From 0d47952611198ef6b1163f366dc03922d20b1475 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 09:42:04 +0200 Subject: Adding upstream version 7.94+git20230807.3be01efb1+dfsg. Signed-off-by: Daniel Baumann --- nsock/include/nsock.h | 716 ++++++++++++++++++++++++++++++++++++++++ nsock/include/nsock_config.h.in | 90 +++++ nsock/include/nsock_winconfig.h | 70 ++++ 3 files changed, 876 insertions(+) create mode 100644 nsock/include/nsock.h create mode 100644 nsock/include/nsock_config.h.in create mode 100644 nsock/include/nsock_winconfig.h (limited to 'nsock/include') diff --git a/nsock/include/nsock.h b/nsock/include/nsock.h new file mode 100644 index 0000000..280e36b --- /dev/null +++ b/nsock/include/nsock.h @@ -0,0 +1,716 @@ +/*************************************************************************** + * nsock.h -- public interface definitions for the nsock parallel socket * + * event library * + * * + ***********************IMPORTANT NSOCK LICENSE TERMS*********************** + * + * The nsock parallel socket event library is (C) 1999-2023 Nmap Software LLC + * This library is free software; you may redistribute and/or modify it under + * the terms of the GNU General Public License as published by the Free Software + * Foundation; Version 2. This guarantees your right to use, modify, and + * redistribute this software under certain conditions. If this license is + * unacceptable to you, Nmap Software LLC may be willing to sell alternative + * licenses (contact sales@nmap.com ). + * + * As a special exception to the GPL terms, Nmap Software LLC grants permission + * to link the code of this program with any version of the OpenSSL library + * which is distributed under a license identical to that listed in the included + * docs/licenses/OpenSSL.txt file, and distribute linked combinations including + * the two. You must obey the GNU GPL in all respects for all of the code used + * other than OpenSSL. If you modify this file, you may extend this exception to + * your version of the file, but you are not obligated to do so. + * + * If you received these files with a written license agreement stating terms + * other than the (GPL) terms above, then that alternative license agreement + * takes precedence over this comment. + * + * Source is provided to this software because we believe users have a right to + * know exactly what a program is going to do before they run it. This also + * allows you to audit the software for security holes. + * + * Source code also allows you to port Nmap to new platforms, fix bugs, and add + * new features. You are highly encouraged to send your changes to the + * dev@nmap.org mailing list for possible incorporation into the main + * distribution. By sending these changes to Fyodor or one of the Insecure.Org + * development mailing lists, or checking them into the Nmap source code + * repository, it is understood (unless you specify otherwise) that you are + * offering the Nmap Project (Nmap Software LLC) the unlimited, non-exclusive + * right to reuse, modify, and relicense the code. Nmap will always be available + * Open Source, but this is important because the inability to relicense code + * has caused devastating problems for other Free Software projects (such as KDE + * and NASM). We also occasionally relicense the code to third parties as + * discussed above. If you wish to specify special license conditions of your + * contributions, just say so when you send them. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License v2.0 for more + * details (http://www.gnu.org/licenses/gpl-2.0.html). + * + ***************************************************************************/ + +/* $Id$ */ + +#ifndef NSOCK_H +#define NSOCK_H + +/* Keep assert() defined for security reasons */ +#undef NDEBUG + +#ifndef WIN32 +#include "nsock_config.h" +#else +#include "nsock_winconfig.h" +#endif + +#include +#include +#ifndef WIN32 +#include +#include +#include +#include +#else +#include /* for struct timeval... */ +#endif + +#if HAVE_SYS_UN_H +#include + +#ifndef SUN_LEN +#include +#define SUN_LEN(ptr) ((sizeof(*(ptr)) - sizeof((ptr)->sun_path)) \ + + strlen((ptr)->sun_path)) +#endif +#endif /* HAVE_SYS_UN_H */ + +#if HAVE_LINUX_VM_SOCKETS_H +#include +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +/* The read calls will generally return after reading at least this + * much data so that the caller can process it and so that the + * connection spewing data doesn't monopolize resources. The caller + * can always initiate another read request to ask for more. */ +#define NSOCK_READ_CHUNK_SIZE 0x8FFFF + +struct npool; +struct niod; +struct nevent; +struct proxy_chain; + +/* ------------------- TYPEDEFS ------------------- */ + +/* nsock_pool, nsock_iod, and nsock_event are opaque objects that should + * only be accessed using the appropriate accessor functions (described below). */ + +/* An nsock_pool aggregates and manages events and i/o descriptors */ +typedef struct npool *nsock_pool; + +/* nsock_iod is an I/O descriptor -- you create it and then use it to + * make calls to do connect()s, read()s, write()s, etc. A single IOD can handle + * multiple event calls, but only one at a time. Also the event calls must be in + * a "reasonable" order. For example, you might start with