Definition: s2s.h:79
const char * name
domain name
Definition: s2s.h:296
int out_reuse
reuse outgoing conns keyed by ip/port
Definition: s2s.h:207
const char * router_pemfile
Definition: s2s.h:75
const char * local_ciphers
list of TLS ciphers
Definition: s2s.h:142
int check_interval
time checks
Definition: s2s.h:171
mio_fd_t server_fd
listening sockets
Definition: s2s.h:95
sig_atomic_t s2s_lost_router
Definition: main.c:27
int retry_lost
Definition: s2s.h:114
int cur_prio
current host priority
Definition: s2s.h:314
int io_max_fds
max file descriptors
Definition: s2s.h:148
config_t config
config
Definition: s2s.h:98
time_t last_packet
Definition: s2s.h:284
int resolve_aaaa
if we resolve AAAA records
Definition: s2s.h:161
int s2s_route_key_match(char *local, const char *remote, const char *rkey, int rkeylen)
match route key - used for searching route hash
Definition: util.c:44
const char ** origin_ips
ip(s) to originate connections from
Definition: s2s.h:123
char * dns_make_ipport(const char *host, int port)
Definition: out.c:727
int s2s_domain_in_whitelist(s2s_t s2s, const char *in_domain)
Definition: main.c:665
struct dns_query * query
set when we're waiting for a resolve response
Definition: s2s.h:326
const char * router_ciphers
Definition: s2s.h:78
int s2s_router_sx_callback(sx_t s, sx_event_t e, void *data, void *arg)
our master callback
Definition: router.c:24
const char ** char_val
Definition: c2s.h:402
int n_whitelist_domains
Definition: s2s.h:189
struct s2s_st * s2s_t
Definition: s2s.h:39
void dns_resolve_domain(s2s_t s2s, dnscache_t dns)
Definition: out.c:1189
const char * router_private_key_password
Definition: s2s.h:77
jid_t to
Definition: sm.h:140
const char * id
our id (hostname) with the router
Definition: s2s.h:68
mio_t mio
mio context
Definition: s2s.h:82
log_type_t log_type
log data
Definition: s2s.h:104
time_t last_queue_check
Definition: s2s.h:179
Definition: mio.h:100
const char * router_cachain
Definition: s2s.h:76
xht in
incoming conns (key is stream id)
Definition: s2s.h:216
const char * router_user
Definition: s2s.h:73
void out_resolve(s2s_t s2s, const char *domain, xht results, time_t expiry)
responses from the resolver
Definition: out.c:1223
const char * local_private_key_password
private key password for local pemfile, if encrypted
Definition: s2s.h:133
int require_tls
Apple security options.
Definition: s2s.h:186
one item in the dns resolution cache
Definition: s2s.h:330
Definition: s2s.h:253
session packet handling
Definition: c2s.h:399
sx_event_t
things that can happen
Definition: sx.h:56
const char * cur_host
current host lookup name
Definition: s2s.h:305
int dns_bad_timeout
Definition: s2s.h:231
int lookup_nsrv
Definition: s2s.h:158
pool - base node for a pool.
Definition: pool.h:80
int cur_weight
current host weight
Definition: s2s.h:317
int origin_nips
Definition: s2s.h:124
int dns_select(s2s_t s2s, char *ip, int *port, time_t now, dnscache_t dns, int allow_bad)
Definition: out.c:190
int out_bounce_route_queue(s2s_t s2s, const char *rkey, int rkeylen, int err)
Definition: out.c:1816
int retry_sleep
Definition: s2s.h:115
int out_bounce_conn_queues(conn_t out, int err)
Definition: out.c:1850
mio_fd_t fd
Definition: s2s.h:260
int out_packet(s2s_t s2s, pkt_t pkt)
send a packet out
Definition: out.c:610
const char * local_pemfile
pemfile for peer connections
Definition: s2s.h:130
time_t init_time
Definition: s2s.h:274
struct dnscache_st * dnscache_t
Definition: s2s.h:43
int prio
host priority
Definition: s2s.h:353
struct dnsquery_st * dnsquery_t
Definition: s2s.h:42
int s2s_router_mio_callback(mio_t m, mio_action_t a, mio_fd_t fd, void *data, void *arg)
Definition: router.c:291
time_t last_activity
timestamps for idle timeouts
Definition: s2s.h:283
int check_idle
Definition: s2s.h:175
sx_plugin_t sx_sasl
Definition: s2s.h:87
int retry_left
Definition: s2s.h:116
int dns_min_ttl
dns ttl limits
Definition: s2s.h:164
const char * host_cachain
certificate chain
Definition: c2s.h:132