blob: c18cc66c5737145c3114ff403e5407c3429fd26e [file] [log] [blame]
Willy Tarreaubaaee002006-06-26 02:48:02 +02001/*
Willy Tarreau03fa5df2010-05-24 21:02:37 +02002 * Frontend variables and functions.
Willy Tarreaubaaee002006-06-26 02:48:02 +02003 *
Willy Tarreaua73fcaf2011-03-20 10:15:22 +01004 * Copyright 2000-2011 Willy Tarreau <w@1wt.eu>
Willy Tarreaubaaee002006-06-26 02:48:02 +02005 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <errno.h>
14#include <fcntl.h>
15#include <stdio.h>
16#include <stdlib.h>
Willy Tarreau2dd0d472006-06-29 17:53:05 +020017#include <string.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020018
19#include <sys/socket.h>
20#include <sys/stat.h>
21#include <sys/types.h>
22
Willy Tarreau48a7e722010-12-24 15:26:39 +010023#include <netinet/tcp.h>
24
Willy Tarreau2dd0d472006-06-29 17:53:05 +020025#include <common/compat.h>
Willy Tarreaue3ba5f02006-06-29 18:54:54 +020026#include <common/config.h>
Willy Tarreau8b0cbf92010-10-15 23:23:19 +020027#include <common/debug.h>
28#include <common/standard.h>
Willy Tarreau2dd0d472006-06-29 17:53:05 +020029#include <common/time.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020030
Willy Tarreaubaaee002006-06-26 02:48:02 +020031#include <types/global.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020032
Willy Tarreau8797c062007-05-07 00:55:35 +020033#include <proto/acl.h>
Willy Tarreau54469402006-07-29 16:59:06 +020034#include <proto/buffers.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020035#include <proto/fd.h>
Willy Tarreau03fa5df2010-05-24 21:02:37 +020036#include <proto/frontend.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020037#include <proto/log.h>
Willy Tarreaue5f20dc2006-12-03 15:21:35 +010038#include <proto/hdr_idx.h>
Willy Tarreau9650f372009-08-16 14:02:45 +020039#include <proto/proto_tcp.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020040#include <proto/proto_http.h>
Willy Tarreau7f062c42009-03-05 18:43:00 +010041#include <proto/proxy.h>
Willy Tarreauc6ca1a02007-05-13 19:43:47 +020042#include <proto/session.h>
Willy Tarreaudded32d2008-11-30 19:48:07 +010043#include <proto/stream_interface.h>
Willy Tarreaubaaee002006-06-26 02:48:02 +020044#include <proto/stream_sock.h>
45#include <proto/task.h>
46
Willy Tarreau81f9aa32010-06-01 17:45:26 +020047/* Finish a session accept() for a proxy (TCP or HTTP). It returns a negative
Willy Tarreauabe8ea52010-11-11 10:56:04 +010048 * value in case of a critical failure which must cause the listener to be
49 * disabled, a positive value in case of success, or zero if it is a success
50 * but the session must be closed ASAP (eg: monitoring).
Willy Tarreaubaaee002006-06-26 02:48:02 +020051 */
Willy Tarreau81f9aa32010-06-01 17:45:26 +020052int frontend_accept(struct session *s)
Willy Tarreaueb472682010-05-28 18:46:57 +020053{
Willy Tarreau81f9aa32010-06-01 17:45:26 +020054 int cfd = s->si[0].fd;
Emeric Brunb982a3d2010-01-04 15:45:53 +010055
Willy Tarreaueb472682010-05-28 18:46:57 +020056 tv_zero(&s->logs.tv_request);
57 s->logs.t_queue = -1;
58 s->logs.t_connect = -1;
59 s->logs.t_data = -1;
60 s->logs.t_close = 0;
61 s->logs.bytes_in = s->logs.bytes_out = 0;
62 s->logs.prx_queue_size = 0; /* we get the number of pending conns before us */
63 s->logs.srv_queue_size = 0; /* we will get this number soon */
Willy Tarreaubaaee002006-06-26 02:48:02 +020064
Willy Tarreau35a09942010-06-01 17:12:40 +020065 /* FIXME: the logs are horribly complicated now, because they are
66 * defined in <p>, <p>, and later <be> and <be>.
