Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 74c24fb071ed9b76e10e12c237d2e7d3ff4025d8 / . / src / cli.c
blob: d7de7cb0699981876ae0a9664672d31ea70a05fa [file] [log] [blame]
William Lallemand74c24fb2016-11-21 17:18:36 +0100[diff] [blame^]1/*
2 * Functions dedicated to statistics output and the stats socket
3 *
4 * Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
5 * Copyright 2007-2009 Krzysztof Piotr Oledzki <ole@ans.pl>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
12 */
13
14#include <ctype.h>
15#include <errno.h>
16#include <fcntl.h>
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20#include <pwd.h>
21#include <grp.h>
22
23#include <sys/socket.h>
24#include <sys/stat.h>
25#include <sys/types.h>
26
27#include <common/cfgparse.h>
28#include <common/compat.h>
29#include <common/config.h>
30#include <common/debug.h>
31#include <common/memory.h>
32#include <common/mini-clist.h>
33#include <common/standard.h>
34#include <common/ticks.h>
35#include <common/time.h>
36#include <common/uri_auth.h>
37#include <common/version.h>
38#include <common/base64.h>
39
40#include <types/applet.h>
41#include <types/global.h>
42#include <types/dns.h>
43
44#include <proto/backend.h>
45#include <proto/channel.h>
46#include <proto/checks.h>
47#include <proto/compression.h>
48#include <proto/dumpstats.h>
49#include <proto/fd.h>
50#include <proto/freq_ctr.h>
51#include <proto/frontend.h>
52#include <proto/log.h>
53#include <proto/pattern.h>
54#include <proto/pipe.h>
55#include <proto/listener.h>
56#include <proto/map.h>
57#include <proto/proto_http.h>
58#include <proto/proto_uxst.h>
59#include <proto/proxy.h>
60#include <proto/sample.h>
61#include <proto/session.h>
62#include <proto/stream.h>
63#include <proto/server.h>
64#include <proto/raw_sock.h>
65#include <proto/stream_interface.h>
66#include <proto/task.h>
67
68#ifdef USE_OPENSSL
69#include <proto/ssl_sock.h>
70#include <types/ssl_sock.h>
71#endif
72
73/* These are the field names for each INF_* field position. Please pay attention
74 * to always use the exact same name except that the strings for new names must
75 * be lower case or CamelCase while the enum entries must be upper case.
76 */
77const char *info_field_names[INF_TOTAL_FIELDS] = {
78 [INF_NAME] = "Name",
79 [INF_VERSION] = "Version",
80 [INF_RELEASE_DATE] = "Release_date",
81 [INF_NBPROC] = "Nbproc",
82 [INF_PROCESS_NUM] = "Process_num",
83 [INF_PID] = "Pid",
84 [INF_UPTIME] = "Uptime",
85 [INF_UPTIME_SEC] = "Uptime_sec",
86 [INF_MEMMAX_MB] = "Memmax_MB",
87 [INF_POOL_ALLOC_MB] = "PoolAlloc_MB",
88 [INF_POOL_USED_MB] = "PoolUsed_MB",
89 [INF_POOL_FAILED] = "PoolFailed",
90 [INF_ULIMIT_N] = "Ulimit-n",
91 [INF_MAXSOCK] = "Maxsock",
92 [INF_MAXCONN] = "Maxconn",
93 [INF_HARD_MAXCONN] = "Hard_maxconn",
94 [INF_CURR_CONN] = "CurrConns",
95 [INF_CUM_CONN] = "CumConns",
96 [INF_CUM_REQ] = "CumReq",
97 [INF_MAX_SSL_CONNS] = "MaxSslConns",
98 [INF_CURR_SSL_CONNS] = "CurrSslConns",
99 [INF_CUM_SSL_CONNS] = "CumSslConns",
100 [INF_MAXPIPES] = "Maxpipes",
101 [INF_PIPES_USED] = "PipesUsed",
102 [INF_PIPES_FREE] = "PipesFree",
103 [INF_CONN_RATE] = "ConnRate",
104 [INF_CONN_RATE_LIMIT] = "ConnRateLimit",
105 [INF_MAX_CONN_RATE] = "MaxConnRate",
106 [INF_SESS_RATE] = "SessRate",
107 [INF_SESS_RATE_LIMIT] = "SessRateLimit",
108 [INF_MAX_SESS_RATE] = "MaxSessRate",
109 [INF_SSL_RATE] = "SslRate",
110 [INF_SSL_RATE_LIMIT] = "SslRateLimit",
111 [INF_MAX_SSL_RATE] = "MaxSslRate",
112 [INF_SSL_FRONTEND_KEY_RATE] = "SslFrontendKeyRate",
113 [INF_SSL_FRONTEND_MAX_KEY_RATE] = "SslFrontendMaxKeyRate",
114 [INF_SSL_FRONTEND_SESSION_REUSE_PCT] = "SslFrontendSessionReuse_pct",
115 [INF_SSL_BACKEND_KEY_RATE] = "SslBackendKeyRate",
116 [INF_SSL_BACKEND_MAX_KEY_RATE] = "SslBackendMaxKeyRate",
117 [INF_SSL_CACHE_LOOKUPS] = "SslCacheLookups",
118 [INF_SSL_CACHE_MISSES] = "SslCacheMisses",
119 [INF_COMPRESS_BPS_IN] = "CompressBpsIn",
120 [INF_COMPRESS_BPS_OUT] = "CompressBpsOut",
121 [INF_COMPRESS_BPS_RATE_LIM] = "CompressBpsRateLim",
122 [INF_ZLIB_MEM_USAGE] = "ZlibMemUsage",
123 [INF_MAX_ZLIB_MEM_USAGE] = "MaxZlibMemUsage",
124 [INF_TASKS] = "Tasks",
125 [INF_RUN_QUEUE] = "Run_queue",
126 [INF_IDLE_PCT] = "Idle_pct",
127 [INF_NODE] = "node",
128 [INF_DESCRIPTION] = "description",
129};
130
131/* one line of stats */
132static struct field info[INF_TOTAL_FIELDS];
133
134static int stats_dump_backend_to_buffer(struct stream_interface *si);
135static int stats_dump_env_to_buffer(struct stream_interface *si);
136static int stats_dump_info_to_buffer(struct stream_interface *si);
137static int stats_dump_servers_state_to_buffer(struct stream_interface *si);
138static int stats_dump_pools_to_buffer(struct stream_interface *si);
139static int stats_dump_full_sess_to_buffer(struct stream_interface *si, struct stream *sess);
140static int stats_dump_sess_to_buffer(struct stream_interface *si);
141static int stats_dump_errors_to_buffer(struct stream_interface *si);
142static int stats_table_request(struct stream_interface *si, int show);
143static int stats_dump_resolvers_to_buffer(struct stream_interface *si);
144static int stats_pats_list(struct stream_interface *si);
145static int stats_pat_list(struct stream_interface *si);
146static int stats_map_lookup(struct stream_interface *si);
147#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
148static int stats_tlskeys_list(struct stream_interface *si);
149#endif
150
151static int dump_servers_state(struct stream_interface *si, struct chunk *buf);
152
153static struct applet cli_applet;
154
155static const char stats_sock_usage_msg[] =
156 "Unknown command. Please enter one of the following commands only :\n"
157 " clear counters : clear max statistics counters (add 'all' for all counters)\n"
158 " clear table : remove an entry from a table\n"
159 " help : this message\n"
160 " prompt : toggle interactive mode with prompt\n"
161 " quit : disconnect\n"
162 " show backend : list backends in the current running config\n"
163 " show env [var] : dump environment variables known to the process\n"
164 " show info : report information about the running process\n"
165 " show pools : report information about the memory pools usage\n"
166 " show stat : report counters for each proxy and server\n"
167 " show stat resolvers [id]: dumps counters from all resolvers section and\n"
168 " associated name servers\n"
169 " show errors : report last request and response errors for each proxy\n"
170 " show sess [id] : report the list of current sessions or dump this session\n"
171 " show table [id]: report table usage stats or dump this table's contents\n"
172 " show servers state [id]: dump volatile server information (for backend <id>)\n"
173 " get weight : report a server's current weight\n"
174 " set weight : change a server's weight\n"
175 " set server : change a server's state, weight or address\n"
176 " set table [id] : update or create a table entry's data\n"
177 " set timeout : change a timeout setting\n"
178 " set maxconn : change a maxconn setting\n"
179 " set rate-limit : change a rate limiting value\n"
180 " disable : put a server or frontend in maintenance mode\n"
181 " enable : re-enable a server or frontend which is in maintenance mode\n"
182 " shutdown : kill a session or a frontend (eg:to release listening ports)\n"
183 " show acl [id] : report available acls or dump an acl's contents\n"
184 " get acl : reports the patterns matching a sample for an ACL\n"
185 " add acl : add acl entry\n"
186 " del acl : delete acl entry\n"
187 " clear acl <id> : clear the content of this acl\n"
188 " show map [id] : report available maps or dump a map's contents\n"
189 " get map : reports the keys and values matching a sample for a map\n"
190 " set map : modify map entry\n"
191 " add map : add map entry\n"
192 " del map : delete map entry\n"
193 " clear map <id> : clear the content of this map\n"
194 " set ssl <stmt> : set statement for ssl\n"
195#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
196 " show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified\n"
197#endif
198 "";
199
200static const char stats_permission_denied_msg[] =
201 "Permission denied\n"
202 "";
203
204
205static char *dynamic_usage_msg = NULL;
206
207/* List head of cli keywords */
208static struct cli_kw_list cli_keywords = {
209 .list = LIST_HEAD_INIT(cli_keywords.list)
210};
211
212extern const char *stat_status_codes[];
213
214char *cli_gen_usage_msg()
215{
216 struct cli_kw_list *kw_list;
217 struct cli_kw *kw;
218 struct chunk *tmp = get_trash_chunk();
219 struct chunk out;
220
221 free(dynamic_usage_msg);
222 dynamic_usage_msg = NULL;
223
224 if (LIST_ISEMPTY(&cli_keywords.list))
225 return NULL;
226
227 chunk_reset(tmp);
228 chunk_strcat(tmp, stats_sock_usage_msg);
229 list_for_each_entry(kw_list, &cli_keywords.list, list) {
230 kw = &kw_list->kw[0];
231 while (kw->usage) {
232 chunk_appendf(tmp, " %s\n", kw->usage);
233 kw++;
234 }
235 }
236 chunk_init(&out, NULL, 0);
237 chunk_dup(&out, tmp);
238 dynamic_usage_msg = out.str;
239 return dynamic_usage_msg;
240}
241
242struct cli_kw* cli_find_kw(char **args)
243{
244 struct cli_kw_list *kw_list;
245 struct cli_kw *kw;/* current cli_kw */
246 char **tmp_args;
247 const char **tmp_str_kw;
248 int found = 0;
249
250 if (LIST_ISEMPTY(&cli_keywords.list))
251 return NULL;
252
253 list_for_each_entry(kw_list, &cli_keywords.list, list) {
254 kw = &kw_list->kw[0];
255 while (*kw->str_kw) {
256 tmp_args = args;
257 tmp_str_kw = kw->str_kw;
258 while (*tmp_str_kw) {
259 if (strcmp(*tmp_str_kw, *tmp_args) == 0) {
260 found = 1;
261 } else {
262 found = 0;
263 break;
264 }
265 tmp_args++;
266 tmp_str_kw++;
267 }
268 if (found)
269 return (kw);
270 kw++;
271 }
272 }
273 return NULL;
274}
275
276void cli_register_kw(struct cli_kw_list *kw_list)
277{
278 LIST_ADDQ(&cli_keywords.list, &kw_list->list);
279}
280
281
282/* allocate a new stats frontend named <name>, and return it
283 * (or NULL in case of lack of memory).
284 */
285static struct proxy *alloc_stats_fe(const char *name, const char *file, int line)
286{
287 struct proxy *fe;
288
289 fe = calloc(1, sizeof(*fe));
290 if (!fe)
291 return NULL;
292
293 init_new_proxy(fe);
294 fe->next = proxy;
295 proxy = fe;
296 fe->last_change = now.tv_sec;
297 fe->id = strdup("GLOBAL");
298 fe->cap = PR_CAP_FE;
299 fe->maxconn = 10; /* default to 10 concurrent connections */
300 fe->timeout.client = MS_TO_TICKS(10000); /* default timeout of 10 seconds */
301 fe->conf.file = strdup(file);
302 fe->conf.line = line;
303 fe->accept = frontend_accept;
304 fe->default_target = &cli_applet.obj_type;
305
306 /* the stats frontend is the only one able to assign ID #0 */
307 fe->conf.id.key = fe->uuid = 0;
308 eb32_insert(&used_proxy_id, &fe->conf.id);
309 return fe;
310}
311
312/* This function parses a "stats" statement in the "global" section. It returns
313 * -1 if there is any error, otherwise zero. If it returns -1, it will write an
314 * error message into the <err> buffer which will be preallocated. The trailing
315 * '\n' must not be written. The function must be called with <args> pointing to
316 * the first word after "stats".
317 */
318static int stats_parse_global(char **args, int section_type, struct proxy *curpx,
319 struct proxy *defpx, const char *file, int line,
320 char **err)
321{
322 struct bind_conf *bind_conf;
323 struct listener *l;
324
325 if (!strcmp(args[1], "socket")) {
326 int cur_arg;
327
328 if (*args[2] == 0) {
329 memprintf(err, "'%s %s' in global section expects an address or a path to a UNIX socket", args[0], args[1]);
330 return -1;
331 }
332
333 if (!global.stats_fe) {
334 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
335 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
336 return -1;
337 }
338 }
339
340 bind_conf = bind_conf_alloc(&global.stats_fe->conf.bind, file, line, args[2]);
341 bind_conf->level = ACCESS_LVL_OPER; /* default access level */
342
343 if (!str2listener(args[2], global.stats_fe, bind_conf, file, line, err)) {
344 memprintf(err, "parsing [%s:%d] : '%s %s' : %s\n",
345 file, line, args[0], args[1], err && *err ? *err : "error");
346 return -1;
347 }
348
349 cur_arg = 3;
350 while (*args[cur_arg]) {
351 static int bind_dumped;
352 struct bind_kw *kw;
353
354 kw = bind_find_kw(args[cur_arg]);
355 if (kw) {
356 if (!kw->parse) {
357 memprintf(err, "'%s %s' : '%s' option is not implemented in this version (check build options).",
358 args[0], args[1], args[cur_arg]);
359 return -1;
360 }
361
362 if (kw->parse(args, cur_arg, global.stats_fe, bind_conf, err) != 0) {
363 if (err && *err)
364 memprintf(err, "'%s %s' : '%s'", args[0], args[1], *err);
365 else
366 memprintf(err, "'%s %s' : error encountered while processing '%s'",
367 args[0], args[1], args[cur_arg]);
368 return -1;
369 }
370
371 cur_arg += 1 + kw->skip;
372 continue;
373 }
374
375 if (!bind_dumped) {
376 bind_dump_kws(err);
377 indent_msg(err, 4);
378 bind_dumped = 1;
379 }
380
381 memprintf(err, "'%s %s' : unknown keyword '%s'.%s%s",
382 args[0], args[1], args[cur_arg],
383 err && *err ? " Registered keywords :" : "", err && *err ? *err : "");
384 return -1;
385 }
386
387 list_for_each_entry(l, &bind_conf->listeners, by_bind) {
388 l->maxconn = global.stats_fe->maxconn;
389 l->backlog = global.stats_fe->backlog;
390 l->accept = session_accept_fd;
391 l->handler = process_stream;
392 l->default_target = global.stats_fe->default_target;
393 l->options |= LI_O_UNLIMITED; /* don't make the peers subject to global limits */
394 l->nice = -64; /* we want to boost priority for local stats */
395 global.maxsock += l->maxconn;
396 }
397 }
398 else if (!strcmp(args[1], "timeout")) {
399 unsigned timeout;
400 const char *res = parse_time_err(args[2], &timeout, TIME_UNIT_MS);
401
402 if (res) {
403 memprintf(err, "'%s %s' : unexpected character '%c'", args[0], args[1], *res);
404 return -1;
405 }
406
407 if (!timeout) {
408 memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
409 return -1;
410 }
411 if (!global.stats_fe) {
412 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
413 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
414 return -1;
415 }
416 }
417 global.stats_fe->timeout.client = MS_TO_TICKS(timeout);
418 }
419 else if (!strcmp(args[1], "maxconn")) {
420 int maxconn = atol(args[2]);
421
422 if (maxconn <= 0) {
423 memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
424 return -1;
425 }
426
427 if (!global.stats_fe) {
428 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
429 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
430 return -1;
431 }
432 }
433 global.stats_fe->maxconn = maxconn;
434 }
435 else if (!strcmp(args[1], "bind-process")) { /* enable the socket only on some processes */
436 int cur_arg = 2;
437 unsigned long set = 0;
438
439 if (!global.stats_fe) {
440 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
441 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
442 return -1;
443 }
444 }
445
446 while (*args[cur_arg]) {
447 unsigned int low, high;
448
449 if (strcmp(args[cur_arg], "all") == 0) {
450 set = 0;
451 break;
452 }
453 else if (strcmp(args[cur_arg], "odd") == 0) {
454 set |= ~0UL/3UL; /* 0x555....555 */
455 }
456 else if (strcmp(args[cur_arg], "even") == 0) {
457 set |= (~0UL/3UL) << 1; /* 0xAAA...AAA */
458 }
459 else if (isdigit((int)*args[cur_arg])) {
460 char *dash = strchr(args[cur_arg], '-');
461
462 low = high = str2uic(args[cur_arg]);
463 if (dash)
464 high = str2uic(dash + 1);
465
466 if (high < low) {
467 unsigned int swap = low;
468 low = high;
469 high = swap;
470 }
471
472 if (low < 1 || high > LONGBITS) {
473 memprintf(err, "'%s %s' supports process numbers from 1 to %d.\n",
474 args[0], args[1], LONGBITS);
475 return -1;
476 }
477 while (low <= high)
478 set |= 1UL << (low++ - 1);
479 }
480 else {
481 memprintf(err,
482 "'%s %s' expects 'all', 'odd', 'even', or a list of process ranges with numbers from 1 to %d.\n",
483 args[0], args[1], LONGBITS);
484 return -1;
485 }
486 cur_arg++;
487 }
488 global.stats_fe->bind_proc = set;
489 }
490 else {
491 memprintf(err, "'%s' only supports 'socket', 'maxconn', 'bind-process' and 'timeout' (got '%s')", args[0], args[1]);
492 return -1;
493 }
494 return 0;
495}
496
497
498/* print a string of text buffer to <out>. The format is :
499 * Non-printable chars \t, \n, \r and \e are * encoded in C format.
500 * Other non-printable chars are encoded "\xHH". Space, '\', and '=' are also escaped.
501 * Print stopped if null char or <bsize> is reached, or if no more place in the chunk.
502 */
503static int dump_text(struct chunk *out, const char *buf, int bsize)
504{
505 unsigned char c;
506 int ptr = 0;
507
508 while (buf[ptr] && ptr < bsize) {
509 c = buf[ptr];
510 if (isprint(c) && isascii(c) && c != '\\' && c != ' ' && c != '=') {
511 if (out->len > out->size - 1)
512 break;
513 out->str[out->len++] = c;
514 }
515 else if (c == '\t' || c == '\n' || c == '\r' || c == '\e' || c == '\\' || c == ' ' || c == '=') {
516 if (out->len > out->size - 2)
517 break;
518 out->str[out->len++] = '\\';
519 switch (c) {
520 case ' ': c = ' '; break;
521 case '\t': c = 't'; break;
522 case '\n': c = 'n'; break;
523 case '\r': c = 'r'; break;
524 case '\e': c = 'e'; break;
525 case '\\': c = '\\'; break;
526 case '=': c = '='; break;
527 }
528 out->str[out->len++] = c;
529 }
530 else {
531 if (out->len > out->size - 4)
532 break;
533 out->str[out->len++] = '\\';
534 out->str[out->len++] = 'x';
535 out->str[out->len++] = hextab[(c >> 4) & 0xF];
536 out->str[out->len++] = hextab[c & 0xF];
537 }
538 ptr++;
539 }
540
541 return ptr;
542}
543
544/* print a buffer in hexa.
545 * Print stopped if <bsize> is reached, or if no more place in the chunk.
546 */
547static int dump_binary(struct chunk *out, const char *buf, int bsize)
548{
549 unsigned char c;
550 int ptr = 0;
551
552 while (ptr < bsize) {
553 c = buf[ptr];
554
555 if (out->len > out->size - 2)
556 break;
557 out->str[out->len++] = hextab[(c >> 4) & 0xF];
558 out->str[out->len++] = hextab[c & 0xF];
559
560 ptr++;
561 }
562 return ptr;
563}
564
565/* Dump the status of a table to a stream interface's
566 * read buffer. It returns 0 if the output buffer is full
567 * and needs to be called again, otherwise non-zero.
568 */
569static int stats_dump_table_head_to_buffer(struct chunk *msg, struct stream_interface *si,
570 struct proxy *proxy, struct proxy *target)
571{
572 struct stream *s = si_strm(si);
573
574 chunk_appendf(msg, "# table: %s, type: %s, size:%d, used:%d\n",
575 proxy->id, stktable_types[proxy->table.type].kw, proxy->table.size, proxy->table.current);
576
577 /* any other information should be dumped here */
578
579 if (target && strm_li(s)->bind_conf->level < ACCESS_LVL_OPER)
580 chunk_appendf(msg, "# contents not dumped due to insufficient privileges\n");
581
582 if (bi_putchk(si_ic(si), msg) == -1) {
583 si_applet_cant_put(si);
584 return 0;
585 }
586
587 return 1;
588}
589
590/* Dump the a table entry to a stream interface's
591 * read buffer. It returns 0 if the output buffer is full
592 * and needs to be called again, otherwise non-zero.
