blob: 3b353c61a121f64e3a7912acff6b598aaf9eca95 [file] [log] [blame]
Willy Tarreau92fb9832007-10-16 17:34:28 +02001/*
2 * UNIX SOCK_STREAM protocol layer (uxst)
3 *
Willy Tarreaueb472682010-05-28 18:46:57 +02004 * Copyright 2000-2010 Willy Tarreau <w@1wt.eu>
Willy Tarreau92fb9832007-10-16 17:34:28 +02005 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <ctype.h>
14#include <errno.h>
15#include <fcntl.h>
Willy Tarreaud0a895d2012-09-18 17:40:35 +020016#include <pwd.h>
17#include <grp.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020018#include <stdio.h>
19#include <stdlib.h>
20#include <string.h>
21#include <syslog.h>
22#include <time.h>
23
Willy Tarreau92fb9832007-10-16 17:34:28 +020024#include <sys/socket.h>
25#include <sys/stat.h>
26#include <sys/types.h>
27#include <sys/un.h>
28
29#include <common/compat.h>
30#include <common/config.h>
31#include <common/debug.h>
Willy Tarreaud740bab2007-10-28 11:14:07 +010032#include <common/errors.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020033#include <common/mini-clist.h>
34#include <common/standard.h>
35#include <common/time.h>
36#include <common/version.h>
37
Willy Tarreau92fb9832007-10-16 17:34:28 +020038#include <types/global.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020039
Willy Tarreau47f48c42014-05-09 22:57:47 +020040#include <proto/connection.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020041#include <proto/fd.h>
Willy Tarreaud1d54542012-09-12 22:58:11 +020042#include <proto/listener.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020043#include <proto/log.h>
Willy Tarreaud1d54542012-09-12 22:58:11 +020044#include <proto/protocol.h>
Willy Tarreau92fb9832007-10-16 17:34:28 +020045#include <proto/task.h>
46
Emeric Bruncf20bf12010-10-22 16:06:11 +020047static int uxst_bind_listener(struct listener *listener, char *errmsg, int errlen);
48static int uxst_bind_listeners(struct protocol *proto, char *errmsg, int errlen);
Willy Tarreaudabf2e22007-10-28 21:59:24 +010049static int uxst_unbind_listeners(struct protocol *proto);
Willy Tarreau47f48c42014-05-09 22:57:47 +020050static int uxst_connect_server(struct connection *conn, int data, int delack);
Willy Tarreau9d5be5c2017-09-15 07:55:51 +020051static void uxst_add_listener(struct listener *listener, int port);
Willy Tarreau31794892017-09-15 07:59:31 +020052static int uxst_pause_listener(struct listener *l);
53static int uxst_get_src(int fd, struct sockaddr *sa, socklen_t salen, int dir);
54static int uxst_get_dst(int fd, struct sockaddr *sa, socklen_t salen, int dir);
Willy Tarreaudabf2e22007-10-28 21:59:24 +010055
56/* Note: must not be declared <const> as its list will be overwritten */
57static struct protocol proto_unix = {
58 .name = "unix_stream",
59 .sock_domain = PF_UNIX,
60 .sock_type = SOCK_STREAM,
61 .sock_prot = 0,
62 .sock_family = AF_UNIX,
63 .sock_addrlen = sizeof(struct sockaddr_un),
64 .l3_addrlen = sizeof(((struct sockaddr_un*)0)->sun_path),/* path len */
Willy Tarreaubbebbbf2012-05-07 21:22:09 +020065 .accept = &listener_accept,
Willy Tarreau47f48c42014-05-09 22:57:47 +020066 .connect = &uxst_connect_server,
Emeric Bruncf20bf12010-10-22 16:06:11 +020067 .bind = uxst_bind_listener,
Willy Tarreaudabf2e22007-10-28 21:59:24 +010068 .bind_all = uxst_bind_listeners,
69 .unbind_all = uxst_unbind_listeners,
70 .enable_all = enable_all_listeners,
71 .disable_all = disable_all_listeners,
Willy Tarreau59b94792012-05-11 16:16:40 +020072 .get_src = uxst_get_src,
73 .get_dst = uxst_get_dst,
Willy Tarreaufd0e0082014-07-07 21:07:51 +020074 .pause = uxst_pause_listener,
Willy Tarreau9d5be5c2017-09-15 07:55:51 +020075 .add = uxst_add_listener,
Willy Tarreaudabf2e22007-10-28 21:59:24 +010076 .listeners = LIST_HEAD_INIT(proto_unix.listeners),
77 .nb_listeners = 0,
78};
79
Willy Tarreaudabf2e22007-10-28 21:59:24 +010080/********************************
81 * 1) low-level socket functions
82 ********************************/
83
Willy Tarreau59b94792012-05-11 16:16:40 +020084/*
85 * Retrieves the source address for the socket <fd>, with <dir> indicating
86 * if we're a listener (=0) or an initiator (!=0). It returns 0 in case of
87 * success, -1 in case of error. The socket's source address is stored in
88 * <sa> for <salen> bytes.