Willy Tarreaueb472682010-05-28 18:46:57 +020067 */
William Lallemandbddd4fd2012-02-27 11:23:10 +010068 s->do_log = sess_log;
Willy Tarreau35a09942010-06-01 17:12:40 +020069
70 /* default error reporting function, may be changed by analysers */
71 s->srv_error = default_srv_error;
Willy Tarreaubaaee002006-06-26 02:48:02 +020072
Willy Tarreauf67c9782010-05-23 22:59:00 +020073 /* Adjust some socket options */
Willy Tarreau9c3bc222010-12-24 14:49:37 +010074 if (s->listener->addr.ss_family == AF_INET || s->listener->addr.ss_family == AF_INET6) {
75 if (setsockopt(cfd, IPPROTO_TCP, TCP_NODELAY,
76 (char *) &one, sizeof(one)) == -1)
77 goto out_return;
Willy Tarreauf67c9782010-05-23 22:59:00 +020078
Willy Tarreau9c3bc222010-12-24 14:49:37 +010079 if (s->fe->options & PR_O_TCP_CLI_KA)
80 setsockopt(cfd, SOL_SOCKET, SO_KEEPALIVE,
81 (char *) &one, sizeof(one));
Willy Tarreauf67c9782010-05-23 22:59:00 +020082
Willy Tarreau9c3bc222010-12-24 14:49:37 +010083 if (s->fe->options & PR_O_TCP_NOLING)
84 setsockopt(cfd, SOL_SOCKET, SO_LINGER,
85 (struct linger *) &nolinger, sizeof(struct linger));
Willy Tarreau48a7e722010-12-24 15:26:39 +010086#if defined(TCP_MAXSEG)
87 if (s->listener->maxseg < 0) {
88 /* we just want to reduce the current MSS by that value */
89 int mss;
Willy Tarreau7d286a02011-01-05 15:42:54 +010090 socklen_t mss_len = sizeof(mss);
Willy Tarreau48a7e722010-12-24 15:26:39 +010091 if (getsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, &mss_len) == 0) {
92 mss += s->listener->maxseg; /* remember, it's < 0 */
93 setsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, sizeof(mss));
94 }
95 }
96#endif
Willy Tarreau9c3bc222010-12-24 14:49:37 +010097 }
Willy Tarreauf67c9782010-05-23 22:59:00 +020098
99 if (global.tune.client_sndbuf)
100 setsockopt(cfd, SOL_SOCKET, SO_SNDBUF, &global.tune.client_sndbuf, sizeof(global.tune.client_sndbuf));
101
102 if (global.tune.client_rcvbuf)
103 setsockopt(cfd, SOL_SOCKET, SO_RCVBUF, &global.tune.client_rcvbuf, sizeof(global.tune.client_rcvbuf));
104
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200105 if (s->fe->mode == PR_MODE_HTTP) {
Willy Tarreaueb472682010-05-28 18:46:57 +0200106 /* the captures are only used in HTTP frontends */
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200107 if (unlikely(s->fe->nb_req_cap > 0 &&
108 (s->txn.req.cap = pool_alloc2(s->fe->req_cap_pool)) == NULL))
Willy Tarreauabe8ea52010-11-11 10:56:04 +0100109 goto out_return; /* no memory */
Willy Tarreaubaaee002006-06-26 02:48:02 +0200110
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200111 if (unlikely(s->fe->nb_rsp_cap > 0 &&
112 (s->txn.rsp.cap = pool_alloc2(s->fe->rsp_cap_pool)) == NULL))
Willy Tarreau35a09942010-06-01 17:12:40 +0200113 goto out_free_reqcap; /* no memory */
Willy Tarreaueb472682010-05-28 18:46:57 +0200114 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200115
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200116 if (s->fe->acl_requires & ACL_USE_L7_ANY) {
Willy Tarreaueb472682010-05-28 18:46:57 +0200117 /* we have to allocate header indexes only if we know
118 * that we may make use of them. This of course includes
119 * (mode == PR_MODE_HTTP).
