network_system/common__defs_8h_source.html

// BSD 3-Clause License

// Copyright (c) 2024, 🍀☀🌕🌥 🌊

// See the LICENSE file in the project root for full license information.


#pragma once


#include <atomic>

#include <chrono>

#include <cstdint>

#include <optional>

#include <string>

#include <string_view>


// Use nested namespace definition (C++17)

namespace kcenon::network::internal

{


    struct socket_config

    {

        std::size_t max_pending_bytes{0};


        std::size_t high_water_mark{1024 * 1024};


        std::size_t low_water_mark{256 * 1024};

    };


    struct socket_metrics

    {

        std::atomic<std::size_t> total_bytes_sent{0};

        std::atomic<std::size_t> total_bytes_received{0};

        std::atomic<std::size_t> current_pending_bytes{0};

        std::atomic<std::size_t> peak_pending_bytes{0};

        std::atomic<std::size_t> backpressure_events{0};

        std::atomic<std::size_t> rejected_sends{0};

        std::atomic<std::size_t> send_count{0};

        std::atomic<std::size_t> receive_count{0};


        void reset()

        {

            total_bytes_sent.store(0);

            total_bytes_received.store(0);

            current_pending_bytes.store(0);

            peak_pending_bytes.store(0);

            backpressure_events.store(0);

            rejected_sends.store(0);

            send_count.store(0);

            receive_count.store(0);

        }


    };


    enum class data_mode : std::uint8_t {

        packet_mode = 1,

        file_mode = 2,

        binary_mode = 3

    };


    enum class tls_version : std::uint8_t {

        tls_1_0 = 10,

        tls_1_1 = 11,

        tls_1_2 = 12,

        tls_1_3 = 13

    };


    enum class certificate_verification : std::uint8_t {

        none = 0,

        verify_peer = 1,

        verify_fail_if_no_peer_cert = 2

    };


    struct tls_config {

        bool enabled = false;


        tls_version min_version = tls_version::tls_1_3;


        certificate_verification verify_mode = certificate_verification::verify_peer;


        std::optional<std::string> certificate_file;


        std::optional<std::string> private_key_file;


        std::optional<std::string> private_key_password;


        std::optional<std::string> ca_file;


        std::optional<std::string> ca_path;


        std::optional<std::string> cipher_list;


        std::optional<std::string> sni_hostname;


        bool enable_session_resumption = true;


        std::size_t handshake_timeout_ms = 10000;


        [[nodiscard]] auto is_valid() const -> bool {

            if (!enabled) {

                return true;  // Valid if disabled

            }


            // If verification is enabled, CA file/path is required

            if (verify_mode != certificate_verification::none) {

                if (!ca_file.has_value() && !ca_path.has_value()) {

                    return false;

                }

            }


            // Note: Certificate and private key validation depends on whether

            // this is a server or client configuration, which is context-dependent.

            // Server-specific validation should be done by the server class.


            return true;

        }


        [[nodiscard]] static auto insecure_for_testing() -> tls_config {

            tls_config config;

            config.enabled = true;

            config.verify_mode = certificate_verification::none;

            return config;

        }


        [[nodiscard]] static auto secure_defaults() -> tls_config {

            tls_config config;

            config.enabled = true;

            config.min_version = tls_version::tls_1_3;

            config.verify_mode = certificate_verification::verify_peer;

            config.enable_session_resumption = true;

            return config;

        }


        [[nodiscard]] static auto legacy_compatible() -> tls_config {

            tls_config config;

            config.enabled = true;

            config.min_version = tls_version::tls_1_2;

            config.verify_mode = certificate_verification::verify_peer;

            config.enable_session_resumption = true;

            return config;

        }


    };


    // Use inline variables for constants (C++17)

    inline constexpr std::size_t default_buffer_size = 4096;

    inline constexpr std::size_t default_timeout_ms = 5000;

    inline constexpr std::string_view default_client_id = "default_client";

    inline constexpr std::string_view default_server_id = "default_server";


    // TLS defaults

    inline constexpr std::string_view default_tls_cipher_list =

        "ECDHE-RSA-AES256-GCM-SHA384:"

        "ECDHE-RSA-AES128-GCM-SHA256:"

        "ECDHE-RSA-CHACHA20-POLY1305";


} // namespace kcenon::network::internal

config
tracing_config config
Definition exporters.cpp:29

kcenon::network::internal
Definition messaging_session.h:37

kcenon::network::internal::default_server_id
constexpr std::string_view default_server_id
Definition common_defs.h:283

kcenon::network::internal::tls_version
tls_version
TLS protocol versions.
Definition common_defs.h:113

kcenon::network::internal::tls_version::tls_1_2
@ tls_1_2

kcenon::network::internal::tls_version::tls_1_1
@ tls_1_1

kcenon::network::internal::tls_version::tls_1_0
@ tls_1_0

kcenon::network::internal::tls_version::tls_1_3
@ tls_1_3

kcenon::network::internal::data_mode
data_mode
Represents a simple enumeration for differentiating data transmission modes.
Definition common_defs.h:100

kcenon::network::internal::data_mode::binary_mode
@ binary_mode

kcenon::network::internal::data_mode::packet_mode
@ packet_mode

kcenon::network::internal::data_mode::file_mode
@ file_mode

kcenon::network::internal::default_client_id
constexpr std::string_view default_client_id
Definition common_defs.h:282

kcenon::network::internal::certificate_verification
certificate_verification
Certificate verification modes.
Definition common_defs.h:124

kcenon::network::internal::certificate_verification::none
@ none

kcenon::network::internal::certificate_verification::verify_peer
@ verify_peer

kcenon::network::internal::certificate_verification::verify_fail_if_no_peer_cert
@ verify_fail_if_no_peer_cert

kcenon::network::internal::default_tls_cipher_list
constexpr std::string_view default_tls_cipher_list
Definition common_defs.h:286

kcenon::network::internal::default_timeout_ms
constexpr std::size_t default_timeout_ms
Definition common_defs.h:281

kcenon::network::internal::default_buffer_size
constexpr std::size_t default_buffer_size
Definition common_defs.h:280

kcenon::network::protocols::quic::ecn_result::none
@ none
No congestion signal.

