blob: 6e098e2603e90fdb8fea1d09246713ff71d7813a [file] [log] [blame]
/*
* Session management functions.
*
* Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <common/config.h>
#include <common/buffer.h>
#include <common/debug.h>
#include <common/memory.h>
#include <types/capture.h>
#include <types/global.h>
#include <proto/acl.h>
#include <proto/arg.h>
#include <proto/backend.h>
#include <proto/channel.h>
#include <proto/checks.h>
#include <proto/connection.h>
#include <proto/dumpstats.h>
#include <proto/fd.h>
#include <proto/freq_ctr.h>
#include <proto/frontend.h>
#include <proto/hdr_idx.h>
#include <proto/listener.h>
#include <proto/log.h>
#include <proto/raw_sock.h>
#include <proto/session.h>
#include <proto/pipe.h>
#include <proto/proto_http.h>
#include <proto/proto_tcp.h>
#include <proto/proxy.h>
#include <proto/queue.h>
#include <proto/server.h>
#include <proto/sample.h>
#include <proto/stick_table.h>
#include <proto/stream_interface.h>
#include <proto/task.h>
struct pool_head *pool2_session;
struct list sessions;
static int conn_session_complete(struct connection *conn);
static int conn_session_update(struct connection *conn);
static struct task *expire_mini_session(struct task *t);
int session_complete(struct session *s);
/* data layer callbacks for an embryonic session */
struct data_cb sess_conn_cb = {
.recv = NULL,
.send = NULL,
.wake = conn_session_update,
.init = conn_session_complete,
};
/* This function is called from the protocol layer accept() in order to
* instanciate a new embryonic session on behalf of a given listener and
* frontend. It returns a positive value upon success, 0 if the connection
* can be ignored, or a negative value upon critical failure. The accepted
* file descriptor is closed if we return <= 0.
*/
int session_accept(struct listener *l, int cfd, struct sockaddr_storage *addr)
{
struct proxy *p = l->frontend;
struct session *s;
struct task *t;
int ret;
ret = -1; /* assume unrecoverable error by default */
if (unlikely((s = pool_alloc2(pool2_session)) == NULL))
goto out_close;
if (unlikely((s->si[0].conn = pool_alloc2(pool2_connection)) == NULL))
goto out_fail_conn0;
if (unlikely((s->si[1].conn = pool_alloc2(pool2_connection)) == NULL))
goto out_fail_conn1;
/* minimum session initialization required for an embryonic session is
* fairly low. We need very little to execute L4 ACLs, then we need a
* task to make the client-side connection live on its own.
* - flags
* - stick-entry tracking
*/
s->flags = 0;
s->logs.logwait = p->to_log;
s->stkctr1_entry = NULL;
s->stkctr2_entry = NULL;
s->stkctr1_table = NULL;
s->stkctr2_table = NULL;
s->listener = l;
s->fe = p;
/* OK, we're keeping the session, so let's properly initialize the session */
s->si[0].conn->t.sock.fd = cfd;
s->si[0].conn->ctrl = l->proto;
s->si[0].conn->flags = CO_FL_NONE;
s->si[0].conn->err_code = CO_ER_NONE;
s->si[0].conn->addr.from = *addr;
s->si[0].conn->target = &l->obj_type;
s->logs.accept_date = date; /* user-visible date for logging */
s->logs.tv_accept = now; /* corrected date for internal use */
s->uniq_id = totalconn;
p->feconn++;
/* This session was accepted, count it now */
if (p->feconn > p->fe_counters.conn_max)
p->fe_counters.conn_max = p->feconn;
proxy_inc_fe_conn_ctr(l, p);
/* now evaluate the tcp-request layer4 rules. Since we expect to be able
* to abort right here as soon as possible, we check the rules before
* even initializing the stream interfaces.
*/
if ((l->options & LI_O_TCP_RULES) && !tcp_exec_req_rules(s)) {
/* let's do a no-linger now to close with a single RST. */
setsockopt(cfd, SOL_SOCKET, SO_LINGER, (struct linger *) &nolinger, sizeof(struct linger));
ret = 0; /* successful termination */
goto out_free_session;
}
#ifndef USE_ACCEPT4
/* Adjust some socket options if the connection was accepted by a plain
* accept() syscall.
*/
if (unlikely(fcntl(cfd, F_SETFL, O_NONBLOCK) == -1))
goto out_free_session;
#endif
/* monitor-net and health mode are processed immediately after TCP
* connection rules. This way it's possible to block them, but they
* never use the lower data layers, they send directly over the socket,
* as they were designed for. We first flush the socket receive buffer
* in order to avoid emission of an RST by the system. We ignore any
* error.
*/
if (unlikely((p->mode == PR_MODE_HEALTH) ||
((l->options & LI_O_CHK_MONNET) &&
addr->ss_family == AF_INET &&
(((struct sockaddr_in *)addr)->sin_addr.s_addr & p->mon_mask.s_addr) == p->mon_net.s_addr))) {
/* we have 4 possibilities here :
* - HTTP mode, from monitoring address => send "HTTP/1.0 200 OK"
* - HEALTH mode with HTTP check => send "HTTP/1.0 200 OK"
* - HEALTH mode without HTTP check => just send "OK"
* - TCP mode from monitoring address => just close
*/
recv(cfd, trash.str, trash.size, MSG_DONTWAIT);
if (p->mode == PR_MODE_HTTP ||
(p->mode == PR_MODE_HEALTH && (p->options2 & PR_O2_CHK_ANY) == PR_O2_HTTP_CHK))
send(cfd, "HTTP/1.0 200 OK\r\n\r\n", 19, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_MORE);
else if (p->mode == PR_MODE_HEALTH)
send(cfd, "OK\n", 3, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_MORE);
ret = 0;
goto out_free_session;
}
/* wait for a PROXY protocol header */
if (l->options & LI_O_ACC_PROXY) {
s->si[0].conn->flags |= CO_FL_ACCEPT_PROXY;
conn_sock_want_recv(s->si[0].conn);
}
if (unlikely((t = task_new()) == NULL))
goto out_free_session;
t->context = s;
t->nice = l->nice;
s->task = t;
/* Add the various callbacks. Right now the transport layer is present
* but not initialized. Also note we need to be careful as the stream
* int is not initialized yet.
*/
conn_prepare(s->si[0].conn, &sess_conn_cb, l->proto, l->xprt, s);
/* finish initialization of the accepted file descriptor */
fd_insert(cfd);
fdtab[cfd].owner = s->si[0].conn;
fdtab[cfd].iocb = conn_fd_handler;
conn_data_want_recv(s->si[0].conn);
if (conn_xprt_init(s->si[0].conn) < 0)
goto out_free_task;
/* OK, now either we have a pending handshake to execute with and
* then we must return to the I/O layer, or we can proceed with the
* end of the session initialization. In case of handshake, we also
* set the I/O timeout to the frontend's client timeout.
*/
if (s->si[0].conn->flags & CO_FL_HANDSHAKE) {
t->process = expire_mini_session;
t->expire = tick_add_ifset(now_ms, p->timeout.client);
task_queue(t);
s->si[0].conn->flags |= CO_FL_INIT_DATA | CO_FL_WAKE_DATA;
return 1;
}
/* OK let's complete session initialization since there is no handshake */
s->si[0].conn->flags |= CO_FL_CONNECTED;
ret = session_complete(s);
if (ret > 0)
return ret;
/* Error unrolling */
out_free_task:
task_free(t);
out_free_session:
p->feconn--;
if (s->stkctr1_entry || s->stkctr2_entry)
session_store_counters(s);
pool_free2(pool2_connection, s->si[1].conn);
out_fail_conn1:
pool_free2(pool2_connection, s->si[0].conn);
out_fail_conn0:
pool_free2(pool2_session, s);
out_close:
if (ret < 0 && l->xprt == &raw_sock && p->mode == PR_MODE_HTTP) {
/* critical error, no more memory, try to emit a 500 response */
struct chunk *err_msg = http_error_message(s, HTTP_ERR_500);
send(cfd, err_msg->str, err_msg->len, MSG_DONTWAIT|MSG_NOSIGNAL);
}
if (fdtab[cfd].owner)
fd_delete(cfd);
else
close(cfd);
return ret;
}
/* prepare the trash with a log prefix for session <s> */
static void prepare_mini_sess_log_prefix(struct session *s)
{
struct tm tm;
char pn[INET6_ADDRSTRLEN];
int ret;
char *end;
ret = addr_to_str(&s->si[0].conn->addr.from, pn, sizeof(pn));
if (ret <= 0)
chunk_printf(&trash, "unknown [");
else if (ret == AF_UNIX)
chunk_printf(&trash, "%s:%d [", pn, s->listener->luid);
else
chunk_printf(&trash, "%s:%d [", pn, get_host_port(&s->si[0].conn->addr.from));
get_localtime(s->logs.accept_date.tv_sec, &tm);
end = date2str_log(trash.str + trash.len, &tm, &(s->logs.accept_date), trash.size - trash.len);
trash.len = end - trash.str;
if (s->listener->name)
chunk_appendf(&trash, "] %s/%s", s->fe->id, s->listener->name);
else
chunk_appendf(&trash, "] %s/%d", s->fe->id, s->listener->luid);
}
/* This function kills an existing embryonic session. It stops the connection's
* transport layer, releases assigned resources, resumes the listener if it was
* disabled and finally kills the file descriptor.
*/
static void kill_mini_session(struct session *s)
{
int level = LOG_INFO;
struct connection *conn = s->si[0].conn;
unsigned int log = s->logs.logwait;
const char *err_msg;
if (s->fe->options2 & PR_O2_LOGERRORS)
level = LOG_ERR;
if (log && (s->fe->options & PR_O_NULLNOLOG)) {
/* with "option dontlognull", we don't log connections with no transfer */
if (!conn->err_code ||
conn->err_code == CO_ER_PRX_EMPTY || conn->err_code == CO_ER_PRX_ABORT ||
conn->err_code == CO_ER_SSL_EMPTY || conn->err_code == CO_ER_SSL_ABORT)
log = 0;
}
if (log) {
if (!conn->err_code && (s->task->state & TASK_WOKEN_TIMER)) {
if (conn->flags & CO_FL_ACCEPT_PROXY)
conn->err_code = CO_ER_PRX_TIMEOUT;
else if (conn->flags & CO_FL_SSL_WAIT_HS)
conn->err_code = CO_ER_SSL_TIMEOUT;
}
prepare_mini_sess_log_prefix(s);
err_msg = conn_err_code_str(conn);
if (err_msg)
send_log(s->fe, level, "%s: %s\n", trash.str, err_msg);
else
send_log(s->fe, level, "%s: unknown connection error (code=%d flags=%08x)\n",
trash.str, conn->err_code, conn->flags);
}
/* kill the connection now */
conn_full_close(s->si[0].conn);
s->fe->feconn--;
if (s->stkctr1_entry || s->stkctr2_entry)
session_store_counters(s);
if (!(s->listener->options & LI_O_UNLIMITED))
actconn--;
jobs--;
s->listener->nbconn--;
if (s->listener->state == LI_FULL)
resume_listener(s->listener);
/* Dequeues all of the listeners waiting for a resource */
if (!LIST_ISEMPTY(&global_listener_queue))
dequeue_all_listeners(&global_listener_queue);
if (!LIST_ISEMPTY(&s->fe->listener_queue) &&
(!s->fe->fe_sps_lim || freq_ctr_remain(&s->fe->fe_sess_per_sec, s->fe->fe_sps_lim, 0) > 0))
dequeue_all_listeners(&s->fe->listener_queue);
task_delete(s->task);
task_free(s->task);
pool_free2(pool2_connection, s->si[1].conn);
pool_free2(pool2_connection, s->si[0].conn);
pool_free2(pool2_session, s);
}
/* Finish initializing a session from a connection, or kills it if the
* connection shows and error. Returns <0 if the connection was killed.
*/
static int conn_session_complete(struct connection *conn)
{
struct session *s = conn->owner;
if (!(conn->flags & CO_FL_ERROR) && (session_complete(s) > 0)) {
conn->flags &= ~CO_FL_INIT_DATA;
return 0;
}
/* kill the connection now */
kill_mini_session(s);
return -1;
}
/* Update an embryonic session status. The connection is killed in case of
* error, and <0 will be returned. Otherwise it does nothing.
*/
static int conn_session_update(struct connection *conn)
{
if (conn->flags & CO_FL_ERROR) {
kill_mini_session(conn->owner);
return -1;
}
return 0;
}
/* Manages embryonic sessions timeout. It is only called when the timeout
* strikes and performs the required cleanup.
*/
static struct task *expire_mini_session(struct task *t)
{
struct session *s = t->context;
if (!(t->state & TASK_WOKEN_TIMER))
return t;
kill_mini_session(s);
return NULL;
}
/* This function is called from the I/O handler which detects the end of
* handshake, in order to complete initialization of a valid session. It must
* be called with an embryonic session. It returns a positive value upon
* success, 0 if the connection can be ignored, or a negative value upon
* critical failure. The accepted file descriptor is closed if we return <= 0.