Willy Tarreau042cc792007-03-19 16:20:06 +0100120 */
Willy Tarreauac1932d2011-10-24 19:14:41 +0200121 s->txn.hdr_idx.size = global.tune.max_http_hdr;
Willy Tarreau45e73e32006-12-17 00:05:15 +0100122
Willy Tarreau34eb6712011-10-24 18:15:04 +0200123 if (unlikely((s->txn.hdr_idx.v = pool_alloc2(pool2_hdr_idx)) == NULL))
Willy Tarreau35a09942010-06-01 17:12:40 +0200124 goto out_free_rspcap; /* no memory */
Willy Tarreau45e73e32006-12-17 00:05:15 +0100125
Willy Tarreaueb472682010-05-28 18:46:57 +0200126 /* and now initialize the HTTP transaction state */
127 http_init_txn(s);
128 }
Willy Tarreaue5f20dc2006-12-03 15:21:35 +0100129
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200130 if ((s->fe->mode == PR_MODE_TCP || s->fe->mode == PR_MODE_HTTP)
William Lallemand0f99e342011-10-12 17:50:54 +0200131 && (!LIST_ISEMPTY(&s->fe->logsrvs))) {
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200132 if (likely(s->fe->to_log)) {
Willy Tarreaueb472682010-05-28 18:46:57 +0200133 /* we have the client ip */
134 if (s->logs.logwait & LW_CLIP)
135 if (!(s->logs.logwait &= ~LW_CLIP))
136 s->do_log(s);
Willy Tarreaua3445fc2010-05-20 16:17:07 +0200137 }
Willy Tarreau631f01c2011-09-05 00:36:48 +0200138 else {
Willy Tarreaueb472682010-05-28 18:46:57 +0200139 char pn[INET6_ADDRSTRLEN], sn[INET6_ADDRSTRLEN];
Willy Tarreau14c8aac2007-05-08 19:46:30 +0200140
Willy Tarreau9b061e32012-04-07 18:03:52 +0200141 stream_sock_get_from_addr(s->req->prod);
142 stream_sock_get_to_addr(s->req->prod);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200143
Willy Tarreau6471afb2011-09-23 10:54:59 +0200144 switch (addr_to_str(&s->req->prod->addr.from, pn, sizeof(pn))) {
Willy Tarreau631f01c2011-09-05 00:36:48 +0200145 case AF_INET:
146 case AF_INET6:
Willy Tarreau6471afb2011-09-23 10:54:59 +0200147 addr_to_str(&s->req->prod->addr.to, sn, sizeof(sn));
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200148 send_log(s->fe, LOG_INFO, "Connect from %s:%d to %s:%d (%s/%s)\n",
Willy Tarreau6471afb2011-09-23 10:54:59 +0200149 pn, get_host_port(&s->req->prod->addr.from),
150 sn, get_host_port(&s->req->prod->addr.to),
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200151 s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
Willy Tarreau631f01c2011-09-05 00:36:48 +0200152 break;
153 case AF_UNIX:
154 /* UNIX socket, only the destination is known */
155 send_log(s->fe, LOG_INFO, "Connect to unix:%d (%s/%s)\n",
156 s->listener->luid,
157 s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
158 break;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200159 }
Willy Tarreaueb472682010-05-28 18:46:57 +0200160 }
161 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200162
Willy Tarreau2281b7f2010-05-28 19:29:49 +0200163 if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) {
Willy Tarreau631f01c2011-09-05 00:36:48 +0200164 char pn[INET6_ADDRSTRLEN];
Willy Tarreaub0f75322011-09-09 11:21:06 +0200165 int len = 0;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200166
Willy Tarreau9b061e32012-04-07 18:03:52 +0200167 stream_sock_get_from_addr(s->req->prod);
Willy Tarreaubaaee002006-06-26 02:48:02 +0200168
Willy Tarreau6471afb2011-09-23 10:54:59 +0200169 switch (addr_to_str(&s->req->prod->addr.from, pn, sizeof(pn))) {
Willy Tarreau631f01c2011-09-05 00:36:48 +0200170 case AF_INET:
171 case AF_INET6:
Willy Tarreaueb472682010-05-28 18:46:57 +0200172 len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [%s:%d]\n",
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200173 s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
Willy Tarreau6471afb2011-09-23 10:54:59 +0200174 pn, get_host_port(&s->req->prod->addr.from));
Willy Tarreau631f01c2011-09-05 00:36:48 +0200175 break;
176 case AF_UNIX:
177 /* UNIX socket, only the destination is known */
Emeric Brunab844ea2010-10-22 16:33:18 +0200178 len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [unix:%d]\n",
179 s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
180 s->listener->luid);
Willy Tarreau631f01c2011-09-05 00:36:48 +0200181 break;
Emeric Brunab844ea2010-10-22 16:33:18 +0200182 }
