Cleanup: Simplify dependency around SSLNetVC and SNIConfig

iocore/net/I_Net.h

@@ -89,8 +89,4 @@ extern std::string_view net_ccp_out;
 
 #define ET_NET ET_CALL
 
-#include "I_NetVConnection.h"
-#include "I_NetProcessor.h"
-#include "I_SessionAccept.h"
-
 void ink_net_init(ts::ModuleVersion version);

iocore/net/I_NetProcessor.h

@@ -27,6 +27,7 @@
 #include "tscore/IpMap.h"
 #include "I_EventSystem.h"
 #include "I_Socks.h"
+#include "I_NetVConnection.h"
 struct socks_conf_struct;
 #define NET_CONNECT_TIMEOUT 30
 

iocore/net/I_NetVConnection.h

@@ -24,6 +24,7 @@
 #pragma once
 
 #include "ProxyProtocol.h"
+#include "I_Net.h"
 
 #include <string_view>
 #include <optional>
@@ -355,6 +356,52 @@ struct NetVCOptions {
   NetVCOptions(const NetVCOptions &) = delete;
 };
 
+inline void
+NetVCOptions::reset()
+{
+  ip_proto  = USE_TCP;
+  ip_family = AF_INET;
+  local_ip.invalidate();
+  local_port         = 0;
+  addr_binding       = ANY_ADDR;
+  f_blocking         = false;
+  f_blocking_connect = false;
+  socks_support      = NORMAL_SOCKS;
+  socks_version      = SOCKS_DEFAULT_VERSION;
+  socket_recv_bufsize =
+#if defined(RECV_BUF_SIZE)
+    RECV_BUF_SIZE;
+#else
+    0;
+#endif
+  socket_send_bufsize  = 0;
+  sockopt_flags        = 0;
+  packet_mark          = 0;
+  packet_tos           = 0;
+  packet_notsent_lowat = 0;
+
+  etype = ET_NET;
+
+  sni_servername              = nullptr;
+  ssl_servername              = nullptr;
+  sni_hostname                = nullptr;
+  ssl_client_cert_name        = nullptr;
+  ssl_client_private_key_name = nullptr;
+  outbound_sni_policy         = nullptr;
+}
+
+inline void
+NetVCOptions::set_sock_param(int _recv_bufsize, int _send_bufsize, unsigned long _opt_flags, unsigned long _packet_mark,
+                             unsigned long _packet_tos, unsigned long _packet_notsent_lowat)
+{
+  socket_recv_bufsize  = _recv_bufsize;
+  socket_send_bufsize  = _send_bufsize;
+  sockopt_flags        = _opt_flags;
+  packet_mark          = _packet_mark;
+  packet_tos           = _packet_tos;
+  packet_notsent_lowat = _packet_notsent_lowat;
+}
+
 /**
   A VConnection for a network socket. Abstraction for a net connection.
   Similar to a socket descriptor VConnections are IO handles to

iocore/net/I_SessionAccept.h

@@ -25,6 +25,7 @@
 
 #include "I_Net.h"
 #include "I_VConnection.h"
+#include "I_NetVConnection.h"
 
 struct AclRecord;
 struct HttpProxyPort;

iocore/net/Makefile.am

@@ -152,7 +152,6 @@ libinknet_a_SOURCES = \
 	P_SSLNetVConnection.h \
 	P_SSLNextProtocolAccept.h \
 	P_SSLNextProtocolSet.h \
-	P_SSLSNI.h \
 	P_SSLUtils.h \
 	P_SSLClientCoordinator.h \
 	P_SSLClientUtils.h \
@@ -184,6 +183,7 @@ libinknet_a_SOURCES = \
 	SSLNetVConnection.cc \
 	SSLNextProtocolAccept.cc \
 	SSLNextProtocolSet.cc \
+	SSLSNIConfig.h \
 	SSLSNIConfig.cc \
 	SSLStats.cc \
 	SSLSessionCache.cc \

iocore/net/P_SNIActionPerformer.h

@@ -32,45 +32,14 @@
 
 #include "I_EventSystem.h"
 #include "P_SSLNextProtocolAccept.h"
+#include "P_SSLNetVConnection.h"
+#include "SNIActionPerformer.h"
 #include "SSLTypes.h"
 
 #include "tscore/ink_inet.h"
 