593 */
594static int stats_dump_table_entry_to_buffer(struct chunk *msg, struct stream_interface *si,
595 struct proxy *proxy, struct stksess *entry)
596{
597 int dt;
598
599 chunk_appendf(msg, "%p:", entry);
600
601 if (proxy->table.type == SMP_T_IPV4) {
602 char addr[INET_ADDRSTRLEN];
603 inet_ntop(AF_INET, (const void *)&entry->key.key, addr, sizeof(addr));
604 chunk_appendf(msg, " key=%s", addr);
605 }
606 else if (proxy->table.type == SMP_T_IPV6) {
607 char addr[INET6_ADDRSTRLEN];
608 inet_ntop(AF_INET6, (const void *)&entry->key.key, addr, sizeof(addr));
609 chunk_appendf(msg, " key=%s", addr);
610 }
611 else if (proxy->table.type == SMP_T_SINT) {
612 chunk_appendf(msg, " key=%u", *(unsigned int *)entry->key.key);
613 }
614 else if (proxy->table.type == SMP_T_STR) {
615 chunk_appendf(msg, " key=");
616 dump_text(msg, (const char *)entry->key.key, proxy->table.key_size);
617 }
618 else {
619 chunk_appendf(msg, " key=");
620 dump_binary(msg, (const char *)entry->key.key, proxy->table.key_size);
621 }
622
623 chunk_appendf(msg, " use=%d exp=%d", entry->ref_cnt - 1, tick_remain(now_ms, entry->expire));
624
625 for (dt = 0; dt < STKTABLE_DATA_TYPES; dt++) {
626 void *ptr;
627
628 if (proxy->table.data_ofs[dt] == 0)
629 continue;
630 if (stktable_data_types[dt].arg_type == ARG_T_DELAY)
631 chunk_appendf(msg, " %s(%d)=", stktable_data_types[dt].name, proxy->table.data_arg[dt].u);
632 else
633 chunk_appendf(msg, " %s=", stktable_data_types[dt].name);
634
635 ptr = stktable_data_ptr(&proxy->table, entry, dt);
636 switch (stktable_data_types[dt].std_type) {
637 case STD_T_SINT:
638 chunk_appendf(msg, "%d", stktable_data_cast(ptr, std_t_sint));
639 break;
640 case STD_T_UINT:
641 chunk_appendf(msg, "%u", stktable_data_cast(ptr, std_t_uint));
642 break;
643 case STD_T_ULL:
644 chunk_appendf(msg, "%lld", stktable_data_cast(ptr, std_t_ull));
645 break;
646 case STD_T_FRQP:
647 chunk_appendf(msg, "%d",
648 read_freq_ctr_period(&stktable_data_cast(ptr, std_t_frqp),
649 proxy->table.data_arg[dt].u));
650 break;
651 }
652 }
653 chunk_appendf(msg, "\n");
654
655 if (bi_putchk(si_ic(si), msg) == -1) {
656 si_applet_cant_put(si);
657 return 0;
658 }
659
660 return 1;
661}
662
663static void stats_sock_table_key_request(struct stream_interface *si, char **args, int action)
664{
665 struct stream *s = si_strm(si);
666 struct appctx *appctx = __objt_appctx(si->end);
667 struct proxy *px = appctx->ctx.table.target;
668 struct stksess *ts;
669 uint32_t uint32_key;
670 unsigned char ip6_key[sizeof(struct in6_addr)];
671 long long value;
672 int data_type;
673 int cur_arg;
674 void *ptr;
675 struct freq_ctr_period *frqp;
676
677 appctx->st0 = STAT_CLI_OUTPUT;
678
679 if (!*args[4]) {
680 appctx->ctx.cli.msg = "Key value expected\n";
681 appctx->st0 = STAT_CLI_PRINT;
682 return;
683 }
684
685 switch (px->table.type) {
686 case SMP_T_IPV4:
687 uint32_key = htonl(inetaddr_host(args[4]));
688 static_table_key->key = &uint32_key;
689 break;
690 case SMP_T_IPV6:
691 inet_pton(AF_INET6, args[4], ip6_key);
692 static_table_key->key = &ip6_key;
693 break;
694 case SMP_T_SINT:
695 {
696 char *endptr;
697 unsigned long val;
698 errno = 0;
699 val = strtoul(args[4], &endptr, 10);
700 if ((errno == ERANGE && val == ULONG_MAX) ||
701 (errno != 0 && val == 0) || endptr == args[4] ||
702 val > 0xffffffff) {
703 appctx->ctx.cli.msg = "Invalid key\n";
704 appctx->st0 = STAT_CLI_PRINT;
705 return;
706 }
707 uint32_key = (uint32_t) val;
708 static_table_key->key = &uint32_key;
709 break;
710 }
711 break;
712 case SMP_T_STR:
713 static_table_key->key = args[4];
714 static_table_key->key_len = strlen(args[4]);
715 break;
716 default:
717 switch (action) {
718 case STAT_CLI_O_TAB:
719 appctx->ctx.cli.msg = "Showing keys from tables of type other than ip, ipv6, string and integer is not supported\n";
720 break;
721 case STAT_CLI_O_CLR:
722 appctx->ctx.cli.msg = "Removing keys from ip tables of type other than ip, ipv6, string and integer is not supported\n";
723 break;
724 default:
725 appctx->ctx.cli.msg = "Unknown action\n";
726 break;
727 }
728 appctx->st0 = STAT_CLI_PRINT;
729 return;
730 }
731
732 /* check permissions */
733 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
734 appctx->ctx.cli.msg = stats_permission_denied_msg;
735 appctx->st0 = STAT_CLI_PRINT;
736 return;
737 }
738
739 ts = stktable_lookup_key(&px->table, static_table_key);
740
741 switch (action) {
742 case STAT_CLI_O_TAB:
743 if (!ts)
744 return;
745 chunk_reset(&trash);
746 if (!stats_dump_table_head_to_buffer(&trash, si, px, px))
747 return;
748 stats_dump_table_entry_to_buffer(&trash, si, px, ts);
749 return;
750
751 case STAT_CLI_O_CLR:
752 if (!ts)
753 return;
754 if (ts->ref_cnt) {
755 /* don't delete an entry which is currently referenced */
756 appctx->ctx.cli.msg = "Entry currently in use, cannot remove\n";
757 appctx->st0 = STAT_CLI_PRINT;
758 return;
759 }
760 stksess_kill(&px->table, ts);
761 break;
762
763 case STAT_CLI_O_SET:
764 if (ts)
765 stktable_touch(&px->table, ts, 1);
766 else {
767 ts = stksess_new(&px->table, static_table_key);
768 if (!ts) {
769 /* don't delete an entry which is currently referenced */
770 appctx->ctx.cli.msg = "Unable to allocate a new entry\n";
771 appctx->st0 = STAT_CLI_PRINT;
772 return;
773 }
774 stktable_store(&px->table, ts, 1);
775 }
776
777 for (cur_arg = 5; *args[cur_arg]; cur_arg += 2) {
778 if (strncmp(args[cur_arg], "data.", 5) != 0) {
779 appctx->ctx.cli.msg = "\"data.<type>\" followed by a value expected\n";
780 appctx->st0 = STAT_CLI_PRINT;
781 return;
782 }
783
784 data_type = stktable_get_data_type(args[cur_arg] + 5);
785 if (data_type < 0) {
786 appctx->ctx.cli.msg = "Unknown data type\n";
787 appctx->st0 = STAT_CLI_PRINT;
788 return;
789 }
790
791 if (!px->table.data_ofs[data_type]) {
792 appctx->ctx.cli.msg = "Data type not stored in this table\n";
793 appctx->st0 = STAT_CLI_PRINT;
794 return;
795 }
796
797 if (!*args[cur_arg+1] || strl2llrc(args[cur_arg+1], strlen(args[cur_arg+1]), &value) != 0) {
798 appctx->ctx.cli.msg = "Require a valid integer value to store\n";
799 appctx->st0 = STAT_CLI_PRINT;
800 return;
801 }
802
803 ptr = stktable_data_ptr(&px->table, ts, data_type);
804
805 switch (stktable_data_types[data_type].std_type) {
806 case STD_T_SINT:
807 stktable_data_cast(ptr, std_t_sint) = value;
808 break;
809 case STD_T_UINT:
810 stktable_data_cast(ptr, std_t_uint) = value;
811 break;
812 case STD_T_ULL:
813 stktable_data_cast(ptr, std_t_ull) = value;
814 break;
815 case STD_T_FRQP:
816 /* We set both the current and previous values. That way
817 * the reported frequency is stable during all the period
818 * then slowly fades out. This allows external tools to
819 * push measures without having to update them too often.
820 */
821 frqp = &stktable_data_cast(ptr, std_t_frqp);
822 frqp->curr_tick = now_ms;
823 frqp->prev_ctr = 0;
824 frqp->curr_ctr = value;
825 break;
826 }
827 }
828 break;
829
830 default:
831 appctx->ctx.cli.msg = "Unknown action\n";
832 appctx->st0 = STAT_CLI_PRINT;
833 break;
834 }
835}
836
837static void stats_sock_table_data_request(struct stream_interface *si, char **args, int action)
838{
839 struct appctx *appctx = __objt_appctx(si->end);
840
841 if (action != STAT_CLI_O_TAB && action != STAT_CLI_O_CLR) {
842 appctx->ctx.cli.msg = "content-based lookup is only supported with the \"show\" and \"clear\" actions";
843 appctx->st0 = STAT_CLI_PRINT;
844 return;
845 }
846
847 /* condition on stored data value */
848 appctx->ctx.table.data_type = stktable_get_data_type(args[3] + 5);
849 if (appctx->ctx.table.data_type < 0) {
850 appctx->ctx.cli.msg = "Unknown data type\n";
851 appctx->st0 = STAT_CLI_PRINT;
852 return;
853 }
854
855 if (!((struct proxy *)appctx->ctx.table.target)->table.data_ofs[appctx->ctx.table.data_type]) {
856 appctx->ctx.cli.msg = "Data type not stored in this table\n";
857 appctx->st0 = STAT_CLI_PRINT;
858 return;
859 }
860
861 appctx->ctx.table.data_op = get_std_op(args[4]);
862 if (appctx->ctx.table.data_op < 0) {
863 appctx->ctx.cli.msg = "Require and operator among \"eq\", \"ne\", \"le\", \"ge\", \"lt\", \"gt\"\n";
864 appctx->st0 = STAT_CLI_PRINT;
865 return;
866 }
867
868 if (!*args[5] || strl2llrc(args[5], strlen(args[5]), &appctx->ctx.table.value) != 0) {
869 appctx->ctx.cli.msg = "Require a valid integer value to compare against\n";
870 appctx->st0 = STAT_CLI_PRINT;
871 return;
872 }
873}
874
875static void stats_sock_table_request(struct stream_interface *si, char **args, int action)
876{
877 struct appctx *appctx = __objt_appctx(si->end);
878
879 appctx->ctx.table.data_type = -1;
880 appctx->st2 = STAT_ST_INIT;
881 appctx->ctx.table.target = NULL;
882 appctx->ctx.table.proxy = NULL;
883 appctx->ctx.table.entry = NULL;
884 appctx->st0 = action;
885
886 if (*args[2]) {
887 appctx->ctx.table.target = proxy_tbl_by_name(args[2]);
888 if (!appctx->ctx.table.target) {
889 appctx->ctx.cli.msg = "No such table\n";
890 appctx->st0 = STAT_CLI_PRINT;
891 return;
892 }
893 }
894 else {
895 if (action != STAT_CLI_O_TAB)
896 goto err_args;
897 return;
898 }
899
900 if (strcmp(args[3], "key") == 0)
901 stats_sock_table_key_request(si, args, action);
902 else if (strncmp(args[3], "data.", 5) == 0)
903 stats_sock_table_data_request(si, args, action);
904 else if (*args[3])
905 goto err_args;
906
907 return;
908
909err_args:
910 switch (action) {
911 case STAT_CLI_O_TAB:
912 appctx->ctx.cli.msg = "Optional argument only supports \"data.<store_data_type>\" <operator> <value> and key <key>\n";
913 break;
914 case STAT_CLI_O_CLR:
915 appctx->ctx.cli.msg = "Required arguments: <table> \"data.<store_data_type>\" <operator> <value> or <table> key <key>\n";
916 break;
917 default:
918 appctx->ctx.cli.msg = "Unknown action\n";
919 break;
920 }
921 appctx->st0 = STAT_CLI_PRINT;
922}
923
924/* Expects to find a frontend named <arg> and returns it, otherwise displays various
925 * adequate error messages and returns NULL. This function also expects the stream
926 * level to be admin.
927 */
928static struct proxy *expect_frontend_admin(struct stream *s, struct stream_interface *si, const char *arg)
929{
930 struct appctx *appctx = __objt_appctx(si->end);
931 struct proxy *px;
932
933 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
934 appctx->ctx.cli.msg = stats_permission_denied_msg;
935 appctx->st0 = STAT_CLI_PRINT;
936 return NULL;
937 }
938
939 if (!*arg) {
940 appctx->ctx.cli.msg = "A frontend name is expected.\n";
941 appctx->st0 = STAT_CLI_PRINT;
942 return NULL;
943 }
944
945 px = proxy_fe_by_name(arg);
946 if (!px) {
947 appctx->ctx.cli.msg = "No such frontend.\n";
948 appctx->st0 = STAT_CLI_PRINT;
949 return NULL;
950 }
951 return px;
952}
953
954/* Expects to find a backend and a server in <arg> under the form <backend>/<server>,
955 * and returns the pointer to the server. Otherwise, display adequate error messages
956 * and returns NULL. This function also expects the stream level to be admin. Note:
957 * the <arg> is modified to remove the '/'.
958 */
959static struct server *expect_server_admin(struct stream *s, struct stream_interface *si, char *arg)
960{
961 struct appctx *appctx = __objt_appctx(si->end);
962 struct proxy *px;
963 struct server *sv;
964 char *line;
965
966 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
967 appctx->ctx.cli.msg = stats_permission_denied_msg;
968 appctx->st0 = STAT_CLI_PRINT;
969 return NULL;
970 }
971
972 /* split "backend/server" and make <line> point to server */
973 for (line = arg; *line; line++)
974 if (*line == '/') {
975 *line++ = '\0';
976 break;
977 }
978
979 if (!*line || !*arg) {
980 appctx->ctx.cli.msg = "Require 'backend/server'.\n";
981 appctx->st0 = STAT_CLI_PRINT;
982 return NULL;
983 }
984
985 if (!get_backend_server(arg, line, &px, &sv)) {
986 appctx->ctx.cli.msg = px ? "No such server.\n" : "No such backend.\n";
987 appctx->st0 = STAT_CLI_PRINT;
988 return NULL;
989 }
990
991 if (px->state == PR_STSTOPPED) {
992 appctx->ctx.cli.msg = "Proxy is disabled.\n";
993 appctx->st0 = STAT_CLI_PRINT;
994 return NULL;
995 }
996
997 return sv;
998}
999
1000/* This function is used with TLS ticket keys management. It permits to browse
1001 * each reference. The variable <getnext> must contain the current node,
1002 * <end> point to the root node.
1003 */
1004#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1005static inline
1006struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
1007{
1008 struct tls_keys_ref *ref = getnext;
1009
1010 while (1) {
1011
1012 /* Get next list entry. */
1013 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
1014
1015 /* If the entry is the last of the list, return NULL. */
1016 if (&ref->list == end)
1017 return NULL;
1018
1019 return ref;
1020 }
1021}
1022
1023static inline
1024struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
1025{
1026 int id;
1027 char *error;
1028
1029 /* If the reference starts by a '#', this is numeric id. */
1030 if (reference[0] == '#') {
1031 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
1032 id = strtol(reference + 1, &error, 10);
1033 if (*error != '\0')
1034 return NULL;
1035
1036 /* Perform the unique id lookup. */
1037 return tlskeys_ref_lookupid(id);
1038 }
1039
1040 /* Perform the string lookup. */
1041 return tlskeys_ref_lookup(reference);
1042}
1043#endif
1044
1045/* This function is used with map and acl management. It permits to browse
1046 * each reference. The variable <getnext> must contain the current node,
1047 * <end> point to the root node and the <flags> permit to filter required
1048 * nodes.
1049 */
1050static inline
1051struct pat_ref *pat_list_get_next(struct pat_ref *getnext, struct list *end,
1052 unsigned int flags)
1053{
1054 struct pat_ref *ref = getnext;
1055
1056 while (1) {
1057
1058 /* Get next list entry. */
1059 ref = LIST_NEXT(&ref->list, struct pat_ref *, list);
1060
1061 /* If the entry is the last of the list, return NULL. */
1062 if (&ref->list == end)
1063 return NULL;
1064
1065 /* If the entry match the flag, return it. */
1066 if (ref->flags & flags)
1067 return ref;
1068 }
1069}
1070
1071static inline
1072struct pat_ref *pat_ref_lookup_ref(const char *reference)
1073{
1074 int id;
1075 char *error;
1076
1077 /* If the reference starts by a '#', this is numeric id. */
1078 if (reference[0] == '#') {
1079 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
1080 id = strtol(reference + 1, &error, 10);
1081 if (*error != '\0')
1082 return NULL;
1083
1084 /* Perform the unique id lookup. */
1085 return pat_ref_lookupid(id);
1086 }
1087
1088 /* Perform the string lookup. */
1089 return pat_ref_lookup(reference);
1090}
1091
1092/* This function is used with map and acl management. It permits to browse
1093 * each reference.
1094 */
1095static inline
1096struct pattern_expr *pat_expr_get_next(struct pattern_expr *getnext, struct list *end)
1097{
1098 struct pattern_expr *expr;
1099 expr = LIST_NEXT(&getnext->list, struct pattern_expr *, list);
1100 if (&expr->list == end)
1101 return NULL;
1102 return expr;
1103}
1104
1105/* Processes the stats interpreter on the statistics socket. This function is
1106 * called from an applet running in a stream interface. The function returns 1
1107 * if the request was understood, otherwise zero. It sets appctx->st0 to a value
1108 * designating the function which will have to process the request, which can
1109 * also be the print function to display the return message set into cli.msg.