Willy Tarreau9a2d1542008-08-30 12:31:07 +0200183
Willy Tarreau21337822012-04-29 14:11:38 +0200184 if (write(1, trash, len) < 0) /* shut gcc warning */;
Willy Tarreaueb472682010-05-28 18:46:57 +0200185 }
Willy Tarreaubaaee002006-06-26 02:48:02 +0200186
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200187 if (s->fe->mode == PR_MODE_HTTP)
Willy Tarreaueb472682010-05-28 18:46:57 +0200188 s->req->flags |= BF_READ_DONTWAIT; /* one read is usually enough */
Willy Tarreaubaaee002006-06-26 02:48:02 +0200189
Willy Tarreaueb472682010-05-28 18:46:57 +0200190 /* note: this should not happen anymore since there's always at least the switching rules */
191 if (!s->req->analysers) {
192 buffer_auto_connect(s->req); /* don't wait to establish connection */
193 buffer_auto_close(s->req); /* let the producer forward close requests */
194 }
Willy Tarreaud7971282006-07-29 18:36:34 +0200195
Willy Tarreaueb472682010-05-28 18:46:57 +0200196 s->req->rto = s->fe->timeout.client;
Willy Tarreaueb472682010-05-28 18:46:57 +0200197 s->rep->wto = s->fe->timeout.client;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200198
Willy Tarreaueb472682010-05-28 18:46:57 +0200199 fdtab[cfd].flags = FD_FL_TCP | FD_FL_TCP_NODELAY;
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200200 if (s->fe->options & PR_O_TCP_NOLING)
Willy Tarreaueb472682010-05-28 18:46:57 +0200201 fdtab[cfd].flags |= FD_FL_TCP_NOLING;
Willy Tarreau6e6fb2b2009-08-16 18:20:44 +0200202
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200203 if (unlikely((s->fe->mode == PR_MODE_HTTP && (s->flags & SN_MONITOR)) ||
Willy Tarreau1620ec32011-08-06 17:05:02 +0200204 (s->fe->mode == PR_MODE_HEALTH && ((s->fe->options2 & PR_O2_CHK_ANY) == PR_O2_HTTP_CHK)))) {
Willy Tarreaueb472682010-05-28 18:46:57 +0200205 /* Either we got a request from a monitoring system on an HTTP instance,
206 * or we're in health check mode with the 'httpchk' option enabled. In
207 * both cases, we return a fake "HTTP/1.0 200 OK" response and we exit.
208 */
209 struct chunk msg;
210 chunk_initstr(&msg, "HTTP/1.0 200 OK\r\n\r\n");
211 stream_int_retnclose(&s->si[0], &msg); /* forge a 200 response */
212 s->req->analysers = 0;
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200213 s->task->expire = s->rep->wex;
Willy Tarreau35a09942010-06-01 17:12:40 +0200214 EV_FD_CLR(cfd, DIR_RD);
Willy Tarreaueb472682010-05-28 18:46:57 +0200215 }
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200216 else if (unlikely(s->fe->mode == PR_MODE_HEALTH)) { /* health check mode, no client reading */
Willy Tarreaueb472682010-05-28 18:46:57 +0200217 struct chunk msg;
218 chunk_initstr(&msg, "OK\n");
219 stream_int_retnclose(&s->si[0], &msg); /* forge an "OK" response */
220 s->req->analysers = 0;
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200221 s->task->expire = s->rep->wex;
Willy Tarreau35a09942010-06-01 17:12:40 +0200222 EV_FD_CLR(cfd, DIR_RD);
Willy Tarreaueb472682010-05-28 18:46:57 +0200223 }
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200224 /* everything's OK, let's go on */
Willy Tarreaueb472682010-05-28 18:46:57 +0200225 return 1;
Willy Tarreau8ced9a42007-11-04 17:51:50 +0100226
227 /* Error unrolling */
Willy Tarreau35a09942010-06-01 17:12:40 +0200228 out_free_rspcap:
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200229 pool_free2(s->fe->rsp_cap_pool, s->txn.rsp.cap);
Willy Tarreau35a09942010-06-01 17:12:40 +0200230 out_free_reqcap:
Willy Tarreau81f9aa32010-06-01 17:45:26 +0200231 pool_free2(s->fe->req_cap_pool, s->txn.req.cap);
Willy Tarreauabe8ea52010-11-11 10:56:04 +0100232 out_return:
Willy Tarreaueb472682010-05-28 18:46:57 +0200233 return -1;
Willy Tarreaubaaee002006-06-26 02:48:02 +0200234}
235
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200236/* This analyser tries to fetch a line from the request buffer which looks like :
237 *
238 * "PROXY" <SP> PROTO <SP> SRC3 <SP> DST3 <SP> SRC4 <SP> <DST4> "\r\n"
239 *
240 * There must be exactly one space between each field. Fields are :
Emeric Brun861ccff2010-10-29 12:03:03 +0200241 * - PROTO : layer 4 protocol, which must be "TCP4" or "TCP6".
