connection: add functionality to set downstream socket option dynamically (envoyproxy#39200)

Signed-off-by: Jacob Lisi <[email protected]>

Author: jtlisi

envoy/network/BUILD

@@ -32,6 +32,7 @@ envoy_cc_library(
         "//envoy/ssl:connection_interface",
         "//envoy/stream_info:stream_info_interface",
         "@com_google_absl//absl/numeric:int128",
+        "@com_google_absl//absl/types:span",
     ],
 )
 

envoy/network/connection.h

@@ -347,6 +347,12 @@ class Connection : public Event::DeferredDeletable,
    */
   virtual const ConnectionSocket::OptionsSharedPtr& socketOptions() const PURE;
 
+  /**
+   * Set a socket option on the underlying socket(s) of this connection.
+   * @param option The socket option to set.
+   * @return boolean telling if the socket option was set successfully.
+   */
+  virtual bool setSocketOption(Network::SocketOptionName name, absl::Span<uint8_t> value) PURE;
   /**
    * The StreamInfo object associated with this connection. This is typically
    * used for logging purposes. Individual filters may add specific information

source/common/network/connection_impl.cc

@@ -921,6 +921,23 @@ bool ConnectionImpl::bothSidesHalfClosed() {
   return read_end_stream_ && write_end_stream_ && write_buffer_->length() == 0;
 }
 
+bool ConnectionImpl::setSocketOption(Network::SocketOptionName name, absl::Span<uint8_t> value) {
+  Api::SysCallIntResult result =
+      SocketOptionImpl::setSocketOption(*socket_, name, value.data(), value.size());
+  if (result.return_value_ != 0) {
+    ENVOY_LOG(warn, "Setting option on socket failed, errno: {}, message: {}", result.errno_,
+              errorDetails(result.errno_));
+    return false;
+  }
+
+  // Only add a sockopt if it's added successfully.
+  auto sockopt = std::make_shared<SocketOptionImpl>(
+      name, absl::string_view(reinterpret_cast<const char*>(value.data()), value.size()));
+  socket_->addOption(sockopt);
+
+  return true;
+}
+
 absl::string_view ConnectionImpl::transportFailureReason() const {
   if (!failure_reason_.empty()) {
     return failure_reason_;

source/common/network/connection_impl.h

@@ -106,6 +106,7 @@ class ConnectionImpl : public ConnectionImplBase, public TransportSocketCallback
   const ConnectionSocket::OptionsSharedPtr& socketOptions() const override {
     return socket_->options();
   }
+  bool setSocketOption(Network::SocketOptionName name, absl::Span<uint8_t> value) override;
   absl::string_view requestedServerName() const override { return socket_->requestedServerName(); }
   StreamInfo::StreamInfo& streamInfo() override { return stream_info_; }
   const StreamInfo::StreamInfo& streamInfo() const override { return stream_info_; }

source/common/network/multi_connection_base_impl.cc

@@ -106,6 +106,17 @@ bool MultiConnectionBaseImpl::isHalfCloseEnabled() const {
   return connections_[0]->isHalfCloseEnabled();
 }
 
+bool MultiConnectionBaseImpl::setSocketOption(Network::SocketOptionName name,
+                                              absl::Span<uint8_t> value) {
+  bool success = true;
+  for (auto& connection : connections_) {
+    if (!connection->setSocketOption(name, value)) {
+      success = false;
+    }
+  }
+  return success;
+}
+
 std::string MultiConnectionBaseImpl::nextProtocol() const {
   return connections_[0]->nextProtocol();
 }

source/common/network/multi_connection_base_impl.h

@@ -101,6 +101,7 @@ class MultiConnectionBaseImpl : public ClientConnection,
 
   // Simple getters which always delegate to the first connection in connections_.
   bool isHalfCloseEnabled() const override;
+  bool setSocketOption(Network::SocketOptionName name, absl::Span<uint8_t> value) override;
   std::string nextProtocol() const override;
   // Note, this might change before connect finishes.
   ConnectionInfoSetter& connectionInfoSetter() override;

source/common/network/socket_option_impl.cc

@@ -15,7 +15,7 @@ namespace Network {
 // Socket::Option
 bool SocketOptionImpl::setOption(Socket& socket,
                                  envoy::config::core::v3::SocketOption::SocketState state) const {
-  if (in_state_ == state) {
+  if (!in_state_.has_value() || in_state_ == state) {
     if (!optname_.hasValue()) {
       ENVOY_LOG(warn, "Failed to set unsupported option on socket");
       return false;
@@ -49,7 +49,7 @@ void SocketOptionImpl::hashKey(std::vector<uint8_t>& hash_key) const {
 absl::optional<Socket::Option::Details>
 SocketOptionImpl::getOptionDetails(const Socket&,
                                    envoy::config::core::v3::SocketOption::SocketState state) const {
-  if (state != in_state_ || !isSupported()) {
+  if ((in_state_.has_value() && state != in_state_) || !isSupported()) {
     return absl::nullopt;
   }
 

source/common/network/socket_option_impl.h

@@ -30,6 +30,13 @@ class SocketOptionImpl : public Socket::Option, Logger::Loggable<Logger::Id::con
     ASSERT(reinterpret_cast<uintptr_t>(value_.data()) % alignof(void*) == 0);
   }
 
+  SocketOptionImpl(Network::SocketOptionName optname, absl::string_view value,
+                   absl::optional<Network::Socket::Type> socket_type = absl::nullopt)
+      : in_state_(absl::nullopt), optname_(optname), value_(value.begin(), value.end()),
+        socket_type_(socket_type) {
+    ASSERT(reinterpret_cast<uintptr_t>(value_.data()) % alignof(void*) == 0);
+  }
+
   // Socket::Option
   bool setOption(Socket& socket,
                  envoy::config::core::v3::SocketOption::SocketState state) const override;
@@ -61,7 +68,9 @@ class SocketOptionImpl : public Socket::Option, Logger::Loggable<Logger::Id::con
                                                const void* value, size_t size);
 
 private:
-  const envoy::config::core::v3::SocketOption::SocketState in_state_;
+  // The state this option expects the socket to be in when it is applied. If the state is not set,
+  // then this option will be applied in any state.
+  absl::optional<const envoy::config::core::v3::SocketOption::SocketState> in_state_;
   const Network::SocketOptionName optname_;
   // The vector's data() is used by the setsockopt syscall, which needs to be int-size-aligned on
   // some platforms, the AlignedAllocator here makes it pointer-size-aligned, which satisfies the

source/common/quic/envoy_quic_client_session.h

@@ -54,6 +54,10 @@ class EnvoyQuicClientSession : public QuicFilterManagerConnectionImpl,
   // Set up socket and start handshake.
   void connect() override;
 
+  bool setSocketOption(Envoy::Network::SocketOptionName, absl::Span<uint8_t>) override {
+    return false;
+  }
+
   // quic::QuicSession
   void OnConnectionClosed(const quic::QuicConnectionCloseFrame& frame,
                           quic::ConnectionCloseSource source) override;

source/common/quic/envoy_quic_server_session.h

@@ -99,6 +99,10 @@ class EnvoyQuicServerSession : public quic::QuicServerSessionBase,
                                   const Network::FilterChain& filter_chain,
                                   ConnectionMapIter position);
 
+  bool setSocketOption(Envoy::Network::SocketOptionName, absl::Span<uint8_t>) override {
+    return false;
+  }
+
   void setHttp3Options(const envoy::config::core::v3::Http3ProtocolOptions& http3_options) override;
   using quic::QuicSession::PerformActionOnActiveStreams;