kcenon::network::internal::socket_config
Configuration for TCP socket backpressure control.
Definition common_defs.h:30

kcenon::network::internal::socket_config::high_water_mark
std::size_t high_water_mark
High water mark - trigger backpressure callback.
Definition common_defs.h:47

kcenon::network::internal::socket_config::max_pending_bytes
std::size_t max_pending_bytes
Maximum bytes allowed in pending send buffer.
Definition common_defs.h:38

kcenon::network::internal::socket_config::low_water_mark
std::size_t low_water_mark
Low water mark - resume sending.
Definition common_defs.h:57

kcenon::network::internal::socket_metrics
Runtime metrics for socket monitoring.
Definition common_defs.h:68

kcenon::network::internal::socket_metrics::backpressure_events
std::atomic< std::size_t > backpressure_events
Definition common_defs.h:73

kcenon::network::internal::socket_metrics::total_bytes_received
std::atomic< std::size_t > total_bytes_received
Definition common_defs.h:70

kcenon::network::internal::socket_metrics::peak_pending_bytes
std::atomic< std::size_t > peak_pending_bytes
Definition common_defs.h:72

kcenon::network::internal::socket_metrics::rejected_sends
std::atomic< std::size_t > rejected_sends
Definition common_defs.h:74

kcenon::network::internal::socket_metrics::total_bytes_sent
std::atomic< std::size_t > total_bytes_sent
Definition common_defs.h:69

kcenon::network::internal::socket_metrics::send_count
std::atomic< std::size_t > send_count
Definition common_defs.h:75

kcenon::network::internal::socket_metrics::receive_count
std::atomic< std::size_t > receive_count
Definition common_defs.h:76

kcenon::network::internal::socket_metrics::reset
void reset()
Definition common_defs.h:78

kcenon::network::internal::socket_metrics::current_pending_bytes
std::atomic< std::size_t > current_pending_bytes
Definition common_defs.h:71

kcenon::network::internal::tls_config
Configuration for TLS/SSL connections.
Definition common_defs.h:163

kcenon::network::internal::tls_config::certificate_file
std::optional< std::string > certificate_file
Path to server certificate file (PEM format) Required for servers when TLS is enabled.
Definition common_defs.h:176

kcenon::network::internal::tls_config::cipher_list
std::optional< std::string > cipher_list
Cipher suite list (OpenSSL format) Default: Use strong ciphers (TLS 1.2+) Example: "ECDHE-RSA-AES256-...
Definition common_defs.h:195

kcenon::network::internal::tls_config::insecure_for_testing
static auto insecure_for_testing() -> tls_config
Creates a default insecure configuration (testing only)
Definition common_defs.h:239

kcenon::network::internal::tls_config::legacy_compatible
static auto legacy_compatible() -> tls_config
Creates a backwards-compatible configuration (TLS 1.2+)
Definition common_defs.h:269

kcenon::network::internal::tls_config::handshake_timeout_ms
std::size_t handshake_timeout_ms
Timeout for TLS handshake in milliseconds.
Definition common_defs.h:205

kcenon::network::internal::tls_config::is_valid
auto is_valid() const -> bool
Validates the TLS configuration.
Definition common_defs.h:213

kcenon::network::internal::tls_config::enabled
bool enabled
Enable TLS/SSL for this connection (default: false)
Definition common_defs.h:165

kcenon::network::internal::tls_config::min_version
tls_version min_version
Minimum TLS version to accept (default: TLS 1.3) Note: TLS 1.3 is enforced by default to prevent down...
Definition common_defs.h:169

kcenon::network::internal::tls_config::sni_hostname
std::optional< std::string > sni_hostname
Server Name Indication (SNI) hostname for clients Used for virtual hosting and certificate selection.
Definition common_defs.h:199

kcenon::network::internal::tls_config::private_key_file
std::optional< std::string > private_key_file
Path to server private key file (PEM format) Required for servers when TLS is enabled.
Definition common_defs.h:180

kcenon::network::internal::tls_config::ca_path
std::optional< std::string > ca_path
Path to directory containing CA certificates.
Definition common_defs.h:190

kcenon::network::internal::tls_config::secure_defaults
static auto secure_defaults() -> tls_config
Creates a secure default configuration.
Definition common_defs.h:253

kcenon::network::internal::tls_config::private_key_password
std::optional< std::string > private_key_password
Password for encrypted private key (if applicable)
Definition common_defs.h:183

kcenon::network::internal::tls_config::enable_session_resumption
bool enable_session_resumption
Enable session resumption for performance.
Definition common_defs.h:202

kcenon::network::internal::tls_config::ca_file
std::optional< std::string > ca_file
Path to CA certificate file for verification (PEM format) Required when verify_mode !...
Definition common_defs.h:187

kcenon::network::internal::tls_config::verify_mode
certificate_verification verify_mode
Certificate verification mode (default: verify_peer)
Definition common_defs.h:172