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200242 * - SRC3 : layer 3 (eg: IP) source address in standard text form
243 * - DST3 : layer 3 (eg: IP) destination address in standard text form
244 * - SRC4 : layer 4 (eg: TCP port) source address in standard text form
245 * - DST4 : layer 4 (eg: TCP port) destination address in standard text form
246 *
247 * This line MUST be at the beginning of the buffer and MUST NOT wrap.
248 *
249 * Once the data is fetched, the values are set in the session's field and data
250 * are removed from the buffer. The function returns zero if it needs to wait
251 * for more data (max: timeout_client), or 1 if it has finished and removed itself.
252 */
253int frontend_decode_proxy_request(struct session *s, struct buffer *req, int an_bit)
254{
255 char *line = req->data;
Willy Tarreau02d6cfc2012-03-01 18:19:58 +0100256 char *end = req->data + req->i;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200257 int len;
258
Willy Tarreau02d6cfc2012-03-01 18:19:58 +0100259 DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200260 now_ms, __FUNCTION__,
261 s,
262 req,
263 req->rex, req->wex,
264 req->flags,
Willy Tarreau02d6cfc2012-03-01 18:19:58 +0100265 req->i,
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200266 req->analysers);
267
268 if (req->flags & (BF_READ_ERROR|BF_READ_TIMEOUT))
269 goto fail;
270
Willy Tarreau02d6cfc2012-03-01 18:19:58 +0100271 len = MIN(req->i, 6);
Emeric Brunf4711a32010-10-29 15:16:55 +0200272 if (!len)
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200273 goto missing;
274
Emeric Brunf4711a32010-10-29 15:16:55 +0200275 /* Decode a possible proxy request, fail early if it does not match */
276 if (strncmp(line, "PROXY ", len) != 0)
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200277 goto fail;
Emeric Brunf4711a32010-10-29 15:16:55 +0200278
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200279 line += 6;
Willy Tarreau02d6cfc2012-03-01 18:19:58 +0100280 if (req->i < 18) /* shortest possible line */
Emeric Brunf4711a32010-10-29 15:16:55 +0200281 goto missing;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200282
Emeric Brun861ccff2010-10-29 12:03:03 +0200283 if (!memcmp(line, "TCP4 ", 5) != 0) {
284 u32 src3, dst3, sport, dport;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200285
Emeric Brun861ccff2010-10-29 12:03:03 +0200286 line += 5;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200287
Emeric Brun861ccff2010-10-29 12:03:03 +0200288 src3 = inetaddr_host_lim_ret(line, end, &line);
289 if (line == end)
290 goto missing;
291 if (*line++ != ' ')
292 goto fail;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200293
Emeric Brun861ccff2010-10-29 12:03:03 +0200294 dst3 = inetaddr_host_lim_ret(line, end, &line);
295 if (line == end)
296 goto missing;
297 if (*line++ != ' ')
298 goto fail;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200299
Emeric Brun861ccff2010-10-29 12:03:03 +0200300 sport = read_uint((const char **)&line, end);
301 if (line == end)
302 goto missing;
303 if (*line++ != ' ')
304 goto fail;
305
306 dport = read_uint((const char **)&line, end);
307 if (line > end - 2)
308 goto missing;
309 if (*line++ != '\r')
310 goto fail;
311 if (*line++ != '\n')
312 goto fail;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200313
Emeric Brun861ccff2010-10-29 12:03:03 +0200314 /* update the session's addresses and mark them set */
Willy Tarreau6471afb2011-09-23 10:54:59 +0200315 ((struct sockaddr_in *)&s->si[0].addr.from)->sin_family = AF_INET;
316 ((struct sockaddr_in *)&s->si[0].addr.from)->sin_addr.s_addr = htonl(src3);