*/
int session_complete(struct session *s)
{
struct listener *l = s->listener;
struct proxy *p = s->fe;
struct http_txn *txn;
struct task *t = s->task;
int ret;
ret = -1; /* assume unrecoverable error by default */
/* OK, we're keeping the session, so let's properly initialize the session */
LIST_ADDQ(&sessions, &s->list);
LIST_INIT(&s->back_refs);
si_takeover_conn(&s->si[0], l->proto, l->xprt);
s->flags |= SN_INITIALIZED;
s->unique_id = NULL;
t->process = l->handler;
t->context = s;
t->expire = TICK_ETERNITY;
/* Note: initially, the session's backend points to the frontend.
* This changes later when switching rules are executed or
* when the default backend is assigned.
*/
s->be = s->fe;
s->req = s->rep = NULL; /* will be allocated later */
s->comp_algo = NULL;
/* Let's count a session now */
proxy_inc_fe_sess_ctr(l, p);
if (s->stkctr1_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr1_table, s->stkctr1_entry, STKTABLE_DT_SESS_CNT);
if (ptr)
stktable_data_cast(ptr, sess_cnt)++;
ptr = stktable_data_ptr(s->stkctr1_table, s->stkctr1_entry, STKTABLE_DT_SESS_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, sess_rate),
s->stkctr1_table->data_arg[STKTABLE_DT_SESS_RATE].u, 1);
}
if (s->stkctr2_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr2_table, s->stkctr2_entry, STKTABLE_DT_SESS_CNT);
if (ptr)
stktable_data_cast(ptr, sess_cnt)++;
ptr = stktable_data_ptr(s->stkctr2_table, s->stkctr2_entry, STKTABLE_DT_SESS_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, sess_rate),
s->stkctr2_table->data_arg[STKTABLE_DT_SESS_RATE].u, 1);
}
/* this part should be common with other protocols */
s->si[0].owner = t;
s->si[0].state = s->si[0].prev_state = SI_ST_EST;
s->si[0].err_type = SI_ET_NONE;
s->si[0].err_loc = NULL;
s->si[0].release = NULL;
s->si[0].send_proxy_ofs = 0;
s->si[0].exp = TICK_ETERNITY;
s->si[0].flags = SI_FL_NONE;
if (likely(s->fe->options2 & PR_O2_INDEPSTR))
s->si[0].flags |= SI_FL_INDEP_STR;
/* pre-initialize the other side's stream interface to an INIT state. The
* callbacks will be initialized before attempting to connect.
*/
s->si[1].conn->t.sock.fd = -1; /* just to help with debugging */
s->si[1].conn->flags = CO_FL_NONE;
s->si[1].conn->err_code = CO_ER_NONE;
s->si[1].owner = t;
s->si[1].state = s->si[1].prev_state = SI_ST_INI;
s->si[1].err_type = SI_ET_NONE;
s->si[1].conn_retries = 0; /* used for logging too */
s->si[1].err_loc = NULL;
s->si[1].release = NULL;
s->si[1].send_proxy_ofs = 0;
s->si[1].conn->target = NULL;
si_prepare_embedded(&s->si[1]);
s->si[1].exp = TICK_ETERNITY;
s->si[1].flags = SI_FL_NONE;
if (likely(s->fe->options2 & PR_O2_INDEPSTR))
s->si[1].flags |= SI_FL_INDEP_STR;
session_init_srv_conn(s);
s->target = NULL;
s->pend_pos = NULL;
/* init store persistence */
s->store_count = 0;
if (unlikely((s->req = pool_alloc2(pool2_channel)) == NULL))
goto out_free_task; /* no memory */
if (unlikely((s->req->buf = pool_alloc2(pool2_buffer)) == NULL))
goto out_free_req; /* no memory */
if (unlikely((s->rep = pool_alloc2(pool2_channel)) == NULL))
goto out_free_req_buf; /* no memory */
if (unlikely((s->rep->buf = pool_alloc2(pool2_buffer)) == NULL))
goto out_free_rep; /* no memory */
/* initialize the request buffer */
s->req->buf->size = global.tune.bufsize;
channel_init(s->req);
s->req->prod = &s->si[0];
s->req->cons = &s->si[1];
s->si[0].ib = s->si[1].ob = s->req;
s->req->flags |= CF_READ_ATTACHED; /* the producer is already connected */
/* activate default analysers enabled for this listener */
s->req->analysers = l->analysers;
s->req->wto = TICK_ETERNITY;
s->req->rto = TICK_ETERNITY;
s->req->rex = TICK_ETERNITY;
s->req->wex = TICK_ETERNITY;
s->req->analyse_exp = TICK_ETERNITY;
/* initialize response buffer */
s->rep->buf->size = global.tune.bufsize;
channel_init(s->rep);
s->rep->prod = &s->si[1];
s->rep->cons = &s->si[0];
s->si[0].ob = s->si[1].ib = s->rep;
s->rep->analysers = 0;
if (s->fe->options2 & PR_O2_NODELAY) {
s->req->flags |= CF_NEVER_WAIT;
s->rep->flags |= CF_NEVER_WAIT;
}
s->rep->rto = TICK_ETERNITY;
s->rep->wto = TICK_ETERNITY;
s->rep->rex = TICK_ETERNITY;
s->rep->wex = TICK_ETERNITY;
s->rep->analyse_exp = TICK_ETERNITY;
txn = &s->txn;
/* Those variables will be checked and freed if non-NULL in
* session.c:session_free(). It is important that they are
* properly initialized.
*/
txn->sessid = NULL;
txn->srv_cookie = NULL;
txn->cli_cookie = NULL;
txn->uri = NULL;
txn->req.cap = NULL;
txn->rsp.cap = NULL;
txn->hdr_idx.v = NULL;
txn->hdr_idx.size = txn->hdr_idx.used = 0;
txn->req.flags = 0;
txn->rsp.flags = 0;
/* the HTTP messages need to know what buffer they're associated with */
txn->req.chn = s->req;
txn->rsp.chn = s->rep;
/* finish initialization of the accepted file descriptor */
conn_data_want_recv(s->si[0].conn);
if (p->accept && (ret = p->accept(s)) <= 0) {
/* Either we had an unrecoverable error (<0) or work is
* finished (=0, eg: monitoring), in both situations,
* we can release everything and close.
*/
goto out_free_rep_buf;
}
/* if logs require transport layer information, note it on the connection */
if (s->logs.logwait & LW_XPRT)
s->si[0].conn->flags |= CO_FL_XPRT_TRACKED;
/* we want the connection handler to notify the stream interface about updates. */
s->si[0].conn->flags |= CO_FL_WAKE_DATA;
/* it is important not to call the wakeup function directly but to
* pass through task_wakeup(), because this one knows how to apply
* priorities to tasks.
*/
task_wakeup(t, TASK_WOKEN_INIT);
return 1;
/* Error unrolling */
out_free_rep_buf:
pool_free2(pool2_buffer, s->rep->buf);
out_free_rep:
pool_free2(pool2_channel, s->rep);
out_free_req_buf:
pool_free2(pool2_buffer, s->req->buf);
out_free_req:
pool_free2(pool2_channel, s->req);
out_free_task:
return ret;
}
/*
* frees the context associated to a session. It must have been removed first.
*/
static void session_free(struct session *s)
{
struct http_txn *txn = &s->txn;
struct proxy *fe = s->fe;
struct bref *bref, *back;
int i;
if (s->pend_pos)
pendconn_free(s->pend_pos);
if (objt_server(s->target)) { /* there may be requests left pending in queue */
if (s->flags & SN_CURR_SESS) {
s->flags &= ~SN_CURR_SESS;
objt_server(s->target)->cur_sess--;
}
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
}
if (unlikely(s->srv_conn)) {
/* the session still has a reserved slot on a server, but
* it should normally be only the same as the one above,
* so this should not happen in fact.
*/
sess_change_server(s, NULL);
}
if (s->flags & SN_COMP_READY)
s->comp_algo->end(&s->comp_ctx);
s->comp_algo = NULL;
s->flags &= ~SN_COMP_READY;
if (s->req->pipe)
put_pipe(s->req->pipe);
if (s->rep->pipe)
put_pipe(s->rep->pipe);
pool_free2(pool2_buffer, s->req->buf);
pool_free2(pool2_buffer, s->rep->buf);
pool_free2(pool2_channel, s->req);
pool_free2(pool2_channel, s->rep);
http_end_txn(s);
/* ensure the client-side transport layer is destroyed */
s->si[0].conn->flags &= ~CO_FL_XPRT_TRACKED;
conn_full_close(s->si[0].conn);
for (i = 0; i < s->store_count; i++) {
if (!s->store[i].ts)
continue;
stksess_free(s->store[i].table, s->store[i].ts);
s->store[i].ts = NULL;
}
pool_free2(pool2_hdr_idx, txn->hdr_idx.v);
if (fe) {
pool_free2(fe->rsp_cap_pool, txn->rsp.cap);
pool_free2(fe->req_cap_pool, txn->req.cap);
}
if (s->stkctr1_entry || s->stkctr2_entry)
session_store_counters(s);
list_for_each_entry_safe(bref, back, &s->back_refs, users) {
/* we have to unlink all watchers. We must not relink them if
* this session was the last one in the list.
*/
LIST_DEL(&bref->users);
LIST_INIT(&bref->users);
if (s->list.n != &sessions)
LIST_ADDQ(&LIST_ELEM(s->list.n, struct session *, list)->back_refs, &bref->users);
bref->ref = s->list.n;
}
LIST_DEL(&s->list);
pool_free2(pool2_connection, s->si[1].conn);
pool_free2(pool2_connection, s->si[0].conn);
pool_free2(pool2_session, s);
/* We may want to free the maximum amount of pools if the proxy is stopping */
if (fe && unlikely(fe->state == PR_STSTOPPED)) {
pool_flush2(pool2_buffer);
pool_flush2(pool2_channel);
pool_flush2(pool2_hdr_idx);
pool_flush2(pool2_requri);
pool_flush2(pool2_capture);
pool_flush2(pool2_session);
pool_flush2(fe->req_cap_pool);
pool_flush2(fe->rsp_cap_pool);
}
}
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
int init_session()
{
LIST_INIT(&sessions);
pool2_session = create_pool("session", sizeof(struct session), MEM_F_SHARED);
return pool2_session != NULL;
}
void session_process_counters(struct session *s)
{
unsigned long long bytes;
if (s->req) {
bytes = s->req->total - s->logs.bytes_in;
s->logs.bytes_in = s->req->total;
if (bytes) {
s->fe->fe_counters.bytes_in += bytes;
s->be->be_counters.bytes_in += bytes;
if (objt_server(s->target))
objt_server(s->target)->counters.bytes_in += bytes;
if (s->listener->counters)
s->listener->counters->bytes_in += bytes;
if (s->stkctr2_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr2_table,
s->stkctr2_entry,
STKTABLE_DT_BYTES_IN_CNT);
if (ptr)
stktable_data_cast(ptr, bytes_in_cnt) += bytes;
ptr = stktable_data_ptr(s->stkctr2_table,
s->stkctr2_entry,
STKTABLE_DT_BYTES_IN_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, bytes_in_rate),
s->stkctr2_table->data_arg[STKTABLE_DT_BYTES_IN_RATE].u, bytes);
}
if (s->stkctr1_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr1_table,
s->stkctr1_entry,
STKTABLE_DT_BYTES_IN_CNT);
if (ptr)
stktable_data_cast(ptr, bytes_in_cnt) += bytes;
ptr = stktable_data_ptr(s->stkctr1_table,
s->stkctr1_entry,
STKTABLE_DT_BYTES_IN_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, bytes_in_rate),
s->stkctr1_table->data_arg[STKTABLE_DT_BYTES_IN_RATE].u, bytes);
}
}
}
if (s->rep) {
bytes = s->rep->total - s->logs.bytes_out;
s->logs.bytes_out = s->rep->total;
if (bytes) {
s->fe->fe_counters.bytes_out += bytes;
s->be->be_counters.bytes_out += bytes;
if (objt_server(s->target))
objt_server(s->target)->counters.bytes_out += bytes;
if (s->listener->counters)
s->listener->counters->bytes_out += bytes;
if (s->stkctr2_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr2_table,
s->stkctr2_entry,
STKTABLE_DT_BYTES_OUT_CNT);
if (ptr)
stktable_data_cast(ptr, bytes_out_cnt) += bytes;
ptr = stktable_data_ptr(s->stkctr2_table,
s->stkctr2_entry,
STKTABLE_DT_BYTES_OUT_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, bytes_out_rate),
s->stkctr2_table->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u, bytes);
}
if (s->stkctr1_entry) {
void *ptr;
ptr = stktable_data_ptr(s->stkctr1_table,
s->stkctr1_entry,
STKTABLE_DT_BYTES_OUT_CNT);
if (ptr)
stktable_data_cast(ptr, bytes_out_cnt) += bytes;
ptr = stktable_data_ptr(s->stkctr1_table,
s->stkctr1_entry,
STKTABLE_DT_BYTES_OUT_RATE);
if (ptr)
update_freq_ctr_period(&stktable_data_cast(ptr, bytes_out_rate),
s->stkctr1_table->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u, bytes);
}
}
}
}
/* This function is called with (si->state == SI_ST_CON) meaning that a
* connection was attempted and that the file descriptor is already allocated.