1110 */
1111static int stats_sock_parse_request(struct stream_interface *si, char *line)
1112{
1113 struct stream *s = si_strm(si);
1114 struct appctx *appctx = __objt_appctx(si->end);
1115 char *args[MAX_STATS_ARGS + 1];
1116 struct cli_kw *kw;
1117 int arg;
1118 int i, j;
1119
1120 while (isspace((unsigned char)*line))
1121 line++;
1122
1123 arg = 0;
1124 args[arg] = line;
1125
1126 while (*line && arg < MAX_STATS_ARGS) {
1127 if (*line == '\\') {
1128 line++;
1129 if (*line == '\0')
1130 break;
1131 }
1132 else if (isspace((unsigned char)*line)) {
1133 *line++ = '\0';
1134
1135 while (isspace((unsigned char)*line))
1136 line++;
1137
1138 args[++arg] = line;
1139 continue;
1140 }
1141
1142 line++;
1143 }
1144
1145 while (++arg <= MAX_STATS_ARGS)
1146 args[arg] = line;
1147
1148 /* remove \ */
1149 arg = 0;
1150 while (*args[arg] != '\0') {
1151 j = 0;
1152 for (i=0; args[arg][i] != '\0'; i++) {
1153 if (args[arg][i] == '\\')
1154 continue;
1155 args[arg][j] = args[arg][i];
1156 j++;
1157 }
1158 args[arg][j] = '\0';
1159 arg++;
1160 }
1161
1162 appctx->ctx.stats.scope_str = 0;
1163 appctx->ctx.stats.scope_len = 0;
1164 appctx->ctx.stats.flags = 0;
1165 if ((kw = cli_find_kw(args))) {
1166 if (kw->parse) {
1167 if (kw->parse(args, appctx, kw->private) == 0 && kw->io_handler) {
1168 appctx->st0 = STAT_CLI_O_CUSTOM;
1169 appctx->io_handler = kw->io_handler;
1170 appctx->io_release = kw->io_release;
1171 }
1172 }
1173 } else if (strcmp(args[0], "show") == 0) {
1174 if (strcmp(args[1], "backend") == 0) {
1175 appctx->ctx.be.px = NULL;
1176 appctx->st2 = STAT_ST_INIT;
1177 appctx->st0 = STAT_CLI_O_BACKEND;
1178 }
1179 else if (strcmp(args[1], "env") == 0) {
1180 extern char **environ;
1181
1182 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1183 appctx->ctx.cli.msg = stats_permission_denied_msg;
1184 appctx->st0 = STAT_CLI_PRINT;
1185 return 1;
1186 }
1187 appctx->ctx.env.var = environ;
1188 appctx->st2 = STAT_ST_INIT;
1189 appctx->st0 = STAT_CLI_O_ENV; // stats_dump_env_to_buffer
1190
1191 if (*args[2]) {
1192 int len = strlen(args[2]);
1193
1194 for (; *appctx->ctx.env.var; appctx->ctx.env.var++) {
1195 if (strncmp(*appctx->ctx.env.var, args[2], len) == 0 &&
1196 (*appctx->ctx.env.var)[len] == '=')
1197 break;
1198 }
1199 if (!*appctx->ctx.env.var) {
1200 appctx->ctx.cli.msg = "Variable not found\n";
1201 appctx->st0 = STAT_CLI_PRINT;
1202 return 1;
1203 }
1204 appctx->st2 = STAT_ST_END;
1205 }
1206 }
1207 else if (strcmp(args[1], "stat") == 0) {
1208 if (strcmp(args[2], "resolvers") == 0) {
1209 struct dns_resolvers *presolvers;
1210
1211 if (*args[3]) {
1212 appctx->ctx.resolvers.ptr = NULL;
1213 list_for_each_entry(presolvers, &dns_resolvers, list) {
1214 if (strcmp(presolvers->id, args[3]) == 0) {
1215 appctx->ctx.resolvers.ptr = presolvers;
1216 break;
1217 }
1218 }
1219 if (appctx->ctx.resolvers.ptr == NULL) {
1220 appctx->ctx.cli.msg = "Can't find that resolvers section\n";
1221 appctx->st0 = STAT_CLI_PRINT;
1222 return 1;
1223 }
1224 }
1225
1226 appctx->st2 = STAT_ST_INIT;
1227 appctx->st0 = STAT_CLI_O_RESOLVERS;
1228 return 1;
1229 }
1230 else if (*args[2] && *args[3] && *args[4]) {
1231 appctx->ctx.stats.flags |= STAT_BOUND;
1232 appctx->ctx.stats.iid = atoi(args[2]);
1233 appctx->ctx.stats.type = atoi(args[3]);
1234 appctx->ctx.stats.sid = atoi(args[4]);
1235 if (strcmp(args[5], "typed") == 0)
1236 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1237 }
1238 else if (strcmp(args[2], "typed") == 0)
1239 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1240
1241 appctx->st2 = STAT_ST_INIT;
1242 appctx->st0 = STAT_CLI_O_STAT; // stats_dump_stat_to_buffer
1243 }
1244 else if (strcmp(args[1], "info") == 0) {
1245 if (strcmp(args[2], "typed") == 0)
1246 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1247 appctx->st2 = STAT_ST_INIT;
1248 appctx->st0 = STAT_CLI_O_INFO; // stats_dump_info_to_buffer
1249 }
1250 else if (strcmp(args[1], "servers") == 0 && strcmp(args[2], "state") == 0) {
1251 appctx->ctx.server_state.iid = 0;
1252 appctx->ctx.server_state.px = NULL;
1253 appctx->ctx.server_state.sv = NULL;
1254
1255 /* check if a backend name has been provided */
1256 if (*args[3]) {
1257 /* read server state from local file */
1258 appctx->ctx.server_state.px = proxy_be_by_name(args[3]);
1259
1260 if (!appctx->ctx.server_state.px) {
1261 appctx->ctx.cli.msg = "Can't find backend.\n";
1262 appctx->st0 = STAT_CLI_PRINT;
1263 return 1;
1264 }
1265 appctx->ctx.server_state.iid = appctx->ctx.server_state.px->uuid;
1266 }
1267 appctx->st2 = STAT_ST_INIT;
1268 appctx->st0 = STAT_CLI_O_SERVERS_STATE; // stats_dump_servers_state_to_buffer
1269 return 1;
1270 }
1271 else if (strcmp(args[1], "pools") == 0) {
1272 appctx->st2 = STAT_ST_INIT;
1273 appctx->st0 = STAT_CLI_O_POOLS; // stats_dump_pools_to_buffer
1274 }
1275 else if (strcmp(args[1], "sess") == 0) {
1276 appctx->st2 = STAT_ST_INIT;
1277 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1278 appctx->ctx.cli.msg = stats_permission_denied_msg;
1279 appctx->st0 = STAT_CLI_PRINT;
1280 return 1;
1281 }
1282 if (*args[2] && strcmp(args[2], "all") == 0)
1283 appctx->ctx.sess.target = (void *)-1;
1284 else if (*args[2])
1285 appctx->ctx.sess.target = (void *)strtoul(args[2], NULL, 0);
1286 else
1287 appctx->ctx.sess.target = NULL;
1288 appctx->ctx.sess.section = 0; /* start with stream status */
1289 appctx->ctx.sess.pos = 0;
1290 appctx->st0 = STAT_CLI_O_SESS; // stats_dump_sess_to_buffer
1291 }
1292 else if (strcmp(args[1], "errors") == 0) {
1293 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1294 appctx->ctx.cli.msg = stats_permission_denied_msg;
1295 appctx->st0 = STAT_CLI_PRINT;
1296 return 1;
1297 }
1298 if (*args[2])
1299 appctx->ctx.errors.iid = atoi(args[2]);
1300 else
1301 appctx->ctx.errors.iid = -1;
1302 appctx->ctx.errors.px = NULL;
1303 appctx->st2 = STAT_ST_INIT;
1304 appctx->st0 = STAT_CLI_O_ERR; // stats_dump_errors_to_buffer
1305 }
1306 else if (strcmp(args[1], "table") == 0) {
1307 stats_sock_table_request(si, args, STAT_CLI_O_TAB);
1308 }
1309 else if (strcmp(args[1], "tls-keys") == 0) {
1310#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1311 appctx->ctx.tlskeys.dump_all = 0;
1312 /* no parameter, shows only file list */
1313 if (!*args[2]) {
1314 appctx->ctx.tlskeys.dump_all = 1;
1315 appctx->st2 = STAT_ST_INIT;
1316 appctx->st0 = STAT_CLI_O_TLSK;
1317 return 1;
1318 }
1319
1320 if (args[2][0] == '*') {
1321 /* list every TLS ticket keys */
1322 appctx->ctx.tlskeys.ref = NULL;
1323 appctx->ctx.tlskeys.dump_all = 1;
1324 } else {
1325 appctx->ctx.tlskeys.ref = tlskeys_ref_lookup_ref(args[2]);
1326 if(!appctx->ctx.tlskeys.ref) {
1327 appctx->ctx.cli.msg = "'show tls-keys' unable to locate referenced filename\n";
1328 appctx->st0 = STAT_CLI_PRINT;
1329 return 1;
1330 }
1331 }
1332 appctx->st2 = STAT_ST_INIT;
1333 appctx->st0 = STAT_CLI_O_TLSK_ENT;
1334
1335#else
1336 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL "
1337 "that doesn't support specifying TLS ticket keys\n";
1338 appctx->st0 = STAT_CLI_PRINT;
1339#endif
1340 return 1;
1341 }
1342 else if (strcmp(args[1], "map") == 0 ||
1343 strcmp(args[1], "acl") == 0) {
1344
1345 /* Set ACL or MAP flags. */
1346 if (args[1][0] == 'm')
1347 appctx->ctx.map.display_flags = PAT_REF_MAP;
1348 else
1349 appctx->ctx.map.display_flags = PAT_REF_ACL;
1350
1351 /* no parameter: display all map available */
1352 if (!*args[2]) {
1353 appctx->st2 = STAT_ST_INIT;
1354 appctx->st0 = STAT_CLI_O_PATS;
1355 return 1;
1356 }
1357
1358 /* lookup into the refs and check the map flag */
1359 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1360 if (!appctx->ctx.map.ref ||
1361 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
1362 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1363 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1364 else
1365 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1366 appctx->st0 = STAT_CLI_PRINT;
1367 return 1;
1368 }
1369 appctx->st2 = STAT_ST_INIT;
1370 appctx->st0 = STAT_CLI_O_PAT;
1371 }
1372 else { /* neither "stat" nor "info" nor "sess" nor "errors" nor "table" */
1373 return 0;
1374 }
1375 }
1376 else if (strcmp(args[0], "clear") == 0) {
1377 if (strcmp(args[1], "counters") == 0) {
1378 struct proxy *px;
1379 struct server *sv;
1380 struct listener *li;
1381 int clrall = 0;
1382
1383 if (strcmp(args[2], "all") == 0)
1384 clrall = 1;
1385
1386 /* check permissions */
1387 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER ||
1388 (clrall && strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN)) {
1389 appctx->ctx.cli.msg = stats_permission_denied_msg;
1390 appctx->st0 = STAT_CLI_PRINT;
1391 return 1;
1392 }
1393
1394 for (px = proxy; px; px = px->next) {
1395 if (clrall) {
1396 memset(&px->be_counters, 0, sizeof(px->be_counters));
1397 memset(&px->fe_counters, 0, sizeof(px->fe_counters));
1398 }
1399 else {
1400 px->be_counters.conn_max = 0;
1401 px->be_counters.p.http.rps_max = 0;
1402 px->be_counters.sps_max = 0;
1403 px->be_counters.cps_max = 0;
1404 px->be_counters.nbpend_max = 0;
1405
1406 px->fe_counters.conn_max = 0;
1407 px->fe_counters.p.http.rps_max = 0;
1408 px->fe_counters.sps_max = 0;
1409 px->fe_counters.cps_max = 0;
1410 px->fe_counters.nbpend_max = 0;
1411 }
1412
1413 for (sv = px->srv; sv; sv = sv->next)
1414 if (clrall)
1415 memset(&sv->counters, 0, sizeof(sv->counters));
1416 else {
1417 sv->counters.cur_sess_max = 0;
1418 sv->counters.nbpend_max = 0;
1419 sv->counters.sps_max = 0;
1420 }
1421
1422 list_for_each_entry(li, &px->conf.listeners, by_fe)
1423 if (li->counters) {
1424 if (clrall)
1425 memset(li->counters, 0, sizeof(*li->counters));
1426 else
1427 li->counters->conn_max = 0;
1428 }
1429 }
1430
1431 global.cps_max = 0;
1432 global.sps_max = 0;
1433 return 1;
1434 }
1435 else if (strcmp(args[1], "table") == 0) {
1436 stats_sock_table_request(si, args, STAT_CLI_O_CLR);
1437 /* end of processing */
1438 return 1;
1439 }
1440 else if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
1441 /* Set ACL or MAP flags. */
1442 if (args[1][0] == 'm')
1443 appctx->ctx.map.display_flags = PAT_REF_MAP;
1444 else
1445 appctx->ctx.map.display_flags = PAT_REF_ACL;
1446
1447 /* no parameter */
1448 if (!*args[2]) {
1449 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1450 appctx->ctx.cli.msg = "Missing map identifier.\n";
1451 else
1452 appctx->ctx.cli.msg = "Missing ACL identifier.\n";
1453 appctx->st0 = STAT_CLI_PRINT;
1454 return 1;
1455 }
1456
1457 /* lookup into the refs and check the map flag */
1458 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1459 if (!appctx->ctx.map.ref ||
1460 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
1461 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1462 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1463 else
1464 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1465 appctx->st0 = STAT_CLI_PRINT;
1466 return 1;
1467 }
1468
1469 /* Clear all. */
1470 pat_ref_prune(appctx->ctx.map.ref);
1471
1472 /* return response */
1473 appctx->st0 = STAT_CLI_PROMPT;
1474 return 1;
1475 }
1476 else {
1477 /* unknown "clear" argument */
1478 return 0;
1479 }
1480 }
1481 else if (strcmp(args[0], "get") == 0) {
1482 if (strcmp(args[1], "weight") == 0) {
1483 struct proxy *px;
1484 struct server *sv;
1485
1486 /* split "backend/server" and make <line> point to server */
1487 for (line = args[2]; *line; line++)
1488 if (*line == '/') {
1489 *line++ = '\0';
1490 break;
1491 }
1492
1493 if (!*line) {
1494 appctx->ctx.cli.msg = "Require 'backend/server'.\n";
1495 appctx->st0 = STAT_CLI_PRINT;
1496 return 1;
1497 }
1498
1499 if (!get_backend_server(args[2], line, &px, &sv)) {
1500 appctx->ctx.cli.msg = px ? "No such server.\n" : "No such backend.\n";
1501 appctx->st0 = STAT_CLI_PRINT;
1502 return 1;
1503 }
1504
1505 /* return server's effective weight at the moment */
1506 snprintf(trash.str, trash.size, "%d (initial %d)\n", sv->uweight, sv->iweight);
1507 if (bi_putstr(si_ic(si), trash.str) == -1)
1508 si_applet_cant_put(si);
1509
1510 return 1;
1511 }
1512 else if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
1513 /* Set flags. */
1514 if (args[1][0] == 'm')
1515 appctx->ctx.map.display_flags = PAT_REF_MAP;
1516 else
1517 appctx->ctx.map.display_flags = PAT_REF_ACL;
1518
1519 /* No parameter. */
1520 if (!*args[2] || !*args[3]) {
1521 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1522 appctx->ctx.cli.msg = "Missing map identifier and/or key.\n";
1523 else
1524 appctx->ctx.cli.msg = "Missing ACL identifier and/or key.\n";
1525 appctx->st0 = STAT_CLI_PRINT;
1526 return 1;
1527 }
1528
1529 /* lookup into the maps */
1530 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1531 if (!appctx->ctx.map.ref) {
1532 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1533 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1534 else
1535 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1536 appctx->st0 = STAT_CLI_PRINT;
1537 return 1;
1538 }
1539
1540 /* copy input string. The string must be allocated because
1541 * it may be used over multiple iterations. It's released
1542 * at the end and upon abort anyway.
1543 */
1544 appctx->ctx.map.chunk.len = strlen(args[3]);
1545 appctx->ctx.map.chunk.size = appctx->ctx.map.chunk.len + 1;
1546 appctx->ctx.map.chunk.str = strdup(args[3]);
1547 if (!appctx->ctx.map.chunk.str) {
1548 appctx->ctx.cli.msg = "Out of memory error.\n";
1549 appctx->st0 = STAT_CLI_PRINT;
1550 return 1;
1551 }
1552
1553 /* prepare response */
1554 appctx->st2 = STAT_ST_INIT;
1555 appctx->st0 = STAT_CLI_O_MLOOK;
1556 }
1557 else { /* not "get weight" */
1558 return 0;
1559 }
1560 }
1561 else if (strcmp(args[0], "set") == 0) {
1562 if (strcmp(args[1], "weight") == 0) {
1563 struct server *sv;
1564 const char *warning;
1565
1566 sv = expect_server_admin(s, si, args[2]);
1567 if (!sv)
1568 return 1;
1569
1570 warning = server_parse_weight_change_request(sv, args[3]);
1571 if (warning) {
1572 appctx->ctx.cli.msg = warning;
1573 appctx->st0 = STAT_CLI_PRINT;
1574 }
1575 return 1;
1576 }
1577 else if (strcmp(args[1], "server") == 0) {
1578 struct server *sv;
1579 const char *warning;
1580
1581 sv = expect_server_admin(s, si, args[2]);
1582 if (!sv)
1583 return 1;
1584
1585 if (strcmp(args[3], "weight") == 0) {
1586 warning = server_parse_weight_change_request(sv, args[4]);
1587 if (warning) {
1588 appctx->ctx.cli.msg = warning;
1589 appctx->st0 = STAT_CLI_PRINT;
1590 }
1591 }
1592 else if (strcmp(args[3], "state") == 0) {
1593 if (strcmp(args[4], "ready") == 0)
1594 srv_adm_set_ready(sv);
1595 else if (strcmp(args[4], "drain") == 0)
1596 srv_adm_set_drain(sv);
1597 else if (strcmp(args[4], "maint") == 0)
1598 srv_adm_set_maint(sv);
1599 else {
1600 appctx->ctx.cli.msg = "'set server <srv> state' expects 'ready', 'drain' and 'maint'.\n";
1601 appctx->st0 = STAT_CLI_PRINT;
1602 }
1603 }
1604 else if (strcmp(args[3], "health") == 0) {
1605 if (sv->track) {
1606 appctx->ctx.cli.msg = "cannot change health on a tracking server.\n";
1607 appctx->st0 = STAT_CLI_PRINT;
1608 }
1609 else if (strcmp(args[4], "up") == 0) {
1610 sv->check.health = sv->check.rise + sv->check.fall - 1;
1611 srv_set_running(sv, "changed from CLI");
1612 }
1613 else if (strcmp(args[4], "stopping") == 0) {
1614 sv->check.health = sv->check.rise + sv->check.fall - 1;
1615 srv_set_stopping(sv, "changed from CLI");
1616 }
1617 else if (strcmp(args[4], "down") == 0) {
1618 sv->check.health = 0;
1619 srv_set_stopped(sv, "changed from CLI");
1620 }
1621 else {
1622 appctx->ctx.cli.msg = "'set server <srv> health' expects 'up', 'stopping', or 'down'.\n";
1623 appctx->st0 = STAT_CLI_PRINT;
1624 }
1625 }
1626 else if (strcmp(args[3], "agent") == 0) {
1627 if (!(sv->agent.state & CHK_ST_ENABLED)) {
1628 appctx->ctx.cli.msg = "agent checks are not enabled on this server.\n";
1629 appctx->st0 = STAT_CLI_PRINT;
1630 }
1631 else if (strcmp(args[4], "up") == 0) {
1632 sv->agent.health = sv->agent.rise + sv->agent.fall - 1;
1633 srv_set_running(sv, "changed from CLI");
1634 }
1635 else if (strcmp(args[4], "down") == 0) {
1636 sv->agent.health = 0;
1637 srv_set_stopped(sv, "changed from CLI");
1638 }
1639 else {
1640 appctx->ctx.cli.msg = "'set server <srv> agent' expects 'up' or 'down'.\n";
1641 appctx->st0 = STAT_CLI_PRINT;
1642 }
1643 }
1644 else if (strcmp(args[3], "check-port") == 0) {
1645 int i = 0;
1646 if (strl2irc(args[4], strlen(args[4]), &i) != 0) {
1647 appctx->ctx.cli.msg = "'set server <srv> check-port' expects an integer as argument.\n";
1648 appctx->st0 = STAT_CLI_PRINT;
1649 }
1650 if ((i < 0) || (i > 65535)) {
1651 appctx->ctx.cli.msg = "provided port is not valid.\n";
1652 appctx->st0 = STAT_CLI_PRINT;
1653 }
1654 /* prevent the update of port to 0 if MAPPORTS are in use */
1655 if ((sv->flags & SRV_F_MAPPORTS) && (i == 0)) {
1656 appctx->ctx.cli.msg = "can't unset 'port' since MAPPORTS is in use.\n";
1657 appctx->st0 = STAT_CLI_PRINT;
1658 return 1;
1659 }
1660 sv->check.port = i;
1661 appctx->ctx.cli.msg = "health check port updated.\n";
1662 appctx->st0 = STAT_CLI_PRINT;
1663 }
1664 else if (strcmp(args[3], "addr") == 0) {
1665 char *addr = NULL;
1666 char *port = NULL;
1667 if (strlen(args[4]) == 0) {
1668 appctx->ctx.cli.msg = "set server <b>/<s> addr requires an address and optionally a port.\n";
1669 appctx->st0 = STAT_CLI_PRINT;
1670 return 1;
1671 }
1672 else {
1673 addr = args[4];
1674 }
1675 if (strcmp(args[5], "port") == 0) {
1676 port = args[6];
1677 }
1678 warning = update_server_addr_port(sv, addr, port, "stats socket command");
1679 if (warning) {
1680 appctx->ctx.cli.msg = warning;
1681 appctx->st0 = STAT_CLI_PRINT;
1682 }
1683 srv_clr_admin_flag(sv, SRV_ADMF_RMAINT);
1684 }
1685 else {
1686 appctx->ctx.cli.msg = "'set server <srv>' only supports 'agent', 'health', 'state', 'weight', 'addr' and 'check-port'.\n";
1687 appctx->st0 = STAT_CLI_PRINT;
1688 }
1689 return 1;
1690 }
1691 else if (strcmp(args[1], "timeout") == 0) {
1692 if (strcmp(args[2], "cli") == 0) {
1693 unsigned timeout;
1694 const char *res;
1695
1696 if (!*args[3]) {
1697 appctx->ctx.cli.msg = "Expects an integer value.\n";
1698 appctx->st0 = STAT_CLI_PRINT;
1699 return 1;
1700 }
1701
1702 res = parse_time_err(args[3], &timeout, TIME_UNIT_S);
1703 if (res || timeout < 1) {
1704 appctx->ctx.cli.msg = "Invalid timeout value.\n";
1705 appctx->st0 = STAT_CLI_PRINT;
1706 return 1;
1707 }
1708
1709 s->req.rto = s->res.wto = 1 + MS_TO_TICKS(timeout*1000);
1710 task_wakeup(s->task, TASK_WOKEN_MSG); // recompute timeouts
1711 return 1;
1712 }
1713 else {
1714 appctx->ctx.cli.msg = "'set timeout' only supports 'cli'.\n";
1715 appctx->st0 = STAT_CLI_PRINT;
1716 return 1;
1717 }
1718 }
1719 else if (strcmp(args[1], "maxconn") == 0) {
1720 if (strcmp(args[2], "frontend") == 0) {
1721 struct proxy *px;
1722 struct listener *l;
1723 int v;
1724
1725 px = expect_frontend_admin(s, si, args[3]);
1726 if (!px)
1727 return 1;
1728
1729 if (!*args[4]) {
1730 appctx->ctx.cli.msg = "Integer value expected.\n";
1731 appctx->st0 = STAT_CLI_PRINT;
1732 return 1;
1733 }
1734
1735 v = atoi(args[4]);
1736 if (v < 0) {
1737 appctx->ctx.cli.msg = "Value out of range.\n";
1738 appctx->st0 = STAT_CLI_PRINT;
1739 return 1;
1740 }
1741
1742 /* OK, the value is fine, so we assign it to the proxy and to all of
1743 * its listeners. The blocked ones will be dequeued.