317 ((struct sockaddr_in *)&s->si[0].addr.from)->sin_port = htons(sport);
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200318
Willy Tarreau6471afb2011-09-23 10:54:59 +0200319 ((struct sockaddr_in *)&s->si[0].addr.to)->sin_family = AF_INET;
320 ((struct sockaddr_in *)&s->si[0].addr.to)->sin_addr.s_addr = htonl(dst3);
321 ((struct sockaddr_in *)&s->si[0].addr.to)->sin_port = htons(dport);
Willy Tarreau9b061e32012-04-07 18:03:52 +0200322 s->si[0].flags |= SI_FL_FROM_SET | SI_FL_TO_SET;
Emeric Brun861ccff2010-10-29 12:03:03 +0200323 }
324 else if (!memcmp(line, "TCP6 ", 5) != 0) {
325 u32 sport, dport;
326 char *src_s;
327 char *dst_s, *sport_s, *dport_s;
328 struct in6_addr src3, dst3;
329
330 line+=5;
331
332 src_s = line;
333 dst_s = sport_s = dport_s = NULL;
334 while (1) {
335 if (line > end - 2) {
336 goto missing;
337 }
338 else if (*line == '\r') {
339 *line = 0;
340 line++;
341 if (*line++ != '\n')
342 goto fail;
343 break;
344 }
345
346 if (*line == ' ') {
347 *line = 0;
348 if (!dst_s)
349 dst_s = line+1;
350 else if (!sport_s)
351 sport_s = line+1;
352 else if (!dport_s)
353 dport_s = line+1;
354 }
355 line++;
356 }
357
358 if (!dst_s || !sport_s || !dport_s)
359 goto fail;
360
361 sport = read_uint((const char **)&sport_s,dport_s-1);
362 if ( *sport_s != 0 )
363 goto fail;
364
365 dport = read_uint((const char **)&dport_s,line-2);
366 if ( *dport_s != 0 )
367 goto fail;
368
369 if (inet_pton(AF_INET6, src_s, (void *)&src3) != 1)
370 goto fail;
371
372 if (inet_pton(AF_INET6, dst_s, (void *)&dst3) != 1)
373 goto fail;
374
375 /* update the session's addresses and mark them set */
Willy Tarreau6471afb2011-09-23 10:54:59 +0200376 ((struct sockaddr_in6 *)&s->si[0].addr.from)->sin6_family = AF_INET6;
377 memcpy(&((struct sockaddr_in6 *)&s->si[0].addr.from)->sin6_addr, &src3, sizeof(struct in6_addr));
378 ((struct sockaddr_in6 *)&s->si[0].addr.from)->sin6_port = htons(sport);
Emeric Brun861ccff2010-10-29 12:03:03 +0200379
Willy Tarreau6471afb2011-09-23 10:54:59 +0200380 ((struct sockaddr_in6 *)&s->si[0].addr.to)->sin6_family = AF_INET6;
381 memcpy(&((struct sockaddr_in6 *)&s->si[0].addr.to)->sin6_addr, &dst3, sizeof(struct in6_addr));
382 ((struct sockaddr_in6 *)&s->si[0].addr.to)->sin6_port = htons(dport);
Willy Tarreau9b061e32012-04-07 18:03:52 +0200383 s->si[0].flags |= SI_FL_FROM_SET | SI_FL_TO_SET;
Emeric Brun861ccff2010-10-29 12:03:03 +0200384 }
385 else {
386 goto fail;
387 }
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200388
389 /* remove the PROXY line from the request */
390 len = line - req->data;
391 buffer_replace2(req, req->data, line, NULL, 0);
392 req->total -= len; /* don't count the header line */
393
394 req->analysers &= ~an_bit;
395 return 1;
396
397 missing:
398 if (!(req->flags & (BF_SHUTR|BF_FULL))) {
399 buffer_dont_connect(s->req);
400 return 0;
401 }
402 /* missing data and buffer is either full or shutdown => fail */
403
404 fail:
405 buffer_abort(req);
406 buffer_abort(s->rep);
407 req->analysers = 0;
408
Willy Tarreau7d0aaf32011-03-10 23:25:56 +0100409 s->fe->fe_counters.failed_req++;
Willy Tarreau8b0cbf92010-10-15 23:23:19 +0200410 if (s->listener->counters)
411 s->listener->counters->failed_req++;
412
413 if (!(s->flags & SN_ERR_MASK))
414 s->flags |= SN_ERR_PRXCOND;
415 if (!(s->flags & SN_FINST_MASK))
416 s->flags |= SN_FINST_R;
417 return 0;
418}
419
Willy Tarreaua73fcaf2011-03-20 10:15:22 +0100420/* Makes a PROXY protocol line from the two addresses. The output is sent to
421 * buffer <buf> for a maximum size of <buf_len> (including the trailing zero).