 #include <vector>
 
-class ActionItem
-{
-public:
-  /**
-   * Context should contain extra data needed to be passed to the actual SNIAction.
-   */
-  struct Context {
-    using CapturedGroupViewVec = std::vector<std::string_view>;
-    /**
-     * if any, fqdn_wildcard_captured_groups will hold the captured groups from the `fqdn`
-     * match which will be used to construct the tunnel destination. This vector contains only
-     * partial views of the original server name, group views are valid as long as the original
-     * string from where the groups were obtained lives.
-     */
-    std::optional<CapturedGroupViewVec> _fqdn_wildcard_captured_groups;
-  };
-
-  virtual int SNIAction(TLSSNISupport *snis, const Context &ctx) const = 0;
-
-  /**
-    This method tests whether this action would have been triggered by a
-    particularly SNI value and IP address combination.  This is run after the
-    TLS exchange finished to see if the client used an SNI name different from
-    the host name to avoid SNI-based policy
-  */
-  virtual bool
-  TestClientSNIAction(const char *servername, const IpEndpoint &ep, int &policy) const
-  {
-    return false;
-  }
-  virtual ~ActionItem(){};
-};
-
 class ControlH2 : public ActionItem
 {
 public:

iocore/net/P_SSLNextProtocolAccept.h

@@ -26,7 +26,6 @@
 #include "P_Net.h"
 #include "P_EventSystem.h"
 #include "P_UnixNet.h"
-#include "P_SSLNetVConnection.h"
 #include "P_SSLNextProtocolSet.h"
 #include "I_IOBuffer.h"
 #include "records/I_RecHttp.h"

iocore/net/P_UnixNetProcessor.h

@@ -23,6 +23,8 @@
 
 #pragma once
 #include "I_Net.h"
+#include "I_NetProcessor.h"
+#include "I_SessionAccept.h"
 #include "P_NetAccept.h"
 
 class UnixNetVConnection;

iocore/net/P_UnixNetVConnection.h

@@ -42,52 +42,6 @@ class UnixNetVConnection;
 class NetHandler;
 struct PollDescriptor;
 
-inline void
-NetVCOptions::reset()
-{
-  ip_proto  = USE_TCP;
-  ip_family = AF_INET;
-  local_ip.invalidate();
-  local_port         = 0;
-  addr_binding       = ANY_ADDR;
-  f_blocking         = false;
-  f_blocking_connect = false;
-  socks_support      = NORMAL_SOCKS;
-  socks_version      = SOCKS_DEFAULT_VERSION;
-  socket_recv_bufsize =
-#if defined(RECV_BUF_SIZE)
-    RECV_BUF_SIZE;
-#else
-    0;
-#endif
-  socket_send_bufsize  = 0;
-  sockopt_flags        = 0;
-  packet_mark          = 0;
-  packet_tos           = 0;
-  packet_notsent_lowat = 0;
-
-  etype = ET_NET;
-
-  sni_servername              = nullptr;
-  ssl_servername              = nullptr;
-  sni_hostname                = nullptr;
-  ssl_client_cert_name        = nullptr;
-  ssl_client_private_key_name = nullptr;
-  outbound_sni_policy         = nullptr;
-}
-
-inline void
-NetVCOptions::set_sock_param(int _recv_bufsize, int _send_bufsize, unsigned long _opt_flags, unsigned long _packet_mark,
-                             unsigned long _packet_tos, unsigned long _packet_notsent_lowat)
-{
-  socket_recv_bufsize  = _recv_bufsize;
-  socket_send_bufsize  = _send_bufsize;
-  sockopt_flags        = _opt_flags;
-  packet_mark          = _packet_mark;
-  packet_tos           = _packet_tos;
-  packet_notsent_lowat = _packet_notsent_lowat;
-}
-
 enum tcp_congestion_control_t { CLIENT_SIDE, SERVER_SIDE };
 
 class UnixNetVConnection : public NetVConnection, public NetEvent

iocore/net/SNIActionPerformer.h

@@ -0,0 +1,69 @@
+/** @file
+
+  A brief file description
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ */
+
+/*************************** -*- Mod: C++ -*- ******************************
+  P_ActionProcessor.h
+   Created On      : 05/02/2017
+
+   Description:
+   SNI based Configuration in ATS
+ ****************************************************************************/
+#pragma once
+
+#include <vector>
+#include <optional>
+#include "TLSSNISupport.h"
+#include "tscore/ink_inet.h"
+
+class ActionItem
+{
+public:
+  /**
+   * Context should contain extra data needed to be passed to the actual SNIAction.
+   */
+  struct Context {
+    using CapturedGroupViewVec = std::vector<std::string_view>;
+    /**
+     * if any, fqdn_wildcard_captured_groups will hold the captured groups from the `fqdn`
+     * match which will be used to construct the tunnel destination. This vector contains only
+     * partial views of the original server name, group views are valid as long as the original
+     * string from where the groups were obtained lives.
+     */
+    std::optional<CapturedGroupViewVec> _fqdn_wildcard_captured_groups;
+  };
+
+  virtual int SNIAction(TLSSNISupport *snis, const Context &ctx) const = 0;
+
+  /**
+    This method tests whether this action would have been triggered by a
+    particularly SNI value and IP address combination.  This is run after the
+    TLS exchange finished to see if the client used an SNI name different from
+    the host name to avoid SNI-based policy
+  */
+  virtual bool
+  TestClientSNIAction(const char *servername, const IpEndpoint &ep, int &policy) const
+  {
+    return false;
+  }
+  virtual ~ActionItem(){};
+};