89 */
Willy Tarreau31794892017-09-15 07:59:31 +020090static int uxst_get_src(int fd, struct sockaddr *sa, socklen_t salen, int dir)
Willy Tarreau59b94792012-05-11 16:16:40 +020091{
92 if (dir)
93 return getsockname(fd, sa, &salen);
94 else
95 return getpeername(fd, sa, &salen);
96}
97
98
99/*
100 * Retrieves the original destination address for the socket <fd>, with <dir>
101 * indicating if we're a listener (=0) or an initiator (!=0). It returns 0 in
102 * case of success, -1 in case of error. The socket's source address is stored
103 * in <sa> for <salen> bytes.
104 */
Willy Tarreau31794892017-09-15 07:59:31 +0200105static int uxst_get_dst(int fd, struct sockaddr *sa, socklen_t salen, int dir)
Willy Tarreau59b94792012-05-11 16:16:40 +0200106{
107 if (dir)
108 return getpeername(fd, sa, &salen);
109 else
110 return getsockname(fd, sa, &salen);
111}
112
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100113
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100114/********************************
115 * 2) listener-oriented functions
116 ********************************/
117
118
Olivier Houchardf886e342017-04-05 22:24:59 +0200119static int uxst_find_compatible_fd(struct listener *l)
120{
121 struct xfer_sock_list *xfer_sock = xfer_sock_list;
122 int ret = -1;
123
124 while (xfer_sock) {
125 struct sockaddr_un *un1 = (void *)&l->addr;
126 struct sockaddr_un *un2 = (void *)&xfer_sock->addr;
127
128 /*
129 * The bound socket's path as returned by getsockaddr
130 * will be the temporary name <sockname>.XXXXX.tmp,
131 * so we can't just compare the two names
132 */
133 if (xfer_sock->addr.ss_family == AF_UNIX &&
134 strncmp(un1->sun_path, un2->sun_path,
135 strlen(un1->sun_path)) == 0) {
136 char *after_sockname = un2->sun_path +
137 strlen(un1->sun_path);
138 /* Make a reasonnable effort to check that
139 * it is indeed a haproxy-generated temporary
140 * name, it's not perfect, but probably good enough.
141 */
142 if (after_sockname[0] == '.') {
143 after_sockname++;
144 while (after_sockname[0] >= '0' &&
145 after_sockname[0] <= '9')
146 after_sockname++;
147 if (!strcmp(after_sockname, ".tmp"))
148 break;
149 }
150 }
151 xfer_sock = xfer_sock->next;
152 }
153 if (xfer_sock != NULL) {
154 ret = xfer_sock->fd;
155 if (xfer_sock == xfer_sock_list)
156 xfer_sock_list = xfer_sock->next;
157 if (xfer_sock->prev)
158 xfer_sock->prev->next = xfer_sock->next;
159 if (xfer_sock->next)
160 xfer_sock->next->prev = xfer_sock->next->prev;
161 free(xfer_sock);
162 }
163 return ret;
164
165}
166
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100167/* This function creates a UNIX socket associated to the listener. It changes
168 * the state from ASSIGNED to LISTEN. The socket is NOT enabled for polling.
Willy Tarreau8ab505b2013-01-24 01:41:38 +0100169 * The return value is composed from ERR_NONE, ERR_RETRYABLE and ERR_FATAL. It
170 * may return a warning or an error message in <errmsg> if the message is at
171 * most <errlen> bytes long (including '\0'). Note that <errmsg> may be NULL if
172 * <errlen> is also zero.
Willy Tarreau92fb9832007-10-16 17:34:28 +0200173 */
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100174static int uxst_bind_listener(struct listener *listener, char *errmsg, int errlen)
Willy Tarreau92fb9832007-10-16 17:34:28 +0200175{
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100176 int fd;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200177 char tempname[MAXPATHLEN];
178 char backname[MAXPATHLEN];
179 struct sockaddr_un addr;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100180 const char *msg = NULL;
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100181 const char *path;
Willy Tarreau40aa0702013-03-10 23:51:38 +0100182 int ext, ready;
183 socklen_t ready_len;
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200184 int err;
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100185 int ret;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200186
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200187 err = ERR_NONE;
188
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100189 /* ensure we never return garbage */
Willy Tarreau8ab505b2013-01-24 01:41:38 +0100190 if (errlen)
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100191 *errmsg = 0;
192
193 if (listener->state != LI_ASSIGNED)
194 return ERR_NONE; /* already bound */
195
Olivier Houchardf886e342017-04-05 22:24:59 +0200196 if (listener->fd == -1)
197 listener->fd = uxst_find_compatible_fd(listener);
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100198 path = ((struct sockaddr_un *)&listener->addr)->sun_path;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200199
Willy Tarreau40aa0702013-03-10 23:51:38 +0100200 /* if the listener already has an fd assigned, then we were offered the
201 * fd by an external process (most likely the parent), and we don't want
202 * to create a new socket. However we still want to set a few flags on
203 * the socket.