422 * It returns the number of bytes composing this line (including the trailing
423 * LF), or zero in case of failure (eg: not enough space). It supports TCP4,
424 * TCP6 and "UNKNOWN" formats.
425 */
426int make_proxy_line(char *buf, int buf_len, struct sockaddr_storage *src, struct sockaddr_storage *dst)
427{
428 int ret = 0;
429
430 if (src->ss_family == dst->ss_family && src->ss_family == AF_INET) {
431 ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP4 ");
432 if (ret >= buf_len)
433 return 0;
434
435 /* IPv4 src */
436 if (!inet_ntop(src->ss_family, &((struct sockaddr_in *)src)->sin_addr, buf + ret, buf_len - ret))
437 return 0;
438
439 ret += strlen(buf + ret);
440 if (ret >= buf_len)
441 return 0;
442
443 buf[ret++] = ' ';
444
445 /* IPv4 dst */
446 if (!inet_ntop(dst->ss_family, &((struct sockaddr_in *)dst)->sin_addr, buf + ret, buf_len - ret))
447 return 0;
448
449 ret += strlen(buf + ret);
450 if (ret >= buf_len)
451 return 0;
452
453 /* source and destination ports */
454 ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
455 ntohs(((struct sockaddr_in *)src)->sin_port),
456 ntohs(((struct sockaddr_in *)dst)->sin_port));
457 if (ret >= buf_len)
458 return 0;
459 }
460 else if (src->ss_family == dst->ss_family && src->ss_family == AF_INET6) {
461 ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP6 ");
462 if (ret >= buf_len)
463 return 0;
464
465 /* IPv6 src */
466 if (!inet_ntop(src->ss_family, &((struct sockaddr_in6 *)src)->sin6_addr, buf + ret, buf_len - ret))
467 return 0;
468
469 ret += strlen(buf + ret);
470 if (ret >= buf_len)
471 return 0;
472
473 buf[ret++] = ' ';
474
475 /* IPv6 dst */
476 if (!inet_ntop(dst->ss_family, &((struct sockaddr_in6 *)dst)->sin6_addr, buf + ret, buf_len - ret))
477 return 0;
478
479 ret += strlen(buf + ret);
480 if (ret >= buf_len)
481 return 0;
482
483 /* source and destination ports */
484 ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
485 ntohs(((struct sockaddr_in6 *)src)->sin6_port),
486 ntohs(((struct sockaddr_in6 *)dst)->sin6_port));
487 if (ret >= buf_len)
488 return 0;
489 }
490 else {
491 /* unknown family combination */
492 ret = snprintf(buf, buf_len, "PROXY UNKNOWN\r\n");
493 if (ret >= buf_len)
494 return 0;
495 }
496 return ret;
497}
498
Willy Tarreaua5e37562011-12-16 17:06:15 +0100499/* set temp integer to the id of the frontend */
Willy Tarreaud41f8d82007-06-10 10:06:18 +0200500static int
Willy Tarreau645513a2010-05-24 20:55:15 +0200501acl_fetch_fe_id(struct proxy *px, struct session *l4, void *l7, int dir,
502 struct acl_expr *expr, struct acl_test *test) {
Willy Tarreau662b2d82007-05-08 19:56:15 +0200503
Willy Tarreau662b2d82007-05-08 19:56:15 +0200504 test->flags = ACL_TEST_F_READ_ONLY;
Willy Tarreaua5e37562011-12-16 17:06:15 +0100505 temp_pattern.data.integer = l4->fe->uuid;
Emeric Brun5d16eda2010-01-04 15:47:45 +0100506 return 1;
507}
508