1744 */
1745 px->maxconn = v;
1746 list_for_each_entry(l, &px->conf.listeners, by_fe) {
1747 l->maxconn = v;
1748 if (l->state == LI_FULL)
1749 resume_listener(l);
1750 }
1751
1752 if (px->maxconn > px->feconn && !LIST_ISEMPTY(&px->listener_queue))
1753 dequeue_all_listeners(&px->listener_queue);
1754
1755 return 1;
1756 }
1757 else if (strcmp(args[2], "server") == 0) {
1758 struct server *sv;
1759 const char *warning;
1760
1761 sv = expect_server_admin(s, si, args[3]);
1762 if (!sv)
1763 return 1;
1764
1765 warning = server_parse_maxconn_change_request(sv, args[4]);
1766 if (warning) {
1767 appctx->ctx.cli.msg = warning;
1768 appctx->st0 = STAT_CLI_PRINT;
1769 }
1770
1771 return 1;
1772 }
1773 else if (strcmp(args[2], "global") == 0) {
1774 int v;
1775
1776 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1777 appctx->ctx.cli.msg = stats_permission_denied_msg;
1778 appctx->st0 = STAT_CLI_PRINT;
1779 return 1;
1780 }
1781
1782 if (!*args[3]) {
1783 appctx->ctx.cli.msg = "Expects an integer value.\n";
1784 appctx->st0 = STAT_CLI_PRINT;
1785 return 1;
1786 }
1787
1788 v = atoi(args[3]);
1789 if (v > global.hardmaxconn) {
1790 appctx->ctx.cli.msg = "Value out of range.\n";
1791 appctx->st0 = STAT_CLI_PRINT;
1792 return 1;
1793 }
1794
1795 /* check for unlimited values */
1796 if (v <= 0)
1797 v = global.hardmaxconn;
1798
1799 global.maxconn = v;
1800
1801 /* Dequeues all of the listeners waiting for a resource */
1802 if (!LIST_ISEMPTY(&global_listener_queue))
1803 dequeue_all_listeners(&global_listener_queue);
1804
1805 return 1;
1806 }
1807 else {
1808 appctx->ctx.cli.msg = "'set maxconn' only supports 'frontend', 'server', and 'global'.\n";
1809 appctx->st0 = STAT_CLI_PRINT;
1810 return 1;
1811 }
1812 }
1813 else if (strcmp(args[1], "rate-limit") == 0) {
1814 if (strcmp(args[2], "connections") == 0) {
1815 if (strcmp(args[3], "global") == 0) {
1816 int v;
1817
1818 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1819 appctx->ctx.cli.msg = stats_permission_denied_msg;
1820 appctx->st0 = STAT_CLI_PRINT;
1821 return 1;
1822 }
1823
1824 if (!*args[4]) {
1825 appctx->ctx.cli.msg = "Expects an integer value.\n";
1826 appctx->st0 = STAT_CLI_PRINT;
1827 return 1;
1828 }
1829
1830 v = atoi(args[4]);
1831 if (v < 0) {
1832 appctx->ctx.cli.msg = "Value out of range.\n";
1833 appctx->st0 = STAT_CLI_PRINT;
1834 return 1;
1835 }
1836
1837 global.cps_lim = v;
1838
1839 /* Dequeues all of the listeners waiting for a resource */
1840 if (!LIST_ISEMPTY(&global_listener_queue))
1841 dequeue_all_listeners(&global_listener_queue);
1842
1843 return 1;
1844 }
1845 else {
1846 appctx->ctx.cli.msg = "'set rate-limit connections' only supports 'global'.\n";
1847 appctx->st0 = STAT_CLI_PRINT;
1848 return 1;
1849 }
1850 }
1851 else if (strcmp(args[2], "sessions") == 0) {
1852 if (strcmp(args[3], "global") == 0) {
1853 int v;
1854
1855 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1856 appctx->ctx.cli.msg = stats_permission_denied_msg;
1857 appctx->st0 = STAT_CLI_PRINT;
1858 return 1;
1859 }
1860
1861 if (!*args[4]) {
1862 appctx->ctx.cli.msg = "Expects an integer value.\n";
1863 appctx->st0 = STAT_CLI_PRINT;
1864 return 1;
1865 }
1866
1867 v = atoi(args[4]);
1868 if (v < 0) {
1869 appctx->ctx.cli.msg = "Value out of range.\n";
1870 appctx->st0 = STAT_CLI_PRINT;
1871 return 1;
1872 }
1873
1874 global.sps_lim = v;
1875
1876 /* Dequeues all of the listeners waiting for a resource */
1877 if (!LIST_ISEMPTY(&global_listener_queue))
1878 dequeue_all_listeners(&global_listener_queue);
1879
1880 return 1;
1881 }
1882 else {
1883 appctx->ctx.cli.msg = "'set rate-limit sessions' only supports 'global'.\n";
1884 appctx->st0 = STAT_CLI_PRINT;
1885 return 1;
1886 }
1887 }
1888#ifdef USE_OPENSSL
1889 else if (strcmp(args[2], "ssl-sessions") == 0) {
1890 if (strcmp(args[3], "global") == 0) {
1891 int v;
1892
1893 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1894 appctx->ctx.cli.msg = stats_permission_denied_msg;
1895 appctx->st0 = STAT_CLI_PRINT;
1896 return 1;
1897 }
1898
1899 if (!*args[4]) {
1900 appctx->ctx.cli.msg = "Expects an integer value.\n";
1901 appctx->st0 = STAT_CLI_PRINT;
1902 return 1;
1903 }
1904
1905 v = atoi(args[4]);
1906 if (v < 0) {
1907 appctx->ctx.cli.msg = "Value out of range.\n";
1908 appctx->st0 = STAT_CLI_PRINT;
1909 return 1;
1910 }
1911
1912 global.ssl_lim = v;
1913
1914 /* Dequeues all of the listeners waiting for a resource */
1915 if (!LIST_ISEMPTY(&global_listener_queue))
1916 dequeue_all_listeners(&global_listener_queue);
1917
1918 return 1;
1919 }
1920 else {
1921 appctx->ctx.cli.msg = "'set rate-limit ssl-sessions' only supports 'global'.\n";
1922 appctx->st0 = STAT_CLI_PRINT;
1923 return 1;
1924 }
1925 }
1926#endif
1927 else if (strcmp(args[2], "http-compression") == 0) {
1928 if (strcmp(args[3], "global") == 0) {
1929 int v;
1930
1931 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1932 appctx->ctx.cli.msg = stats_permission_denied_msg;
1933 appctx->st0 = STAT_CLI_PRINT;
1934 return 1;
1935 }
1936
1937 if (!*args[4]) {
1938 appctx->ctx.cli.msg = "Expects a maximum input byte rate in kB/s.\n";
1939 appctx->st0 = STAT_CLI_PRINT;
1940 return 1;
1941 }
1942
1943 v = atoi(args[4]);
1944 global.comp_rate_lim = v * 1024; /* Kilo to bytes. */
1945 }
1946 else {
1947 appctx->ctx.cli.msg = "'set rate-limit http-compression' only supports 'global'.\n";
1948 appctx->st0 = STAT_CLI_PRINT;
1949 return 1;
1950 }
1951 }
1952 else {
1953 appctx->ctx.cli.msg = "'set rate-limit' supports 'connections', 'sessions', 'ssl-sessions', and 'http-compression'.\n";
1954 appctx->st0 = STAT_CLI_PRINT;
1955 return 1;
1956 }
1957 }
1958 else if (strcmp(args[1], "table") == 0) {
1959 stats_sock_table_request(si, args, STAT_CLI_O_SET);
1960 }
1961 else if (strcmp(args[1], "map") == 0) {
1962 char *err;
1963
1964 /* Set flags. */
1965 appctx->ctx.map.display_flags = PAT_REF_MAP;
1966
1967 /* Expect three parameters: map name, key and new value. */
1968 if (!*args[2] || !*args[3] || !*args[4]) {
1969 appctx->ctx.cli.msg = "'set map' expects three parameters: map identifier, key and value.\n";
1970 appctx->st0 = STAT_CLI_PRINT;
1971 return 1;
1972 }
1973
1974 /* Lookup the reference in the maps. */
1975 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1976 if (!appctx->ctx.map.ref) {
1977 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1978 appctx->st0 = STAT_CLI_PRINT;
1979 return 1;
1980 }
1981
1982 /* If the entry identifier start with a '#', it is considered as
1983 * pointer id
1984 */
1985 if (args[3][0] == '#' && args[3][1] == '0' && args[3][2] == 'x') {
1986 struct pat_ref_elt *ref;
1987 long long int conv;
1988 char *error;
1989
1990 /* Convert argument to integer value. */
1991 conv = strtoll(&args[3][1], &error, 16);
1992 if (*error != '\0') {
1993 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
1994 appctx->st0 = STAT_CLI_PRINT;
1995 return 1;
1996 }
1997
1998 /* Convert and check integer to pointer. */
1999 ref = (struct pat_ref_elt *)(long)conv;
2000 if ((long long int)(long)ref != conv) {
2001 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2002 appctx->st0 = STAT_CLI_PRINT;
2003 return 1;
2004 }
2005
2006 /* Try to delete the entry. */
2007 err = NULL;
2008 if (!pat_ref_set_by_id(appctx->ctx.map.ref, ref, args[4], &err)) {
2009 if (err)
2010 memprintf(&err, "%s.\n", err);
2011 appctx->ctx.cli.err = err;
2012 appctx->st0 = STAT_CLI_PRINT_FREE;
2013 return 1;
2014 }
2015 }
2016 else {
2017 /* Else, use the entry identifier as pattern
2018 * string, and update the value.
2019 */
2020 err = NULL;
2021 if (!pat_ref_set(appctx->ctx.map.ref, args[3], args[4], &err)) {
2022 if (err)
2023 memprintf(&err, "%s.\n", err);
2024 appctx->ctx.cli.err = err;
2025 appctx->st0 = STAT_CLI_PRINT_FREE;
2026 return 1;
2027 }
2028 }
2029
2030 /* The set is done, send message. */
2031 appctx->st0 = STAT_CLI_PROMPT;
2032 return 1;
2033 }
2034#ifdef USE_OPENSSL
2035 else if (strcmp(args[1], "ssl") == 0) {
2036 if (strcmp(args[2], "ocsp-response") == 0) {
2037#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
2038 char *err = NULL;
2039
2040 /* Expect one parameter: the new response in base64 encoding */
2041 if (!*args[3]) {
2042 appctx->ctx.cli.msg = "'set ssl ocsp-response' expects response in base64 encoding.\n";
2043 appctx->st0 = STAT_CLI_PRINT;
2044 return 1;
2045 }
2046
2047 trash.len = base64dec(args[3], strlen(args[3]), trash.str, trash.size);
2048 if (trash.len < 0) {
2049 appctx->ctx.cli.msg = "'set ssl ocsp-response' received invalid base64 encoded response.\n";
2050 appctx->st0 = STAT_CLI_PRINT;
2051 return 1;
2052 }
2053
2054 if (ssl_sock_update_ocsp_response(&trash, &err)) {
2055 if (err) {
2056 memprintf(&err, "%s.\n", err);
2057 appctx->ctx.cli.err = err;
2058 appctx->st0 = STAT_CLI_PRINT_FREE;
2059 }
2060 return 1;
2061 }
2062 appctx->ctx.cli.msg = "OCSP Response updated!";
2063 appctx->st0 = STAT_CLI_PRINT;
2064 return 1;
2065#else
2066 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n";
2067 appctx->st0 = STAT_CLI_PRINT;
2068 return 1;
2069#endif
2070 }
2071 else if (strcmp(args[2], "tls-key") == 0) {
2072#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
2073 /* Expect two parameters: the filename and the new new TLS key in encoding */
2074 if (!*args[3] || !*args[4]) {
2075 appctx->ctx.cli.msg = "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n";
2076 appctx->st0 = STAT_CLI_PRINT;
2077 return 1;
2078 }
2079
2080 appctx->ctx.tlskeys.ref = tlskeys_ref_lookup_ref(args[3]);
2081 if(!appctx->ctx.tlskeys.ref) {
2082 appctx->ctx.cli.msg = "'set ssl tls-key' unable to locate referenced filename\n";
2083 appctx->st0 = STAT_CLI_PRINT;
2084 return 1;
2085 }
2086
2087 trash.len = base64dec(args[4], strlen(args[4]), trash.str, trash.size);
2088 if (trash.len != sizeof(struct tls_sess_key)) {
2089 appctx->ctx.cli.msg = "'set ssl tls-key' received invalid base64 encoded TLS key.\n";
2090 appctx->st0 = STAT_CLI_PRINT;
2091 return 1;
2092 }
2093
2094 memcpy(appctx->ctx.tlskeys.ref->tlskeys + ((appctx->ctx.tlskeys.ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO), trash.str, trash.len);
2095 appctx->ctx.tlskeys.ref->tls_ticket_enc_index = (appctx->ctx.tlskeys.ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
2096
2097 appctx->ctx.cli.msg = "TLS ticket key updated!";
2098 appctx->st0 = STAT_CLI_PRINT;
2099 return 1;
2100#else
2101 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL "
2102 "that doesn't support specifying TLS ticket keys\n";
2103 appctx->st0 = STAT_CLI_PRINT;
2104 return 1;
2105#endif
2106 }
2107 else {
2108 appctx->ctx.cli.msg = "'set ssl' only supports 'ocsp-response'.\n";
2109 appctx->st0 = STAT_CLI_PRINT;
2110 return 1;
2111 }
2112 }
2113#endif
2114 else { /* unknown "set" parameter */
2115 return 0;
2116 }
2117 }
2118 else if (strcmp(args[0], "enable") == 0) {
2119 if (strcmp(args[1], "agent") == 0) {
2120 struct server *sv;
2121
2122 sv = expect_server_admin(s, si, args[2]);
2123 if (!sv)
2124 return 1;
2125
2126 if (!(sv->agent.state & CHK_ST_CONFIGURED)) {
2127 appctx->ctx.cli.msg = "Agent was not configured on this server, cannot enable.\n";
2128 appctx->st0 = STAT_CLI_PRINT;
2129 return 1;
2130 }
2131
2132 sv->agent.state |= CHK_ST_ENABLED;
2133 return 1;
2134 }
2135 else if (strcmp(args[1], "health") == 0) {
2136 struct server *sv;
2137
2138 sv = expect_server_admin(s, si, args[2]);
2139 if (!sv)
2140 return 1;
2141
2142 if (!(sv->check.state & CHK_ST_CONFIGURED)) {
2143 appctx->ctx.cli.msg = "Health checks are not configured on this server, cannot enable.\n";
2144 appctx->st0 = STAT_CLI_PRINT;
2145 return 1;
2146 }
2147
2148 sv->check.state |= CHK_ST_ENABLED;
2149 return 1;
2150 }
2151 else if (strcmp(args[1], "server") == 0) {
2152 struct server *sv;
2153
2154 sv = expect_server_admin(s, si, args[2]);
2155 if (!sv)
2156 return 1;
2157
2158 srv_adm_set_ready(sv);
2159 return 1;
2160 }
2161 else if (strcmp(args[1], "frontend") == 0) {
2162 struct proxy *px;
2163
2164 px = expect_frontend_admin(s, si, args[2]);
2165 if (!px)
2166 return 1;
2167
2168 if (px->state == PR_STSTOPPED) {
2169 appctx->ctx.cli.msg = "Frontend was previously shut down, cannot enable.\n";
2170 appctx->st0 = STAT_CLI_PRINT;
2171 return 1;
2172 }
2173
2174 if (px->state != PR_STPAUSED) {
2175 appctx->ctx.cli.msg = "Frontend is already enabled.\n";
2176 appctx->st0 = STAT_CLI_PRINT;
2177 return 1;
2178 }
2179
2180 if (!resume_proxy(px)) {
2181 appctx->ctx.cli.msg = "Failed to resume frontend, check logs for precise cause (port conflict?).\n";
2182 appctx->st0 = STAT_CLI_PRINT;
2183 return 1;
2184 }
2185 return 1;
2186 }
2187 else { /* unknown "enable" parameter */
2188 appctx->ctx.cli.msg = "'enable' only supports 'agent', 'frontend', 'health', and 'server'.\n";
2189 appctx->st0 = STAT_CLI_PRINT;
2190 return 1;
2191 }
2192 }
2193 else if (strcmp(args[0], "disable") == 0) {
2194 if (strcmp(args[1], "agent") == 0) {
2195 struct server *sv;
2196
2197 sv = expect_server_admin(s, si, args[2]);
2198 if (!sv)
2199 return 1;
2200
2201 sv->agent.state &= ~CHK_ST_ENABLED;
2202 return 1;
2203 }
2204 else if (strcmp(args[1], "health") == 0) {
2205 struct server *sv;
2206
2207 sv = expect_server_admin(s, si, args[2]);
2208 if (!sv)
2209 return 1;
2210
2211 sv->check.state &= ~CHK_ST_ENABLED;
2212 return 1;
2213 }
2214 else if (strcmp(args[1], "server") == 0) {
2215 struct server *sv;
2216
2217 sv = expect_server_admin(s, si, args[2]);
2218 if (!sv)
2219 return 1;
2220
2221 srv_adm_set_maint(sv);
2222 return 1;
2223 }
2224 else if (strcmp(args[1], "frontend") == 0) {
2225 struct proxy *px;
2226
2227 px = expect_frontend_admin(s, si, args[2]);
2228 if (!px)
2229 return 1;
2230
2231 if (px->state == PR_STSTOPPED) {
2232 appctx->ctx.cli.msg = "Frontend was previously shut down, cannot disable.\n";
2233 appctx->st0 = STAT_CLI_PRINT;
2234 return 1;
2235 }
2236
2237 if (px->state == PR_STPAUSED) {
2238 appctx->ctx.cli.msg = "Frontend is already disabled.\n";
2239 appctx->st0 = STAT_CLI_PRINT;
2240 return 1;
2241 }
2242
2243 if (!pause_proxy(px)) {
2244 appctx->ctx.cli.msg = "Failed to pause frontend, check logs for precise cause.\n";
2245 appctx->st0 = STAT_CLI_PRINT;
2246 return 1;
2247 }
2248 return 1;
2249 }
2250 else { /* unknown "disable" parameter */
2251 appctx->ctx.cli.msg = "'disable' only supports 'agent', 'frontend', 'health', and 'server'.\n";
2252 appctx->st0 = STAT_CLI_PRINT;
2253 return 1;
2254 }
2255 }
2256 else if (strcmp(args[0], "shutdown") == 0) {
2257 if (strcmp(args[1], "frontend") == 0) {
2258 struct proxy *px;
2259
2260 px = expect_frontend_admin(s, si, args[2]);
2261 if (!px)
2262 return 1;
2263
2264 if (px->state == PR_STSTOPPED) {
2265 appctx->ctx.cli.msg = "Frontend was already shut down.\n";
2266 appctx->st0 = STAT_CLI_PRINT;
2267 return 1;
2268 }
2269
2270 Warning("Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
2271 px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
2272 send_log(px, LOG_WARNING, "Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
2273 px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
2274 stop_proxy(px);
2275 return 1;
2276 }
2277 else if (strcmp(args[1], "session") == 0) {
2278 struct stream *sess, *ptr;
2279
2280 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
2281 appctx->ctx.cli.msg = stats_permission_denied_msg;
2282 appctx->st0 = STAT_CLI_PRINT;
2283 return 1;
2284 }
2285
2286 if (!*args[2]) {
2287 appctx->ctx.cli.msg = "Session pointer expected (use 'show sess').\n";
2288 appctx->st0 = STAT_CLI_PRINT;
2289 return 1;
2290 }
2291
2292 ptr = (void *)strtoul(args[2], NULL, 0);
2293
2294 /* first, look for the requested stream in the stream table */
2295 list_for_each_entry(sess, &streams, list) {
2296 if (sess == ptr)
2297 break;
2298 }
2299
2300 /* do we have the stream ? */
2301 if (sess != ptr) {
2302 appctx->ctx.cli.msg = "No such session (use 'show sess').\n";
2303 appctx->st0 = STAT_CLI_PRINT;
2304 return 1;
2305 }
2306
2307 stream_shutdown(sess, SF_ERR_KILLED);
2308 return 1;
2309 }
2310 else if (strcmp(args[1], "sessions") == 0) {
2311 if (strcmp(args[2], "server") == 0) {
2312 struct server *sv;
2313 struct stream *sess, *sess_bck;
2314
2315 sv = expect_server_admin(s, si, args[3]);
2316 if (!sv)
2317 return 1;
2318
2319 /* kill all the stream that are on this server */
2320 list_for_each_entry_safe(sess, sess_bck, &sv->actconns, by_srv)
2321 if (sess->srv_conn == sv)
2322 stream_shutdown(sess, SF_ERR_KILLED);
2323
2324 return 1;
2325 }
2326 else {
2327 appctx->ctx.cli.msg = "'shutdown sessions' only supports 'server'.\n";
2328 appctx->st0 = STAT_CLI_PRINT;
2329 return 1;
2330 }
2331 }
2332 else { /* unknown "disable" parameter */
2333 appctx->ctx.cli.msg = "'shutdown' only supports 'frontend', 'session' and 'sessions'.\n";
2334 appctx->st0 = STAT_CLI_PRINT;
2335 return 1;
2336 }
2337 }
2338 else if (strcmp(args[0], "del") == 0) {
2339 if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
2340 if (args[1][0] == 'm')
2341 appctx->ctx.map.display_flags = PAT_REF_MAP;
2342 else
2343 appctx->ctx.map.display_flags = PAT_REF_ACL;
2344
2345 /* Expect two parameters: map name and key. */
2346 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
2347 if (!*args[2] || !*args[3]) {
2348 appctx->ctx.cli.msg = "This command expects two parameters: map identifier and key.\n";
2349 appctx->st0 = STAT_CLI_PRINT;
2350 return 1;
2351 }
2352 }
2353
2354 else {
2355 if (!*args[2] || !*args[3]) {
2356 appctx->ctx.cli.msg = "This command expects two parameters: ACL identifier and key.\n";
2357 appctx->st0 = STAT_CLI_PRINT;
2358 return 1;
2359 }
2360 }
2361
2362 /* Lookup the reference in the maps. */
2363 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
2364 if (!appctx->ctx.map.ref ||
2365 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
2366 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
2367 appctx->st0 = STAT_CLI_PRINT;
2368 return 1;
2369 }
2370
2371 /* If the entry identifier start with a '#', it is considered as
2372 * pointer id
2373 */
2374 if (args[3][0] == '#' && args[3][1] == '0' && args[3][2] == 'x') {
2375 struct pat_ref_elt *ref;
2376 long long int conv;
2377 char *error;
2378
2379 /* Convert argument to integer value. */
2380 conv = strtoll(&args[3][1], &error, 16);
2381 if (*error != '\0') {
2382 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2383 appctx->st0 = STAT_CLI_PRINT;
2384 return 1;
2385 }
2386
2387 /* Convert and check integer to pointer. */
2388 ref = (struct pat_ref_elt *)(long)conv;
2389 if ((long long int)(long)ref != conv) {
2390 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2391 appctx->st0 = STAT_CLI_PRINT;
2392 return 1;
2393 }
2394
2395 /* Try to delete the entry. */
2396 if (!pat_ref_delete_by_id(appctx->ctx.map.ref, ref)) {
2397 /* The entry is not found, send message. */
2398 appctx->ctx.cli.msg = "Key not found.\n";
2399 appctx->st0 = STAT_CLI_PRINT;
2400 return 1;
2401 }
2402 }
2403 else {
2404 /* Else, use the entry identifier as pattern
2405 * string and try to delete the entry.