204 */
205 fd = listener->fd;
206 ext = (fd >= 0);
207 if (ext)
208 goto fd_ready;
209
Willy Tarreauccfccef2014-05-10 01:49:15 +0200210 if (path[0]) {
211 ret = snprintf(tempname, MAXPATHLEN, "%s.%d.tmp", path, pid);
212 if (ret < 0 || ret >= MAXPATHLEN) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200213 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreauccfccef2014-05-10 01:49:15 +0200214 msg = "name too long for UNIX socket";
215 goto err_return;
216 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200217
Willy Tarreauccfccef2014-05-10 01:49:15 +0200218 ret = snprintf(backname, MAXPATHLEN, "%s.%d.bak", path, pid);
219 if (ret < 0 || ret >= MAXPATHLEN) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200220 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreauccfccef2014-05-10 01:49:15 +0200221 msg = "name too long for UNIX socket";
222 goto err_return;
223 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200224
Willy Tarreauccfccef2014-05-10 01:49:15 +0200225 /* 2. clean existing orphaned entries */
226 if (unlink(tempname) < 0 && errno != ENOENT) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200227 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreauccfccef2014-05-10 01:49:15 +0200228 msg = "error when trying to unlink previous UNIX socket";
229 goto err_return;
230 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200231
Willy Tarreauccfccef2014-05-10 01:49:15 +0200232 if (unlink(backname) < 0 && errno != ENOENT) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200233 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreauccfccef2014-05-10 01:49:15 +0200234 msg = "error when trying to unlink previous UNIX socket";
235 goto err_return;
236 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200237
Willy Tarreauccfccef2014-05-10 01:49:15 +0200238 /* 3. backup existing socket */
239 if (link(path, backname) < 0 && errno != ENOENT) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200240 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreauccfccef2014-05-10 01:49:15 +0200241 msg = "error when trying to preserve previous UNIX socket";
242 goto err_return;
243 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200244
Willy Tarreauccfccef2014-05-10 01:49:15 +0200245 strncpy(addr.sun_path, tempname, sizeof(addr.sun_path));
246 addr.sun_path[sizeof(addr.sun_path) - 1] = 0;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200247 }
Willy Tarreauccfccef2014-05-10 01:49:15 +0200248 else {
249 /* first char is zero, it's an abstract socket whose address
250 * is defined by all the bytes past this zero.
251 */
252 memcpy(addr.sun_path, path, sizeof(addr.sun_path));
253 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200254 addr.sun_family = AF_UNIX;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200255
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100256 fd = socket(PF_UNIX, SOCK_STREAM, 0);
257 if (fd < 0) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200258 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100259 msg = "cannot create UNIX socket";
Willy Tarreau92fb9832007-10-16 17:34:28 +0200260 goto err_unlink_back;
261 }
262
Willy Tarreau40aa0702013-03-10 23:51:38 +0100263 fd_ready:
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100264 if (fd >= global.maxsock) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200265 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100266 msg = "socket(): not enough free sockets, raise -n argument";
Willy Tarreau92fb9832007-10-16 17:34:28 +0200267 goto err_unlink_temp;
268 }
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100269
270 if (fcntl(fd, F_SETFL, O_NONBLOCK) == -1) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200271 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100272 msg = "cannot make UNIX socket non-blocking";
Willy Tarreau92fb9832007-10-16 17:34:28 +0200273 goto err_unlink_temp;
274 }
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100275
Willy Tarreau40aa0702013-03-10 23:51:38 +0100276 if (!ext && bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
Willy Tarreau92fb9832007-10-16 17:34:28 +0200277 /* note that bind() creates the socket <tempname> on the file system */
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200278 if (errno == EADDRINUSE) {
279 /* the old process might still own it, let's retry */
280 err |= ERR_RETRYABLE | ERR_ALERT;
281 msg = "cannot listen to socket";
282 }
283 else {
284 err |= ERR_FATAL | ERR_ALERT;
285 msg = "cannot bind UNIX socket";
286 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200287 goto err_unlink_temp;
288 }
289
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100290 /* <uid> and <gid> different of -1 will be used to change the socket owner.