* We must check for establishment, error and abort. Possible output states
* are SI_ST_EST (established), SI_ST_CER (error), SI_ST_DIS (abort), and
* SI_ST_CON (no change). The function returns 0 if it switches to SI_ST_CER,
* otherwise 1.
*/
static int sess_update_st_con_tcp(struct session *s, struct stream_interface *si)
{
struct channel *req = si->ob;
struct channel *rep = si->ib;
/* If we got an error, or if nothing happened and the connection timed
* out, we must give up. The CER state handler will take care of retry
* attempts and error reports.
*/
if (unlikely(si->flags & (SI_FL_EXP|SI_FL_ERR))) {
if (unlikely(si->ob->flags & CF_WRITE_PARTIAL)) {
/* Some data were sent past the connection establishment,
* so we need to pretend we're established to log correctly
* and let later states handle the failure.
*/
s->logs.t_connect = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->exp = TICK_ETERNITY;
si->state = SI_ST_EST;
si->err_type = SI_ET_DATA_ERR;
si->ib->flags |= CF_READ_ERROR | CF_WRITE_ERROR;
si->err_loc = objt_server(s->target);
return 1;
}
si->exp = TICK_ETERNITY;
si->state = SI_ST_CER;
si->conn->flags &= ~CO_FL_XPRT_TRACKED;
conn_full_close(si->conn);
if (si->release)
si->release(si);
if (si->err_type)
return 0;
si->err_loc = objt_server(s->target);
if (si->flags & SI_FL_ERR)
si->err_type = SI_ET_CONN_ERR;
else
si->err_type = SI_ET_CONN_TO;
return 0;
}
/* OK, maybe we want to abort */
if (unlikely((rep->flags & CF_SHUTW) ||
((req->flags & CF_SHUTW_NOW) && /* FIXME: this should not prevent a connection from establishing */
((!(req->flags & CF_WRITE_ACTIVITY) && channel_is_empty(req)) ||
s->be->options & PR_O_ABRT_CLOSE)))) {
/* give up */
si_shutw(si);
si->err_type |= SI_ET_CONN_ABRT;
si->err_loc = objt_server(s->target);
if (s->srv_error)
s->srv_error(s, si);
return 1;
}
/* we need to wait a bit more if there was no activity either */
if (!(req->flags & CF_WRITE_ACTIVITY))
return 1;
/* OK, this means that a connection succeeded. The caller will be
* responsible for handling the transition from CON to EST.
*/
s->logs.t_connect = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->exp = TICK_ETERNITY;
si->state = SI_ST_EST;
si->err_type = SI_ET_NONE;
si->err_loc = NULL;
return 1;
}
/* This function is called with (si->state == SI_ST_CER) meaning that a
* previous connection attempt has failed and that the file descriptor
* has already been released. Possible causes include asynchronous error
* notification and time out. Possible output states are SI_ST_CLO when
* retries are exhausted, SI_ST_TAR when a delay is wanted before a new
* connection attempt, SI_ST_ASS when it's wise to retry on the same server,
* and SI_ST_REQ when an immediate redispatch is wanted. The buffers are
* marked as in error state. It returns 0.
*/
static int sess_update_st_cer(struct session *s, struct stream_interface *si)
{
/* we probably have to release last session from the server */
if (objt_server(s->target)) {
health_adjust(objt_server(s->target), HANA_STATUS_L4_ERR);
if (s->flags & SN_CURR_SESS) {
s->flags &= ~SN_CURR_SESS;
objt_server(s->target)->cur_sess--;
}
}
/* ensure that we have enough retries left */
si->conn_retries--;
if (si->conn_retries < 0) {
if (!si->err_type) {
si->err_type = SI_ET_CONN_ERR;
si->err_loc = objt_server(s->target);
}
if (objt_server(s->target))
objt_server(s->target)->counters.failed_conns++;
s->be->be_counters.failed_conns++;
sess_change_server(s, NULL);
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
/* shutw is enough so stop a connecting socket */
si_shutw(si);
si->ob->flags |= CF_WRITE_ERROR;
si->ib->flags |= CF_READ_ERROR;
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return 0;
}
/* If the "redispatch" option is set on the backend, we are allowed to
* retry on another server for the last retry. In order to achieve this,
* we must mark the session unassigned, and eventually clear the DIRECT
* bit to ignore any persistence cookie. We won't count a retry nor a
* redispatch yet, because this will depend on what server is selected.
*/
if (objt_server(s->target) && si->conn_retries == 0 &&
s->be->options & PR_O_REDISP && !(s->flags & SN_FORCE_PRST)) {
sess_change_server(s, NULL);
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
s->flags &= ~(SN_DIRECT | SN_ASSIGNED | SN_ADDR_SET);
si->state = SI_ST_REQ;
} else {
if (objt_server(s->target))
objt_server(s->target)->counters.retries++;
s->be->be_counters.retries++;
si->state = SI_ST_ASS;
}
if (si->flags & SI_FL_ERR) {
/* The error was an asynchronous connection error, and we will
* likely have to retry connecting to the same server, most
* likely leading to the same result. To avoid this, we wait
* one second before retrying.
*/
if (!si->err_type)
si->err_type = SI_ET_CONN_ERR;
si->state = SI_ST_TAR;
si->exp = tick_add(now_ms, MS_TO_TICKS(1000));
return 0;
}
return 0;
}
/*
* This function handles the transition between the SI_ST_CON state and the
* SI_ST_EST state. It must only be called after switching from SI_ST_CON (or
* SI_ST_INI) to SI_ST_EST, but only when a ->proto is defined.
*/
static void sess_establish(struct session *s, struct stream_interface *si)
{
struct channel *req = si->ob;
struct channel *rep = si->ib;
if (objt_server(s->target))
health_adjust(objt_server(s->target), HANA_STATUS_L4_OK);
if (s->be->mode == PR_MODE_TCP) { /* let's allow immediate data connection in this case */
/* if the user wants to log as soon as possible, without counting
* bytes from the server, then this is the right moment. */
if (s->fe->to_log && !(s->logs.logwait & LW_BYTES)) {
s->logs.t_close = s->logs.t_connect; /* to get a valid end date */
s->do_log(s);
}
}
else {
s->txn.rsp.msg_state = HTTP_MSG_RPBEFORE;
/* reset hdr_idx which was already initialized by the request.
* right now, the http parser does it.
* hdr_idx_init(&s->txn.hdr_idx);
*/
}
rep->analysers |= s->fe->fe_rsp_ana | s->be->be_rsp_ana;
rep->flags |= CF_READ_ATTACHED; /* producer is now attached */
if (si_ctrl(si)) {
/* real connections have timeouts */
req->wto = s->be->timeout.server;
rep->rto = s->be->timeout.server;
}
req->wex = TICK_ETERNITY;
}
/* Update stream interface status for input states SI_ST_ASS, SI_ST_QUE, SI_ST_TAR.
* Other input states are simply ignored.
* Possible output states are SI_ST_CLO, SI_ST_TAR, SI_ST_ASS, SI_ST_REQ, SI_ST_CON.
* Flags must have previously been updated for timeouts and other conditions.
*/
static void sess_update_stream_int(struct session *s, struct stream_interface *si)
{
struct server *srv = objt_server(s->target);
DPRINTF(stderr,"[%u] %s: sess=%p rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d\n",
now_ms, __FUNCTION__,
s,
s->req, s->rep,
s->req->rex, s->rep->wex,
s->req->flags, s->rep->flags,
s->req->buf->i, s->req->buf->o, s->rep->buf->i, s->rep->buf->o, s->rep->cons->state, s->req->cons->state);
if (si->state == SI_ST_ASS) {
/* Server assigned to connection request, we have to try to connect now */
int conn_err;
conn_err = connect_server(s);
srv = objt_server(s->target);
if (conn_err == SN_ERR_NONE) {
/* state = SI_ST_CON now */
if (srv)
srv_inc_sess_ctr(srv);
return;
}
/* We have received a synchronous error. We might have to
* abort, retry immediately or redispatch.
*/
if (conn_err == SN_ERR_INTERNAL) {
if (!si->err_type) {
si->err_type = SI_ET_CONN_OTHER;
si->err_loc = srv;
}
if (srv)
srv_inc_sess_ctr(srv);
if (srv)
srv->counters.failed_conns++;
s->be->be_counters.failed_conns++;
/* release other sessions waiting for this server */
sess_change_server(s, NULL);
if (may_dequeue_tasks(srv, s->be))
process_srv_queue(srv);
/* Failed and not retryable. */
si_shutr(si);
si_shutw(si);
si->ob->flags |= CF_WRITE_ERROR;
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
/* no session was ever accounted for this server */
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
/* We are facing a retryable error, but we don't want to run a
* turn-around now, as the problem is likely a source port
* allocation problem, so we want to retry now.
*/
si->state = SI_ST_CER;
si->flags &= ~SI_FL_ERR;
sess_update_st_cer(s, si);
/* now si->state is one of SI_ST_CLO, SI_ST_TAR, SI_ST_ASS, SI_ST_REQ */
return;
}
else if (si->state == SI_ST_QUE) {
/* connection request was queued, check for any update */
if (!s->pend_pos) {
/* The connection is not in the queue anymore. Either
* we have a server connection slot available and we
* go directly to the assigned state, or we need to
* load-balance first and go to the INI state.
*/
si->exp = TICK_ETERNITY;
if (unlikely(!(s->flags & SN_ASSIGNED)))
si->state = SI_ST_REQ;
else {
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->state = SI_ST_ASS;
}
return;
}
/* Connection request still in queue... */
if (si->flags & SI_FL_EXP) {
/* ... and timeout expired */
si->exp = TICK_ETERNITY;
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
if (srv)
srv->counters.failed_conns++;
s->be->be_counters.failed_conns++;
si_shutr(si);
si_shutw(si);
si->ob->flags |= CF_WRITE_TIMEOUT;
if (!si->err_type)
si->err_type = SI_ET_QUEUE_TO;
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
/* Connection remains in queue, check if we have to abort it */
if ((si->ob->flags & (CF_READ_ERROR)) ||
((si->ob->flags & CF_SHUTW_NOW) && /* empty and client aborted */
(channel_is_empty(si->ob) || s->be->options & PR_O_ABRT_CLOSE))) {
/* give up */
si->exp = TICK_ETERNITY;
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si_shutr(si);
si_shutw(si);
si->err_type |= SI_ET_QUEUE_ABRT;
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
/* Nothing changed */
return;
}
else if (si->state == SI_ST_TAR) {
/* Connection request might be aborted */
if ((si->ob->flags & (CF_READ_ERROR)) ||
((si->ob->flags & CF_SHUTW_NOW) && /* empty and client aborted */
(channel_is_empty(si->ob) || s->be->options & PR_O_ABRT_CLOSE))) {
/* give up */
si->exp = TICK_ETERNITY;
si_shutr(si);
si_shutw(si);
si->err_type |= SI_ET_CONN_ABRT;
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
if (!(si->flags & SI_FL_EXP))
return; /* still in turn-around */
si->exp = TICK_ETERNITY;
/* we keep trying on the same server as long as the session is
* marked "assigned".
* FIXME: Should we force a redispatch attempt when the server is down ?
*/
if (s->flags & SN_ASSIGNED)
si->state = SI_ST_ASS;
else
si->state = SI_ST_REQ;
return;
}
}
/* Set correct session termination flags in case no analyser has done it. It
* also counts a failed request if the server state has not reached the request
* stage.
*/
static void sess_set_term_flags(struct session *s)
{
if (!(s->flags & SN_FINST_MASK)) {
if (s->si[1].state < SI_ST_REQ) {
s->fe->fe_counters.failed_req++;
if (s->listener->counters)
s->listener->counters->failed_req++;
s->flags |= SN_FINST_R;
}
else if (s->si[1].state == SI_ST_QUE)
s->flags |= SN_FINST_Q;
else if (s->si[1].state < SI_ST_EST)
s->flags |= SN_FINST_C;
else if (s->si[1].state == SI_ST_EST || s->si[1].prev_state == SI_ST_EST)
s->flags |= SN_FINST_D;
else
s->flags |= SN_FINST_L;
}
}
/* This function initiates a server connection request on a stream interface
* already in SI_ST_REQ state. Upon success, the state goes to SI_ST_ASS,
* indicating that a server has been assigned. It may also return SI_ST_QUE,
* or SI_ST_CLO upon error.