nsock_connect_tcp() + * followed by a bunch of nsock_read* and nsock_write* calls. Then you either + * destroy the iod for good with nsock_iod_delete() and allocate a new one via + * nsock_iod_new for your next connection. */ +typedef struct niod *nsock_iod; + +/* An event is created when you do various calls (for reading, writing, + * connecting, timers, etc) and is provided back to you in the callback when the + * call completes/fails. It is automatically destroyed after the callback */ +typedef struct nevent *nsock_event; + +/* Provided by calls which (internally) create an nsock_event. This allows you + * to cancel the event */ +typedef unsigned long nsock_event_id; + +/* This is used to save SSL sessionids between SSL connections */ +typedef void *nsock_ssl_session; +typedef void *nsock_ssl_ctx; +typedef void *nsock_ssl; + +typedef struct proxy_chain *nsock_proxychain; + + +/* Logging-related data structures */ + +typedef enum { + /* -- + * Actual message priority values */ + NSOCK_LOG_DBG_ALL, + NSOCK_LOG_DBG, + NSOCK_LOG_INFO, + NSOCK_LOG_ERROR, + /* -- + * No messages are issued by nsock with this value. + * Users can therefore set loglevel to NSOCK_LOG_NONE + * to disable logging */ + NSOCK_LOG_NONE +} nsock_loglevel_t; + +struct nsock_log_rec { + /* Message emission time */ + struct timeval time; + /* Message log level */ + nsock_loglevel_t level; + /* Source file */ + const char *file; + /* Statement line in nsock source */ + int line; + /* Function that emitted the message */ + const char *func; + /* Actual log message */ + char *msg; +}; + +/* Nsock logging function. This function receives all nsock log records whose + * level is greater than or equal to nsp loglevel. The rec structure is + * allocated and freed by nsock. */ +typedef void (*nsock_logger_t)(const struct nsock_log_rec *rec); + + +/* ------------------- PROTOTYPES ------------------- */ + +/* Here is the all important looping function that tells the event + * engine to start up and begin processing events. It will continue until all + * events have been delivered (including new ones started from event handlers), + * or the msec_timeout is reached, or a major error has occurred. Use -1 if you + * don't want to set a maximum time for it to run. A timeout of 0 will return + * after 1 non-blocking loop. The nsock loop can be restarted again after it + * returns. For example you could do a series of 15 second runs, allowing you + * to do other stuff between them. Or you could just schedule a timer to call + * you back every 15 seconds. */ +enum nsock_loopstatus { + NSOCK_LOOP_NOEVENTS = 2, + NSOCK_LOOP_TIMEOUT, + NSOCK_LOOP_ERROR, + NSOCK_LOOP_QUIT +}; + +enum nsock_loopstatus nsock_loop(nsock_pool nsp, int msec_timeout); + +/* Calling this function will cause nsock_loop to quit on its next iteration + * with a return value of NSOCK_LOOP_QUIT. */ +void nsock_loop_quit(nsock_pool nsp); + +/* This next function returns the errno style error code -- which is only valid + * if the status is NSOCK_LOOP_ERROR was returned by nsock_loop() */ +int nsock_pool_get_error(nsock_pool nsp); + +nsock_ssl nsock_iod_get_ssl(nsock_iod nsockiod); + +/* Note that nsock_iod_get_ssl_session will increment the usage count of the + * SSL_SESSION if inc_ref is not zero, since nsock does a free when the IOD + * is destroyed. It's up to any calling function/etc to do a SSL_SESSION_free() + * on it. Passing in inc_ref=0 doesn't increment, and is for informational + * purposes only. */ +nsock_ssl_session nsock_iod_get_ssl_session(nsock_iod nsockiod, int inc_ref); + +/* Sometimes it is useful to store a pointer to information inside the NSP so + * you can retrieve it during a callback. */ +void nsock_pool_set_udata(nsock_pool nsp, void *data); + +/* And the function above wouldn't make much sense if we didn't have a way to + * retrieve that data ... */ +void *nsock_pool_get_udata(nsock_pool nsp); + +/* Turns on or off broadcast support on new sockets. Default is off (0, false) + * set in nsock_pool_new(). Any non-zero (true) value sets SO_BROADCAST on all + * new sockets (value of optval will be used directly in the setsockopt() call). */ +void nsock_pool_set_broadcast(nsock_pool nsp, int optval); + +/* Sets the name of the interface for new sockets to bind to. */ +void nsock_pool_set_device(nsock_pool nsp, const char *device); + +/* Initializes an Nsock pool to create SSL connections. This sets an internal + * SSL_CTX, which is like a template that sets options for all connections that + * are made from it. Returns the SSL_CTX so you can set your own options. + * + * Use the NSOCK_SSL_MAX_SPEED to emphasize speed over security. + * Insecure ciphers are used when they are faster and no certificate + * verification is done. + * + * Returns the SSL_CTX so you can set your own options. + * By default, do no server certificate verification. To enable it, do + * something like: + * SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); + * + * on the SSL_CTX returned. If you do, it is then up to the application to + * load trusted certificates with SSL_CTX_load_verify_locations or + * SSL_CTX_set_default_verify_paths, or else every connection will fail. It + * is also up to the application to do any further checks such as domain name + * validation. */ +#define NSOCK_SSL_MAX_SPEED (1 << 0) +nsock_ssl_ctx nsock_pool_ssl_init(nsock_pool ms_pool, int flags); + +/* Initializes an Nsock pool to create a DTLS connect. This sets and internal + * SSL_CTX, which is like a template that sets options for all connections that + * are made from it. Returns the SSL_CTX so tyou can set your own options. + * + * Functionally similar to nsock_pool_ssl_init, just for the DTLS */ +nsock_ssl_ctx nsock_pool_dtls_init(nsock_pool ms_pool, int flags); + +/* Enforce use of a given IO engine. + * The engine parameter is a zero-terminated string that will be + * strup()'ed by the library. No validity check is performed by this function, + * beware nsock_pool_new() will fatal() if an invalid/unavailable engine name was + * supplied before. + * Pass NULL to reset to default (use most efficient engine available). + * + * Function returns 0 on success and -1 on error. */ +int nsock_set_default_engine(char *engine); + +/* Get a comma-separated list of available engines. */ +const char *nsock_list_engines(void); + +/* And here is how you create an nsock_pool. This allocates, initializes, and + * returns an nsock_pool event aggregator. In the case of error, NULL will be + * returned. If you do not wish to immediately associate any userdata, pass in + * NULL. */ +nsock_pool nsock_pool_new(void *udata); + +/* If nsock_pool_new returned success, you must free the nsp when you are done with it + * to conserve memory (and in some cases, sockets). After this call, nsp may no + * longer be used. Any pending events are sent an NSE_STATUS_KILL callback and + * all outstanding iods are deleted. */ +void nsock_pool_delete(nsock_pool nsp); + +/* Logging subsystem: set custom logging function. + * A NULL logger will reset the default (stderr) logger. + * (See nsock_logger_t type definition). */ +void nsock_set_log_function(nsock_logger_t logger); + +nsock_loglevel_t nsock_get_loglevel(void); +void nsock_set_loglevel(nsock_loglevel_t loglevel); + +/* Parse a proxy chain description string and build a nsock_proxychain object + * accordingly. If the optional nsock_pool parameter is passed in, it gets + * associated to the chain object. The alternative is to pass nsp=NULL and call + * nsock_pool_set_proxychain() manually. Whatever is done, the chain object has + * to be deleted by the caller, using proxychain_delete(). + * Returns 1 on success, -1 on failure. */ +int nsock_proxychain_new(const char *proxystr, nsock_proxychain *chain, nsock_pool nspool); + +/* If nsock_proxychain_new() returned success, caller has to free the chain + * object using this function. */ +void nsock_proxychain_delete(nsock_proxychain chain); + +/* Assign a previously created proxychain object to a nsock pool. After this, + * new connections requests will be issued through the chain of proxies (if + * possible). This only applies to nsock_iod created *after* the call to + * nsock_pool_set_proxychain(). Existing nsock_iod will connect as normal. */ +int nsock_pool_set_proxychain(nsock_pool nspool, nsock_proxychain chain); + +/* nsock_event handles a single event. Its ID is generally returned when the + * event is created, and the event itself is included in callbacks + * + * --------------------------------------------------------------------------- + * IF YOU ADD NEW NSE_TYPES YOU MUST INCREASE TYPE_CODE_NUM_BITS SO THAT IT IS + * ALWAYS log2(maximum_nse_type_value + 1) + * --------------------------------------------------------------------------- */ +#define TYPE_CODE_NUM_BITS 3 +enum nse_type { + NSE_TYPE_CONNECT = 0, + NSE_TYPE_CONNECT_SSL = 1, + NSE_TYPE_READ = 2, + NSE_TYPE_WRITE = 3, + NSE_TYPE_TIMER = 4, + NSE_TYPE_PCAP_READ = 5, + NSE_TYPE_MAX = 6, +}; /* At some point I was considering a NSE_TYPE_START and NSE_TYPE_CUSTOM */ + +/* Find the type of an event that spawned a callback */ +enum nse_type nse_type(nsock_event nse); + +/* Takes an nse_type (as returned by nse_type()) and returns a static string name + * that you can use for printing, etc. */ +const char *nse_type2str(enum nse_type type); + +/* Did the event succeed? What is the status? */ +enum nse_status { + NSE_STATUS_NONE = 0, /* User should never see this */ + NSE_STATUS_SUCCESS, /* Everything went A-OK! */ + NSE_STATUS_ERROR, /* Uh-oh! Problem, check the nse_errorcode() */ + NSE_STATUS_TIMEOUT, /* The async call surpassed the timeout you specified */ + NSE_STATUS_CANCELLED, /* Someone cancelled the event. (by calling nsock_event_cancel()). */ + NSE_STATUS_KILL, /* The event has been killed, this generally means the + nspool is being deleted -- you should free up any + resources you have allocated and exit. Don't you + dare make any more async nsock calls! */ + NSE_STATUS_EOF, /* We got EOF and NO DATA -- if we got data first, + SUCCESS is reported (see nse_eof()). */ + NSE_STATUS_PROXYERROR +}; + +enum nse_status nse_status(nsock_event nse); + +/* Takes an nse_status (as returned by nse_status() and returns a static string + * name that you can use for printing, etc. */ +const char *nse_status2str(enum nse_status status); + +/* This next function tells whether we received an EOF when we were reading. It + * is generally a better way to check for EOF than looking at the status because + * sometimes we read some data before getting the EOF, in which SUCCESS is + * returned (although another read attempt would return a status of EOF). + * nse_eof returns nonzero if we have reached EOF, zero if we have NOT reach + * EOF. */ +int nse_eof(nsock_event nse); + +/* This next function returns the errno style error code -- which is only valid + * if the status is NSE_STATUS_ERROR (this is a normal errno style error code). */ +int nse_errorcode(nsock_event nse); + +/* Every event has an ID which will be unique throughout the program's execution + * (for a given nsock_pool) unless you blow through 500,000,000 of them */ +nsock_event_id nse_id(nsock_event nse); + +/* If you did a read request, and the result was STATUS_SUCCESS, this function + * provides the buffer that was read in as well as the number of chars read. + * The buffer should not be modified or free'd . It is not guaranteed to be + * NUL-terminated and it may even contain nuls */ +char *nse_readbuf(nsock_event nse, int *nbytes); + +/* Obtains the nsock_iod (see below) associated with the event. Note that some + * events (such as timers) don't have an nsock_iod associated with them */ +nsock_iod nse_iod(nsock_event nse); + +/* nsock_iod is like a "file descriptor" for the nsock library. You use it to + * request events. And here is how you create an nsock_iod. nsock_iod_new + * returns NULL if the iod cannot be allocated. Pass NULL as udata if you + * don't want to immediately associate any user data with the IOD. */ +nsock_iod nsock_iod_new(nsock_pool nsockp, void *udata); + +/* This version allows you to associate an existing sd with the msi so that you + * can read/write it using the nsock infrastructure. For example, you may want + * to watch for data from STDIN_FILENO at the same time as you read/write + * various sockets. STDIN_FILENO is a special case, however. Any other sd is + * dup()ed, so you may close or otherwise manipulate your copy. The duped copy + * will be destroyed when the IOD is destroyed */ +nsock_iod nsock_iod_new2(nsock_pool nsockp, int sd, void *udata); + +/* If nsock_iod_new returned success, you must free the iod when you are done + * with it to conserve memory (and in some cases, sockets). After this call, + * nsockiod may no longer be used -- you need to create a new one with + * nsock_iod_new(). pending_response tells what to do with any events that are + * pending on this nsock_iod. This can be NSOCK_PENDING_NOTIFY (send a KILL + * notification to each event), NSOCK_PENDING_SILENT (do not send notification + * to the killed events), or NSOCK_PENDING_ERROR (print an error message and + * quit the program) */ +enum nsock_del_mode { + NSOCK_PENDING_NOTIFY, + NSOCK_PENDING_SILENT, + NSOCK_PENDING_ERROR, +}; + +void nsock_iod_delete(nsock_iod iod, enum nsock_del_mode pending_response); + +/* Sometimes it is useful to store a pointer to information inside + * the nsiod so you can retrieve it during a callback. */ +void nsock_iod_set_udata(nsock_iod iod, void *udata); + +/* And the function above wouldn't make much sense if we didn't have a way to + * retrieve that data ... */ +void *nsock_iod_get_udata(nsock_iod iod); + +/* I didn't want to do this. Its an ugly hack, but I suspect it will be + * necessary. I certainly can't reproduce in nsock EVERYTHING you might want + * to do with a socket. So I'm offering you this function to obtain the socket + * descriptor which is (usually) wrapped in a nsock_iod). You can do + * "reasonable" things with it, like setting socket receive buffers. But don't + * create havok by closing the descriptor! If the descriptor you get back is + * -1, the iod does not currently possess a valid descriptor */ +int nsock_iod_get_sd(nsock_iod iod); + +/* Returns the ID of an nsock_iod . This ID is always unique amongst ids for a + * given nspool (unless you blow through billions of them). */ +unsigned long nsock_iod_id(nsock_iod iod); + +/* Returns Packets received in bytes */ +unsigned long nsock_iod_get_read_count(nsock_iod iod); + +/* Returns Packets sent in bytes */ +unsigned long nsock_iod_get_write_count(nsock_iod iod); + +/* Returns 1 if an NSI is communicating via SSL, 0 otherwise */ +int nsock_iod_check_ssl(nsock_iod iod); + +/* Returns the remote peer port (or -1 if unavailable). Note the return value + * is a whole int so that -1 can be distinguished from 65535. Port is returned + * in host byte order. */ +int nsock_iod_get_peerport(nsock_iod iod); + +/* Sets the local address to bind to before connect() */ +int nsock_iod_set_localaddr(nsock_iod iod, struct sockaddr_storage *ss, size_t sslen); + +/* Sets IPv4 options to apply before connect(). It makes a copy of the options, + * so you can free() yours if necessary. This copy is freed when the iod is + * destroyed */ +int nsock_iod_set_ipoptions(nsock_iod iod, void *ipopts, size_t ipoptslen); + +/* Returns that host/port/protocol information for the last communication (or + * comm. attempt) this nsi has been involved with. By "involved" with I mean + * interactions like establishing (or trying to) a connection or sending a UDP + * datagram through an unconnected nsock_iod. AF is the address family (AF_INET + * or AF_INET6), Protocol is IPPROTO_TCP or IPPROTO_UDP. Pass NULL for + * information you do not need. If ANY of the information you requested is not + * available, 0 will be returned and the unavailable sockets are