291 * If <mode> is not 0, it will be used to restrict access to the socket.
292 * While it is known not to be portable on every OS, it's still useful
Willy Tarreauccfccef2014-05-10 01:49:15 +0200293 * where it works. We also don't change permissions on abstract sockets.
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100294 */
Willy Tarreauccfccef2014-05-10 01:49:15 +0200295 if (!ext && path[0] &&
Willy Tarreau40aa0702013-03-10 23:51:38 +0100296 (((listener->bind_conf->ux.uid != -1 || listener->bind_conf->ux.gid != -1) &&
297 (chown(tempname, listener->bind_conf->ux.uid, listener->bind_conf->ux.gid) == -1)) ||
298 (listener->bind_conf->ux.mode != 0 && chmod(tempname, listener->bind_conf->ux.mode) == -1))) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200299 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100300 msg = "cannot change UNIX socket ownership";
Willy Tarreaue6ad2b12007-10-18 12:45:54 +0200301 goto err_unlink_temp;
302 }
303
Willy Tarreau40aa0702013-03-10 23:51:38 +0100304 ready = 0;
305 ready_len = sizeof(ready);
306 if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &ready, &ready_len) == -1)
307 ready = 0;
308
309 if (!(ext && ready) && /* only listen if not already done by external process */
310 listen(fd, listener->backlog ? listener->backlog : listener->maxconn) < 0) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200311 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100312 msg = "cannot listen to UNIX socket";
Willy Tarreau92fb9832007-10-16 17:34:28 +0200313 goto err_unlink_temp;
314 }
315
Willy Tarreauccfccef2014-05-10 01:49:15 +0200316 /* Point of no return: we are ready, we'll switch the sockets. We don't
Willy Tarreau92fb9832007-10-16 17:34:28 +0200317 * fear loosing the socket <path> because we have a copy of it in
Willy Tarreauccfccef2014-05-10 01:49:15 +0200318 * backname. Abstract sockets are not renamed.
Willy Tarreau92fb9832007-10-16 17:34:28 +0200319 */
Willy Tarreauccfccef2014-05-10 01:49:15 +0200320 if (!ext && path[0] && rename(tempname, path) < 0) {
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200321 err |= ERR_FATAL | ERR_ALERT;
Willy Tarreaub40dc942010-11-07 12:10:51 +0100322 msg = "cannot switch final and temporary UNIX sockets";
Willy Tarreau92fb9832007-10-16 17:34:28 +0200323 goto err_rename;
324 }
325
Willy Tarreau68986ab2017-06-16 10:34:20 +0200326 /* Cleanup: only unlink if we didn't inherit the fd from the parent */
Willy Tarreauccfccef2014-05-10 01:49:15 +0200327 if (!ext && path[0])
Willy Tarreau40aa0702013-03-10 23:51:38 +0100328 unlink(backname);
Willy Tarreau92fb9832007-10-16 17:34:28 +0200329
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100330 /* the socket is now listening */
331 listener->fd = fd;
332 listener->state = LI_LISTEN;
333
334 /* the function for the accept() event */
Willy Tarreauaece46a2012-07-06 12:25:58 +0200335 fdtab[fd].iocb = listener->proto->accept;
Willy Tarreaueabf3132008-08-29 23:36:51 +0200336 fdtab[fd].owner = listener; /* reference the listener instead of a task */
Christopher Faulet165f07e2017-11-24 10:08:09 +0100337 if (listener->bind_conf->bind_thread[relative_pid-1])
338 fd_insert(fd, listener->bind_conf->bind_thread[relative_pid-1]);
339 else
340 fd_insert(fd, MAX_THREADS_MASK);
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200341 return err;
342
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100343 err_rename:
344 ret = rename(backname, path);
345 if (ret < 0 && errno == ENOENT)
346 unlink(path);
347 err_unlink_temp:
Jan Seda7319b642014-06-26 20:44:05 +0200348 if (!ext && path[0])
Willy Tarreau40aa0702013-03-10 23:51:38 +0100349 unlink(tempname);
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100350 close(fd);
351 err_unlink_back:
Jan Seda7319b642014-06-26 20:44:05 +0200352 if (!ext && path[0])
Willy Tarreau40aa0702013-03-10 23:51:38 +0100353 unlink(backname);
Cyril Bonté1f5848a2010-11-14 17:03:19 +0100354 err_return:
Willy Tarreau40aa0702013-03-10 23:51:38 +0100355 if (msg && errlen) {
356 if (!ext)
357 snprintf(errmsg, errlen, "%s [%s]", msg, path);
358 else
359 snprintf(errmsg, errlen, "%s [fd %d]", msg, fd);
360 }
Willy Tarreau3c5efa22014-07-07 18:36:45 +0200361 return err;
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100362}
363
364/* This function closes the UNIX sockets for the specified listener.