iocore/net/SSLClientCoordinator.cc

@@ -23,7 +23,7 @@
 
 #include "P_SSLClientCoordinator.h"
 #include "P_SSLConfig.h"
-#include "P_SSLSNI.h"
+#include "SSLSNIConfig.h"
 
 std::unique_ptr<ConfigUpdateHandler<SSLClientCoordinator>> sslClientUpdate;
 

iocore/net/SSLConfig.cc

@@ -47,9 +47,7 @@
 
 #include "P_Net.h"
 #include "P_SSLClientUtils.h"
-#include "P_SSLSNI.h"
 #include "P_SSLCertLookup.h"
-#include "P_SSLSNI.h"
 #include "P_TLSKeyLogger.h"
 #include "SSLDiags.h"
 #include "SSLSessionCache.h"

iocore/net/SSLNetVConnection.cc

@@ -30,13 +30,14 @@
 #include "HttpTunnel.h"
 #include "ProxyProtocol.h"
 #include "HttpConfig.h"
+#include "SSLSNIConfig.h"
 
 #include "P_Net.h"
 #include "P_SSLUtils.h"
 #include "P_SSLNextProtocolSet.h"
 #include "P_SSLConfig.h"
 #include "P_SSLClientUtils.h"
-#include "P_SSLSNI.h"
+#include "P_SSLNetVConnection.h"
 #include "BIO_fastopen.h"
 #include "SSLStats.h"
 #include "SSLInternal.h"

iocore/net/SSLNextProtocolAccept.cc

@@ -22,6 +22,7 @@
  */
 
 #include "P_SSLNextProtocolAccept.h"
+#include "P_SSLNetVConnection.h"
 
 static void
 send_plugin_event(Continuation *plugin, int event, void *edata)

iocore/net/SSLSNIConfig.cc

@@ -29,7 +29,8 @@
    SNI based Configuration in ATS
  ****************************************************************************/
 
-#include "P_SSLSNI.h"
+#include "SSLSNIConfig.h"
+#include "P_SNIActionPerformer.h"
 
 #include "PreWarmManager.h"
 

iocore/net/P_SSLSNI.h → iocore/net/SSLSNIConfig.h

@@ -22,7 +22,7 @@
  */
 
 /*************************** -*- Mod: C++ -*- ******************************
-  P_SSLSNI.h
+  SSLSNIConfig.h
    Created On      : 05/02/2017
 
    Description:
@@ -36,7 +36,7 @@
 #include <memory>
 
 #include "ProxyConfig.h"
-#include "P_SNIActionPerformer.h"
+#include "SNIActionPerformer.h"
 #include "YamlSNIConfig.h"
 
 // Properties for the next hop server

iocore/net/SSLUtils.cc

@@ -36,7 +36,6 @@
 #include "InkAPIInternal.h"
 
 #include "P_OCSPStapling.h"
-#include "P_SSLSNI.h"
 #include "P_SSLConfig.h"
 #include "P_TLSKeyLogger.h"
 #include "BoringSSLUtils.h"
@@ -46,6 +45,8 @@
 #include "SSLDynlock.h"
 #include "SSLDiags.h"
 #include "SSLStats.h"
+#include "TLSSessionResumptionSupport.h"
+#include "P_SSLNetVConnection.h"
 
 #include <string>
 #include <unistd.h>

iocore/net/TLSSNISupport.cc

@@ -23,7 +23,7 @@
 #include "TLSSNISupport.h"
 #include "tscore/ink_assert.h"
 #include "tscore/Diags.h"
-#include "P_SSLSNI.h"
+#include "SSLSNIConfig.h"
 
 int TLSSNISupport::_ex_data_index = -1;
 

iocore/net/test_I_UDPNet.cc

@@ -30,6 +30,7 @@
 
 #include "I_EventSystem.h"
 #include "I_Net.h"
+#include "I_NetVConnection.h"
 #include "I_UDPNet.h"
 #include "I_UDPPacket.h"
 #include "I_UDPConnection.h"