*/
static void sess_prepare_conn_req(struct session *s, struct stream_interface *si)
{
DPRINTF(stderr,"[%u] %s: sess=%p rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d\n",
now_ms, __FUNCTION__,
s,
s->req, s->rep,
s->req->rex, s->rep->wex,
s->req->flags, s->rep->flags,
s->req->buf->i, s->req->buf->o, s->rep->buf->i, s->rep->buf->o, s->rep->cons->state, s->req->cons->state);
if (si->state != SI_ST_REQ)
return;
/* Try to assign a server */
if (srv_redispatch_connect(s) != 0) {
/* We did not get a server. Either we queued the
* connection request, or we encountered an error.
*/
if (si->state == SI_ST_QUE)
return;
/* we did not get any server, let's check the cause */
si_shutr(si);
si_shutw(si);
si->ob->flags |= CF_WRITE_ERROR;
if (!si->err_type)
si->err_type = SI_ET_CONN_OTHER;
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
/* The server is assigned */
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->state = SI_ST_ASS;
}
/* This stream analyser checks the switching rules and changes the backend
* if appropriate. The default_backend rule is also considered, then the
* target backend's forced persistence rules are also evaluated last if any.
* It returns 1 if the processing can continue on next analysers, or zero if it
* either needs more data or wants to immediately abort the request.
*/
static int process_switching_rules(struct session *s, struct channel *req, int an_bit)
{
struct persist_rule *prst_rule;
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
req->buf->i,
req->analysers);
/* now check whether we have some switching rules for this request */
if (!(s->flags & SN_BE_ASSIGNED)) {
struct switching_rule *rule;
list_for_each_entry(rule, &s->fe->switching_rules, list) {
int ret;
ret = acl_exec_cond(rule->cond, s->fe, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
if (ret) {
if (!session_set_backend(s, rule->be.backend))
goto sw_failed;
break;
}
}
/* To ensure correct connection accounting on the backend, we
* have to assign one if it was not set (eg: a listen). This
* measure also takes care of correctly setting the default
* backend if any.
*/
if (!(s->flags & SN_BE_ASSIGNED))
if (!session_set_backend(s, s->fe->defbe.be ? s->fe->defbe.be : s->be))
goto sw_failed;
}
/* we don't want to run the TCP or HTTP filters again if the backend has not changed */
if (s->fe == s->be) {
s->req->analysers &= ~AN_REQ_INSPECT_BE;
s->req->analysers &= ~AN_REQ_HTTP_PROCESS_BE;
}
/* as soon as we know the backend, we must check if we have a matching forced or ignored
* persistence rule, and report that in the session.
*/
list_for_each_entry(prst_rule, &s->be->persist_rules, list) {
int ret = 1;
if (prst_rule->cond) {
ret = acl_exec_cond(prst_rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
ret = acl_pass(ret);
if (prst_rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
/* no rule, or the rule matches */
if (prst_rule->type == PERSIST_TYPE_FORCE) {
s->flags |= SN_FORCE_PRST;
} else {
s->flags |= SN_IGNORE_PRST;
}
break;
}
}
return 1;
sw_failed:
/* immediately abort this request in case of allocation failure */
channel_abort(s->req);
channel_abort(s->rep);
if (!(s->flags & SN_ERR_MASK))
s->flags |= SN_ERR_RESOURCE;
if (!(s->flags & SN_FINST_MASK))
s->flags |= SN_FINST_R;
s->txn.status = 500;
s->req->analysers = 0;
s->req->analyse_exp = TICK_ETERNITY;
return 0;
}
/* This stream analyser works on a request. It applies all use-server rules on
* it then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
static int process_server_rules(struct session *s, struct channel *req, int an_bit)
{
struct proxy *px = s->be;
struct server_rule *rule;
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bl=%d analysers=%02x\n",
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
req->buf->i + req->buf->o,
req->analysers);
if (!(s->flags & SN_ASSIGNED)) {
list_for_each_entry(rule, &px->server_rules, list) {
int ret;
ret = acl_exec_cond(rule->cond, s->be, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
if (ret) {
struct server *srv = rule->srv.ptr;
if ((srv->state & SRV_RUNNING) ||
(px->options & PR_O_PERSIST) ||
(s->flags & SN_FORCE_PRST)) {
s->flags |= SN_DIRECT | SN_ASSIGNED;
s->target = &srv->obj_type;
break;
}
/* if the server is not UP, let's go on with next rules
* just in case another one is suited.
*/
}
}
}
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
return 1;
}
/* This stream analyser works on a request. It applies all sticking rules on
* it then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
static int process_sticking_rules(struct session *s, struct channel *req, int an_bit)
{
struct proxy *px = s->be;
struct sticking_rule *rule;
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
req->buf->i,
req->analysers);
list_for_each_entry(rule, &px->sticking_rules, list) {
int ret = 1 ;
int i;
for (i = 0; i < s->store_count; i++) {
if (rule->table.t == s->store[i].table)
break;
}
if (i != s->store_count)
continue;
if (rule->cond) {
ret = acl_exec_cond(rule->cond, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
struct stktable_key *key;
key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr);
if (!key)
continue;
if (rule->flags & STK_IS_MATCH) {
struct stksess *ts;
if ((ts = stktable_lookup_key(rule->table.t, key)) != NULL) {
if (!(s->flags & SN_ASSIGNED)) {
struct eb32_node *node;
void *ptr;
/* srv found in table */
ptr = stktable_data_ptr(rule->table.t, ts, STKTABLE_DT_SERVER_ID);
node = eb32_lookup(&px->conf.used_server_id, stktable_data_cast(ptr, server_id));
if (node) {
struct server *srv;
srv = container_of(node, struct server, conf.id);
if ((srv->state & SRV_RUNNING) ||
(px->options & PR_O_PERSIST) ||
(s->flags & SN_FORCE_PRST)) {
s->flags |= SN_DIRECT | SN_ASSIGNED;
s->target = &srv->obj_type;
}
}
}
stktable_touch(rule->table.t, ts, 1);
}
}
if (rule->flags & STK_IS_STORE) {
if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) {
struct stksess *ts;
ts = stksess_new(rule->table.t, key);
if (ts) {
s->store[s->store_count].table = rule->table.t;
s->store[s->store_count++].ts = ts;
}
}
}
}
}
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
return 1;
}
/* This stream analyser works on a response. It applies all store rules on it
* then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
static int process_store_rules(struct session *s, struct channel *rep, int an_bit)
{
struct proxy *px = s->be;
struct sticking_rule *rule;
int i;
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
now_ms, __FUNCTION__,
s,
rep,
rep->rex, rep->wex,
rep->flags,
rep->buf->i,
rep->analysers);
list_for_each_entry(rule, &px->storersp_rules, list) {
int ret = 1 ;
int storereqidx = -1;
for (i = 0; i < s->store_count; i++) {
if (rule->table.t == s->store[i].table) {
if (!(s->store[i].flags))
storereqidx = i;
break;
}
}
if ((i != s->store_count) && (storereqidx == -1))
continue;
if (rule->cond) {
ret = acl_exec_cond(rule->cond, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL);
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
struct stktable_key *key;
key = stktable_fetch_key(rule->table.t, px, s, &s->txn, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr);
if (!key)
continue;
if (storereqidx != -1) {
stksess_setkey(s->store[storereqidx].table, s->store[storereqidx].ts, key);
s->store[storereqidx].flags = 1;
}
else if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) {
struct stksess *ts;
ts = stksess_new(rule->table.t, key);
if (ts) {
s->store[s->store_count].table = rule->table.t;
s->store[s->store_count].flags = 1;
s->store[s->store_count++].ts = ts;
}
}
}
}
/* process store request and store response */
for (i = 0; i < s->store_count; i++) {
struct stksess *ts;
void *ptr;
if (objt_server(s->target) && objt_server(s->target)->state & SRV_NON_STICK) {
stksess_free(s->store[i].table, s->store[i].ts);
s->store[i].ts = NULL;
continue;
}
ts = stktable_lookup(s->store[i].table, s->store[i].ts);
if (ts) {
/* the entry already existed, we can free ours */
stktable_touch(s->store[i].table, ts, 1);
stksess_free(s->store[i].table, s->store[i].ts);
}
else
ts = stktable_store(s->store[i].table, s->store[i].ts, 1);
s->store[i].ts = NULL;
ptr = stktable_data_ptr(s->store[i].table, ts, STKTABLE_DT_SERVER_ID);
stktable_data_cast(ptr, server_id) = objt_server(s->target)->puid;
}
s->store_count = 0; /* everything is stored */
rep->analysers &= ~an_bit;
rep->analyse_exp = TICK_ETERNITY;
return 1;
}
/* This macro is very specific to the function below. See the comments in
* process_session() below to understand the logic and the tests.
*/
#define UPDATE_ANALYSERS(real, list, back, flag) { \
list = (((list) & ~(flag)) | ~(back)) & (real); \
back = real; \
if (!(list)) \
break; \
if (((list) ^ ((list) & ((list) - 1))) < (flag)) \
continue; \
}
/* Processes the client, server, request and response jobs of a session task,
* then puts it back to the wait queue in a clean state, or cleans up its
* resources if it must be deleted. Returns in <next> the date the task wants
* to be woken up, or TICK_ETERNITY. In order not to call all functions for
* nothing too many times, the request and response buffers flags are monitored
* and each function is called only if at least another function has changed at
* least one flag it is interested in.
*/
struct task *process_session(struct task *t)
{
struct server *srv;
struct session *s = t->context;
unsigned int rqf_last, rpf_last;
unsigned int rq_prod_last, rq_cons_last;
unsigned int rp_cons_last, rp_prod_last;
unsigned int req_ana_back;
//DPRINTF(stderr, "%s:%d: cs=%d ss=%d(%d) rqf=0x%08x rpf=0x%08x\n", __FUNCTION__, __LINE__,
// s->si[0].state, s->si[1].state, s->si[1].err_type, s->req->flags, s->rep->flags);
/* this data may be no longer valid, clear it */
memset(&s->txn.auth, 0, sizeof(s->txn.auth));
/* This flag must explicitly be set every time */
s->req->flags &= ~CF_READ_NOEXP;
/* Keep a copy of req/rep flags so that we can detect shutdowns */
rqf_last = s->req->flags & ~CF_MASK_ANALYSER;
rpf_last = s->rep->flags & ~CF_MASK_ANALYSER;
/* we don't want the stream interface functions to recursively wake us up */
if (s->req->prod->owner == t)
s->req->prod->flags |= SI_FL_DONT_WAKE;
if (s->req->cons->owner == t)
s->req->cons->flags |= SI_FL_DONT_WAKE;
/* 1a: Check for low level timeouts if needed. We just set a flag on
* stream interfaces when their timeouts have expired.
*/
if (unlikely(t->state & TASK_WOKEN_TIMER)) {
stream_int_check_timeouts(&s->si[0]);
stream_int_check_timeouts(&s->si[1]);
/* check channel timeouts, and close the corresponding stream interfaces
* for future reads or writes. Note: this will also concern upper layers
* but we do not touch any other flag. We must be careful and correctly
* detect state changes when calling them.
*/
channel_check_timeouts(s->req);
if (unlikely((s->req->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) {
s->req->cons->flags |= SI_FL_NOLINGER;
si_shutw(s->req->cons);
}
if (unlikely((s->req->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) {
if (s->req->prod->flags & SI_FL_NOHALF)
s->req->prod->flags |= SI_FL_NOLINGER;
si_shutr(s->req->prod);
}
channel_check_timeouts(s->rep);
if (unlikely((s->rep->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) {
s->rep->cons->flags |= SI_FL_NOLINGER;
si_shutw(s->rep->cons);
}
if (unlikely((s->rep->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) {
if (s->rep->prod->flags & SI_FL_NOHALF)
s->rep->prod->flags |= SI_FL_NOLINGER;
si_shutr(s->rep->prod);
}
/* Once in a while we're woken up because the task expires. But
* this does not necessarily mean that a timeout has been reached.
* So let's not run a whole session processing if only an expiration
* timeout needs to be refreshed.
*/
if (!((s->req->flags | s->rep->flags) &
(CF_SHUTR|CF_READ_ACTIVITY|CF_READ_TIMEOUT|CF_SHUTW|
CF_WRITE_ACTIVITY|CF_WRITE_TIMEOUT|CF_ANA_TIMEOUT)) &&
!((s->si[0].flags | s->si[1].flags) & (SI_FL_EXP|SI_FL_ERR)) &&
((t->state & TASK_WOKEN_ANY) == TASK_WOKEN_TIMER))
goto update_exp_and_leave;
}
/* 1b: check for low-level errors reported at the stream interface.
* First we check if it's a retryable error (in which case we don't
* want to tell the buffer). Otherwise we report the error one level
* upper by setting flags into the buffers. Note that the side towards
* the client cannot have connect (hence retryable) errors. Also, the
* connection setup code must be able to deal with any type of abort.