2406 */
2407 if (!pat_ref_delete(appctx->ctx.map.ref, args[3])) {
2408 /* The entry is not found, send message. */
2409 appctx->ctx.cli.msg = "Key not found.\n";
2410 appctx->st0 = STAT_CLI_PRINT;
2411 return 1;
2412 }
2413 }
2414
2415 /* The deletion is done, send message. */
2416 appctx->st0 = STAT_CLI_PROMPT;
2417 return 1;
2418 }
2419 else { /* unknown "del" parameter */
2420 appctx->ctx.cli.msg = "'del' only supports 'map' or 'acl'.\n";
2421 appctx->st0 = STAT_CLI_PRINT;
2422 return 1;
2423 }
2424 }
2425 else if (strcmp(args[0], "add") == 0) {
2426 if (strcmp(args[1], "map") == 0 ||
2427 strcmp(args[1], "acl") == 0) {
2428 int ret;
2429 char *err;
2430
2431 /* Set flags. */
2432 if (args[1][0] == 'm')
2433 appctx->ctx.map.display_flags = PAT_REF_MAP;
2434 else
2435 appctx->ctx.map.display_flags = PAT_REF_ACL;
2436
2437 /* If the keywork is "map", we expect three parameters, if it
2438 * is "acl", we expect only two parameters
2439 */
2440 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
2441 if (!*args[2] || !*args[3] || !*args[4]) {
2442 appctx->ctx.cli.msg = "'add map' expects three parameters: map identifier, key and value.\n";
2443 appctx->st0 = STAT_CLI_PRINT;
2444 return 1;
2445 }
2446 }
2447 else {
2448 if (!*args[2] || !*args[3]) {
2449 appctx->ctx.cli.msg = "'add acl' expects two parameters: ACL identifier and pattern.\n";
2450 appctx->st0 = STAT_CLI_PRINT;
2451 return 1;
2452 }
2453 }
2454
2455 /* Lookup for the reference. */
2456 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
2457 if (!appctx->ctx.map.ref) {
2458 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
2459 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
2460 else
2461 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
2462 appctx->st0 = STAT_CLI_PRINT;
2463 return 1;
2464 }
2465
2466 /* The command "add acl" is prohibited if the reference
2467 * use samples.
2468 */
2469 if ((appctx->ctx.map.display_flags & PAT_REF_ACL) &&
2470 (appctx->ctx.map.ref->flags & PAT_REF_SMP)) {
2471 appctx->ctx.cli.msg = "This ACL is shared with a map containing samples. "
2472 "You must use the command 'add map' to add values.\n";
2473 appctx->st0 = STAT_CLI_PRINT;
2474 return 1;
2475 }
2476
2477 /* Add value. */
2478 err = NULL;
2479 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
2480 ret = pat_ref_add(appctx->ctx.map.ref, args[3], args[4], &err);
2481 else
2482 ret = pat_ref_add(appctx->ctx.map.ref, args[3], NULL, &err);
2483 if (!ret) {
2484 if (err)
2485 memprintf(&err, "%s.\n", err);
2486 appctx->ctx.cli.err = err;
2487 appctx->st0 = STAT_CLI_PRINT_FREE;
2488 return 1;
2489 }
2490
2491 /* The add is done, send message. */
2492 appctx->st0 = STAT_CLI_PROMPT;
2493 return 1;
2494 }
2495 else { /* unknown "del" parameter */
2496 appctx->ctx.cli.msg = "'add' only supports 'map'.\n";
2497 appctx->st0 = STAT_CLI_PRINT;
2498 return 1;
2499 }
2500 }
2501 else { /* not "show" nor "clear" nor "get" nor "set" nor "enable" nor "disable" */
2502 return 0;
2503 }
2504 return 1;
2505}
2506
2507/* This I/O handler runs as an applet embedded in a stream interface. It is
2508 * used to processes I/O from/to the stats unix socket. The system relies on a
2509 * state machine handling requests and various responses. We read a request,
2510 * then we process it and send the response, and we possibly display a prompt.
2511 * Then we can read again. The state is stored in appctx->st0 and is one of the
2512 * STAT_CLI_* constants. appctx->st1 is used to indicate whether prompt is enabled
2513 * or not.
2514 */
2515static void cli_io_handler(struct appctx *appctx)
2516{
2517 struct stream_interface *si = appctx->owner;
2518 struct channel *req = si_oc(si);
2519 struct channel *res = si_ic(si);
2520 int reql;
2521 int len;
2522
2523 if (unlikely(si->state == SI_ST_DIS || si->state == SI_ST_CLO))
2524 goto out;
2525
2526 while (1) {
2527 if (appctx->st0 == STAT_CLI_INIT) {
2528 /* Stats output not initialized yet */
2529 memset(&appctx->ctx.stats, 0, sizeof(appctx->ctx.stats));
2530 appctx->st0 = STAT_CLI_GETREQ;
2531 }
2532 else if (appctx->st0 == STAT_CLI_END) {
2533 /* Let's close for real now. We just close the request
2534 * side, the conditions below will complete if needed.
2535 */
2536 si_shutw(si);
2537 break;
2538 }
2539 else if (appctx->st0 == STAT_CLI_GETREQ) {
2540 /* ensure we have some output room left in the event we
2541 * would want to return some info right after parsing.
2542 */
2543 if (buffer_almost_full(si_ib(si))) {
2544 si_applet_cant_put(si);
2545 break;
2546 }
2547
2548 reql = bo_getline(si_oc(si), trash.str, trash.size);
2549 if (reql <= 0) { /* closed or EOL not found */
2550 if (reql == 0)
2551 break;
2552 appctx->st0 = STAT_CLI_END;
2553 continue;
2554 }
2555
2556 /* seek for a possible unescaped semi-colon. If we find
2557 * one, we replace it with an LF and skip only this part.
2558 */
2559 for (len = 0; len < reql; len++) {
2560 if (trash.str[len] == '\\') {
2561 len++;
2562 continue;
2563 }
2564 if (trash.str[len] == ';') {
2565 trash.str[len] = '\n';
2566 reql = len + 1;
2567 break;
2568 }
2569 }
2570
2571 /* now it is time to check that we have a full line,
2572 * remove the trailing \n and possibly \r, then cut the
2573 * line.
2574 */
2575 len = reql - 1;
2576 if (trash.str[len] != '\n') {
2577 appctx->st0 = STAT_CLI_END;
2578 continue;
2579 }
2580
2581 if (len && trash.str[len-1] == '\r')
2582 len--;
2583
2584 trash.str[len] = '\0';
2585
2586 appctx->st0 = STAT_CLI_PROMPT;
2587 if (len) {
2588 if (strcmp(trash.str, "quit") == 0) {
2589 appctx->st0 = STAT_CLI_END;
2590 continue;
2591 }
2592 else if (strcmp(trash.str, "prompt") == 0)
2593 appctx->st1 = !appctx->st1;
2594 else if (strcmp(trash.str, "help") == 0 ||
2595 !stats_sock_parse_request(si, trash.str)) {
2596 cli_gen_usage_msg();
2597 if (dynamic_usage_msg)
2598 appctx->ctx.cli.msg = dynamic_usage_msg;
2599 else
2600 appctx->ctx.cli.msg = stats_sock_usage_msg;
2601 appctx->st0 = STAT_CLI_PRINT;
2602 }
2603 /* NB: stats_sock_parse_request() may have put
2604 * another STAT_CLI_O_* into appctx->st0.
2605 */
2606 }
2607 else if (!appctx->st1) {
2608 /* if prompt is disabled, print help on empty lines,
2609 * so that the user at least knows how to enable
2610 * prompt and find help.
2611 */
2612 cli_gen_usage_msg();
2613 if (dynamic_usage_msg)
2614 appctx->ctx.cli.msg = dynamic_usage_msg;
2615 else
2616 appctx->ctx.cli.msg = stats_sock_usage_msg;
2617 appctx->st0 = STAT_CLI_PRINT;
2618 }
2619
2620 /* re-adjust req buffer */
2621 bo_skip(si_oc(si), reql);
2622 req->flags |= CF_READ_DONTWAIT; /* we plan to read small requests */
2623 }
2624 else { /* output functions */
2625 switch (appctx->st0) {
2626 case STAT_CLI_PROMPT:
2627 break;
2628 case STAT_CLI_PRINT:
2629 if (bi_putstr(si_ic(si), appctx->ctx.cli.msg) != -1)
2630 appctx->st0 = STAT_CLI_PROMPT;
2631 else
2632 si_applet_cant_put(si);
2633 break;
2634 case STAT_CLI_PRINT_FREE:
2635 if (bi_putstr(si_ic(si), appctx->ctx.cli.err) != -1) {
2636 free(appctx->ctx.cli.err);
2637 appctx->st0 = STAT_CLI_PROMPT;
2638 }
2639 else
2640 si_applet_cant_put(si);
2641 break;
2642 case STAT_CLI_O_BACKEND:
2643 if (stats_dump_backend_to_buffer(si))
2644 appctx->st0 = STAT_CLI_PROMPT;
2645 break;
2646 case STAT_CLI_O_INFO:
2647 if (stats_dump_info_to_buffer(si))
2648 appctx->st0 = STAT_CLI_PROMPT;
2649 break;
2650 case STAT_CLI_O_SERVERS_STATE:
2651 if (stats_dump_servers_state_to_buffer(si))
2652 appctx->st0 = STAT_CLI_PROMPT;
2653 break;
2654 case STAT_CLI_O_STAT:
2655 if (stats_dump_stat_to_buffer(si, NULL))
2656 appctx->st0 = STAT_CLI_PROMPT;
2657 break;
2658 case STAT_CLI_O_RESOLVERS:
2659 if (stats_dump_resolvers_to_buffer(si))
2660 appctx->st0 = STAT_CLI_PROMPT;
2661 break;
2662 case STAT_CLI_O_SESS:
2663 if (stats_dump_sess_to_buffer(si))
2664 appctx->st0 = STAT_CLI_PROMPT;
2665 break;
2666 case STAT_CLI_O_ERR: /* errors dump */
2667 if (stats_dump_errors_to_buffer(si))
2668 appctx->st0 = STAT_CLI_PROMPT;
2669 break;
2670 case STAT_CLI_O_TAB:
2671 case STAT_CLI_O_CLR:
2672 if (stats_table_request(si, appctx->st0))
2673 appctx->st0 = STAT_CLI_PROMPT;
2674 break;
2675 case STAT_CLI_O_PATS:
2676 if (stats_pats_list(si))
2677 appctx->st0 = STAT_CLI_PROMPT;
2678 break;
2679 case STAT_CLI_O_PAT:
2680 if (stats_pat_list(si))
2681 appctx->st0 = STAT_CLI_PROMPT;
2682 break;
2683 case STAT_CLI_O_MLOOK:
2684 if (stats_map_lookup(si))
2685 appctx->st0 = STAT_CLI_PROMPT;
2686 break;
2687 case STAT_CLI_O_POOLS:
2688 if (stats_dump_pools_to_buffer(si))
2689 appctx->st0 = STAT_CLI_PROMPT;
2690 break;
2691#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
2692 case STAT_CLI_O_TLSK:
2693 if (stats_tlskeys_list(si))
2694 appctx->st0 = STAT_CLI_PROMPT;
2695 break;
2696 case STAT_CLI_O_TLSK_ENT:
2697 if (stats_tlskeys_list(si))
2698 appctx->st0 = STAT_CLI_PROMPT;
2699 break;
2700#endif
2701 case STAT_CLI_O_ENV: /* environment dump */
2702 if (stats_dump_env_to_buffer(si))
2703 appctx->st0 = STAT_CLI_PROMPT;
2704 break;
2705 case STAT_CLI_O_CUSTOM: /* use custom pointer */
2706 if (appctx->io_handler)
2707 if (appctx->io_handler(appctx)) {
2708 appctx->st0 = STAT_CLI_PROMPT;
2709 if (appctx->io_release) {
2710 appctx->io_release(appctx);
2711 appctx->io_release = NULL;
2712 }
2713 }
2714 break;
2715 default: /* abnormal state */
2716 si->flags |= SI_FL_ERR;
2717 break;
2718 }
2719
2720 /* The post-command prompt is either LF alone or LF + '> ' in interactive mode */
2721 if (appctx->st0 == STAT_CLI_PROMPT) {
2722 if (bi_putstr(si_ic(si), appctx->st1 ? "\n> " : "\n") != -1)
2723 appctx->st0 = STAT_CLI_GETREQ;
2724 else
2725 si_applet_cant_put(si);
2726 }
2727
2728 /* If the output functions are still there, it means they require more room. */
2729 if (appctx->st0 >= STAT_CLI_OUTPUT)
2730 break;
2731
2732 /* Now we close the output if one of the writers did so,
2733 * or if we're not in interactive mode and the request
2734 * buffer is empty. This still allows pipelined requests
2735 * to be sent in non-interactive mode.
2736 */
2737 if ((res->flags & (CF_SHUTW|CF_SHUTW_NOW)) || (!appctx->st1 && !req->buf->o)) {
2738 appctx->st0 = STAT_CLI_END;
2739 continue;
2740 }
2741
2742 /* switch state back to GETREQ to read next requests */
2743 appctx->st0 = STAT_CLI_GETREQ;
2744 }
2745 }
2746
2747 if ((res->flags & CF_SHUTR) && (si->state == SI_ST_EST)) {
2748 DPRINTF(stderr, "%s@%d: si to buf closed. req=%08x, res=%08x, st=%d\n",
2749 __FUNCTION__, __LINE__, req->flags, res->flags, si->state);
2750 /* Other side has closed, let's abort if we have no more processing to do
2751 * and nothing more to consume. This is comparable to a broken pipe, so
2752 * we forward the close to the request side so that it flows upstream to
2753 * the client.
2754 */
2755 si_shutw(si);
2756 }
2757
2758 if ((req->flags & CF_SHUTW) && (si->state == SI_ST_EST) && (appctx->st0 < STAT_CLI_OUTPUT)) {
2759 DPRINTF(stderr, "%s@%d: buf to si closed. req=%08x, res=%08x, st=%d\n",
2760 __FUNCTION__, __LINE__, req->flags, res->flags, si->state);
2761 /* We have no more processing to do, and nothing more to send, and
2762 * the client side has closed. So we'll forward this state downstream
2763 * on the response buffer.
2764 */
2765 si_shutr(si);
2766 res->flags |= CF_READ_NULL;
2767 }
2768
2769 out:
2770 DPRINTF(stderr, "%s@%d: st=%d, rqf=%x, rpf=%x, rqh=%d, rqs=%d, rh=%d, rs=%d\n",
2771 __FUNCTION__, __LINE__,
2772 si->state, req->flags, res->flags, req->buf->i, req->buf->o, res->buf->i, res->buf->o);
2773}
2774
2775/* Dump all fields from <info> into <out> using the "show info" format (name: value) */
2776static int stats_dump_info_fields(struct chunk *out, const struct field *info)
2777{
2778 int field;
2779
2780 for (field = 0; field < INF_TOTAL_FIELDS; field++) {
2781 if (!field_format(info, field))
2782 continue;
2783
2784 if (!chunk_appendf(out, "%s: ", info_field_names[field]))
2785 return 0;
2786 if (!stats_emit_raw_data_field(out, &info[field]))
2787 return 0;
2788 if (!chunk_strcat(out, "\n"))
2789 return 0;
2790 }
2791 return 1;
2792}
2793
2794/* Dump all fields from <info> into <out> using the "show info typed" format */
2795static int stats_dump_typed_info_fields(struct chunk *out, const struct field *info)
2796{
2797 int field;
2798
2799 for (field = 0; field < INF_TOTAL_FIELDS; field++) {
2800 if (!field_format(info, field))
2801 continue;
2802
2803 if (!chunk_appendf(out, "%d.%s.%u:", field, info_field_names[field], info[INF_PROCESS_NUM].u.u32))
2804 return 0;
2805 if (!stats_emit_field_tags(out, &info[field], ':'))
2806 return 0;
2807 if (!stats_emit_typed_data_field(out, &info[field]))
2808 return 0;
2809 if (!chunk_strcat(out, "\n"))
2810 return 0;
2811 }
2812 return 1;
2813}
2814
2815/* Fill <info> with HAProxy global info. <info> is preallocated
2816 * array of length <len>. The length of the aray must be
2817 * INF_TOTAL_FIELDS. If this length is less then this value, the
2818 * function returns 0, otherwise, it returns 1.
2819 */
2820int stats_fill_info(struct field *info, int len)
2821{
2822 unsigned int up = (now.tv_sec - start_date.tv_sec);
2823 struct chunk *out = get_trash_chunk();
2824
2825#ifdef USE_OPENSSL
2826 int ssl_sess_rate = read_freq_ctr(&global.ssl_per_sec);
2827 int ssl_key_rate = read_freq_ctr(&global.ssl_fe_keys_per_sec);
2828 int ssl_reuse = 0;
2829
2830 if (ssl_key_rate < ssl_sess_rate) {
2831 /* count the ssl reuse ratio and avoid overflows in both directions */
2832 ssl_reuse = 100 - (100 * ssl_key_rate + (ssl_sess_rate - 1) / 2) / ssl_sess_rate;
2833 }
2834#endif
2835
2836 if (len < INF_TOTAL_FIELDS)
2837 return 0;
2838
2839 chunk_reset(out);
2840 memset(info, 0, sizeof(*info) * len);
2841
2842 info[INF_NAME] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, PRODUCT_NAME);
2843 info[INF_VERSION] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, HAPROXY_VERSION);
2844 info[INF_RELEASE_DATE] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, HAPROXY_DATE);
2845
2846 info[INF_NBPROC] = mkf_u32(FO_CONFIG|FS_SERVICE, global.nbproc);
2847 info[INF_PROCESS_NUM] = mkf_u32(FO_KEY, relative_pid);
2848 info[INF_PID] = mkf_u32(FO_STATUS, pid);
2849
2850 info[INF_UPTIME] = mkf_str(FN_DURATION, chunk_newstr(out));
2851 chunk_appendf(out, "%ud %uh%02um%02us", up / 86400, (up % 86400) / 3600, (up % 3600) / 60, (up % 60));
2852
2853 info[INF_UPTIME_SEC] = mkf_u32(FN_DURATION, up);
2854 info[INF_MEMMAX_MB] = mkf_u32(FO_CONFIG|FN_LIMIT, global.rlimit_memmax);
2855 info[INF_POOL_ALLOC_MB] = mkf_u32(0, (unsigned)(pool_total_allocated() / 1048576L));
2856 info[INF_POOL_USED_MB] = mkf_u32(0, (unsigned)(pool_total_used() / 1048576L));
2857 info[INF_POOL_FAILED] = mkf_u32(FN_COUNTER, pool_total_failures());
2858 info[INF_ULIMIT_N] = mkf_u32(FO_CONFIG|FN_LIMIT, global.rlimit_nofile);
2859 info[INF_MAXSOCK] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxsock);
2860 info[INF_MAXCONN] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxconn);
2861 info[INF_HARD_MAXCONN] = mkf_u32(FO_CONFIG|FN_LIMIT, global.hardmaxconn);
2862 info[INF_CURR_CONN] = mkf_u32(0, actconn);
2863 info[INF_CUM_CONN] = mkf_u32(FN_COUNTER, totalconn);
2864 info[INF_CUM_REQ] = mkf_u32(FN_COUNTER, global.req_count);
2865#ifdef USE_OPENSSL
2866 info[INF_MAX_SSL_CONNS] = mkf_u32(FN_MAX, global.maxsslconn);
2867 info[INF_CURR_SSL_CONNS] = mkf_u32(0, sslconns);
2868 info[INF_CUM_SSL_CONNS] = mkf_u32(FN_COUNTER, totalsslconns);
2869#endif
2870 info[INF_MAXPIPES] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxpipes);
2871 info[INF_PIPES_USED] = mkf_u32(0, pipes_used);
2872 info[INF_PIPES_FREE] = mkf_u32(0, pipes_free);
2873 info[INF_CONN_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.conn_per_sec));
2874 info[INF_CONN_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.cps_lim);
2875 info[INF_MAX_CONN_RATE] = mkf_u32(FN_MAX, global.cps_max);
2876 info[INF_SESS_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.sess_per_sec));
2877 info[INF_SESS_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.sps_lim);
2878 info[INF_MAX_SESS_RATE] = mkf_u32(FN_RATE, global.sps_max);
2879
2880#ifdef USE_OPENSSL
2881 info[INF_SSL_RATE] = mkf_u32(FN_RATE, ssl_sess_rate);
2882 info[INF_SSL_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.ssl_lim);
2883 info[INF_MAX_SSL_RATE] = mkf_u32(FN_MAX, global.ssl_max);
2884 info[INF_SSL_FRONTEND_KEY_RATE] = mkf_u32(0, ssl_key_rate);
2885 info[INF_SSL_FRONTEND_MAX_KEY_RATE] = mkf_u32(FN_MAX, global.ssl_fe_keys_max);
2886 info[INF_SSL_FRONTEND_SESSION_REUSE_PCT] = mkf_u32(0, ssl_reuse);
2887 info[INF_SSL_BACKEND_KEY_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.ssl_be_keys_per_sec));
2888 info[INF_SSL_BACKEND_MAX_KEY_RATE] = mkf_u32(FN_MAX, global.ssl_be_keys_max);
2889 info[INF_SSL_CACHE_LOOKUPS] = mkf_u32(FN_COUNTER, global.shctx_lookups);
2890 info[INF_SSL_CACHE_MISSES] = mkf_u32(FN_COUNTER, global.shctx_misses);
2891#endif
2892 info[INF_COMPRESS_BPS_IN] = mkf_u32(FN_RATE, read_freq_ctr(&global.comp_bps_in));
2893 info[INF_COMPRESS_BPS_OUT] = mkf_u32(FN_RATE, read_freq_ctr(&global.comp_bps_out));
2894 info[INF_COMPRESS_BPS_RATE_LIM] = mkf_u32(FO_CONFIG|FN_LIMIT, global.comp_rate_lim);
2895#ifdef USE_ZLIB
2896 info[INF_ZLIB_MEM_USAGE] = mkf_u32(0, zlib_used_memory);
2897 info[INF_MAX_ZLIB_MEM_USAGE] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxzlibmem);
2898#endif
2899 info[INF_TASKS] = mkf_u32(0, nb_tasks_cur);
2900 info[INF_RUN_QUEUE] = mkf_u32(0, run_queue_cur);
2901 info[INF_IDLE_PCT] = mkf_u32(FN_AVG, idle_pct);
2902 info[INF_NODE] = mkf_str(FO_CONFIG|FN_OUTPUT|FS_SERVICE, global.node);
2903 if (global.desc)
2904 info[INF_DESCRIPTION] = mkf_str(FO_CONFIG|FN_OUTPUT|FS_SERVICE, global.desc);
2905
2906 return 1;
2907}
2908
2909/* This function dumps information onto the stream interface's read buffer.
