Home Explore Help
Register Sign In
SRI-DINO
/
Cockpit-cpp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 94cc2870f1
Branches Tags
Cockpit-cpp
/
EgoQt
/
thirdparty
/
webrtc
/
include
/
rtc_base
/
firewall_socket_server.h

firewall_socket_server.h 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 
  1. /*
    2. 

  2.  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
    3. 

  3.  *
    4. 

  4.  *  Use of this source code is governed by a BSD-style license
    5. 

  5.  *  that can be found in the LICENSE file in the root of the source
    6. 

  6.  *  tree. An additional intellectual property rights grant can be found
    7. 

  7.  *  in the file PATENTS.  All contributing project authors may
    8. 

  8.  *  be found in the AUTHORS file in the root of the source tree.
    9. 

  9.  */
    10. 

  10. 

  11. #ifndef RTC_BASE_FIREWALL_SOCKET_SERVER_H_
    12. 

  12. #define RTC_BASE_FIREWALL_SOCKET_SERVER_H_
    13. 

  13. 

  14. #include <vector>
    15. 

  15. 

  16. #include "rtc_base/async_socket.h"
    17. 

  17. #include "rtc_base/ip_address.h"
    18. 

  18. #include "rtc_base/socket.h"
    19. 

  19. #include "rtc_base/socket_address.h"
    20. 

  20. #include "rtc_base/socket_server.h"
    21. 

  21. #include "rtc_base/synchronization/mutex.h"
    22. 

  22. 

  23. namespace rtc {
    24. 

  24. 

  25. class FirewallManager;
    26. 

  26. 

  27. // This SocketServer shim simulates a rule-based firewall server.
    28. 

  28. 

  29. enum FirewallProtocol { FP_UDP, FP_TCP, FP_ANY };
    30. 

  30. enum FirewallDirection { FD_IN, FD_OUT, FD_ANY };
    31. 

  31. 

  32. class FirewallSocketServer : public SocketServer {
    33. 

  33.  public:
    34. 

  34.   FirewallSocketServer(SocketServer* server,
    35. 

  35.                        FirewallManager* manager = nullptr,
    36. 

  36.                        bool should_delete_server = false);
    37. 

  37.   ~FirewallSocketServer() override;
    38. 

  38. 

  39.   SocketServer* socketserver() const { return server_; }
    40. 

  40.   void set_socketserver(SocketServer* server) {
    41. 

  41.     if (server_ && should_delete_server_) {
    42. 

  42.       delete server_;
    43. 

  43.       server_ = nullptr;
    44. 

  44.       should_delete_server_ = false;
    45. 

  45.     }
    46. 

  46.     server_ = server;
    47. 

  47.   }
    48. 

  48. 

  49.   // Settings to control whether CreateSocket or Socket::Listen succeed.
    50. 

  50.   void set_udp_sockets_enabled(bool enabled) { udp_sockets_enabled_ = enabled; }
    51. 

  51.   void set_tcp_sockets_enabled(bool enabled) { tcp_sockets_enabled_ = enabled; }
    52. 

  52.   bool tcp_listen_enabled() const { return tcp_listen_enabled_; }
    53. 

  53.   void set_tcp_listen_enabled(bool enabled) { tcp_listen_enabled_ = enabled; }
    54. 

  54. 

  55.   // Rules govern the behavior of Connect/Accept/Send/Recv attempts.
    56. 

  56.   void AddRule(bool allow,
    57. 

  57.                FirewallProtocol p = FP_ANY,
    58. 

  58.                FirewallDirection d = FD_ANY,
    59. 

  59.                const SocketAddress& addr = SocketAddress());
    60. 

  60.   void AddRule(bool allow,
    61. 

  61.                FirewallProtocol p,
    62. 

  62.                const SocketAddress& src,
    63. 

  63.                const SocketAddress& dst);
    64. 

  64.   void ClearRules();
    65. 

  65. 

  66.   bool Check(FirewallProtocol p,
    67. 

  67.              const SocketAddress& src,
    68. 

  68.              const SocketAddress& dst);
    69. 

  69. 

  70.   // Set the IP addresses for which Bind will fail. By default this list is
    71. 

  71.   // empty. This can be used to simulate a real OS that refuses to bind to
    72. 

  72.   // addresses under various circumstances.
    73. 

  73.   //
    74. 

  74.   // No matter how many addresses are added (including INADDR_ANY), the server
    75. 

  75.   // will still allow creating outgoing TCP connections, since they don't
    76. 

  76.   // require explicitly binding a socket.
    77. 

  77.   void SetUnbindableIps(const std::vector<rtc::IPAddress>& unbindable_ips);
    78. 

  78.   bool IsBindableIp(const rtc::IPAddress& ip);
    79. 

  79. 

  80.   Socket* CreateSocket(int family, int type) override;
    81. 

  81.   AsyncSocket* CreateAsyncSocket(int family, int type) override;
    82. 

  82. 

  83.   void SetMessageQueue(Thread* queue) override;
    84. 

  84.   bool Wait(int cms, bool process_io) override;
    85. 

  85.   void WakeUp() override;
    86. 

  86. 

  87.   Socket* WrapSocket(Socket* sock, int type);
    88. 

  88.   AsyncSocket* WrapSocket(AsyncSocket* sock, int type);
    89. 

  89. 

  90.  private:
    91. 

  91.   SocketServer* server_;
    92. 

  92.   FirewallManager* manager_;
    93. 

  93.   webrtc::Mutex mutex_;
    94. 

  94.   struct Rule {
    95. 

  95.     bool allow;
    96. 

  96.     FirewallProtocol p;
    97. 

  97.     FirewallDirection d;
    98. 

  98.     SocketAddress src;
    99. 

  99.     SocketAddress dst;
    100. 

  100.   };
    101. 

  101.   std::vector<Rule> rules_;
    102. 

  102.   std::vector<rtc::IPAddress> unbindable_ips_;
    103. 

  103.   bool should_delete_server_;
    104. 

  104.   bool udp_sockets_enabled_;
    105. 

  105.   bool tcp_sockets_enabled_;
    106. 

  106.   bool tcp_listen_enabled_;
    107. 

  107. };
    108. 

  108. 

  109. // FirewallManager allows you to manage firewalls in multiple threads together
    110. 

  110. 

  111. class FirewallManager {
    112. 

  112.  public:
    113. 

  113.   FirewallManager();
    114. 

  114.   ~FirewallManager();
    115. 

  115. 

  116.   void AddServer(FirewallSocketServer* server);
    117. 

  117.   void RemoveServer(FirewallSocketServer* server);
    118. 

  118. 

  119.   void AddRule(bool allow,
    120. 

  120.                FirewallProtocol p = FP_ANY,
    121. 

  121.                FirewallDirection d = FD_ANY,
    122. 

  122.                const SocketAddress& addr = SocketAddress());
    123. 

  123.   void ClearRules();
    124. 

  124. 

  125.  private:
    126. 

  126.   webrtc::Mutex mutex_;
    127. 

  127.   std::vector<FirewallSocketServer*> servers_;
    128. 

  128. };
    129. 

  129. 

  130. }  // namespace rtc
    131. 

  131. 

  132. #endif  // RTC_BASE_FIREWALL_SOCKET_SERVER_H_
    133.