*/
srv = objt_server(s->target);
if (unlikely(s->si[0].flags & SI_FL_ERR)) {
if (s->si[0].state == SI_ST_EST || s->si[0].state == SI_ST_DIS) {
si_shutr(&s->si[0]);
si_shutw(&s->si[0]);
stream_int_report_error(&s->si[0]);
if (!(s->req->analysers) && !(s->rep->analysers)) {
s->be->be_counters.cli_aborts++;
s->fe->fe_counters.cli_aborts++;
if (srv)
srv->counters.cli_aborts++;
if (!(s->flags & SN_ERR_MASK))
s->flags |= SN_ERR_CLICL;
if (!(s->flags & SN_FINST_MASK))
s->flags |= SN_FINST_D;
}
}
}
if (unlikely(s->si[1].flags & SI_FL_ERR)) {
if (s->si[1].state == SI_ST_EST || s->si[1].state == SI_ST_DIS) {
si_shutr(&s->si[1]);
si_shutw(&s->si[1]);
stream_int_report_error(&s->si[1]);
s->be->be_counters.failed_resp++;
if (srv)
srv->counters.failed_resp++;
if (!(s->req->analysers) && !(s->rep->analysers)) {
s->be->be_counters.srv_aborts++;
s->fe->fe_counters.srv_aborts++;
if (srv)
srv->counters.srv_aborts++;
if (!(s->flags & SN_ERR_MASK))
s->flags |= SN_ERR_SRVCL;
if (!(s->flags & SN_FINST_MASK))
s->flags |= SN_FINST_D;
}
}
/* note: maybe we should process connection errors here ? */
}
if (s->si[1].state == SI_ST_CON) {
/* we were trying to establish a connection on the server side,
* maybe it succeeded, maybe it failed, maybe we timed out, ...
*/
if (unlikely(!sess_update_st_con_tcp(s, &s->si[1])))
sess_update_st_cer(s, &s->si[1]);
else if (s->si[1].state == SI_ST_EST)
sess_establish(s, &s->si[1]);
/* state is now one of SI_ST_CON (still in progress), SI_ST_EST
* (established), SI_ST_DIS (abort), SI_ST_CLO (last error),
* SI_ST_ASS/SI_ST_TAR/SI_ST_REQ for retryable errors.
*/
}
rq_prod_last = s->si[0].state;
rq_cons_last = s->si[1].state;
rp_cons_last = s->si[0].state;
rp_prod_last = s->si[1].state;
resync_stream_interface:
/* Check for connection closure */
DPRINTF(stderr,
"[%u] %s:%d: task=%p s=%p, sfl=0x%08x, rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d, cet=0x%x set=0x%x retr=%d\n",
now_ms, __FUNCTION__, __LINE__,
t,
s, s->flags,
s->req, s->rep,
s->req->rex, s->rep->wex,
s->req->flags, s->rep->flags,
s->req->buf->i, s->req->buf->o, s->rep->buf->i, s->rep->buf->o, s->rep->cons->state, s->req->cons->state,
s->rep->cons->err_type, s->req->cons->err_type,
s->req->cons->conn_retries);
/* nothing special to be done on client side */
if (unlikely(s->req->prod->state == SI_ST_DIS))
s->req->prod->state = SI_ST_CLO;
/* When a server-side connection is released, we have to count it and
* check for pending connections on this server.
*/
if (unlikely(s->req->cons->state == SI_ST_DIS)) {
s->req->cons->state = SI_ST_CLO;
srv = objt_server(s->target);
if (srv) {
if (s->flags & SN_CURR_SESS) {
s->flags &= ~SN_CURR_SESS;
srv->cur_sess--;
}
sess_change_server(s, NULL);
if (may_dequeue_tasks(srv, s->be))
process_srv_queue(srv);
}
}
/*
* Note: of the transient states (REQ, CER, DIS), only REQ may remain
* at this point.
*/
resync_request:
/* Analyse request */
if (((s->req->flags & ~rqf_last) & CF_MASK_ANALYSER) ||
((s->req->flags ^ rqf_last) & CF_MASK_STATIC) ||
s->si[0].state != rq_prod_last ||
s->si[1].state != rq_cons_last) {
unsigned int flags = s->req->flags;
if (s->req->prod->state >= SI_ST_EST) {
int max_loops = global.tune.maxpollevents;
unsigned int ana_list;
unsigned int ana_back;
/* it's up to the analysers to stop new connections,
* disable reading or closing. Note: if an analyser
* disables any of these bits, it is responsible for
* enabling them again when it disables itself, so
* that other analysers are called in similar conditions.
*/
channel_auto_read(s->req);
channel_auto_connect(s->req);
channel_auto_close(s->req);
/* We will call all analysers for which a bit is set in
* s->req->analysers, following the bit order from LSB
* to MSB. The analysers must remove themselves from
* the list when not needed. Any analyser may return 0
* to break out of the loop, either because of missing
* data to take a decision, or because it decides to
* kill the session. We loop at least once through each
* analyser, and we may loop again if other analysers
* are added in the middle.
*
* We build a list of analysers to run. We evaluate all
* of these analysers in the order of the lower bit to
* the higher bit. This ordering is very important.
* An analyser will often add/remove other analysers,
* including itself. Any changes to itself have no effect
* on the loop. If it removes any other analysers, we
* want those analysers not to be called anymore during
* this loop. If it adds an analyser that is located
* after itself, we want it to be scheduled for being
* processed during the loop. If it adds an analyser
* which is located before it, we want it to switch to
* it immediately, even if it has already been called
* once but removed since.
*
* In order to achieve this, we compare the analyser
* list after the call with a copy of it before the
* call. The work list is fed with analyser bits that
* appeared during the call. Then we compare previous
* work list with the new one, and check the bits that
* appeared. If the lowest of these bits is lower than
* the current bit, it means we have enabled a previous
* analyser and must immediately loop again.
*/
ana_list = ana_back = s->req->analysers;
while (ana_list && max_loops--) {
/* Warning! ensure that analysers are always placed in ascending order! */
if (ana_list & AN_REQ_INSPECT_FE) {
if (!tcp_inspect_request(s, s->req, AN_REQ_INSPECT_FE))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_INSPECT_FE);
}
if (ana_list & AN_REQ_WAIT_HTTP) {
if (!http_wait_for_request(s, s->req, AN_REQ_WAIT_HTTP))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_WAIT_HTTP);
}
if (ana_list & AN_REQ_HTTP_PROCESS_FE) {
if (!http_process_req_common(s, s->req, AN_REQ_HTTP_PROCESS_FE, s->fe))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_PROCESS_FE);
}
if (ana_list & AN_REQ_SWITCHING_RULES) {
if (!process_switching_rules(s, s->req, AN_REQ_SWITCHING_RULES))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_SWITCHING_RULES);
}
if (ana_list & AN_REQ_INSPECT_BE) {
if (!tcp_inspect_request(s, s->req, AN_REQ_INSPECT_BE))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_INSPECT_BE);
}
if (ana_list & AN_REQ_HTTP_PROCESS_BE) {
if (!http_process_req_common(s, s->req, AN_REQ_HTTP_PROCESS_BE, s->be))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_PROCESS_BE);
}
if (ana_list & AN_REQ_HTTP_TARPIT) {
if (!http_process_tarpit(s, s->req, AN_REQ_HTTP_TARPIT))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_TARPIT);
}
if (ana_list & AN_REQ_SRV_RULES) {
if (!process_server_rules(s, s->req, AN_REQ_SRV_RULES))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_SRV_RULES);
}
if (ana_list & AN_REQ_HTTP_INNER) {
if (!http_process_request(s, s->req, AN_REQ_HTTP_INNER))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_INNER);
}
if (ana_list & AN_REQ_HTTP_BODY) {
if (!http_process_request_body(s, s->req, AN_REQ_HTTP_BODY))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_BODY);
}
if (ana_list & AN_REQ_PRST_RDP_COOKIE) {
if (!tcp_persist_rdp_cookie(s, s->req, AN_REQ_PRST_RDP_COOKIE))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_PRST_RDP_COOKIE);
}
if (ana_list & AN_REQ_STICKING_RULES) {
if (!process_sticking_rules(s, s->req, AN_REQ_STICKING_RULES))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_STICKING_RULES);
}
if (ana_list & AN_REQ_HTTP_XFER_BODY) {
if (!http_request_forward_body(s, s->req, AN_REQ_HTTP_XFER_BODY))
break;
UPDATE_ANALYSERS(s->req->analysers, ana_list, ana_back, AN_REQ_HTTP_XFER_BODY);
}
break;
}
}
rq_prod_last = s->si[0].state;
rq_cons_last = s->si[1].state;
s->req->flags &= ~CF_WAKE_ONCE;
rqf_last = s->req->flags;
if ((s->req->flags ^ flags) & CF_MASK_STATIC)
goto resync_request;
}
/* we'll monitor the request analysers while parsing the response,
* because some response analysers may indirectly enable new request
* analysers (eg: HTTP keep-alive).
*/
req_ana_back = s->req->analysers;
resync_response:
/* Analyse response */
if (((s->rep->flags & ~rpf_last) & CF_MASK_ANALYSER) ||
(s->rep->flags ^ rpf_last) & CF_MASK_STATIC ||
s->si[0].state != rp_cons_last ||
s->si[1].state != rp_prod_last) {
unsigned int flags = s->rep->flags;
if ((s->rep->flags & CF_MASK_ANALYSER) &&
(s->rep->analysers & AN_REQ_WAIT_HTTP)) {
/* Due to HTTP pipelining, the HTTP request analyser might be waiting
* for some free space in the response buffer, so we might need to call
* it when something changes in the response buffer, but still we pass
* it the request buffer. Note that the SI state might very well still
* be zero due to us returning a flow of redirects!
*/
s->rep->analysers &= ~AN_REQ_WAIT_HTTP;
s->req->flags |= CF_WAKE_ONCE;
}
if (s->rep->prod->state >= SI_ST_EST) {
int max_loops = global.tune.maxpollevents;
unsigned int ana_list;
unsigned int ana_back;
/* it's up to the analysers to stop disable reading or
* closing. Note: if an analyser disables any of these
* bits, it is responsible for enabling them again when
* it disables itself, so that other analysers are called
* in similar conditions.
*/
channel_auto_read(s->rep);
channel_auto_close(s->rep);
/* We will call all analysers for which a bit is set in
* s->rep->analysers, following the bit order from LSB
* to MSB. The analysers must remove themselves from
* the list when not needed. Any analyser may return 0
* to break out of the loop, either because of missing
* data to take a decision, or because it decides to
* kill the session. We loop at least once through each
* analyser, and we may loop again if other analysers
* are added in the middle.
*/
ana_list = ana_back = s->rep->analysers;
while (ana_list && max_loops--) {
/* Warning! ensure that analysers are always placed in ascending order! */
if (ana_list & AN_RES_INSPECT) {
if (!tcp_inspect_response(s, s->rep, AN_RES_INSPECT))
break;
UPDATE_ANALYSERS(s->rep->analysers, ana_list, ana_back, AN_RES_INSPECT);
}
if (ana_list & AN_RES_WAIT_HTTP) {
if (!http_wait_for_response(s, s->rep, AN_RES_WAIT_HTTP))
break;
UPDATE_ANALYSERS(s->rep->analysers, ana_list, ana_back, AN_RES_WAIT_HTTP);
}
if (ana_list & AN_RES_STORE_RULES) {
if (!process_store_rules(s, s->rep, AN_RES_STORE_RULES))
break;
UPDATE_ANALYSERS(s->rep->analysers, ana_list, ana_back, AN_RES_STORE_RULES);
}
if (ana_list & AN_RES_HTTP_PROCESS_BE) {
if (!http_process_res_common(s, s->rep, AN_RES_HTTP_PROCESS_BE, s->be))
break;
UPDATE_ANALYSERS(s->rep->analysers, ana_list, ana_back, AN_RES_HTTP_PROCESS_BE);
}
if (ana_list & AN_RES_HTTP_XFER_BODY) {
if (!http_response_forward_body(s, s->rep, AN_RES_HTTP_XFER_BODY))
break;
UPDATE_ANALYSERS(s->rep->analysers, ana_list, ana_back, AN_RES_HTTP_XFER_BODY);
}
break;
}
}
rp_cons_last = s->si[0].state;
rp_prod_last = s->si[1].state;
rpf_last = s->rep->flags;
if ((s->rep->flags ^ flags) & CF_MASK_STATIC)
goto resync_response;
}
/* maybe someone has added some request analysers, so we must check and loop */
if (s->req->analysers & ~req_ana_back)
goto resync_request;
if ((s->req->flags & ~rqf_last) & CF_MASK_ANALYSER)
goto resync_request;
/* FIXME: here we should call protocol handlers which rely on
* both buffers.
*/
/*
* Now we propagate unhandled errors to the session. Normally
* we're just in a data phase here since it means we have not
* seen any analyser who could set an error status.