zeroed. If + * protocol or af is requested but not available, it will be set to -1 (and 0 + * returned). The pointers you pass in must be NULL or point to allocated + * address space. The sockaddr members should actually be sockaddr_storage, + * sockaddr_in6, or sockaddr_in with the socklen of them set appropriately (eg + * sizeof(sockaddr_storage) if that is what you are passing). */ +int nsock_iod_get_communication_info(nsock_iod iod, int *protocol, int *af, + struct sockaddr *local, + struct sockaddr *remote, size_t socklen); + +/* Set the hostname of the remote host, for when that matters. This is currently + * only used for Server Name Indication in SSL connections. */ +int nsock_iod_set_hostname(nsock_iod iod, const char *hostname); + +/* EVENT CREATION FUNCTIONS + * --- + * These functions request asynchronous + * notification of completion of an event. The handler will never be + * synchronously called back during the event creation call (that causes too + * many hard to debug errors and plus we don't want people to have to deal with + * callbacks until they actually call nsock_loop). */ + +/* These functions generally take a common 5 initial parameters: + * + * nsock_pool mst: + * The is the nsock_pool describing the events you have scheduled, etc + * + * nsock_iod nsiod: + * The I/O Descriptor that should be used in the request. Note that timer + * events don't have this argument since they don't use an iod. You can + * obtain it in the callback from the nsock_event. + * + * nsock_ev_handler handler: + * This is the function you want the system to call when your event is + * triggered (or times out, or hits an error, etc.). The function should be + * of this form: void funcname(nsock_pool nsp, nsock_event nse, void *userdata) + * + * int timeout_msecs: + * The timeout for the request in milliseconds. If the request hasn't + * completed (or in a few cases started) within the timeout specified, the + * handler will be called with a TIMEOUT status and the request will be + * aborted. + * + * void *userdata: + * The nsock_event that comes back can optionally have a pointer associated + * with it. You can set that pointer here. If you don't want one, just + * pass NULL. + * + * These functions return an nsock_event_id which can be used to cancel the + * event if necessary. + */ +typedef void (*nsock_ev_handler)(nsock_pool, nsock_event, void *); + +/* Initialize an unconnected UDP socket. */ +int nsock_setup_udp(nsock_pool nsp, nsock_iod ms_iod, int af); + +#if HAVE_SYS_UN_H + +/* Request a UNIX domain sockets connection to the same system (by path to socket). + * This function connects to the socket of type SOCK_STREAM. ss should be a + * sockaddr_storage, sockaddr_un as appropriate (just like what you would pass to + * connect). sslen should be the sizeof the structure you are passing in. */ +nsock_event_id nsock_connect_unixsock_stream(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, + int timeout_msecs, void *userdata, struct sockaddr *ss, + size_t sslen); + +/* Request a UNIX domain sockets connection to the same system (by path to socket). + * This function connects to the socket of type SOCK_DGRAM. ss should be a + * sockaddr_storage, sockaddr_un as appropriate (just like what you would pass to + * connect). sslen should be the sizeof the structure you are passing in. */ +nsock_event_id nsock_connect_unixsock_datagram(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, + void *userdata, struct sockaddr *ss, size_t sslen); +#endif /* HAVE_SYS_UN_H */ + +#if HAVE_LINUX_VM_SOCKETS_H +/* Request a vsock stream connection to another system. ss should be a + * sockaddr_storage or sockaddr_vm, as appropriate (just like what you would + * pass to connect). sslen should be the sizeof the structure you are passing + * in. */ +nsock_event_id nsock_connect_vsock_stream(nsock_pool nsp, nsock_iod ms_iod, + nsock_ev_handler handler, + int timeout_msecs, void *userdata, + struct sockaddr *saddr, size_t sslen, + unsigned int port); + +/* Request a vsock datagram "connection" to another system. Since this is a + * datagram socket, no packets are actually sent. The destination CID and port + * are just associated with the nsiod (an actual OS connect() call is made). + * You can then use the normal nsock write calls on the socket. There is no + * timeout since this call always calls your callback at the next opportunity. + * The advantages to having a connected datagram socket (as opposed to just + * specifying an address with sendto() are that we can now use a consistent set + * of write/read calls for stream and datagram sockets, received packets from + * the non-partner are automatically dropped by the OS, and the OS can provide + * asynchronous errors (see Unix Network Programming pp224). ss should be a + * sockaddr_storage or sockaddr_vm, as appropriate (just like what you would + * pass to connect). sslen should be the sizeof the structure you are passing + * in. */ +nsock_event_id nsock_connect_vsock_datagram(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, + void *userdata, + struct sockaddr *saddr, + size_t sslen, unsigned int port); +#endif /* HAVE_LINUX_VM_SOCKETS_H */ + +/* Request a TCP connection to another system (by IP address). The in_addr is + * normal network byte order, but the port