2910 * It returns 0 as long as it does not complete, non-zero upon completion.
2911 * No state is used.
2912 */
2913static int stats_dump_info_to_buffer(struct stream_interface *si)
2914{
2915 struct appctx *appctx = __objt_appctx(si->end);
2916
2917 if (!stats_fill_info(info, INF_TOTAL_FIELDS))
2918 return 0;
2919
2920 chunk_reset(&trash);
2921
2922 if (appctx->ctx.stats.flags & STAT_FMT_TYPED)
2923 stats_dump_typed_info_fields(&trash, info);
2924 else
2925 stats_dump_info_fields(&trash, info);
2926
2927 if (bi_putchk(si_ic(si), &trash) == -1) {
2928 si_applet_cant_put(si);
2929 return 0;
2930 }
2931
2932 return 1;
2933}
2934
2935/* dumps server state information into <buf> for all the servers found in <backend>
2936 * These information are all the parameters which may change during HAProxy runtime.
2937 * By default, we only export to the last known server state file format.
2938 * These information can be used at next startup to recover same level of server state.
2939 */
2940static int dump_servers_state(struct stream_interface *si, struct chunk *buf)
2941{
2942 struct appctx *appctx = __objt_appctx(si->end);
2943 struct server *srv;
2944 char srv_addr[INET6_ADDRSTRLEN + 1];
2945 time_t srv_time_since_last_change;
2946 int bk_f_forced_id, srv_f_forced_id;
2947
2948
2949 /* we don't want to report any state if the backend is not enabled on this process */
2950 if (appctx->ctx.server_state.px->bind_proc && !(appctx->ctx.server_state.px->bind_proc & (1UL << (relative_pid - 1))))
2951 return 1;
2952
2953 if (!appctx->ctx.server_state.sv)
2954 appctx->ctx.server_state.sv = appctx->ctx.server_state.px->srv;
2955
2956 for (; appctx->ctx.server_state.sv != NULL; appctx->ctx.server_state.sv = srv->next) {
2957 srv = appctx->ctx.server_state.sv;
2958 srv_addr[0] = '\0';
2959
2960 switch (srv->addr.ss_family) {
2961 case AF_INET:
2962 inet_ntop(srv->addr.ss_family, &((struct sockaddr_in *)&srv->addr)->sin_addr,
2963 srv_addr, INET_ADDRSTRLEN + 1);
2964 break;
2965 case AF_INET6:
2966 inet_ntop(srv->addr.ss_family, &((struct sockaddr_in6 *)&srv->addr)->sin6_addr,
2967 srv_addr, INET6_ADDRSTRLEN + 1);
2968 break;
2969 }
2970 srv_time_since_last_change = now.tv_sec - srv->last_change;
2971 bk_f_forced_id = appctx->ctx.server_state.px->options & PR_O_FORCED_ID ? 1 : 0;
2972 srv_f_forced_id = srv->flags & SRV_F_FORCED_ID ? 1 : 0;
2973
2974 chunk_appendf(buf,
2975 "%d %s "
2976 "%d %s %s "
2977 "%d %d %d %d %ld "
2978 "%d %d %d %d %d "
2979 "%d %d"
2980 "\n",
2981 appctx->ctx.server_state.px->uuid, appctx->ctx.server_state.px->id,
2982 srv->puid, srv->id, srv_addr,
2983 srv->state, srv->admin, srv->uweight, srv->iweight, (long int)srv_time_since_last_change,
2984 srv->check.status, srv->check.result, srv->check.health, srv->check.state, srv->agent.state,
2985 bk_f_forced_id, srv_f_forced_id);
2986 if (bi_putchk(si_ic(si), &trash) == -1) {
2987 si_applet_cant_put(si);
2988 return 0;
2989 }
2990 }
2991 return 1;
2992}
2993
2994/* Parses backend list and simply report backend names */
2995static int stats_dump_backend_to_buffer(struct stream_interface *si)
2996{
2997 struct appctx *appctx = __objt_appctx(si->end);
2998 extern struct proxy *proxy;
2999 struct proxy *curproxy;
3000
3001 chunk_reset(&trash);
3002
3003 if (!appctx->ctx.be.px) {
3004 chunk_printf(&trash, "# name\n");
3005 if (bi_putchk(si_ic(si), &trash) == -1) {
3006 si_applet_cant_put(si);
3007 return 0;
3008 }
3009 appctx->ctx.be.px = proxy;
3010 }
3011
3012 for (; appctx->ctx.be.px != NULL; appctx->ctx.be.px = curproxy->next) {
3013 curproxy = appctx->ctx.be.px;
3014
3015 /* looking for backends only */
3016 if (!(curproxy->cap & PR_CAP_BE))
3017 continue;
3018
3019 /* we don't want to list a backend which is bound to this process */
3020 if (curproxy->bind_proc && !(curproxy->bind_proc & (1UL << (relative_pid - 1))))
3021 continue;
3022
3023 chunk_appendf(&trash, "%s\n", curproxy->id);
3024 if (bi_putchk(si_ic(si), &trash) == -1) {
3025 si_applet_cant_put(si);
3026 return 0;
3027 }
3028 }
3029
3030 return 1;
3031}
3032
3033/* Parses backend list or simply use backend name provided by the user to return
3034 * states of servers to stdout.
3035 */
3036static int stats_dump_servers_state_to_buffer(struct stream_interface *si)
3037{
3038 struct appctx *appctx = __objt_appctx(si->end);
3039 extern struct proxy *proxy;
3040 struct proxy *curproxy;
3041
3042 chunk_reset(&trash);
3043
3044 if (appctx->st2 == STAT_ST_INIT) {
3045 if (!appctx->ctx.server_state.px)
3046 appctx->ctx.server_state.px = proxy;
3047 appctx->st2 = STAT_ST_HEAD;
3048 }
3049
3050 if (appctx->st2 == STAT_ST_HEAD) {
3051 chunk_printf(&trash, "%d\n# %s\n", SRV_STATE_FILE_VERSION, SRV_STATE_FILE_FIELD_NAMES);
3052 if (bi_putchk(si_ic(si), &trash) == -1) {
3053 si_applet_cant_put(si);
3054 return 0;
3055 }
3056 appctx->st2 = STAT_ST_INFO;
3057 }
3058
3059 /* STAT_ST_INFO */
3060 for (; appctx->ctx.server_state.px != NULL; appctx->ctx.server_state.px = curproxy->next) {
3061 curproxy = appctx->ctx.server_state.px;
3062 /* servers are only in backends */
3063 if (curproxy->cap & PR_CAP_BE) {
3064 if (!dump_servers_state(si, &trash))
3065 return 0;
3066
3067 if (bi_putchk(si_ic(si), &trash) == -1) {
3068 si_applet_cant_put(si);
3069 return 0;
3070 }
3071 }
3072 /* only the selected proxy is dumped */
3073 if (appctx->ctx.server_state.iid)
3074 break;
3075 }
3076
3077 return 1;
3078}
3079
3080/* This function dumps memory usage information onto the stream interface's
3081 * read buffer. It returns 0 as long as it does not complete, non-zero upon
3082 * completion. No state is used.
3083 */
3084static int stats_dump_pools_to_buffer(struct stream_interface *si)
3085{
3086 dump_pools_to_trash();
3087 if (bi_putchk(si_ic(si), &trash) == -1) {
3088 si_applet_cant_put(si);
3089 return 0;
3090 }
3091 return 1;
3092}
3093
3094static inline const char *get_conn_ctrl_name(const struct connection *conn)
3095{
3096 if (!conn_ctrl_ready(conn))
3097 return "NONE";
3098 return conn->ctrl->name;
3099}
3100
3101static inline const char *get_conn_xprt_name(const struct connection *conn)
3102{
3103 static char ptr[19];
3104
3105 if (!conn_xprt_ready(conn))
3106 return "NONE";
3107
3108 if (conn->xprt == &raw_sock)
3109 return "RAW";
3110
3111#ifdef USE_OPENSSL
3112 if (conn->xprt == &ssl_sock)
3113 return "SSL";
3114#endif
3115 snprintf(ptr, sizeof(ptr), "%p", conn->xprt);
3116 return ptr;
3117}
3118
3119static inline const char *get_conn_data_name(const struct connection *conn)
3120{
3121 static char ptr[19];
3122
3123 if (!conn->data)
3124 return "NONE";
3125
3126 if (conn->data == &sess_conn_cb)
3127 return "SESS";
3128
3129 if (conn->data == &si_conn_cb)
3130 return "STRM";
3131
3132 if (conn->data == &check_conn_cb)
3133 return "CHCK";
3134
3135 snprintf(ptr, sizeof(ptr), "%p", conn->data);
3136 return ptr;
3137}
3138
3139/* This function dumps a complete stream state onto the stream interface's
3140 * read buffer. The stream has to be set in sess->target. It returns
3141 * 0 if the output buffer is full and it needs to be called again, otherwise
3142 * non-zero. It is designed to be called from stats_dump_sess_to_buffer() below.
3143 */
3144static int stats_dump_full_sess_to_buffer(struct stream_interface *si, struct stream *sess)
3145{
3146 struct appctx *appctx = __objt_appctx(si->end);
3147 struct tm tm;
3148 extern const char *monthname[12];
3149 char pn[INET6_ADDRSTRLEN];
3150 struct connection *conn;
3151 struct appctx *tmpctx;
3152
3153 chunk_reset(&trash);
3154
3155 if (appctx->ctx.sess.section > 0 && appctx->ctx.sess.uid != sess->uniq_id) {
3156 /* stream changed, no need to go any further */
3157 chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
3158 if (bi_putchk(si_ic(si), &trash) == -1) {
3159 si_applet_cant_put(si);
3160 return 0;
3161 }
3162 appctx->ctx.sess.uid = 0;
3163 appctx->ctx.sess.section = 0;
3164 return 1;
3165 }
3166
3167 switch (appctx->ctx.sess.section) {
3168 case 0: /* main status of the stream */
3169 appctx->ctx.sess.uid = sess->uniq_id;
3170 appctx->ctx.sess.section = 1;
3171 /* fall through */
3172
3173 case 1:
3174 get_localtime(sess->logs.accept_date.tv_sec, &tm);
3175 chunk_appendf(&trash,
3176 "%p: [%02d/%s/%04d:%02d:%02d:%02d.%06d] id=%u proto=%s",
3177 sess,
3178 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
3179 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(sess->logs.accept_date.tv_usec),
3180 sess->uniq_id,
3181 strm_li(sess) ? strm_li(sess)->proto->name : "?");
3182
3183 conn = objt_conn(strm_orig(sess));
3184 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3185 case AF_INET:
3186 case AF_INET6:
3187 chunk_appendf(&trash, " source=%s:%d\n",
3188 pn, get_host_port(&conn->addr.from));
3189 break;
3190 case AF_UNIX:
3191 chunk_appendf(&trash, " source=unix:%d\n", strm_li(sess)->luid);
3192 break;
3193 default:
3194 /* no more information to print right now */
3195 chunk_appendf(&trash, "\n");
3196 break;
3197 }
3198
3199 chunk_appendf(&trash,
3200 " flags=0x%x, conn_retries=%d, srv_conn=%p, pend_pos=%p\n",
3201 sess->flags, sess->si[1].conn_retries, sess->srv_conn, sess->pend_pos);
3202
3203 chunk_appendf(&trash,
3204 " frontend=%s (id=%u mode=%s), listener=%s (id=%u)",
3205 strm_fe(sess)->id, strm_fe(sess)->uuid, strm_fe(sess)->mode ? "http" : "tcp",
3206 strm_li(sess) ? strm_li(sess)->name ? strm_li(sess)->name : "?" : "?",
3207 strm_li(sess) ? strm_li(sess)->luid : 0);
3208
3209 if (conn)
3210 conn_get_to_addr(conn);
3211
3212 switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
3213 case AF_INET:
3214 case AF_INET6:
3215 chunk_appendf(&trash, " addr=%s:%d\n",
3216 pn, get_host_port(&conn->addr.to));
3217 break;
3218 case AF_UNIX:
3219 chunk_appendf(&trash, " addr=unix:%d\n", strm_li(sess)->luid);
3220 break;
3221 default:
3222 /* no more information to print right now */
3223 chunk_appendf(&trash, "\n");
3224 break;
3225 }
3226
3227 if (sess->be->cap & PR_CAP_BE)
3228 chunk_appendf(&trash,
3229 " backend=%s (id=%u mode=%s)",
3230 sess->be->id,
3231 sess->be->uuid, sess->be->mode ? "http" : "tcp");
3232 else
3233 chunk_appendf(&trash, " backend=<NONE> (id=-1 mode=-)");
3234
3235 conn = objt_conn(sess->si[1].end);
3236 if (conn)
3237 conn_get_from_addr(conn);
3238
3239 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3240 case AF_INET:
3241 case AF_INET6:
3242 chunk_appendf(&trash, " addr=%s:%d\n",
3243 pn, get_host_port(&conn->addr.from));
3244 break;
3245 case AF_UNIX:
3246 chunk_appendf(&trash, " addr=unix\n");
3247 break;
3248 default:
3249 /* no more information to print right now */
3250 chunk_appendf(&trash, "\n");
3251 break;
3252 }
3253
3254 if (sess->be->cap & PR_CAP_BE)
3255 chunk_appendf(&trash,
3256 " server=%s (id=%u)",
3257 objt_server(sess->target) ? objt_server(sess->target)->id : "<none>",
3258 objt_server(sess->target) ? objt_server(sess->target)->puid : 0);
3259 else
3260 chunk_appendf(&trash, " server=<NONE> (id=-1)");
3261
3262 if (conn)
3263 conn_get_to_addr(conn);
3264
3265 switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
3266 case AF_INET:
3267 case AF_INET6:
3268 chunk_appendf(&trash, " addr=%s:%d\n",
3269 pn, get_host_port(&conn->addr.to));
3270 break;
3271 case AF_UNIX:
3272 chunk_appendf(&trash, " addr=unix\n");
3273 break;
3274 default:
3275 /* no more information to print right now */
3276 chunk_appendf(&trash, "\n");
3277 break;
3278 }
3279
3280 chunk_appendf(&trash,
3281 " task=%p (state=0x%02x nice=%d calls=%d exp=%s%s",
3282 sess->task,
3283 sess->task->state,
3284 sess->task->nice, sess->task->calls,
3285 sess->task->expire ?
3286 tick_is_expired(sess->task->expire, now_ms) ? "<PAST>" :
3287 human_time(TICKS_TO_MS(sess->task->expire - now_ms),
3288 TICKS_TO_MS(1000)) : "<NEVER>",
3289 task_in_rq(sess->task) ? ", running" : "");
3290
3291 chunk_appendf(&trash,
3292 " age=%s)\n",
3293 human_time(now.tv_sec - sess->logs.accept_date.tv_sec, 1));
3294
3295 if (sess->txn)
3296 chunk_appendf(&trash,
3297 " txn=%p flags=0x%x meth=%d status=%d req.st=%s rsp.st=%s waiting=%d\n",
3298 sess->txn, sess->txn->flags, sess->txn->meth, sess->txn->status,
3299 http_msg_state_str(sess->txn->req.msg_state), http_msg_state_str(sess->txn->rsp.msg_state), !LIST_ISEMPTY(&sess->buffer_wait));
3300
3301 chunk_appendf(&trash,
3302 " si[0]=%p (state=%s flags=0x%02x endp0=%s:%p exp=%s, et=0x%03x)\n",
3303 &sess->si[0],
3304 si_state_str(sess->si[0].state),
3305 sess->si[0].flags,
3306 obj_type_name(sess->si[0].end),
3307 obj_base_ptr(sess->si[0].end),
3308 sess->si[0].exp ?
3309 tick_is_expired(sess->si[0].exp, now_ms) ? "<PAST>" :
3310 human_time(TICKS_TO_MS(sess->si[0].exp - now_ms),
3311 TICKS_TO_MS(1000)) : "<NEVER>",
3312 sess->si[0].err_type);
3313
3314 chunk_appendf(&trash,
3315 " si[1]=%p (state=%s flags=0x%02x endp1=%s:%p exp=%s, et=0x%03x)\n",
3316 &sess->si[1],
3317 si_state_str(sess->si[1].state),
3318 sess->si[1].flags,
3319 obj_type_name(sess->si[1].end),
3320 obj_base_ptr(sess->si[1].end),
3321 sess->si[1].exp ?
3322 tick_is_expired(sess->si[1].exp, now_ms) ? "<PAST>" :
3323 human_time(TICKS_TO_MS(sess->si[1].exp - now_ms),
3324 TICKS_TO_MS(1000)) : "<NEVER>",
3325 sess->si[1].err_type);
3326
3327 if ((conn = objt_conn(sess->si[0].end)) != NULL) {
3328 chunk_appendf(&trash,
3329 " co0=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
3330 conn,
3331 get_conn_ctrl_name(conn),
3332 get_conn_xprt_name(conn),
3333 get_conn_data_name(conn),
3334 obj_type_name(conn->target),
3335 obj_base_ptr(conn->target));
3336
3337 chunk_appendf(&trash, " flags=0x%08x", conn->flags);
3338
3339 if (conn->t.sock.fd >= 0) {
3340 chunk_appendf(&trash, " fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
3341 conn->t.sock.fd, fdtab[conn->t.sock.fd].state,
3342 fdtab[conn->t.sock.fd].cache, fdtab[conn->t.sock.fd].updated);
3343 }
3344 else
3345 chunk_appendf(&trash, " fd=<dead>\n");
3346 }
3347 else if ((tmpctx = objt_appctx(sess->si[0].end)) != NULL) {
3348 chunk_appendf(&trash,
3349 " app0=%p st0=%d st1=%d st2=%d applet=%s\n",
3350 tmpctx,
3351 tmpctx->st0,
3352 tmpctx->st1,
3353 tmpctx->st2,
3354 tmpctx->applet->name);
3355 }
3356
3357 if ((conn = objt_conn(sess->si[1].end)) != NULL) {
3358 chunk_appendf(&trash,
3359 " co1=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
3360 conn,
3361 get_conn_ctrl_name(conn),
3362 get_conn_xprt_name(conn),
3363 get_conn_data_name(conn),
3364 obj_type_name(conn->target),
3365 obj_base_ptr(conn->target));
3366
3367 chunk_appendf(&trash, " flags=0x%08x", conn->flags);
3368
3369 if (conn->t.sock.fd >= 0) {
3370 chunk_appendf(&trash, " fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
3371 conn->t.sock.fd, fdtab[conn->t.sock.fd].state,
3372 fdtab[conn->t.sock.fd].cache, fdtab[conn->t.sock.fd].updated);
3373 }
3374 else
3375 chunk_appendf(&trash, " fd=<dead>\n");
3376 }
3377 else if ((tmpctx = objt_appctx(sess->si[1].end)) != NULL) {
3378 chunk_appendf(&trash,
3379 " app1=%p st0=%d st1=%d st2=%d applet=%s\n",
3380 tmpctx,
3381 tmpctx->st0,
3382 tmpctx->st1,
3383 tmpctx->st2,
3384 tmpctx->applet->name);
3385 }
3386
3387 chunk_appendf(&trash,
3388 " req=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
3389 " an_exp=%s",
3390 &sess->req,
3391 sess->req.flags, sess->req.analysers,
3392 sess->req.pipe ? sess->req.pipe->data : 0,
3393 sess->req.to_forward, sess->req.total,
3394 sess->req.analyse_exp ?
3395 human_time(TICKS_TO_MS(sess->req.analyse_exp - now_ms),
3396 TICKS_TO_MS(1000)) : "<NEVER>");
3397
3398 chunk_appendf(&trash,
3399 " rex=%s",
3400 sess->req.rex ?
3401 human_time(TICKS_TO_MS(sess->req.rex - now_ms),
3402 TICKS_TO_MS(1000)) : "<NEVER>");
3403
3404 chunk_appendf(&trash,
3405 " wex=%s\n"
3406 " buf=%p data=%p o=%d p=%d req.next=%d i=%d size=%d\n",
3407 sess->req.wex ?