*/
srv = objt_server(s->target);
if (unlikely(!(s->flags & SN_ERR_MASK))) {
if (s->req->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) {
/* Report it if the client got an error or a read timeout expired */
s->req->analysers = 0;
if (s->req->flags & CF_READ_ERROR) {
s->be->be_counters.cli_aborts++;
s->fe->fe_counters.cli_aborts++;
if (srv)
srv->counters.cli_aborts++;
s->flags |= SN_ERR_CLICL;
}
else if (s->req->flags & CF_READ_TIMEOUT) {
s->be->be_counters.cli_aborts++;
s->fe->fe_counters.cli_aborts++;
if (srv)
srv->counters.cli_aborts++;
s->flags |= SN_ERR_CLITO;
}
else if (s->req->flags & CF_WRITE_ERROR) {
s->be->be_counters.srv_aborts++;
s->fe->fe_counters.srv_aborts++;
if (srv)
srv->counters.srv_aborts++;
s->flags |= SN_ERR_SRVCL;
}
else {
s->be->be_counters.srv_aborts++;
s->fe->fe_counters.srv_aborts++;
if (srv)
srv->counters.srv_aborts++;
s->flags |= SN_ERR_SRVTO;
}
sess_set_term_flags(s);
}
else if (s->rep->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) {
/* Report it if the server got an error or a read timeout expired */
s->rep->analysers = 0;
if (s->rep->flags & CF_READ_ERROR) {
s->be->be_counters.srv_aborts++;
s->fe->fe_counters.srv_aborts++;
if (srv)
srv->counters.srv_aborts++;
s->flags |= SN_ERR_SRVCL;
}
else if (s->rep->flags & CF_READ_TIMEOUT) {
s->be->be_counters.srv_aborts++;
s->fe->fe_counters.srv_aborts++;
if (srv)
srv->counters.srv_aborts++;
s->flags |= SN_ERR_SRVTO;
}
else if (s->rep->flags & CF_WRITE_ERROR) {
s->be->be_counters.cli_aborts++;
s->fe->fe_counters.cli_aborts++;
if (srv)
srv->counters.cli_aborts++;
s->flags |= SN_ERR_CLICL;
}
else {
s->be->be_counters.cli_aborts++;
s->fe->fe_counters.cli_aborts++;
if (srv)
srv->counters.cli_aborts++;
s->flags |= SN_ERR_CLITO;
}
sess_set_term_flags(s);
}
}
/*
* Here we take care of forwarding unhandled data. This also includes
* connection establishments and shutdown requests.
*/
/* If noone is interested in analysing data, it's time to forward
* everything. We configure the buffer to forward indefinitely.
* Note that we're checking CF_SHUTR_NOW as an indication of a possible
* recent call to channel_abort().
*/
if (!s->req->analysers &&
!(s->req->flags & (CF_SHUTW|CF_SHUTR_NOW)) &&
(s->req->prod->state >= SI_ST_EST) &&
(s->req->to_forward != CHN_INFINITE_FORWARD)) {
/* This buffer is freewheeling, there's no analyser
* attached to it. If any data are left in, we'll permit them to
* move.
*/
channel_auto_read(s->req);
channel_auto_connect(s->req);
channel_auto_close(s->req);
buffer_flush(s->req->buf);
/* We'll let data flow between the producer (if still connected)
* to the consumer (which might possibly not be connected yet).
*/
if (!(s->req->flags & (CF_SHUTR|CF_SHUTW_NOW)))
channel_forward(s->req, CHN_INFINITE_FORWARD);
}
/* check if it is wise to enable kernel splicing to forward request data */
if (!(s->req->flags & (CF_KERN_SPLICING|CF_SHUTR)) &&
s->req->to_forward &&
(global.tune.options & GTUNE_USE_SPLICE) &&
(s->si[0].conn->xprt && s->si[0].conn->xprt->rcv_pipe && s->si[0].conn->xprt->snd_pipe) &&
(s->si[1].conn->xprt && s->si[1].conn->xprt->rcv_pipe && s->si[1].conn->xprt->snd_pipe) &&
(pipes_used < global.maxpipes) &&
(((s->fe->options2|s->be->options2) & PR_O2_SPLIC_REQ) ||
(((s->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) &&
(s->req->flags & CF_STREAMER_FAST)))) {
s->req->flags |= CF_KERN_SPLICING;
}
/* reflect what the L7 analysers have seen last */
rqf_last = s->req->flags;
/*
* Now forward all shutdown requests between both sides of the buffer
*/
/* first, let's check if the request buffer needs to shutdown(write), which may
* happen either because the input is closed or because we want to force a close
* once the server has begun to respond.
*/
if (unlikely((s->req->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
(CF_AUTO_CLOSE|CF_SHUTR)))
channel_shutw_now(s->req);
/* shutdown(write) pending */
if (unlikely((s->req->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW &&
channel_is_empty(s->req)))
si_shutw(s->req->cons);
/* shutdown(write) done on server side, we must stop the client too */
if (unlikely((s->req->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW &&
!s->req->analysers))
channel_shutr_now(s->req);
/* shutdown(read) pending */
if (unlikely((s->req->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) {
if (s->req->prod->flags & SI_FL_NOHALF)
s->req->prod->flags |= SI_FL_NOLINGER;
si_shutr(s->req->prod);
}
/* it's possible that an upper layer has requested a connection setup or abort.
* There are 2 situations where we decide to establish a new connection :
* - there are data scheduled for emission in the buffer
* - the CF_AUTO_CONNECT flag is set (active connection)
*/
if (s->req->cons->state == SI_ST_INI) {
if (!(s->req->flags & CF_SHUTW)) {
if ((s->req->flags & CF_AUTO_CONNECT) || !channel_is_empty(s->req)) {
/* If we have an applet without a connect method, we immediately
* switch to the connected state, otherwise we perform a connection
* request.
*/
s->req->cons->state = SI_ST_REQ; /* new connection requested */
s->req->cons->conn_retries = s->be->conn_retries;
if (unlikely(obj_type(s->req->cons->conn->target) == OBJ_TYPE_APPLET &&
!(si_ctrl(s->req->cons) && si_ctrl(s->req->cons)->connect))) {
s->req->cons->state = SI_ST_EST; /* connection established */
s->rep->flags |= CF_READ_ATTACHED; /* producer is now attached */
s->req->wex = TICK_ETERNITY;
}
}
}
else {
s->req->cons->state = SI_ST_CLO; /* shutw+ini = abort */
channel_shutw_now(s->req); /* fix buffer flags upon abort */
channel_shutr_now(s->rep);
}
}
/* we may have a pending connection request, or a connection waiting
* for completion.
*/
if (s->si[1].state >= SI_ST_REQ && s->si[1].state < SI_ST_CON) {
do {
/* nb: step 1 might switch from QUE to ASS, but we first want
* to give a chance to step 2 to perform a redirect if needed.
*/
if (s->si[1].state != SI_ST_REQ)
sess_update_stream_int(s, &s->si[1]);
if (s->si[1].state == SI_ST_REQ)
sess_prepare_conn_req(s, &s->si[1]);
srv = objt_server(s->target);
if (s->si[1].state == SI_ST_ASS && srv && srv->rdr_len && (s->flags & SN_REDIRECTABLE))
perform_http_redirect(s, &s->si[1]);
} while (s->si[1].state == SI_ST_ASS);
/* Now we can add the server name to a header (if requested) */
/* check for HTTP mode and proxy server_name_hdr_name != NULL */
if ((s->flags & SN_BE_ASSIGNED) &&
(s->be->mode == PR_MODE_HTTP) &&
(s->be->server_id_hdr_name != NULL)) {
http_send_name_header(&s->txn, s->be, objt_server(s->target)->id);
}
}
/* Benchmarks have shown that it's optimal to do a full resync now */
if (s->req->prod->state == SI_ST_DIS || s->req->cons->state == SI_ST_DIS)
goto resync_stream_interface;
/* otherwise we want to check if we need to resync the req buffer or not */
if ((s->req->flags ^ rqf_last) & CF_MASK_STATIC)
goto resync_request;
/* perform output updates to the response buffer */
/* If noone is interested in analysing data, it's time to forward
* everything. We configure the buffer to forward indefinitely.
* Note that we're checking CF_SHUTR_NOW as an indication of a possible
* recent call to channel_abort().
*/
if (!s->rep->analysers &&
!(s->rep->flags & (CF_SHUTW|CF_SHUTR_NOW)) &&
(s->rep->prod->state >= SI_ST_EST) &&
(s->rep->to_forward != CHN_INFINITE_FORWARD)) {
/* This buffer is freewheeling, there's no analyser
* attached to it. If any data are left in, we'll permit them to
* move.
*/
channel_auto_read(s->rep);
channel_auto_close(s->rep);
buffer_flush(s->rep->buf);
/* We'll let data flow between the producer (if still connected)
* to the consumer.
*/
if (!(s->rep->flags & (CF_SHUTR|CF_SHUTW_NOW)))
channel_forward(s->rep, CHN_INFINITE_FORWARD);
/* if we have no analyser anymore in any direction and have a
* tunnel timeout set, use it now.
*/
if (!s->req->analysers && s->be->timeout.tunnel) {
s->req->rto = s->req->wto = s->rep->rto = s->rep->wto =
s->be->timeout.tunnel;
s->req->rex = s->req->wex = s->rep->rex = s->rep->wex =
tick_add(now_ms, s->be->timeout.tunnel);
}
}
/* check if it is wise to enable kernel splicing to forward response data */
if (!(s->rep->flags & (CF_KERN_SPLICING|CF_SHUTR)) &&
s->rep->to_forward &&
(global.tune.options & GTUNE_USE_SPLICE) &&
(s->si[0].conn->xprt && s->si[0].conn->xprt->rcv_pipe && s->si[0].conn->xprt->snd_pipe) &&
(s->si[1].conn->xprt && s->si[1].conn->xprt->rcv_pipe && s->si[1].conn->xprt->snd_pipe) &&
(pipes_used < global.maxpipes) &&
(((s->fe->options2|s->be->options2) & PR_O2_SPLIC_RTR) ||
(((s->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) &&
(s->rep->flags & CF_STREAMER_FAST)))) {
s->rep->flags |= CF_KERN_SPLICING;
}
/* reflect what the L7 analysers have seen last */
rpf_last = s->rep->flags;
/*
* Now forward all shutdown requests between both sides of the buffer
*/
/*
* FIXME: this is probably where we should produce error responses.
*/
/* first, let's check if the response buffer needs to shutdown(write) */
if (unlikely((s->rep->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
(CF_AUTO_CLOSE|CF_SHUTR)))
channel_shutw_now(s->rep);
/* shutdown(write) pending */
if (unlikely((s->rep->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW &&
channel_is_empty(s->rep)))
si_shutw(s->rep->cons);
/* shutdown(write) done on the client side, we must stop the server too */
if (unlikely((s->rep->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW) &&
!s->rep->analysers)
channel_shutr_now(s->rep);
/* shutdown(read) pending */
if (unlikely((s->rep->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) {
if (s->rep->prod->flags & SI_FL_NOHALF)
s->rep->prod->flags |= SI_FL_NOLINGER;
si_shutr(s->rep->prod);
}
if (s->req->prod->state == SI_ST_DIS || s->req->cons->state == SI_ST_DIS)
goto resync_stream_interface;
if (s->req->flags != rqf_last)
goto resync_request;
if ((s->rep->flags ^ rpf_last) & CF_MASK_STATIC)
goto resync_response;
/* we're interested in getting wakeups again */
s->req->prod->flags &= ~SI_FL_DONT_WAKE;
s->req->cons->flags &= ~SI_FL_DONT_WAKE;
/* This is needed only when debugging is enabled, to indicate
* client-side or server-side close. Please note that in the unlikely
* event where both sides would close at once, the sequence is reported
* on the server side first.
*/
if (unlikely((global.mode & MODE_DEBUG) &&
(!(global.mode & MODE_QUIET) ||
(global.mode & MODE_VERBOSE)))) {
if (s->si[1].state == SI_ST_CLO &&
s->si[1].prev_state == SI_ST_EST) {
chunk_printf(&trash, "%08x:%s.srvcls[%04x:%04x]\n",
s->uniq_id, s->be->id,
(unsigned short)s->si[0].conn->t.sock.fd,
(unsigned short)s->si[1].conn->t.sock.fd);
if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */;
}
if (s->si[0].state == SI_ST_CLO &&
s->si[0].prev_state == SI_ST_EST) {
chunk_printf(&trash, "%08x:%s.clicls[%04x:%04x]\n",
s->uniq_id, s->be->id,
(unsigned short)s->si[0].conn->t.sock.fd,
(unsigned short)s->si[1].conn->t.sock.fd);
if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */;
}
}
if (likely((s->rep->cons->state != SI_ST_CLO) ||
(s->req->cons->state > SI_ST_INI && s->req->cons->state < SI_ST_CLO))) {
if ((s->fe->options & PR_O_CONTSTATS) && (s->flags & SN_BE_ASSIGNED))
session_process_counters(s);
if (s->rep->cons->state == SI_ST_EST && obj_type(s->rep->cons->conn->target) != OBJ_TYPE_APPLET)
si_update(s->rep->cons);
if (s->req->cons->state == SI_ST_EST && obj_type(s->req->cons->conn->target) != OBJ_TYPE_APPLET)
si_update(s->req->cons);
s->req->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_WRITE_NULL|CF_WRITE_PARTIAL|CF_READ_ATTACHED);
s->rep->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_WRITE_NULL|CF_WRITE_PARTIAL|CF_READ_ATTACHED);
s->si[0].prev_state = s->si[0].state;
s->si[1].prev_state = s->si[1].state;
s->si[0].flags &= ~(SI_FL_ERR|SI_FL_EXP);
s->si[1].flags &= ~(SI_FL_ERR|SI_FL_EXP);
/* Trick: if a request is being waiting for the server to respond,
* and if we know the server can timeout, we don't want the timeout
* to expire on the client side first, but we're still interested
* in passing data from the client to the server (eg: POST). Thus,
* we can cancel the client's request timeout if the server's
* request timeout is set and the server has not yet sent a response.