365 * The listener enters the LI_ASSIGNED state. It always returns ERR_NONE.
366 */
367static int uxst_unbind_listener(struct listener *listener)
368{
Willy Tarreaube58c382011-07-24 18:28:10 +0200369 if (listener->state > LI_ASSIGNED) {
370 unbind_listener(listener);
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100371 }
372 return ERR_NONE;
373}
374
Willy Tarreau32282382017-09-15 07:44:44 +0200375/* Add <listener> to the list of unix stream listeners (port is ignored). The
376 * listener's state is automatically updated from LI_INIT to LI_ASSIGNED.
377 * The number of listeners for the protocol is updated.
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100378 */
Willy Tarreau9d5be5c2017-09-15 07:55:51 +0200379static void uxst_add_listener(struct listener *listener, int port)
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100380{
381 if (listener->state != LI_INIT)
382 return;
383 listener->state = LI_ASSIGNED;
384 listener->proto = &proto_unix;
385 LIST_ADDQ(&proto_unix.listeners, &listener->proto_list);
386 proto_unix.nb_listeners++;
387}
388
Willy Tarreaufd0e0082014-07-07 21:07:51 +0200389/* Pause a listener. Returns < 0 in case of failure, 0 if the listener
390 * was totally stopped, or > 0 if correctly paused. Nothing is done for
391 * plain unix sockets since currently it's the new process which handles
392 * the renaming. Abstract sockets are completely unbound.
393 */
Willy Tarreau31794892017-09-15 07:59:31 +0200394static int uxst_pause_listener(struct listener *l)
Willy Tarreaufd0e0082014-07-07 21:07:51 +0200395{
396 if (((struct sockaddr_un *)&l->addr)->sun_path[0])
397 return 1;
398
399 unbind_listener(l);
400 return 0;
401}
402
Willy Tarreau47f48c42014-05-09 22:57:47 +0200403
404/*
405 * This function initiates a UNIX connection establishment to the target assigned
406 * to connection <conn> using (si->{target,addr.to}). The source address is ignored
407 * and will be selected by the system. conn->target may point either to a valid
408 * server or to a backend, depending on conn->target. Only OBJ_TYPE_PROXY and
409 * OBJ_TYPE_SERVER are supported. The <data> parameter is a boolean indicating
410 * whether there are data waiting for being sent or not, in order to adjust data
411 * write polling and on some platforms. The <delack> argument is ignored.
412 *
413 * Note that a pending send_proxy message accounts for data.
414 *
415 * It can return one of :
Willy Tarreaue7dff022015-04-03 01:14:29 +0200416 * - SF_ERR_NONE if everything's OK
417 * - SF_ERR_SRVTO if there are no more servers
418 * - SF_ERR_SRVCL if the connection was refused by the server
419 * - SF_ERR_PRXCOND if the connection has been limited by the proxy (maxconn)
420 * - SF_ERR_RESOURCE if a system resource is lacking (eg: fd limits, ports, ...)
421 * - SF_ERR_INTERNAL for any other purely internal errors
Tim Düsterhus4896c442016-11-29 02:15:19 +0100422 * Additionally, in the case of SF_ERR_RESOURCE, an emergency log will be emitted.
Willy Tarreau47f48c42014-05-09 22:57:47 +0200423 *
Willy Tarreaue7dff022015-04-03 01:14:29 +0200424 * The connection's fd is inserted only when SF_ERR_NONE is returned, otherwise
Willy Tarreau47f48c42014-05-09 22:57:47 +0200425 * it's invalid and the caller has nothing to do.
