fern-proxy 0.1.0

Cloud Native high performance security and privacy SQL proxy.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

// SPDX-FileCopyrightText:  Copyright © 2022 The Fern Authors <team@fernproxy.io>
// SPDX-License-Identifier: Apache-2.0

//!TODO(ppiotr3k): write module description

use futures::{sink::SinkExt, stream::StreamExt};
use tokio::io::{AsyncRead, AsyncWrite, Result};
use tokio::sync::mpsc;
use tokio_util::codec::{Decoder, Encoder, FramedRead, FramedWrite};

use fern_proxy_interfaces::{SQLHandlerConfig, SQLMessage, SQLMessageHandler};

/// Direction of Messages flow in a `Pipe`.
#[derive(Debug)]
pub enum Direction {
    /// Messages from Client to proxied Server.
    ClientServer,

    /// Messages from proxied Server to Client.
    ServerClient,
}

impl std::fmt::Display for Direction {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        match *self {
            Self::ClientServer => write!(f, "Client -> Server"),
            Self::ServerClient => write!(f, "Server -> Client"),
        }
    }
}

///TODO(ppiotr3k): write struct description
#[derive(Debug)]
pub struct Pipe<R, W, C, I, S, H> {
    /// Direction of data flow (Client -> Server; Server -> Client).
    direction: Direction,

    /// [`Stream`] end of the `Pipe`, where data is read from as frames.
    ///
    /// [`Stream`]: https://docs.rs/futures/*/futures/stream/trait.Stream.html
    stream: FramedRead<R, C>,

    /// [`Sink`] end of the `Pipe`, where data is written to as frames.
    ///
    /// [`Sink`]: https://docs.rs/futures/*/futures/sink/trait.Sink.html
    sink: FramedWrite<W, C>,

    /// Chain of `SQLMessageHandler`s applied to data flowing in the `Pipe`.
    /// The chain is built before beeing passed to the `Pipe` constructor.
    //TODO(ppiotr3k): implement a higher-level struct processing the chain automatically
    //TODO(ppiotr3k): settle on the naming: `frame`, `message`, `packet`, ...
    frame_handlers: H,

    /// Access to the `stream` and `sink` of the `Pipe` paired with this one.
    /// Used for "short-circuiting" regular Client <-> proxied Server flows.
    _short_circuit: ShortCircuit<I, S>,
}

impl<R, W, C, I, S, H> Pipe<R, W, C, I, S, H>
where
    R: AsyncRead + Unpin,
    W: AsyncWrite + Unpin,
    C: Decoder + Decoder<Item = I> + Encoder<I> + Default,
    I: SQLMessage,
    S: SQLMessage,
    H: SQLMessageHandler<I> + Send + Sync,
{
    ///TODO(ppiotr3k): write function description
    pub fn new(
        direction: Direction,
        receiver: R,
        sender: W,
        short_circuit: ShortCircuit<I, S>,
        config: &SQLHandlerConfig,
    ) -> Pipe<R, W, C, I, S, H> {
        // Adapt from `AsyncRead`/ `AsyncWrite` to `Stream`/`Sink`.
        Pipe {
            direction,
            stream: FramedRead::new(receiver, C::default()),
            sink: FramedWrite::new(sender, C::default()),
            frame_handlers: H::new(config),
            _short_circuit: short_circuit,
        }
    }

    ///TODO(ppiotr3k): write function description
    pub async fn run(&mut self) -> Result<()>
    where
        <C as Encoder<I>>::Error: std::fmt::Display,
        std::io::Error: From<<C as Encoder<I>>::Error>,
    {
        log::trace!("[{}] running pipe", self.direction);

        //TODO(ppiotr3k): investigate if listening for shutdown is required here
        // -> since pipes aren't tasks but infinite loops on futures, seems unnecessary
        loop {
            // `select!` continuously runs all futures until one returns.
            // Read request frame, also listening for the shutdown signal.
            let mut packet = tokio::select! {
                // Await for a Message from `Stream`, or terminate if `Stream` dried.
                result = self.stream.next() => {
                    if let Some(Ok(packet)) = result {
                        packet
                    } else {
                        let err = std::io::Error::new(
                            std::io::ErrorKind::UnexpectedEof,
                            format!("[{}] read 0 bytes, closing pipe", self.direction),
                        );
                        log::trace!("{}", err);
                        return Err(err);
                    }
                },

                // // Process a short-circuit Message.
                // result = self.short_circuit.rx.recv() => {
                //     if let Some(packet) = result {
                //         log::trace!(
                //             "[{}] received short-circuit packet: {:?}",
                //             self.direction,
                //             packet,
                //         );
                //         packet
                //     } else {
                //         let err = std::io::Error::new(
                //             std::io::ErrorKind::UnexpectedEof,
                //             format!(
                //                 "[{}] paired pipe prematurely closed",
                //                 self.direction
                //             )
                //         );
                //         log::trace!("{}", err);
                //         return Err(err)
                //     }
                // },
            };

            //TODO(ppiotr3k): check if `packet` should be short-circuited
            //TODO(ppiotr3k): process `packet` through "packet handlers"

            packet = self.frame_handlers.process(packet).await;

            //TODO(ppiotr3k): consider batching rather than `send`ing one-by-one
            // Write `packet` to `Sink`, and flush it.
            if let Err(err) = self.sink.send(packet).await {
                log::error!("[{}] cannot send to sink: {}", self.direction, err);
                return Err(err.into());
            }
        }
    }
}

///TODO(ppiotr3k): write struct description
#[derive(Debug)]
pub struct ShortCircuit<I, S> {
    _tx: mpsc::Sender<S>,
    _rx: mpsc::Receiver<I>,
}

impl<I, S> ShortCircuit<I, S> {
    pub fn new(tx: mpsc::Sender<S>, rx: mpsc::Receiver<I>) -> ShortCircuit<I, S> {
        ShortCircuit { _tx: tx, _rx: rx }
    }
}