*/
if ((s->rep->flags & (CF_AUTO_CLOSE|CF_SHUTR)) == 0 &&
(tick_isset(s->req->wex) || tick_isset(s->rep->rex))) {
s->req->flags |= CF_READ_NOEXP;
s->req->rex = TICK_ETERNITY;
}
/* Call the stream interfaces' I/O handlers when embedded.
* Note that this one may wake the task up again.
*/
if (obj_type(s->req->cons->conn->target) == OBJ_TYPE_APPLET ||
obj_type(s->rep->cons->conn->target) == OBJ_TYPE_APPLET) {
if (objt_applet(s->req->cons->conn->target))
objt_applet(s->req->cons->conn->target)->fct(s->req->cons);
if (objt_applet(s->rep->cons->conn->target))
objt_applet(s->rep->cons->conn->target)->fct(s->rep->cons);
if (task_in_rq(t)) {
/* If we woke up, we don't want to requeue the
* task to the wait queue, but rather requeue
* it into the runqueue ASAP.
*/
t->expire = TICK_ETERNITY;
return t;
}
}
update_exp_and_leave:
t->expire = tick_first(tick_first(s->req->rex, s->req->wex),
tick_first(s->rep->rex, s->rep->wex));
if (s->req->analysers)
t->expire = tick_first(t->expire, s->req->analyse_exp);
if (s->si[0].exp)
t->expire = tick_first(t->expire, s->si[0].exp);
if (s->si[1].exp)
t->expire = tick_first(t->expire, s->si[1].exp);
#ifdef DEBUG_FULL
fprintf(stderr,
"[%u] queuing with exp=%u req->rex=%u req->wex=%u req->ana_exp=%u"
" rep->rex=%u rep->wex=%u, si[0].exp=%u, si[1].exp=%u, cs=%d, ss=%d\n",
now_ms, t->expire, s->req->rex, s->req->wex, s->req->analyse_exp,
s->rep->rex, s->rep->wex, s->si[0].exp, s->si[1].exp, s->si[0].state, s->si[1].state);
#endif
#ifdef DEBUG_DEV
/* this may only happen when no timeout is set or in case of an FSM bug */
if (!tick_isset(t->expire))
ABORT_NOW();
#endif
return t; /* nothing more to do */
}
s->fe->feconn--;
if (s->flags & SN_BE_ASSIGNED)
s->be->beconn--;
if (!(s->listener->options & LI_O_UNLIMITED))
actconn--;
jobs--;
s->listener->nbconn--;
if (s->listener->state == LI_FULL)
resume_listener(s->listener);
/* Dequeues all of the listeners waiting for a resource */
if (!LIST_ISEMPTY(&global_listener_queue))
dequeue_all_listeners(&global_listener_queue);
if (!LIST_ISEMPTY(&s->fe->listener_queue) &&
(!s->fe->fe_sps_lim || freq_ctr_remain(&s->fe->fe_sess_per_sec, s->fe->fe_sps_lim, 0) > 0))
dequeue_all_listeners(&s->fe->listener_queue);
if (unlikely((global.mode & MODE_DEBUG) &&
(!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) {
chunk_printf(&trash, "%08x:%s.closed[%04x:%04x]\n",
s->uniq_id, s->be->id,
(unsigned short)s->req->prod->conn->t.sock.fd,
(unsigned short)s->req->cons->conn->t.sock.fd);
if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */;
}
s->logs.t_close = tv_ms_elapsed(&s->logs.tv_accept, &now);
session_process_counters(s);
if (s->txn.status) {
int n;
n = s->txn.status / 100;
if (n < 1 || n > 5)
n = 0;
if (s->fe->mode == PR_MODE_HTTP) {
s->fe->fe_counters.p.http.rsp[n]++;
if (s->comp_algo && (s->flags & SN_COMP_READY))
s->fe->fe_counters.p.http.comp_rsp++;
}
if ((s->flags & SN_BE_ASSIGNED) &&
(s->be->mode == PR_MODE_HTTP)) {
s->be->be_counters.p.http.rsp[n]++;
s->be->be_counters.p.http.cum_req++;
if (s->comp_algo && (s->flags & SN_COMP_READY))
s->be->be_counters.p.http.comp_rsp++;
}
}
/* let's do a final log if we need it */
if (s->logs.logwait &&
!(s->flags & SN_MONITOR) &&
(!(s->fe->options & PR_O_NULLNOLOG) || s->req->total)) {
s->do_log(s);
}
/* the task MUST not be in the run queue anymore */
session_free(s);
task_delete(t);
task_free(t);
return NULL;
}
/*
* This function adjusts sess->srv_conn and maintains the previous and new
* server's served session counts. Setting newsrv to NULL is enough to release
* current connection slot. This function also notifies any LB algo which might
* expect to be informed about any change in the number of active sessions on a
* server.
*/
void sess_change_server(struct session *sess, struct server *newsrv)
{
if (sess->srv_conn == newsrv)
return;
if (sess->srv_conn) {
sess->srv_conn->served--;
if (sess->srv_conn->proxy->lbprm.server_drop_conn)
sess->srv_conn->proxy->lbprm.server_drop_conn(sess->srv_conn);
session_del_srv_conn(sess);
}
if (newsrv) {
newsrv->served++;
if (newsrv->proxy->lbprm.server_take_conn)
newsrv->proxy->lbprm.server_take_conn(newsrv);
session_add_srv_conn(sess, newsrv);
}
}
/* Handle server-side errors for default protocols. It is called whenever a a
* connection setup is aborted or a request is aborted in queue. It sets the
* session termination flags so that the caller does not have to worry about
* them. It's installed as ->srv_error for the server-side stream_interface.
*/
void default_srv_error(struct session *s, struct stream_interface *si)
{
int err_type = si->err_type;
int err = 0, fin = 0;
if (err_type & SI_ET_QUEUE_ABRT) {
err = SN_ERR_CLICL;
fin = SN_FINST_Q;
}
else if (err_type & SI_ET_CONN_ABRT) {
err = SN_ERR_CLICL;
fin = SN_FINST_C;
}
else if (err_type & SI_ET_QUEUE_TO) {
err = SN_ERR_SRVTO;
fin = SN_FINST_Q;
}
else if (err_type & SI_ET_QUEUE_ERR) {
err = SN_ERR_SRVCL;
fin = SN_FINST_Q;
}
else if (err_type & SI_ET_CONN_TO) {
err = SN_ERR_SRVTO;
fin = SN_FINST_C;
}
else if (err_type & SI_ET_CONN_ERR) {
err = SN_ERR_SRVCL;
fin = SN_FINST_C;
}
else /* SI_ET_CONN_OTHER and others */ {
err = SN_ERR_INTERNAL;
fin = SN_FINST_C;
}
if (!(s->flags & SN_ERR_MASK))
s->flags |= err;
if (!(s->flags & SN_FINST_MASK))
s->flags |= fin;
}
/* kill a session and set the termination flags to <why> (one of SN_ERR_*) */
void session_shutdown(struct session *session, int why)
{
if (session->req->flags & (CF_SHUTW|CF_SHUTW_NOW))
return;
channel_shutw_now(session->req);
channel_shutr_now(session->rep);
session->task->nice = 1024;
if (!(session->flags & SN_ERR_MASK))
session->flags |= why;
task_wakeup(session->task, TASK_WOKEN_OTHER);
}
/************************************************************************/
/* All supported ACL keywords must be declared here. */
/************************************************************************/
/* set temp integer to the General Purpose Counter 0 value in the stksess entry <ts> */
static int
acl_fetch_get_gpc0(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_GPC0);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, gpc0);
}
return 1;
}
/* set temp integer to the General Purpose Counter 0 value from the session's tracked
* frontend counters.
*/
static int
acl_fetch_sc1_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_get_gpc0(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the General Purpose Counter 0 value from the session's tracked
* backend counters.
*/
static int
acl_fetch_sc2_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_get_gpc0(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the General Purpose Counter 0 value from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_get_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_get_gpc0(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* Increment the General Purpose Counter 0 value in the stksess entry <ts> and
* return it into temp integer.
*/
static int
acl_fetch_inc_gpc0(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_GPC0);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = ++stktable_data_cast(ptr, gpc0);
}
return 1;
}
/* Increment the General Purpose Counter 0 value from the session's tracked
* frontend counters and return it into temp integer.
*/
static int
acl_fetch_sc1_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_inc_gpc0(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* Increment the General Purpose Counter 0 value from the session's tracked
* backend counters and return it into temp integer.
*/
static int
acl_fetch_sc2_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_inc_gpc0(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* Increment the General Purpose Counter 0 value from the session's source
* address in the table pointed to by expr, and return it into temp integer.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_inc_gpc0(&px->table, smp, stktable_update_key(&px->table, key));
}
/* Clear the General Purpose Counter 0 value in the stksess entry <ts> and
* return its previous value into temp integer.
*/
static int
acl_fetch_clr_gpc0(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_GPC0);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, gpc0);
stktable_data_cast(ptr, gpc0) = 0;
}
return 1;
}
/* Clear the General Purpose Counter 0 value from the session's tracked
* frontend counters and return its previous value into temp integer.
*/
static int
acl_fetch_sc1_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_clr_gpc0(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* Clear the General Purpose Counter 0 value from the session's tracked
* backend counters and return its previous value into temp integer.
*/
static int
acl_fetch_sc2_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_clr_gpc0(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* Clear the General Purpose Counter 0 value from the session's source address
* in the table pointed to by expr, and return its previous value into temp integer.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_clr_gpc0(&px->table, smp, stktable_update_key(&px->table, key));
}
/* set temp integer to the cumulated number of connections in the stksess entry <ts> */
static int
acl_fetch_conn_cnt(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_CONN_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, conn_cnt);
}
return 1;
}
/* set temp integer to the cumulated number of connections from the session's tracked FE counters */
static int
acl_fetch_sc1_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_conn_cnt(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the cumulated number of connections from the session's tracked BE counters */
static int
acl_fetch_sc2_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_conn_cnt(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the cumulated number of connections from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_conn_cnt(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the connection rate in the stksess entry <ts> over the configured period */
static int
acl_fetch_conn_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_CONN_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, conn_rate),
table->data_arg[STKTABLE_DT_CONN_RATE].u);
}
return 1;
}
/* set temp integer to the connection rate from the session's tracked FE counters over
* the configured period.
*/
static int
acl_fetch_sc1_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_conn_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the connection rate from the session's tracked BE counters over
* the configured period.
*/
static int
acl_fetch_sc2_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_conn_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the connection rate from the session's source address in the
* table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_conn_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_conn_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the number of connections from the session's source address
* in the table pointed to by expr, after updating it.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_updt_conn_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stksess *ts;
struct stktable_key *key;
void *ptr;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
if ((ts = stktable_update_key(&px->table, key)) == NULL)
/* entry does not exist and could not be created */
return 0;
ptr = stktable_data_ptr(&px->table, ts, STKTABLE_DT_CONN_CNT);
if (!ptr)
return 0; /* parameter not stored in this table */
smp->type = SMP_T_UINT;
smp->data.uint = ++stktable_data_cast(ptr, conn_cnt);
smp->flags = SMP_F_VOL_TEST;
return 1;
}
/* set temp integer to the number of concurrent connections in the stksess entry <ts> */
static int
acl_fetch_conn_cur(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_CONN_CUR);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, conn_cur);
}
return 1;
}
/* set temp integer to the number of concurrent connections from the session's tracked FE counters */
static int
acl_fetch_sc1_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_conn_cur(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the number of concurrent connections from the session's tracked BE counters */
static int
acl_fetch_sc2_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_conn_cur(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the number of concurrent connections from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_conn_cur(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_conn_cur(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the cumulated number of sessions in the stksess entry <ts> */
static int
acl_fetch_sess_cnt(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_SESS_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, sess_cnt);
}
return 1;
}
/* set temp integer to the cumulated number of sessions from the session's tracked FE counters */
static int
acl_fetch_sc1_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_sess_cnt(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the cumulated number of sessions from the session's tracked BE counters */
static int
acl_fetch_sc2_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_sess_cnt(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the cumulated number of session from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_sess_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_sess_cnt(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the session rate in the stksess entry <ts> over the configured period */
static int
acl_fetch_sess_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_SESS_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, sess_rate),
table->data_arg[STKTABLE_DT_SESS_RATE].u);
}
return 1;
}
/* set temp integer to the session rate from the session's tracked FE counters over
* the configured period.