number should be given in HOST BYTE + * ORDER. ss should be a sockaddr_storage, sockaddr_in6, or sockaddr_in as + * appropriate (just like what you would pass to connect). sslen should be the + * sizeof the structure you are passing in. */ +nsock_event_id nsock_connect_tcp(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, int timeout_msecs, + void *userdata, struct sockaddr *ss, size_t sslen, unsigned short port); + +/* Request an SCTP association to another system (by IP address). The in_addr is + * normal network byte order, but the port number should be given in HOST BYTE + * ORDER. ss should be a sockaddr_storage, sockaddr_in6, or sockaddr_in as + * appropriate (just like what you would pass to connect). sslen should be the + * sizeof the structure you are passing in. */ +nsock_event_id nsock_connect_sctp(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, int timeout_msecs, + void *userdata, struct sockaddr *ss, size_t sslen, unsigned short port); + +/* Request a UDP "connection" to another system (by IP address). The in_addr is + * normal network byte order, but the port number should be given in HOST BYTE + * ORDER. Since this is UDP, no packets are actually sent. The destination IP + * and port are just associated with the nsiod (an actual OS connect() call is + * made). You can then use the normal nsock write calls on the socket. There + * is no timeout since this call always calls your callback at the next + * opportunity. The advantages to having a connected UDP socket (as opposed to + * just specifying an address with sendto()) are that we can now use a consistent + * set of write/read calls for TCP/UDP, received packets from the non-partner + * are automatically dropped by the OS, and the OS can provide asynchronous + * errors (see Unix Network Programming pp224). ss should be a + * sockaddr_storage, sockaddr_in6, or sockaddr_in as appropriate (just like what + * you would pass to connect). sslen should be the sizeof the structure you are + * passing in. */ +nsock_event_id nsock_connect_udp(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, void *userdata, + struct sockaddr *ss, size_t sslen, unsigned short port); + +/* Request an SSL over TCP/SCTP connection to another system (by IP address). + * The in_addr is normal network byte order, but the port number should be given + * in HOST BYTE ORDER. This function will call back only after it has made the + * connection AND done the initial SSL negotiation. From that point on, you use + * the normal read/write calls and decryption will happen transparently. ss + * should be a sockaddr_storage, sockaddr_in6, or sockaddr_in as appropriate + * (just like what you would pass to connect). sslen should be the sizeof the + * structure you are passing in. */ +nsock_event_id nsock_connect_ssl(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, int timeout_msecs, + void *userdata, struct sockaddr *ss, size_t sslen, int proto, unsigned short port, nsock_ssl_session ssl_session); + +/* Request ssl connection over already established TCP/SCTP connection. nsiod + * must be socket that is already connected to target using nsock_connect_tcp or + * nsock_connect_sctp. All parameters have the same meaning as in + * 'nsock_connect_ssl' */ +nsock_event_id nsock_reconnect_ssl(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, int timeout_msecs, void *userdata, nsock_ssl_session ssl_session); + +/* Read up to nlines lines (terminated with \n, which of course inclues \r\n), + * or until EOF, or until the timeout, whichever comes first. Note that + * NSE_STATUS_SUCCESS will be returned in the case of EOF or timeout if at least + * 1 char has been read. Also note that you may get more than 'nlines' back -- + * we just stop once "at least" 'nlines' is read */ +nsock_event_id nsock_readlines(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, int timeout_msecs, void *userdata, int nlines); + +/* Same as above, except it tries to read at least 'nbytes' instead of 'nlines'. */ +nsock_event_id nsock_readbytes(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, int timeout_msecs, void *userdata, int nbytes); + +/* The simplest read function -- returns NSE_STATUS_SUCCESS when it reads + * anything, otherwise it returns timeout, eof, or error as appropriate */ +nsock_event_id nsock_read(nsock_pool nsp, nsock_iod nsiod, nsock_ev_handler handler, int timeout_msecs, void *userdata); + +/* Write some data to the socket. If the write is not COMPLETED within + * timeout_msecs , NSE_STATUS_TIMEOUT will be returned. If you are supplying + * NUL-terminated data, you can optionally pass -1 for datalen and nsock_write + * will figure out the length itself */ +nsock_event_id nsock_write(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, int timeout_msecs, void *userdata, const char *data, int datalen); + +nsock_event_id nsock_sendto(nsock_pool ms_pool, nsock_iod ms_iod, nsock_ev_handler handler, int timeout_msecs, + void *userdata, struct sockaddr *saddr, size_t sslen, unsigned short port, const char *data, int datalen); + +/* Same as nsock_write except you can use a printf-style format and you can only + * use this for ASCII strings */ +nsock_event_id nsock_printf(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, int timeout_msecs, void *userdata, char *format, ... ); + +/* Send back an NSE_TYPE_TIMER after the number of milliseconds specified. Of + * course it can also return due to error, cancellation, etc. */ +nsock_event_id nsock_timer_create(nsock_pool nsp, nsock_ev_handler handler, int timeout_msecs, void *userdata); + +/* Cancel an event (such as a timer or read request). If notify is nonzero, the + * requester will be sent an event CANCELLED status back to the given handler. + * But in some cases there is no need to do this (like if the function deleting + * it is the one which created it), in which case 0 can be passed to skip the + * step. This function returns zero if the event is not found, nonzero + * otherwise */ +int nsock_event_cancel(nsock_pool ms_pool, nsock_event_id id, int notify ); + +/* Grab the latest time as recorded by the nsock library, which does so at least + * once per event loop (in main_loop). Not only does this function (generally) + * avoid a system call, but in many circumstances it is better to use nsock's + * time rather than the system time. If nsock has never obtained the time when + * you call it, it will do so before returning */ +const struct timeval *nsock_gettimeofday(); + + +#ifdef HAVE_PCAP +/* Open pcap device and connect it to nsp. Other parameters have the + * same meaning as for pcap_open_live in pcap(3). + * + * device: pcap-style device name + * snaplen: size of packet to be copied to handler + * promisc: whether to open device in promiscuous mode + * bpf_fmt: berkeley filter + * + * return value: 0 if everything was okay, or error code if error occurred. + * */ +int nsock_pcap_open(nsock_pool nsp, nsock_iod nsiod, const char *pcap_device, + int snaplen, int promisc, const char *bpf_fmt, ...); + +/* Requests exactly one packet to be captured.from pcap. + * See nsock_read() for parameters description. */ +nsock_event_id nsock_pcap_read_packet(nsock_pool nsp, nsock_iod nsiod, + nsock_ev_handler handler, + int timeout_msecs, void *userdata); + +/* Gets packet data. This should be called after successful receipt of packet + * to get packet. If you're not interested in some values, just pass NULL + * instead of valid pointer. + * l3_data is just after l2_data in buffer. Feel free to treat l2_data as one + * buffer with size of (l2_len + l3_len). + * Ts time is fixed for systems that don't support proper timing, like Windows. + * So TS is pointing to time when packet was received or to the time _after_. + * As a result you'll get longer times than you should, but it's safer to + * think that host is a bit further. + * */ +void nse_readpcap(nsock_event nsee, const unsigned char **l2_data, + size_t *l2_len, const unsigned char **l3_data, size_t *l3_len, + size_t *packet_len, struct timeval *ts); + +/* Well. Just pcap-style datalink. + * Like DLT_EN10MB or DLT_SLIP. Check in pcap(3) manpage. */ +int nsock_iod_linktype(nsock_iod iod); + +/* Is this nsiod a pcap descriptor? */ +int nsock_iod_is_pcap(nsock_iod iod); + +#endif /* HAVE_PCAP */ + +#ifdef __cplusplus +} /* End of 'extern "C"' */ +#endif + +#endif /* NSOCK_H */ + diff --git a/nsock/include/nsock_config.h.in b/nsock/include/nsock_config.h.in new file mode 100644 index 0000000..e1d9587 --- /dev/null +++ b/nsock/include/nsock_config.h.in @@ -0,0 +1,90 @@ +/*************************************************************************** + * nsock_config.h.in -- Autoconf uses this template, combined with the * + * configure script knowledge about system capabilities, to build the * + * nsock_config.h include file that lets nsock better understand system * + * particulars. * + * * + ***********************IMPORTANT NSOCK LICENSE TERMS*********************** + * + * The nsock parallel socket event library is (C) 1999-2023 Nmap Software LLC + * This library is free software; you may redistribute and/or modify it under + * the terms of the GNU General Public License as published by the Free Software + * Foundation; Version 2. This guarantees your right to use, modify, and + * redistribute this software under certain conditions. If this license is + * unacceptable to you, Nmap Software LLC may be willing to sell alternative + * licenses (contact sales@nmap.com ). + * + * As a special exception to the GPL terms, Nmap Software LLC grants permission + * to link the code of this program with any version of the OpenSSL library + * which is distributed under a license identical to that listed in the included + * docs/licenses/OpenSSL.txt file, and distribute linked combinations including + * the two. You must obey the GNU GPL in all respects for all of the code used + * other than OpenSSL. If you modify this file, you may extend this exception to + * your version of the file, but you are not obligated to do so. + * + * If you received these files with a written license agreement stating terms + * other than the (GPL) terms above, then that alternative license agreement + * takes precedence over this comment. + * + * Source is provided to this software because we believe users have a right to + * know exactly what a program is going to do before they run it. This also + * allows you to audit the software for security holes. + * + * Source code also allows you to port Nmap to new platforms, fix bugs, and add + * new features. You are highly encouraged to send your changes to the + * dev@nmap.org mailing list for possible incorporation into the main + * distribution. By sending these changes to Fyodor or one of the Insecure.Org + * development mailing lists, or checking them into the Nmap source code + * repository, it is understood (unless you specify otherwise) that you are + * offering the Nmap Project (Nmap Software LLC) the unlimited, non-exclusive + * right to reuse, modify, and relicense the code. Nmap will always be available + * Open Source, but this is important because the inability to relicense code + * has caused devastating problems for other Free Software projects (such as KDE + * and NASM). We also occasionally relicense the code to third parties as + * discussed above. If you wish to specify special license conditions of your + * contributions, just say so when you send them. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License v2.0 for more + * details (http://www.gnu.org/licenses/gpl-2.0.html). + * + ***************************************************************************/ + +/* $Id$ */ + +#undef HAVE_PCAP +#undef DEC +#undef LINUX +#undef FREEBSD +#undef OPENBSD +#undef SOLARIS +#undef SUNOS +#undef BSDI +#undef IRIX +#undef HPUX +#undef NETBSD +#undef MACOSX + +#undef SOLARIS_BPF_PCAP_CAPTURE + +#undef HAVE_NET_BPF_H +#undef HAVE_SYS_IOCTL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_UN_H + +#undef HAVE_LINUX_VM_SOCKETS_H + +#undef HAVE_NETDB_H + +#undef HAVE_OPENSSL +#undef HAVE_SSL_SET_TLSEXT_HOST_NAME +#undef HAVE_DTLS_CLIENT_METHOD +#undef HAVE_ALPN_SUPPORT + +#undef HAVE_EPOLL +#undef HAVE_POLL +#undef HAVE_KQUEUE + +#undef HAVE_PCAP_SET_IMMEDIATE_MODE diff --git a/nsock/include/nsock_winconfig.h b/nsock/include/nsock_winconfig.h new file mode 100644 index 0000000..88ff5f4 --- /dev/null +++ b/nsock/include/nsock_winconfig.h @@ -0,0 +1,70 @@ + +/*************************************************************************** + * nsock_winconfig.h -- Since the Windows port is currently eschewing * + * autoconf-style configure scripts, nsock_winconfig.h contains the * + * platform-specific definitions for Windows and is used as a replacement * + * for config.h * + * * + ***********************IMPORTANT NSOCK LICENSE TERMS*********************** + * + * The nsock parallel socket event library is (C) 1999-2023 Nmap Software LLC + * This library is free software; you may redistribute and/or modify it under + * the terms of the GNU General Public License as published by the Free Software + * Foundation; Version 2. This guarantees your right to use, modify, and + * redistribute this software under certain conditions. If this license is + * unacceptable to you, Nmap Software LLC may be willing to sell alternative + * licenses (contact sales@nmap.com ). + * + * As a special exception to the GPL terms, Nmap Software LLC grants permission + * to link the code of this program with any version of the OpenSSL library + * which is distributed under a license identical to that listed in the included + * docs/licenses/OpenSSL.txt file, and distribute linked combinations including + * the two. You must obey the GNU GPL in all respects for all of the code used + * other than OpenSSL. If you modify this file, you may extend this exception to + * your version of the file, but you are not obligated to do so. + * + * If you received these files with a written license agreement stating terms + * other than the (GPL) terms above, then that alternative license agreement + * takes precedence over this comment. + * + * Source is provided to this software because we believe users have a right to + * know exactly what a program is going to do before they run it. This also + * allows you to audit the software for security holes. + * + * Source code also allows you to port Nmap to new platforms, fix bugs, and add + * new features. You are highly encouraged to send your changes to the + * dev@nmap.org mailing list for possible incorporation into the main + * distribution. By sending these changes to Fyodor or one of the Insecure.Org + * development mailing lists, or checking them into the Nmap source code + * repository, it is understood (unless you specify otherwise) that you are + * offering the Nmap Project (Nmap Software LLC) the unlimited, non-exclusive + * right to reuse, modify, and relicense the code. Nmap will always be available + * Open Source, but this is important because the inability to relicense code + * has caused devastating problems for other Free Software projects (such as KDE + * and NASM). We also occasionally relicense the code to third parties as + * discussed above. If you wish to specify special license conditions of your + * contributions, just say so when you send them. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License v2.0 for more + * details (http://www.gnu.org/licenses/gpl-2.0.html). + * + ***************************************************************************/ + +#ifndef NSOCK_WINCONFIG_H +#define NSOCK_WINCONFIG_H + +#ifndef DISABLE_NSOCK_PCAP +#define HAVE_PCAP 1 +#endif + +/* Need this for _WIN32_WINNT below */ +#include + /* WSAPoll() isn't available before Vista */ +#if defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0600) +#define HAVE_POLL 1 +#define HAVE_IOCP 1 +#endif + +#endif /* NSOCK_WINCONFIG_H */ -- cgit v1.2.3