3408 human_time(TICKS_TO_MS(sess->req.wex - now_ms),
3409 TICKS_TO_MS(1000)) : "<NEVER>",
3410 sess->req.buf,
3411 sess->req.buf->data, sess->req.buf->o,
3412 (int)(sess->req.buf->p - sess->req.buf->data),
3413 sess->txn ? sess->txn->req.next : 0, sess->req.buf->i,
3414 sess->req.buf->size);
3415
3416 chunk_appendf(&trash,
3417 " res=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
3418 " an_exp=%s",
3419 &sess->res,
3420 sess->res.flags, sess->res.analysers,
3421 sess->res.pipe ? sess->res.pipe->data : 0,
3422 sess->res.to_forward, sess->res.total,
3423 sess->res.analyse_exp ?
3424 human_time(TICKS_TO_MS(sess->res.analyse_exp - now_ms),
3425 TICKS_TO_MS(1000)) : "<NEVER>");
3426
3427 chunk_appendf(&trash,
3428 " rex=%s",
3429 sess->res.rex ?
3430 human_time(TICKS_TO_MS(sess->res.rex - now_ms),
3431 TICKS_TO_MS(1000)) : "<NEVER>");
3432
3433 chunk_appendf(&trash,
3434 " wex=%s\n"
3435 " buf=%p data=%p o=%d p=%d rsp.next=%d i=%d size=%d\n",
3436 sess->res.wex ?
3437 human_time(TICKS_TO_MS(sess->res.wex - now_ms),
3438 TICKS_TO_MS(1000)) : "<NEVER>",
3439 sess->res.buf,
3440 sess->res.buf->data, sess->res.buf->o,
3441 (int)(sess->res.buf->p - sess->res.buf->data),
3442 sess->txn ? sess->txn->rsp.next : 0, sess->res.buf->i,
3443 sess->res.buf->size);
3444
3445 if (bi_putchk(si_ic(si), &trash) == -1) {
3446 si_applet_cant_put(si);
3447 return 0;
3448 }
3449
3450 /* use other states to dump the contents */
3451 }
3452 /* end of dump */
3453 appctx->ctx.sess.uid = 0;
3454 appctx->ctx.sess.section = 0;
3455 return 1;
3456}
3457
3458#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
3459static int stats_tlskeys_list(struct stream_interface *si) {
3460 struct appctx *appctx = __objt_appctx(si->end);
3461
3462 switch (appctx->st2) {
3463 case STAT_ST_INIT:
3464 /* Display the column headers. If the message cannot be sent,
3465 * quit the fucntion with returning 0. The function is called
3466 * later and restart at the state "STAT_ST_INIT".
3467 */
3468 chunk_reset(&trash);
3469
3470 if (appctx->st0 == STAT_CLI_O_TLSK_ENT)
3471 chunk_appendf(&trash, "# id secret\n");
3472 else
3473 chunk_appendf(&trash, "# id (file)\n");
3474
3475 if (bi_putchk(si_ic(si), &trash) == -1) {
3476 si_applet_cant_put(si);
3477 return 0;
3478 }
3479
3480 appctx->ctx.tlskeys.dump_keys_index = 0;
3481
3482 /* Now, we start the browsing of the references lists.
3483 * Note that the following call to LIST_ELEM return bad pointer. The only
3484 * available field of this pointer is <list>. It is used with the function
3485 * tlskeys_list_get_next() for retruning the first available entry
3486 */
3487 if (appctx->ctx.tlskeys.ref == NULL) {
3488 appctx->ctx.tlskeys.ref = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
3489 appctx->ctx.tlskeys.ref = tlskeys_list_get_next(appctx->ctx.tlskeys.ref, &tlskeys_reference);
3490 }
3491
3492 appctx->st2 = STAT_ST_LIST;
3493 /* fall through */
3494
3495 case STAT_ST_LIST:
3496 while (appctx->ctx.tlskeys.ref) {
3497 int head = appctx->ctx.tlskeys.ref->tls_ticket_enc_index;
3498
3499 chunk_reset(&trash);
3500 if (appctx->st0 == STAT_CLI_O_TLSK_ENT && appctx->ctx.tlskeys.dump_keys_index == 0)
3501 chunk_appendf(&trash, "# ");
3502 if (appctx->ctx.tlskeys.dump_keys_index == 0)
3503 chunk_appendf(&trash, "%d (%s)\n", appctx->ctx.tlskeys.ref->unique_id,
3504 appctx->ctx.tlskeys.ref->filename);
3505 if (appctx->st0 == STAT_CLI_O_TLSK_ENT) {
3506 while (appctx->ctx.tlskeys.dump_keys_index < TLS_TICKETS_NO) {
3507 struct chunk *t2 = get_trash_chunk();
3508
3509 chunk_reset(t2);
3510 /* should never fail here because we dump only a key in the t2 buffer */
3511 t2->len = a2base64((char *)(appctx->ctx.tlskeys.ref->tlskeys + (head + 2 + appctx->ctx.tlskeys.dump_keys_index) % TLS_TICKETS_NO),
3512 sizeof(struct tls_sess_key), t2->str, t2->size);
3513 chunk_appendf(&trash, "%d.%d %s\n", appctx->ctx.tlskeys.ref->unique_id, appctx->ctx.tlskeys.dump_keys_index, t2->str);
3514
3515 if (bi_putchk(si_ic(si), &trash) == -1) {
3516 /* let's try again later from this stream. We add ourselves into
3517 * this stream's users so that it can remove us upon termination.
3518 */
3519 si_applet_cant_put(si);
3520 return 0;
3521 }
3522 appctx->ctx.tlskeys.dump_keys_index++;
3523 }
3524 appctx->ctx.tlskeys.dump_keys_index = 0;
3525 }
3526 if (bi_putchk(si_ic(si), &trash) == -1) {
3527 /* let's try again later from this stream. We add ourselves into
3528 * this stream's users so that it can remove us upon termination.
3529 */
3530 si_applet_cant_put(si);
3531 return 0;
3532 }
3533
3534 if (appctx->ctx.tlskeys.dump_all == 0) /* don't display everything if not necessary */
3535 break;
3536
3537 /* get next list entry and check the end of the list */
3538 appctx->ctx.tlskeys.ref = tlskeys_list_get_next(appctx->ctx.tlskeys.ref, &tlskeys_reference);
3539
3540 }
3541
3542 appctx->st2 = STAT_ST_FIN;
3543 /* fall through */
3544
3545 default:
3546 appctx->st2 = STAT_ST_FIN;
3547 return 1;
3548 }
3549 return 0;
3550}
3551#endif
3552
3553static int stats_pats_list(struct stream_interface *si)
3554{
3555 struct appctx *appctx = __objt_appctx(si->end);
3556
3557 switch (appctx->st2) {
3558 case STAT_ST_INIT:
3559 /* Display the column headers. If the message cannot be sent,
3560 * quit the fucntion with returning 0. The function is called
3561 * later and restart at the state "STAT_ST_INIT".
3562 */
3563 chunk_reset(&trash);
3564 chunk_appendf(&trash, "# id (file) description\n");
3565 if (bi_putchk(si_ic(si), &trash) == -1) {
3566 si_applet_cant_put(si);
3567 return 0;
3568 }
3569
3570 /* Now, we start the browsing of the references lists.
3571 * Note that the following call to LIST_ELEM return bad pointer. The only
3572 * available field of this pointer is <list>. It is used with the function
3573 * pat_list_get_next() for retruning the first available entry
3574 */
3575 appctx->ctx.map.ref = LIST_ELEM(&pattern_reference, struct pat_ref *, list);
3576 appctx->ctx.map.ref = pat_list_get_next(appctx->ctx.map.ref, &pattern_reference,
3577 appctx->ctx.map.display_flags);
3578 appctx->st2 = STAT_ST_LIST;
3579 /* fall through */
3580
3581 case STAT_ST_LIST:
3582 while (appctx->ctx.map.ref) {
3583 chunk_reset(&trash);
3584
3585 /* Build messages. If the reference is used by another category than
3586 * the listed categorie, display the information in the massage.
3587 */
3588 chunk_appendf(&trash, "%d (%s) %s\n", appctx->ctx.map.ref->unique_id,
3589 appctx->ctx.map.ref->reference ? appctx->ctx.map.ref->reference : "",
3590 appctx->ctx.map.ref->display);
3591
3592 if (bi_putchk(si_ic(si), &trash) == -1) {
3593 /* let's try again later from this stream. We add ourselves into
3594 * this stream's users so that it can remove us upon termination.
3595 */
3596 si_applet_cant_put(si);
3597 return 0;
3598 }
3599
3600 /* get next list entry and check the end of the list */
3601 appctx->ctx.map.ref = pat_list_get_next(appctx->ctx.map.ref, &pattern_reference,
3602 appctx->ctx.map.display_flags);
3603 }
3604
3605 appctx->st2 = STAT_ST_FIN;
3606 /* fall through */
3607
3608 default:
3609 appctx->st2 = STAT_ST_FIN;
3610 return 1;
3611 }
3612 return 0;
3613}
3614
3615static int stats_map_lookup(struct stream_interface *si)
3616{
3617 struct appctx *appctx = __objt_appctx(si->end);
3618 struct sample sample;
3619 struct pattern *pat;
3620 int match_method;
3621
3622 switch (appctx->st2) {
3623 case STAT_ST_INIT:
3624 /* Init to the first entry. The list cannot be change */
3625 appctx->ctx.map.expr = LIST_ELEM(&appctx->ctx.map.ref->pat, struct pattern_expr *, list);
3626 appctx->ctx.map.expr = pat_expr_get_next(appctx->ctx.map.expr, &appctx->ctx.map.ref->pat);
3627 appctx->st2 = STAT_ST_LIST;
3628 /* fall through */
3629
3630 case STAT_ST_LIST:
3631 /* for each lookup type */
3632 while (appctx->ctx.map.expr) {
3633 /* initialise chunk to build new message */
3634 chunk_reset(&trash);
3635
3636 /* execute pattern matching */
3637 sample.data.type = SMP_T_STR;
3638 sample.flags = SMP_F_CONST;
3639 sample.data.u.str.len = appctx->ctx.map.chunk.len;
3640 sample.data.u.str.str = appctx->ctx.map.chunk.str;
3641 if (appctx->ctx.map.expr->pat_head->match &&
3642 sample_convert(&sample, appctx->ctx.map.expr->pat_head->expect_type))
3643 pat = appctx->ctx.map.expr->pat_head->match(&sample, appctx->ctx.map.expr, 1);
3644 else
3645 pat = NULL;
3646
3647 /* build return message: set type of match */
3648 for (match_method=0; match_method<PAT_MATCH_NUM; match_method++)
3649 if (appctx->ctx.map.expr->pat_head->match == pat_match_fcts[match_method])
3650 break;
3651 if (match_method >= PAT_MATCH_NUM)
3652 chunk_appendf(&trash, "type=unknown(%p)", appctx->ctx.map.expr->pat_head->match);
3653 else
3654 chunk_appendf(&trash, "type=%s", pat_match_names[match_method]);
3655
3656 /* case sensitive */
3657 if (appctx->ctx.map.expr->mflags & PAT_MF_IGNORE_CASE)
3658 chunk_appendf(&trash, ", case=insensitive");
3659 else
3660 chunk_appendf(&trash, ", case=sensitive");
3661
3662 /* Display no match, and set default value */
3663 if (!pat) {
3664 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
3665 chunk_appendf(&trash, ", found=no");
3666 else
3667 chunk_appendf(&trash, ", match=no");
3668 }
3669
3670 /* Display match and match info */
3671 else {
3672 /* display match */
3673 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
3674 chunk_appendf(&trash, ", found=yes");
3675 else
3676 chunk_appendf(&trash, ", match=yes");
3677
3678 /* display index mode */
3679 if (pat->sflags & PAT_SF_TREE)
3680 chunk_appendf(&trash, ", idx=tree");
3681 else
3682 chunk_appendf(&trash, ", idx=list");
3683
3684 /* display pattern */
3685 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
3686 if (pat->ref && pat->ref->pattern)
3687 chunk_appendf(&trash, ", key=\"%s\"", pat->ref->pattern);
3688 else
3689 chunk_appendf(&trash, ", key=unknown");
3690 }
3691 else {
3692 if (pat->ref && pat->ref->pattern)
3693 chunk_appendf(&trash, ", pattern=\"%s\"", pat->ref->pattern);
3694 else
3695 chunk_appendf(&trash, ", pattern=unknown");
3696 }
3697
3698 /* display return value */
3699 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
3700 if (pat->data && pat->ref && pat->ref->sample)
3701 chunk_appendf(&trash, ", value=\"%s\", type=\"%s\"", pat->ref->sample,
3702 smp_to_type[pat->data->type]);
3703 else
3704 chunk_appendf(&trash, ", value=none");
3705 }
3706 }
3707
3708 chunk_appendf(&trash, "\n");
3709
3710 /* display response */
3711 if (bi_putchk(si_ic(si), &trash) == -1) {
3712 /* let's try again later from this stream. We add ourselves into
3713 * this stream's users so that it can remove us upon termination.
3714 */
3715 si_applet_cant_put(si);
3716 return 0;
3717 }
3718
3719 /* get next entry */
3720 appctx->ctx.map.expr = pat_expr_get_next(appctx->ctx.map.expr,
3721 &appctx->ctx.map.ref->pat);
3722 }
3723
3724 appctx->st2 = STAT_ST_FIN;
3725 /* fall through */
3726
3727 default:
3728 appctx->st2 = STAT_ST_FIN;
3729 free(appctx->ctx.map.chunk.str);
3730 return 1;
3731 }
3732}
3733
3734static int stats_pat_list(struct stream_interface *si)
3735{
3736 struct appctx *appctx = __objt_appctx(si->end);
3737
3738 switch (appctx->st2) {
3739
3740 case STAT_ST_INIT:
3741 /* Init to the first entry. The list cannot be change */
3742 appctx->ctx.map.elt = LIST_NEXT(&appctx->ctx.map.ref->head,
3743 struct pat_ref_elt *, list);
3744 if (&appctx->ctx.map.elt->list == &appctx->ctx.map.ref->head)
3745 appctx->ctx.map.elt = NULL;
3746 appctx->st2 = STAT_ST_LIST;
3747 /* fall through */
3748
3749 case STAT_ST_LIST:
3750 while (appctx->ctx.map.elt) {
3751 chunk_reset(&trash);
3752
3753 /* build messages */
3754 if (appctx->ctx.map.elt->sample)
3755 chunk_appendf(&trash, "%p %s %s\n",
3756 appctx->ctx.map.elt, appctx->ctx.map.elt->pattern,
3757 appctx->ctx.map.elt->sample);
3758 else
3759 chunk_appendf(&trash, "%p %s\n",
3760 appctx->ctx.map.elt, appctx->ctx.map.elt->pattern);
3761
3762 if (bi_putchk(si_ic(si), &trash) == -1) {
3763 /* let's try again later from this stream. We add ourselves into
3764 * this stream's users so that it can remove us upon termination.
3765 */
3766 si_applet_cant_put(si);
3767 return 0;
3768 }
3769
3770 /* get next list entry and check the end of the list */
3771 appctx->ctx.map.elt = LIST_NEXT(&appctx->ctx.map.elt->list,
3772 struct pat_ref_elt *, list);
3773 if (&appctx->ctx.map.elt->list == &appctx->ctx.map.ref->head)
3774 break;
3775 }
3776
3777 appctx->st2 = STAT_ST_FIN;
3778 /* fall through */
3779
3780 default:
3781 appctx->st2 = STAT_ST_FIN;
3782 return 1;
3783 }
3784}
3785
3786/* This function dumps all streams' states onto the stream interface's
3787 * read buffer. It returns 0 if the output buffer is full and it needs
3788 * to be called again, otherwise non-zero. It is designed to be called
3789 * from stats_dump_sess_to_buffer() below.
3790 */
3791static int stats_dump_sess_to_buffer(struct stream_interface *si)
3792{
3793 struct appctx *appctx = __objt_appctx(si->end);
3794 struct connection *conn;
3795
3796 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW))) {
3797 /* If we're forced to shut down, we might have to remove our
3798 * reference to the last stream being dumped.
3799 */
3800 if (appctx->st2 == STAT_ST_LIST) {
3801 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
3802 LIST_DEL(&appctx->ctx.sess.bref.users);
3803 LIST_INIT(&appctx->ctx.sess.bref.users);
3804 }
3805 }
3806 return 1;
3807 }
3808
3809 chunk_reset(&trash);
3810
3811 switch (appctx->st2) {
3812 case STAT_ST_INIT:
3813 /* the function had not been called yet, let's prepare the
3814 * buffer for a response. We initialize the current stream
3815 * pointer to the first in the global list. When a target
3816 * stream is being destroyed, it is responsible for updating
3817 * this pointer. We know we have reached the end when this
3818 * pointer points back to the head of the streams list.
3819 */
3820 LIST_INIT(&appctx->ctx.sess.bref.users);
3821 appctx->ctx.sess.bref.ref = streams.n;
3822 appctx->st2 = STAT_ST_LIST;
3823 /* fall through */
3824
3825 case STAT_ST_LIST:
3826 /* first, let's detach the back-ref from a possible previous stream */
3827 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
3828 LIST_DEL(&appctx->ctx.sess.bref.users);
3829 LIST_INIT(&appctx->ctx.sess.bref.users);
3830 }
3831
3832 /* and start from where we stopped */
3833 while (appctx->ctx.sess.bref.ref != &streams) {
3834 char pn[INET6_ADDRSTRLEN];
3835 struct stream *curr_sess;
3836
3837 curr_sess = LIST_ELEM(appctx->ctx.sess.bref.ref, struct stream *, list);
3838
3839 if (appctx->ctx.sess.target) {
3840 if (appctx->ctx.sess.target != (void *)-1 && appctx->ctx.sess.target != curr_sess)
3841 goto next_sess;
3842
3843 LIST_ADDQ(&curr_sess->back_refs, &appctx->ctx.sess.bref.users);
3844 /* call the proper dump() function and return if we're missing space */
3845 if (!stats_dump_full_sess_to_buffer(si, curr_sess))
3846 return 0;
3847
3848 /* stream dump complete */
3849 LIST_DEL(&appctx->ctx.sess.bref.users);
3850 LIST_INIT(&appctx->ctx.sess.bref.users);
3851 if (appctx->ctx.sess.target != (void *)-1) {
3852 appctx->ctx.sess.target = NULL;
3853 break;
3854 }
3855 else
3856 goto next_sess;
3857 }
3858
3859 chunk_appendf(&trash,
3860 "%p: proto=%s",
3861 curr_sess,
3862 strm_li(curr_sess) ? strm_li(curr_sess)->proto->name : "?");
3863
3864 conn = objt_conn(strm_orig(curr_sess));
3865 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3866 case AF_INET:
3867 case AF_INET6:
3868 chunk_appendf(&trash,
3869 " src=%s:%d fe=%s be=%s srv=%s",
3870 pn,
3871 get_host_port(&conn->addr.from),
3872 strm_fe(curr_sess)->id,
3873 (curr_sess->be->cap & PR_CAP_BE) ? curr_sess->be->id : "<NONE>",
3874 objt_server(curr_sess->target) ? objt_server(curr_sess->target)->id : "<none>"
3875 );
3876 break;
3877 case AF_UNIX:
3878 chunk_appendf(&trash,
3879 " src=unix:%d fe=%s be=%s srv=%s",
3880 strm_li(curr_sess)->luid,
3881 strm_fe(curr_sess)->id,
3882 (curr_sess->be->cap & PR_CAP_BE) ? curr_sess->be->id : "<NONE>",
3883 objt_server(curr_sess->target) ? objt_server(curr_sess->target)->id : "<none>"
3884 );
3885 break;
3886 }
3887
3888 chunk_appendf(&trash,
3889 " ts=%02x age=%s calls=%d",
3890 curr_sess->task->state,
3891 human_time(now.tv_sec - curr_sess->logs.tv_accept.tv_sec, 1),
3892 curr_sess->task->calls);
3893
3894 chunk_appendf(&trash,
3895 " rq[f=%06xh,i=%d,an=%02xh,rx=%s",
3896 curr_sess->req.flags,
3897 curr_sess->req.buf->i,
3898 curr_sess->req.analysers,
3899 curr_sess->req.rex ?
3900 human_time(TICKS_TO_MS(curr_sess->req.rex - now_ms),
3901 TICKS_TO_MS(1000)) : "");
3902
3903 chunk_appendf(&trash,
3904 ",wx=%s",
3905 curr_sess->req.wex ?
3906 human_time(TICKS_TO_MS(curr_sess->req.wex - now_ms),
3907 TICKS_TO_MS(1000)) : "");
3908
3909 chunk_appendf(&trash,
3910 ",ax=%s]",
3911 curr_sess->req.analyse_exp ?
3912 human_time(TICKS_TO_MS(curr_sess->req.analyse_exp - now_ms),
3913 TICKS_TO_MS(1000)) : "");
3914
3915 chunk_appendf(&trash,
3916 " rp[f=%06xh,i=%d,an=%02xh,rx=%s",
3917 curr_sess->res.flags,
3918 curr_sess->res.buf->i,
3919 curr_sess->res.analysers,
3920 curr_sess->res.rex ?
3921 human_time(TICKS_TO_MS(curr_sess->res.rex - now_ms),
3922 TICKS_TO_MS(1000)) : "");
3923
3924 chunk_appendf(&trash,
3925 ",wx=%s",
3926 curr_sess->res.wex ?
3927 human_time(TICKS_TO_MS(curr_sess->res.wex - now_ms),
3928 TICKS_TO_MS(1000)) : "");
3929
3930 chunk_appendf(&trash,
3931 ",ax=%s]",
3932 curr_sess->res.analyse_exp ?
3933 human_time(TICKS_TO_MS(curr_sess->res.analyse_exp - now_ms),
3934 TICKS_TO_MS(1000)) : "");
3935
3936 conn = objt_conn(curr_sess->si[0].end);
3937 chunk_appendf(&trash,
3938 " s0=[%d,%1xh,fd=%d,ex=%s]",
3939 curr_sess->si[0].state,
3940 curr_sess->si[0].flags,
3941 (conn && conn->t.sock.fd >= 0) ? conn->t.sock.fd : -1,
3942 curr_sess->si[0].exp ?