*/
static int
acl_fetch_sc1_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_sess_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the session rate from the session's tracked BE counters over
* the configured period.
*/
static int
acl_fetch_sc2_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_sess_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the session rate from the session's source address in the
* table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_sess_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_sess_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the cumulated number of sessions in the stksess entry <ts> */
static int
acl_fetch_http_req_cnt(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_HTTP_REQ_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, http_req_cnt);
}
return 1;
}
/* set temp integer to the cumulated number of sessions from the session's tracked FE counters */
static int
acl_fetch_sc1_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_http_req_cnt(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the cumulated number of sessions from the session's tracked BE counters */
static int
acl_fetch_sc2_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_http_req_cnt(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the cumulated number of session from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_http_req_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_http_req_cnt(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the session rate in the stksess entry <ts> over the configured period */
static int
acl_fetch_http_req_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_HTTP_REQ_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, http_req_rate),
table->data_arg[STKTABLE_DT_HTTP_REQ_RATE].u);
}
return 1;
}
/* set temp integer to the session rate from the session's tracked FE counters over
* the configured period.
*/
static int
acl_fetch_sc1_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_http_req_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the session rate from the session's tracked BE counters over
* the configured period.
*/
static int
acl_fetch_sc2_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_http_req_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the session rate from the session's source address in the
* table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_http_req_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_http_req_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the cumulated number of sessions in the stksess entry <ts> */
static int
acl_fetch_http_err_cnt(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_HTTP_ERR_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, http_err_cnt);
}
return 1;
}
/* set temp integer to the cumulated number of sessions from the session's tracked FE counters */
static int
acl_fetch_sc1_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_http_err_cnt(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the cumulated number of sessions from the session's tracked BE counters */
static int
acl_fetch_sc2_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_http_err_cnt(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the cumulated number of session from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_http_err_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_http_err_cnt(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the session rate in the stksess entry <ts> over the configured period */
static int
acl_fetch_http_err_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_HTTP_ERR_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, http_err_rate),
table->data_arg[STKTABLE_DT_HTTP_ERR_RATE].u);
}
return 1;
}
/* set temp integer to the session rate from the session's tracked FE counters over
* the configured period.
*/
static int
acl_fetch_sc1_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_http_err_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the session rate from the session's tracked BE counters over
* the configured period.
*/
static int
acl_fetch_sc2_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_http_err_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the session rate from the session's source address in the
* table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_http_err_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_http_err_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the number of kbytes received from clients matching the stksess entry <ts> */
static int
acl_fetch_kbytes_in(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_BYTES_IN_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, bytes_in_cnt) >> 10;
}
return 1;
}
/* set temp integer to the number of kbytes received from clients according to the
* session's tracked FE counters.
*/
static int
acl_fetch_sc1_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_kbytes_in(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the number of kbytes received from clients according to the
* session's tracked BE counters.
*/
static int
acl_fetch_sc2_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_kbytes_in(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the number of kbytes received from the session's source
* address in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_kbytes_in(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_kbytes_in(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the bytes rate from clients in the stksess entry <ts> over the
* configured period.
*/
static int
acl_fetch_bytes_in_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_BYTES_IN_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, bytes_in_rate),
table->data_arg[STKTABLE_DT_BYTES_IN_RATE].u);
}
return 1;
}
/* set temp integer to the bytes rate from clients from the session's tracked FE
* counters over the configured period.
*/
static int
acl_fetch_sc1_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_bytes_in_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the bytes rate from clients from the session's tracked BE
* counters over the configured period.
*/
static int
acl_fetch_sc2_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_bytes_in_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the bytes rate from clients from the session's source address
* in the table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_bytes_in_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_bytes_in_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the number of kbytes sent to clients matching the stksess entry <ts> */
static int
acl_fetch_kbytes_out(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_BYTES_OUT_CNT);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = stktable_data_cast(ptr, bytes_out_cnt) >> 10;
}
return 1;
}
/* set temp integer to the number of kbytes sent to clients according to the session's
* tracked FE counters.
*/
static int
acl_fetch_sc1_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_kbytes_out(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the number of kbytes sent to clients according to the session's
* tracked BE counters.
*/
static int
acl_fetch_sc2_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_kbytes_out(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the number of kbytes sent to the session's source address in
* the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_kbytes_out(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_kbytes_out(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the bytes rate to clients in the stksess entry <ts> over the
* configured period.
*/
static int
acl_fetch_bytes_out_rate(struct stktable *table, struct sample *smp, struct stksess *ts)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = 0;
if (ts != NULL) {
void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_BYTES_OUT_RATE);
if (!ptr)
return 0; /* parameter not stored */
smp->data.uint = read_freq_ctr_period(&stktable_data_cast(ptr, bytes_out_rate),
table->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u);
}
return 1;
}
/* set temp integer to the bytes rate to clients from the session's tracked FE counters
* over the configured period.
*/
static int
acl_fetch_sc1_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr1_entry)
return 0;
return acl_fetch_bytes_out_rate(l4->stkctr1_table, smp, l4->stkctr1_entry);
}
/* set temp integer to the bytes rate to clients from the session's tracked BE counters
* over the configured period.
*/
static int
acl_fetch_sc2_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
if (!l4->stkctr2_entry)
return 0;
return acl_fetch_bytes_out_rate(l4->stkctr2_table, smp, l4->stkctr2_entry);
}
/* set temp integer to the bytes rate to client from the session's source address in
* the table pointed to by expr, over the configured period.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_src_bytes_out_rate(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
struct stktable_key *key;
key = addr_to_stktable_key(&l4->si[0].conn->addr.from);
if (!key)
return 0;
px = args->data.prx;
return acl_fetch_bytes_out_rate(&px->table, smp, stktable_lookup_key(&px->table, key));
}
/* set temp integer to the number of used entries in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_table_cnt(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = args->data.prx->table.current;
return 1;
}
/* set temp integer to the number of free entries in the table pointed to by expr.
* Accepts exactly 1 argument of type table.
*/
static int
acl_fetch_table_avl(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
px = args->data.prx;
smp->flags = SMP_F_VOL_TEST;
smp->type = SMP_T_UINT;
smp->data.uint = px->table.size - px->table.current;
return 1;
}
/* Note: must not be declared <const> as its list will be overwritten.
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
{ "sc1_bytes_in_rate", acl_parse_int, acl_fetch_sc1_bytes_in_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_bytes_out_rate", acl_parse_int, acl_fetch_sc1_bytes_out_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_clr_gpc0", acl_parse_int, acl_fetch_sc1_clr_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_conn_cnt", acl_parse_int, acl_fetch_sc1_conn_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_conn_cur", acl_parse_int, acl_fetch_sc1_conn_cur, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_conn_rate", acl_parse_int, acl_fetch_sc1_conn_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_get_gpc0", acl_parse_int, acl_fetch_sc1_get_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_http_err_cnt", acl_parse_int, acl_fetch_sc1_http_err_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_http_err_rate", acl_parse_int, acl_fetch_sc1_http_err_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_http_req_cnt", acl_parse_int, acl_fetch_sc1_http_req_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_http_req_rate", acl_parse_int, acl_fetch_sc1_http_req_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_inc_gpc0", acl_parse_int, acl_fetch_sc1_inc_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_kbytes_in", acl_parse_int, acl_fetch_sc1_kbytes_in, acl_match_int, ACL_USE_TCP4_VOLATILE, 0 },
{ "sc1_kbytes_out", acl_parse_int, acl_fetch_sc1_kbytes_out, acl_match_int, ACL_USE_TCP4_VOLATILE, 0 },
{ "sc1_sess_cnt", acl_parse_int, acl_fetch_sc1_sess_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc1_sess_rate", acl_parse_int, acl_fetch_sc1_sess_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_bytes_in_rate", acl_parse_int, acl_fetch_sc2_bytes_in_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_bytes_out_rate", acl_parse_int, acl_fetch_sc2_bytes_out_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_clr_gpc0", acl_parse_int, acl_fetch_sc2_clr_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_conn_cnt", acl_parse_int, acl_fetch_sc2_conn_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_conn_cur", acl_parse_int, acl_fetch_sc2_conn_cur, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_conn_rate", acl_parse_int, acl_fetch_sc2_conn_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_get_gpc0", acl_parse_int, acl_fetch_sc2_get_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_http_err_cnt", acl_parse_int, acl_fetch_sc2_http_err_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_http_err_rate", acl_parse_int, acl_fetch_sc2_http_err_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_http_req_cnt", acl_parse_int, acl_fetch_sc2_http_req_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_http_req_rate", acl_parse_int, acl_fetch_sc2_http_req_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_inc_gpc0", acl_parse_int, acl_fetch_sc2_inc_gpc0, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_kbytes_in", acl_parse_int, acl_fetch_sc2_kbytes_in, acl_match_int, ACL_USE_TCP4_VOLATILE, 0 },
{ "sc2_kbytes_out", acl_parse_int, acl_fetch_sc2_kbytes_out, acl_match_int, ACL_USE_TCP4_VOLATILE, 0 },
{ "sc2_sess_cnt", acl_parse_int, acl_fetch_sc2_sess_cnt, acl_match_int, ACL_USE_NOTHING, 0 },
{ "sc2_sess_rate", acl_parse_int, acl_fetch_sc2_sess_rate, acl_match_int, ACL_USE_NOTHING, 0 },
{ "src_bytes_in_rate", acl_parse_int, acl_fetch_src_bytes_in_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_bytes_out_rate", acl_parse_int, acl_fetch_src_bytes_out_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_clr_gpc0", acl_parse_int, acl_fetch_src_clr_gpc0, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_conn_cnt", acl_parse_int, acl_fetch_src_conn_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_conn_cur", acl_parse_int, acl_fetch_src_conn_cur, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_conn_rate", acl_parse_int, acl_fetch_src_conn_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_get_gpc0", acl_parse_int, acl_fetch_src_get_gpc0, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_http_err_cnt", acl_parse_int, acl_fetch_src_http_err_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_http_err_rate", acl_parse_int, acl_fetch_src_http_err_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_http_req_cnt", acl_parse_int, acl_fetch_src_http_req_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_http_req_rate", acl_parse_int, acl_fetch_src_http_req_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_inc_gpc0", acl_parse_int, acl_fetch_src_inc_gpc0, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_kbytes_in", acl_parse_int, acl_fetch_src_kbytes_in, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_kbytes_out", acl_parse_int, acl_fetch_src_kbytes_out, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_sess_cnt", acl_parse_int, acl_fetch_src_sess_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_sess_rate", acl_parse_int, acl_fetch_src_sess_rate, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "src_updt_conn_cnt", acl_parse_int, acl_fetch_src_updt_conn_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE, ARG1(1,TAB) },
{ "table_avl", acl_parse_int, acl_fetch_table_avl, acl_match_int, ACL_USE_NOTHING, ARG1(1,TAB) },
{ "table_cnt", acl_parse_int, acl_fetch_table_cnt, acl_match_int, ACL_USE_NOTHING, ARG1(1,TAB) },
{ NULL, NULL, NULL, NULL },
}};
/* Parse a "track-sc[12]" line starting with "track-sc[12]" in args[arg-1].
* Returns the number of warnings emitted, or -1 in case of fatal errors. The
* <prm> struct is fed with the table name if any. If unspecified, the caller
* will assume that the current proxy's table is used.
*/
int parse_track_counters(char **args, int *arg,
int section_type, struct proxy *curpx,
struct track_ctr_prm *prm,
struct proxy *defpx, char **err)
{
int sample_type = 0;
/* parse the arguments of "track-sc[12]" before the condition in the
* following form :
* track-sc[12] src [ table xxx ] [ if|unless ... ]
*/
while (args[*arg]) {
if (strcmp(args[*arg], "src") == 0) {
prm->type = STKTABLE_TYPE_IP;
sample_type = 1;
}
else if (strcmp(args[*arg], "table") == 0) {
if (!args[*arg + 1]) {
memprintf(err, "missing table name");
return -1;
}
/* we copy the table name for now, it will be resolved later */
prm->table.n = strdup(args[*arg + 1]);
(*arg)++;
}
else {
/* unhandled keywords are handled by the caller */
break;
}
(*arg)++;
}
if (!sample_type) {
memprintf(err,
"tracking key not specified (found %s, only 'src' is supported)",
quote_arg(args[*arg]));
return -1;
}
return 0;
}
__attribute__((constructor))
static void __session_init(void)
{
acl_register_keywords(&acl_kws);
}
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/