Willy Tarreaua5e37562011-12-16 17:06:15 +0100509/* set temp integer to the number of connections per second reaching the frontend */
Willy Tarreaud41f8d82007-06-10 10:06:18 +0200510static int
Willy Tarreau645513a2010-05-24 20:55:15 +0200511acl_fetch_fe_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir,
512 struct acl_expr *expr, struct acl_test *test)
Willy Tarreau662b2d82007-05-08 19:56:15 +0200513{
Willy Tarreau645513a2010-05-24 20:55:15 +0200514 test->flags = ACL_TEST_F_VOL_TEST;
515 if (expr->arg_len) {
516 /* another proxy was designated, we must look for it */
517 for (px = proxy; px; px = px->next)
518 if ((px->cap & PR_CAP_FE) && !strcmp(px->id, expr->arg.str))
519 break;
520 }
521 if (!px)
522 return 0;
Emeric Brun5d16eda2010-01-04 15:47:45 +0100523
Willy Tarreaua5e37562011-12-16 17:06:15 +0100524 temp_pattern.data.integer = read_freq_ctr(&px->fe_sess_per_sec);
Emeric Brun5d16eda2010-01-04 15:47:45 +0100525 return 1;
526}
Alexandre Cassen5eb1a902007-11-29 15:43:32 +0100527
Willy Tarreaua5e37562011-12-16 17:06:15 +0100528/* set temp integer to the number of concurrent connections on the frontend */
Willy Tarreaud41f8d82007-06-10 10:06:18 +0200529static int
Willy Tarreau645513a2010-05-24 20:55:15 +0200530acl_fetch_fe_conn(struct proxy *px, struct session *l4, void *l7, int dir,
531 struct acl_expr *expr, struct acl_test *test)
Willy Tarreau8797c062007-05-07 00:55:35 +0200532{
Willy Tarreau645513a2010-05-24 20:55:15 +0200533 test->flags = ACL_TEST_F_VOL_TEST;
534 if (expr->arg_len) {
535 /* another proxy was designated, we must look for it */
536 for (px = proxy; px; px = px->next)
537 if ((px->cap & PR_CAP_FE) && !strcmp(px->id, expr->arg.str))
538 break;
539 }
540 if (!px)
541 return 0;
Krzysztof Piotr Oledzki346f76d2010-01-12 21:59:30 +0100542
Willy Tarreaua5e37562011-12-16 17:06:15 +0100543 temp_pattern.data.integer = px->feconn;
Krzysztof Piotr Oledzki346f76d2010-01-12 21:59:30 +0100544 return 1;
545}
546
Willy Tarreau8797c062007-05-07 00:55:35 +0200547
548/* Note: must not be declared <const> as its list will be overwritten */
549static struct acl_kw_list acl_kws = {{ },{
Willy Tarreau645513a2010-05-24 20:55:15 +0200550 { "fe_id", acl_parse_int, acl_fetch_fe_id, acl_match_int, ACL_USE_NOTHING },
551 { "fe_sess_rate", acl_parse_int, acl_fetch_fe_sess_rate, acl_match_int, ACL_USE_NOTHING },
552 { "fe_conn", acl_parse_int, acl_fetch_fe_conn, acl_match_int, ACL_USE_NOTHING },
Willy Tarreau8797c062007-05-07 00:55:35 +0200553 { NULL, NULL, NULL, NULL },
554}};
555
556
557__attribute__((constructor))
Willy Tarreau03fa5df2010-05-24 21:02:37 +0200558static void __frontend_init(void)
Willy Tarreau8797c062007-05-07 00:55:35 +0200559{
560 acl_register_keywords(&acl_kws);
561}
562
563
Willy Tarreaubaaee002006-06-26 02:48:02 +0200564/*
565 * Local variables:
566 * c-indent-level: 8
567 * c-basic-offset: 8
568 * End:
569 */