426 */
Willy Tarreau31794892017-09-15 07:59:31 +0200427static int uxst_connect_server(struct connection *conn, int data, int delack)
Willy Tarreau47f48c42014-05-09 22:57:47 +0200428{
429 int fd;
430 struct server *srv;
431 struct proxy *be;
432
Willy Tarreau7bb21532014-05-10 09:48:28 +0200433 conn->flags = 0;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200434
435 switch (obj_type(conn->target)) {
436 case OBJ_TYPE_PROXY:
437 be = objt_proxy(conn->target);
438 srv = NULL;
439 break;
440 case OBJ_TYPE_SERVER:
441 srv = objt_server(conn->target);
442 be = srv->proxy;
443 break;
444 default:
445 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200446 return SF_ERR_INTERNAL;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200447 }
448
Willy Tarreau585744b2017-08-24 14:31:19 +0200449 if ((fd = conn->handle.fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) {
Willy Tarreau47f48c42014-05-09 22:57:47 +0200450 qfprintf(stderr, "Cannot get a server socket.\n");
451
452 if (errno == ENFILE) {
453 conn->err_code = CO_ER_SYS_FDLIM;
454 send_log(be, LOG_EMERG,
455 "Proxy %s reached system FD limit at %d. Please check system tunables.\n",
456 be->id, maxfd);
457 }
458 else if (errno == EMFILE) {
459 conn->err_code = CO_ER_PROC_FDLIM;
460 send_log(be, LOG_EMERG,
461 "Proxy %s reached process FD limit at %d. Please check 'ulimit-n' and restart.\n",
462 be->id, maxfd);
463 }
464 else if (errno == ENOBUFS || errno == ENOMEM) {
465 conn->err_code = CO_ER_SYS_MEMLIM;
466 send_log(be, LOG_EMERG,
467 "Proxy %s reached system memory limit at %d sockets. Please check system tunables.\n",
468 be->id, maxfd);
469 }
470 else if (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT) {
471 conn->err_code = CO_ER_NOPROTO;
472 }
473 else
474 conn->err_code = CO_ER_SOCK_ERR;
475
476 /* this is a resource error */
477 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200478 return SF_ERR_RESOURCE;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200479 }
480
481 if (fd >= global.maxsock) {
482 /* do not log anything there, it's a normal condition when this option
483 * is used to serialize connections to a server !
484 */
485 Alert("socket(): not enough free sockets. Raise -n argument. Giving up.\n");
486 close(fd);
487 conn->err_code = CO_ER_CONF_FDLIM;
488 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200489 return SF_ERR_PRXCOND; /* it is a configuration limit */
Willy Tarreau47f48c42014-05-09 22:57:47 +0200490 }
491
492 if (fcntl(fd, F_SETFL, O_NONBLOCK) == -1) {
493 qfprintf(stderr,"Cannot set client socket to non blocking mode.\n");
494 close(fd);
495 conn->err_code = CO_ER_SOCK_ERR;
496 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200497 return SF_ERR_INTERNAL;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200498 }
499
500 /* if a send_proxy is there, there are data */
501 data |= conn->send_proxy_ofs;
502
503 if (global.tune.server_sndbuf)
504 setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &global.tune.server_sndbuf, sizeof(global.tune.server_sndbuf));
505
506 if (global.tune.server_rcvbuf)
507 setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &global.tune.server_rcvbuf, sizeof(global.tune.server_rcvbuf));
508
Willy Tarreau7bb21532014-05-10 09:48:28 +0200509 if (connect(fd, (struct sockaddr *)&conn->addr.to, get_addr_len(&conn->addr.to)) == -1) {
Willy Tarreau94841792017-01-25 14:27:38 +0100510 if (errno == EINPROGRESS || errno == EALREADY) {
Willy Tarreau7bb21532014-05-10 09:48:28 +0200511 conn->flags |= CO_FL_WAIT_L4_CONN;
512 }
Willy Tarreau94841792017-01-25 14:27:38 +0100513 else if (errno == EISCONN) {
514 conn->flags &= ~CO_FL_WAIT_L4_CONN;
515 }
Willy Tarreau7bb21532014-05-10 09:48:28 +0200516 else if (errno == EAGAIN || errno == EADDRINUSE || errno == EADDRNOTAVAIL) {
Willy Tarreau47f48c42014-05-09 22:57:47 +0200517 char *msg;
518 if (errno == EAGAIN || errno == EADDRNOTAVAIL) {
Lukas Tribus9f256d42016-01-26 20:33:14 +0100519 msg = "can't connect to destination unix socket, check backlog size on the server";
Willy Tarreau47f48c42014-05-09 22:57:47 +0200520 conn->err_code = CO_ER_FREE_PORTS;
521 }
522 else {
523 msg = "local address already in use";
524 conn->err_code = CO_ER_ADDR_INUSE;
525 }
526
527 qfprintf(stderr,"Connect() failed for backend %s: %s.\n", be->id, msg);
528 close(fd);
529 send_log(be, LOG_ERR, "Connect() failed for backend %s: %s.\n", be->id, msg);
530 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200531 return SF_ERR_RESOURCE;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200532 }
533 else if (errno == ETIMEDOUT) {
534 close(fd);
535 conn->err_code = CO_ER_SOCK_ERR;
536 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200537 return SF_ERR_SRVTO;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200538 }
539 else { // (errno == ECONNREFUSED || errno == ENETUNREACH || errno == EACCES || errno == EPERM)
540 close(fd);
541 conn->err_code = CO_ER_SOCK_ERR;
542 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200543 return SF_ERR_SRVCL;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200544 }
545 }
Willy Tarreau7bb21532014-05-10 09:48:28 +0200546 else {
547 /* connect() already succeeded, which is quite usual for unix
Willy Tarreau94841792017-01-25 14:27:38 +0100548 * sockets. Let's avoid a second connect() probe to complete it.
Willy Tarreau7bb21532014-05-10 09:48:28 +0200549 */
550 conn->flags &= ~CO_FL_WAIT_L4_CONN;
Willy Tarreau7bb21532014-05-10 09:48:28 +0200551 }
Willy Tarreau47f48c42014-05-09 22:57:47 +0200552
553 conn->flags |= CO_FL_ADDR_TO_SET;
554
555 /* Prepare to send a few handshakes related to the on-wire protocol. */
556 if (conn->send_proxy_ofs)
557 conn->flags |= CO_FL_SEND_PROXY;
558
559 conn_ctrl_init(conn); /* registers the FD */
Willy Tarreau7bb21532014-05-10 09:48:28 +0200560 fdtab[fd].linger_risk = 0; /* no need to disable lingering */
Willy Tarreau47f48c42014-05-09 22:57:47 +0200561
562 if (conn_xprt_init(conn) < 0) {
Willy Tarreau8c829012017-10-05 18:02:11 +0200563 conn_full_close(conn);
Willy Tarreau47f48c42014-05-09 22:57:47 +0200564 conn->flags |= CO_FL_ERROR;
Willy Tarreaue7dff022015-04-03 01:14:29 +0200565 return SF_ERR_RESOURCE;
Willy Tarreau47f48c42014-05-09 22:57:47 +0200566 }
567
Willy Tarreau94841792017-01-25 14:27:38 +0100568 if (conn->flags & (CO_FL_HANDSHAKE | CO_FL_WAIT_L4_CONN)) {
569 conn_sock_want_send(conn); /* for connect status, proxy protocol or SSL */
570 }
571 else {
572 /* If there's no more handshake, we need to notify the data
573 * layer when the connection is already OK otherwise we'll have
574 * no other opportunity to do it later (eg: health checks).
575 */
576 data = 1;
577 }
578
Willy Tarreau47f48c42014-05-09 22:57:47 +0200579 if (data)
Olivier Houchard1a0545f2017-09-13 18:30:23 +0200580 conn_xprt_want_send(conn); /* prepare to send data if any */
Willy Tarreau47f48c42014-05-09 22:57:47 +0200581
Willy Tarreaue7dff022015-04-03 01:14:29 +0200582 return SF_ERR_NONE; /* connection is OK */
Willy Tarreau47f48c42014-05-09 22:57:47 +0200583}
584
585
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100586/********************************
587 * 3) protocol-oriented functions
588 ********************************/
589
590
Willy Tarreau92fb9832007-10-16 17:34:28 +0200591/* This function creates all UNIX sockets bound to the protocol entry <proto>.
592 * It is intended to be used as the protocol's bind_all() function.
593 * The sockets will be registered but not added to any fd_set, in order not to
594 * loose them across the fork(). A call to uxst_enable_listeners() is needed
595 * to complete initialization.
596 *
597 * The return value is composed from ERR_NONE, ERR_RETRYABLE and ERR_FATAL.
598 */
Emeric Bruncf20bf12010-10-22 16:06:11 +0200599static int uxst_bind_listeners(struct protocol *proto, char *errmsg, int errlen)
Willy Tarreau92fb9832007-10-16 17:34:28 +0200600{
601 struct listener *listener;
602 int err = ERR_NONE;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200603
604 list_for_each_entry(listener, &proto->listeners, proto_list) {
Emeric Bruncf20bf12010-10-22 16:06:11 +0200605 err |= uxst_bind_listener(listener, errmsg, errlen);
606 if (err & ERR_ABORT)
607 break;
Willy Tarreau92fb9832007-10-16 17:34:28 +0200608 }
Willy Tarreau92fb9832007-10-16 17:34:28 +0200609 return err;
610}
611
Willy Tarreau92fb9832007-10-16 17:34:28 +0200612
613/* This function stops all listening UNIX sockets bound to the protocol
614 * <proto>. It does not detaches them from the protocol.
615 * It always returns ERR_NONE.
616 */
617static int uxst_unbind_listeners(struct protocol *proto)
618{
619 struct listener *listener;
620
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100621 list_for_each_entry(listener, &proto->listeners, proto_list)
622 uxst_unbind_listener(listener);
Willy Tarreau92fb9832007-10-16 17:34:28 +0200623 return ERR_NONE;
624}
625
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200626/* parse the "mode" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200627static int bind_parse_mode(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200628{
Willy Tarreaua1a247b2017-10-04 14:43:44 +0200629 char *endptr;
630
631 conf->ux.mode = strtol(args[cur_arg + 1], &endptr, 8);
632
633 if (!*args[cur_arg + 1] || *endptr) {
634 memprintf(err, "'%s' : missing or invalid mode '%s' (octal integer expected)", args[cur_arg], args[cur_arg + 1]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200635 return ERR_ALERT | ERR_FATAL;
636 }
637
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200638 return 0;
639}
640
641/* parse the "gid" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200642static int bind_parse_gid(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200643{
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200644 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200645 memprintf(err, "'%s' : missing value", args[cur_arg]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200646 return ERR_ALERT | ERR_FATAL;
647 }
648
Willy Tarreau290e63a2012-09-20 18:07:14 +0200649 conf->ux.gid = atol(args[cur_arg + 1]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200650 return 0;
651}
652
653/* parse the "group" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200654static int bind_parse_group(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200655{
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200656 struct group *group;
657
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200658 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200659 memprintf(err, "'%s' : missing group name", args[cur_arg]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200660 return ERR_ALERT | ERR_FATAL;
661 }
662
663 group = getgrnam(args[cur_arg + 1]);
664 if (!group) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200665 memprintf(err, "'%s' : unknown group name '%s'", args[cur_arg], args[cur_arg + 1]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200666 return ERR_ALERT | ERR_FATAL;
667 }
668
Willy Tarreau290e63a2012-09-20 18:07:14 +0200669 conf->ux.gid = group->gr_gid;
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200670 return 0;
671}
672
673/* parse the "uid" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200674static int bind_parse_uid(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200675{
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200676 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200677 memprintf(err, "'%s' : missing value", args[cur_arg]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200678 return ERR_ALERT | ERR_FATAL;
679 }
680
Willy Tarreau290e63a2012-09-20 18:07:14 +0200681 conf->ux.uid = atol(args[cur_arg + 1]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200682 return 0;
683}
684
685/* parse the "user" bind keyword */
Willy Tarreau4348fad2012-09-20 16:48:07 +0200686static int bind_parse_user(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200687{
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200688 struct passwd *user;
689
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200690 if (!*args[cur_arg + 1]) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200691 memprintf(err, "'%s' : missing user name", args[cur_arg]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200692 return ERR_ALERT | ERR_FATAL;
693 }
694
695 user = getpwnam(args[cur_arg + 1]);
696 if (!user) {
Willy Tarreaueb6cead2012-09-20 19:43:14 +0200697 memprintf(err, "'%s' : unknown user name '%s'", args[cur_arg], args[cur_arg + 1]);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200698 return ERR_ALERT | ERR_FATAL;
699 }
700
Willy Tarreau290e63a2012-09-20 18:07:14 +0200701 conf->ux.uid = user->pw_uid;
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200702 return 0;
703}
704
705/* Note: must not be declared <const> as its list will be overwritten.
706 * Please take care of keeping this list alphabetically sorted, doing so helps
707 * all code contributors.
708 * Optional keywords are also declared with a NULL ->parse() function so that
709 * the config parser can report an appropriate error when a known keyword was
710 * not enabled.
711 */
Willy Tarreau51fb7652012-09-18 18:24:39 +0200712static struct bind_kw_list bind_kws = { "UNIX", { }, {
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200713 { "gid", bind_parse_gid, 1 }, /* set the socket's gid */
714 { "group", bind_parse_group, 1 }, /* set the socket's gid from the group name */
715 { "mode", bind_parse_mode, 1 }, /* set the socket's mode (eg: 0644)*/
716 { "uid", bind_parse_uid, 1 }, /* set the socket's uid */
717 { "user", bind_parse_user, 1 }, /* set the socket's uid from the user name */
718 { NULL, NULL, 0 },
719}};
Willy Tarreaudabf2e22007-10-28 21:59:24 +0100720
721/********************************
722 * 4) high-level functions
723 ********************************/
724
Willy Tarreau92fb9832007-10-16 17:34:28 +0200725__attribute__((constructor))
726static void __uxst_protocol_init(void)
727{
728 protocol_register(&proto_unix);
Willy Tarreaud0a895d2012-09-18 17:40:35 +0200729 bind_register_keywords(&bind_kws);
Willy Tarreau92fb9832007-10-16 17:34:28 +0200730}
731
732
733/*
734 * Local variables:
735 * c-indent-level: 8
736 * c-basic-offset: 8
737 * End:
738 */