3943 human_time(TICKS_TO_MS(curr_sess->si[0].exp - now_ms),
3944 TICKS_TO_MS(1000)) : "");
3945
3946 conn = objt_conn(curr_sess->si[1].end);
3947 chunk_appendf(&trash,
3948 " s1=[%d,%1xh,fd=%d,ex=%s]",
3949 curr_sess->si[1].state,
3950 curr_sess->si[1].flags,
3951 (conn && conn->t.sock.fd >= 0) ? conn->t.sock.fd : -1,
3952 curr_sess->si[1].exp ?
3953 human_time(TICKS_TO_MS(curr_sess->si[1].exp - now_ms),
3954 TICKS_TO_MS(1000)) : "");
3955
3956 chunk_appendf(&trash,
3957 " exp=%s",
3958 curr_sess->task->expire ?
3959 human_time(TICKS_TO_MS(curr_sess->task->expire - now_ms),
3960 TICKS_TO_MS(1000)) : "");
3961 if (task_in_rq(curr_sess->task))
3962 chunk_appendf(&trash, " run(nice=%d)", curr_sess->task->nice);
3963
3964 chunk_appendf(&trash, "\n");
3965
3966 if (bi_putchk(si_ic(si), &trash) == -1) {
3967 /* let's try again later from this stream. We add ourselves into
3968 * this stream's users so that it can remove us upon termination.
3969 */
3970 si_applet_cant_put(si);
3971 LIST_ADDQ(&curr_sess->back_refs, &appctx->ctx.sess.bref.users);
3972 return 0;
3973 }
3974
3975 next_sess:
3976 appctx->ctx.sess.bref.ref = curr_sess->list.n;
3977 }
3978
3979 if (appctx->ctx.sess.target && appctx->ctx.sess.target != (void *)-1) {
3980 /* specified stream not found */
3981 if (appctx->ctx.sess.section > 0)
3982 chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
3983 else
3984 chunk_appendf(&trash, "Session not found.\n");
3985
3986 if (bi_putchk(si_ic(si), &trash) == -1) {
3987 si_applet_cant_put(si);
3988 return 0;
3989 }
3990
3991 appctx->ctx.sess.target = NULL;
3992 appctx->ctx.sess.uid = 0;
3993 return 1;
3994 }
3995
3996 appctx->st2 = STAT_ST_FIN;
3997 /* fall through */
3998
3999 default:
4000 appctx->st2 = STAT_ST_FIN;
4001 return 1;
4002 }
4003}
4004
4005/* This is called when the stream interface is closed. For instance, upon an
4006 * external abort, we won't call the i/o handler anymore so we may need to
4007 * remove back references to the stream currently being dumped.
4008 */
4009static void cli_release_handler(struct appctx *appctx)
4010{
4011 if (appctx->io_release) {
4012 appctx->io_release(appctx);
4013 appctx->io_release = NULL;
4014 }
4015 if (appctx->st0 == STAT_CLI_O_SESS && appctx->st2 == STAT_ST_LIST) {
4016 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users))
4017 LIST_DEL(&appctx->ctx.sess.bref.users);
4018 }
4019 else if ((appctx->st0 == STAT_CLI_O_TAB || appctx->st0 == STAT_CLI_O_CLR) &&
4020 appctx->st2 == STAT_ST_LIST) {
4021 appctx->ctx.table.entry->ref_cnt--;
4022 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4023 }
4024 else if (appctx->st0 == STAT_CLI_PRINT_FREE) {
4025 free(appctx->ctx.cli.err);
4026 appctx->ctx.cli.err = NULL;
4027 }
4028 else if (appctx->st0 == STAT_CLI_O_MLOOK) {
4029 free(appctx->ctx.map.chunk.str);
4030 appctx->ctx.map.chunk.str = NULL;
4031 }
4032}
4033
4034/* This function is used to either dump tables states (when action is set
4035 * to STAT_CLI_O_TAB) or clear tables (when action is STAT_CLI_O_CLR).
4036 * It returns 0 if the output buffer is full and it needs to be called
4037 * again, otherwise non-zero.
4038 */
4039static int stats_table_request(struct stream_interface *si, int action)
4040{
4041 struct appctx *appctx = __objt_appctx(si->end);
4042 struct stream *s = si_strm(si);
4043 struct ebmb_node *eb;
4044 int dt;
4045 int skip_entry;
4046 int show = action == STAT_CLI_O_TAB;
4047
4048 /*
4049 * We have 3 possible states in appctx->st2 :
4050 * - STAT_ST_INIT : the first call
4051 * - STAT_ST_INFO : the proxy pointer points to the next table to
4052 * dump, the entry pointer is NULL ;
4053 * - STAT_ST_LIST : the proxy pointer points to the current table
4054 * and the entry pointer points to the next entry to be dumped,
4055 * and the refcount on the next entry is held ;
4056 * - STAT_ST_END : nothing left to dump, the buffer may contain some
4057 * data though.
4058 */
4059
4060 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW))) {
4061 /* in case of abort, remove any refcount we might have set on an entry */
4062 if (appctx->st2 == STAT_ST_LIST) {
4063 appctx->ctx.table.entry->ref_cnt--;
4064 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4065 }
4066 return 1;
4067 }
4068
4069 chunk_reset(&trash);
4070
4071 while (appctx->st2 != STAT_ST_FIN) {
4072 switch (appctx->st2) {
4073 case STAT_ST_INIT:
4074 appctx->ctx.table.proxy = appctx->ctx.table.target;
4075 if (!appctx->ctx.table.proxy)
4076 appctx->ctx.table.proxy = proxy;
4077
4078 appctx->ctx.table.entry = NULL;
4079 appctx->st2 = STAT_ST_INFO;
4080 break;
4081
4082 case STAT_ST_INFO:
4083 if (!appctx->ctx.table.proxy ||
4084 (appctx->ctx.table.target &&
4085 appctx->ctx.table.proxy != appctx->ctx.table.target)) {
4086 appctx->st2 = STAT_ST_END;
4087 break;
4088 }
4089
4090 if (appctx->ctx.table.proxy->table.size) {
4091 if (show && !stats_dump_table_head_to_buffer(&trash, si, appctx->ctx.table.proxy,
4092 appctx->ctx.table.target))
4093 return 0;
4094
4095 if (appctx->ctx.table.target &&
4096 strm_li(s)->bind_conf->level >= ACCESS_LVL_OPER) {
4097 /* dump entries only if table explicitly requested */
4098 eb = ebmb_first(&appctx->ctx.table.proxy->table.keys);
4099 if (eb) {
4100 appctx->ctx.table.entry = ebmb_entry(eb, struct stksess, key);
4101 appctx->ctx.table.entry->ref_cnt++;
4102 appctx->st2 = STAT_ST_LIST;
4103 break;
4104 }
4105 }
4106 }
4107 appctx->ctx.table.proxy = appctx->ctx.table.proxy->next;
4108 break;
4109
4110 case STAT_ST_LIST:
4111 skip_entry = 0;
4112
4113 if (appctx->ctx.table.data_type >= 0) {
4114 /* we're filtering on some data contents */
4115 void *ptr;
4116 long long data;
4117
4118 dt = appctx->ctx.table.data_type;
4119 ptr = stktable_data_ptr(&appctx->ctx.table.proxy->table,
4120 appctx->ctx.table.entry,
4121 dt);
4122
4123 data = 0;
4124 switch (stktable_data_types[dt].std_type) {
4125 case STD_T_SINT:
4126 data = stktable_data_cast(ptr, std_t_sint);
4127 break;
4128 case STD_T_UINT:
4129 data = stktable_data_cast(ptr, std_t_uint);
4130 break;
4131 case STD_T_ULL:
4132 data = stktable_data_cast(ptr, std_t_ull);
4133 break;
4134 case STD_T_FRQP:
4135 data = read_freq_ctr_period(&stktable_data_cast(ptr, std_t_frqp),
4136 appctx->ctx.table.proxy->table.data_arg[dt].u);
4137 break;
4138 }
4139
4140 /* skip the entry if the data does not match the test and the value */
4141 if ((data < appctx->ctx.table.value &&
4142 (appctx->ctx.table.data_op == STD_OP_EQ ||
4143 appctx->ctx.table.data_op == STD_OP_GT ||
4144 appctx->ctx.table.data_op == STD_OP_GE)) ||
4145 (data == appctx->ctx.table.value &&
4146 (appctx->ctx.table.data_op == STD_OP_NE ||
4147 appctx->ctx.table.data_op == STD_OP_GT ||
4148 appctx->ctx.table.data_op == STD_OP_LT)) ||
4149 (data > appctx->ctx.table.value &&
4150 (appctx->ctx.table.data_op == STD_OP_EQ ||
4151 appctx->ctx.table.data_op == STD_OP_LT ||
4152 appctx->ctx.table.data_op == STD_OP_LE)))
4153 skip_entry = 1;
4154 }
4155
4156 if (show && !skip_entry &&
4157 !stats_dump_table_entry_to_buffer(&trash, si, appctx->ctx.table.proxy,
4158 appctx->ctx.table.entry))
4159 return 0;
4160
4161 appctx->ctx.table.entry->ref_cnt--;
4162
4163 eb = ebmb_next(&appctx->ctx.table.entry->key);
4164 if (eb) {
4165 struct stksess *old = appctx->ctx.table.entry;
4166 appctx->ctx.table.entry = ebmb_entry(eb, struct stksess, key);
4167 if (show)
4168 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, old);
4169 else if (!skip_entry && !appctx->ctx.table.entry->ref_cnt)
4170 stksess_kill(&appctx->ctx.table.proxy->table, old);
4171 appctx->ctx.table.entry->ref_cnt++;
4172 break;
4173 }
4174
4175
4176 if (show)
4177 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4178 else if (!skip_entry && !appctx->ctx.table.entry->ref_cnt)
4179 stksess_kill(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4180
4181 appctx->ctx.table.proxy = appctx->ctx.table.proxy->next;
4182 appctx->st2 = STAT_ST_INFO;
4183 break;
4184
4185 case STAT_ST_END:
4186 appctx->st2 = STAT_ST_FIN;
4187 break;
4188 }
4189 }
4190 return 1;
4191}
4192
4193/* print a line of text buffer (limited to 70 bytes) to <out>. The format is :
4194 * <2 spaces> <offset=5 digits> <space or plus> <space> <70 chars max> <\n>
4195 * which is 60 chars per line. Non-printable chars \t, \n, \r and \e are
4196 * encoded in C format. Other non-printable chars are encoded "\xHH". Original
4197 * lines are respected within the limit of 70 output chars. Lines that are
4198 * continuation of a previous truncated line begin with "+" instead of " "
4199 * after the offset. The new pointer is returned.
4200 */
4201static int dump_text_line(struct chunk *out, const char *buf, int bsize, int len,
4202 int *line, int ptr)
4203{
4204 int end;
4205 unsigned char c;
4206
4207 end = out->len + 80;
4208 if (end > out->size)
4209 return ptr;
4210
4211 chunk_appendf(out, " %05d%c ", ptr, (ptr == *line) ? ' ' : '+');
4212
4213 while (ptr < len && ptr < bsize) {
4214 c = buf[ptr];
4215 if (isprint(c) && isascii(c) && c != '\\') {
4216 if (out->len > end - 2)
4217 break;
4218 out->str[out->len++] = c;
4219 } else if (c == '\t' || c == '\n' || c == '\r' || c == '\e' || c == '\\') {
4220 if (out->len > end - 3)
4221 break;
4222 out->str[out->len++] = '\\';
4223 switch (c) {
4224 case '\t': c = 't'; break;
4225 case '\n': c = 'n'; break;
4226 case '\r': c = 'r'; break;
4227 case '\e': c = 'e'; break;
4228 case '\\': c = '\\'; break;
4229 }
4230 out->str[out->len++] = c;
4231 } else {
4232 if (out->len > end - 5)
4233 break;
4234 out->str[out->len++] = '\\';
4235 out->str[out->len++] = 'x';
4236 out->str[out->len++] = hextab[(c >> 4) & 0xF];
4237 out->str[out->len++] = hextab[c & 0xF];
4238 }
4239 if (buf[ptr++] == '\n') {
4240 /* we had a line break, let's return now */
4241 out->str[out->len++] = '\n';
4242 *line = ptr;
4243 return ptr;
4244 }
4245 }
4246 /* we have an incomplete line, we return it as-is */
4247 out->str[out->len++] = '\n';
4248 return ptr;
4249}
4250
4251/* This function dumps counters from all resolvers section and associated name servers.
4252 * It returns 0 if the output buffer is full and it needs
4253 * to be called again, otherwise non-zero.
4254 */
4255static int stats_dump_resolvers_to_buffer(struct stream_interface *si)
4256{
4257 struct appctx *appctx = __objt_appctx(si->end);
4258 struct dns_resolvers *presolvers;
4259 struct dns_nameserver *pnameserver;
4260
4261 chunk_reset(&trash);
4262
4263 switch (appctx->st2) {
4264 case STAT_ST_INIT:
4265 appctx->st2 = STAT_ST_LIST; /* let's start producing data */
4266 /* fall through */
4267
4268 case STAT_ST_LIST:
4269 if (LIST_ISEMPTY(&dns_resolvers)) {
4270 chunk_appendf(&trash, "No resolvers found\n");
4271 }
4272 else {
4273 list_for_each_entry(presolvers, &dns_resolvers, list) {
4274 if (appctx->ctx.resolvers.ptr != NULL && appctx->ctx.resolvers.ptr != presolvers)
4275 continue;
4276
4277 chunk_appendf(&trash, "Resolvers section %s\n", presolvers->id);
4278 list_for_each_entry(pnameserver, &presolvers->nameserver_list, list) {
4279 chunk_appendf(&trash, " nameserver %s:\n", pnameserver->id);
4280 chunk_appendf(&trash, " sent: %ld\n", pnameserver->counters.sent);
4281 chunk_appendf(&trash, " valid: %ld\n", pnameserver->counters.valid);
4282 chunk_appendf(&trash, " update: %ld\n", pnameserver->counters.update);
4283 chunk_appendf(&trash, " cname: %ld\n", pnameserver->counters.cname);
4284 chunk_appendf(&trash, " cname_error: %ld\n", pnameserver->counters.cname_error);
4285 chunk_appendf(&trash, " any_err: %ld\n", pnameserver->counters.any_err);
4286 chunk_appendf(&trash, " nx: %ld\n", pnameserver->counters.nx);
4287 chunk_appendf(&trash, " timeout: %ld\n", pnameserver->counters.timeout);
4288 chunk_appendf(&trash, " refused: %ld\n", pnameserver->counters.refused);
4289 chunk_appendf(&trash, " other: %ld\n", pnameserver->counters.other);
4290 chunk_appendf(&trash, " invalid: %ld\n", pnameserver->counters.invalid);
4291 chunk_appendf(&trash, " too_big: %ld\n", pnameserver->counters.too_big);
4292 chunk_appendf(&trash, " truncated: %ld\n", pnameserver->counters.truncated);
4293 chunk_appendf(&trash, " outdated: %ld\n", pnameserver->counters.outdated);
4294 }
4295 }
4296 }
4297
4298 /* display response */
4299 if (bi_putchk(si_ic(si), &trash) == -1) {
4300 /* let's try again later from this session. We add ourselves into
4301 * this session's users so that it can remove us upon termination.
4302 */
4303 si->flags |= SI_FL_WAIT_ROOM;
4304 return 0;
4305 }
4306
4307 appctx->st2 = STAT_ST_FIN;
4308 /* fall through */
4309
4310 default:
4311 appctx->st2 = STAT_ST_FIN;
4312 return 1;
4313 }
4314}
4315
4316/* This function dumps all captured errors onto the stream interface's
4317 * read buffer. It returns 0 if the output buffer is full and it needs
4318 * to be called again, otherwise non-zero.
4319 */
4320static int stats_dump_errors_to_buffer(struct stream_interface *si)
4321{
4322 struct appctx *appctx = __objt_appctx(si->end);
4323 extern const char *monthname[12];
4324
4325 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
4326 return 1;
4327
4328 chunk_reset(&trash);
4329
4330 if (!appctx->ctx.errors.px) {
4331 /* the function had not been called yet, let's prepare the
4332 * buffer for a response.
4333 */
4334 struct tm tm;
4335
4336 get_localtime(date.tv_sec, &tm);
4337 chunk_appendf(&trash, "Total events captured on [%02d/%s/%04d:%02d:%02d:%02d.%03d] : %u\n",
4338 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
4339 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(date.tv_usec/1000),
4340 error_snapshot_id);
4341
4342 if (bi_putchk(si_ic(si), &trash) == -1) {
4343 /* Socket buffer full. Let's try again later from the same point */
4344 si_applet_cant_put(si);
4345 return 0;
4346 }
4347
4348 appctx->ctx.errors.px = proxy;
4349 appctx->ctx.errors.buf = 0;
4350 appctx->ctx.errors.bol = 0;
4351 appctx->ctx.errors.ptr = -1;
4352 }
4353
4354 /* we have two inner loops here, one for the proxy, the other one for
4355 * the buffer.
4356 */
4357 while (appctx->ctx.errors.px) {
4358 struct error_snapshot *es;
4359
4360 if (appctx->ctx.errors.buf == 0)
4361 es = &appctx->ctx.errors.px->invalid_req;
4362 else
4363 es = &appctx->ctx.errors.px->invalid_rep;
4364
4365 if (!es->when.tv_sec)
4366 goto next;
4367
4368 if (appctx->ctx.errors.iid >= 0 &&
4369 appctx->ctx.errors.px->uuid != appctx->ctx.errors.iid &&
4370 es->oe->uuid != appctx->ctx.errors.iid)
4371 goto next;
4372
4373 if (appctx->ctx.errors.ptr < 0) {
4374 /* just print headers now */
4375
4376 char pn[INET6_ADDRSTRLEN];
4377 struct tm tm;
4378 int port;
4379
4380 get_localtime(es->when.tv_sec, &tm);
4381 chunk_appendf(&trash, " \n[%02d/%s/%04d:%02d:%02d:%02d.%03d]",
4382 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
4383 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(es->when.tv_usec/1000));
4384
4385 switch (addr_to_str(&es->src, pn, sizeof(pn))) {
4386 case AF_INET:
4387 case AF_INET6:
4388 port = get_host_port(&es->src);
4389 break;
4390 default:
4391 port = 0;
4392 }
4393
4394 switch (appctx->ctx.errors.buf) {
4395 case 0:
4396 chunk_appendf(&trash,
4397 " frontend %s (#%d): invalid request\n"
4398 " backend %s (#%d)",
4399 appctx->ctx.errors.px->id, appctx->ctx.errors.px->uuid,
4400 (es->oe->cap & PR_CAP_BE) ? es->oe->id : "<NONE>",
4401 (es->oe->cap & PR_CAP_BE) ? es->oe->uuid : -1);
4402 break;
4403 case 1:
4404 chunk_appendf(&trash,
4405 " backend %s (#%d): invalid response\n"
4406 " frontend %s (#%d)",
4407 appctx->ctx.errors.px->id, appctx->ctx.errors.px->uuid,
4408 es->oe->id, es->oe->uuid);
4409 break;
4410 }
4411
4412 chunk_appendf(&trash,
4413 ", server %s (#%d), event #%u\n"
4414 " src %s:%d, session #%d, session flags 0x%08x\n"
4415 " HTTP msg state %d, msg flags 0x%08x, tx flags 0x%08x\n"
4416 " HTTP chunk len %lld bytes, HTTP body len %lld bytes\n"
4417 " buffer flags 0x%08x, out %d bytes, total %lld bytes\n"
4418 " pending %d bytes, wrapping at %d, error at position %d:\n \n",
4419 es->srv ? es->srv->id : "<NONE>", es->srv ? es->srv->puid : -1,
4420 es->ev_id,
4421 pn, port, es->sid, es->s_flags,
4422 es->state, es->m_flags, es->t_flags,
4423 es->m_clen, es->m_blen,
4424 es->b_flags, es->b_out, es->b_tot,
4425 es->len, es->b_wrap, es->pos);
4426
4427 if (bi_putchk(si_ic(si), &trash) == -1) {
4428 /* Socket buffer full. Let's try again later from the same point */
4429 si_applet_cant_put(si);
4430 return 0;
4431 }
4432 appctx->ctx.errors.ptr = 0;
4433 appctx->ctx.errors.sid = es->sid;
4434 }
4435
4436 if (appctx->ctx.errors.sid != es->sid) {
4437 /* the snapshot changed while we were dumping it */
4438 chunk_appendf(&trash,
4439 " WARNING! update detected on this snapshot, dump interrupted. Please re-check!\n");
4440 if (bi_putchk(si_ic(si), &trash) == -1) {
4441 si_applet_cant_put(si);
4442 return 0;
4443 }
4444 goto next;
4445 }
4446
4447 /* OK, ptr >= 0, so we have to dump the current line */
4448 while (es->buf && appctx->ctx.errors.ptr < es->len && appctx->ctx.errors.ptr < global.tune.bufsize) {
4449 int newptr;
4450 int newline;
4451
4452 newline = appctx->ctx.errors.bol;
4453 newptr = dump_text_line(&trash, es->buf, global.tune.bufsize, es->len, &newline, appctx->ctx.errors.ptr);
4454 if (newptr == appctx->ctx.errors.ptr)
4455 return 0;
4456
4457 if (bi_putchk(si_ic(si), &trash) == -1) {
4458 /* Socket buffer full. Let's try again later from the same point */
4459 si_applet_cant_put(si);
4460 return 0;
4461 }
4462 appctx->ctx.errors.ptr = newptr;
4463 appctx->ctx.errors.bol = newline;
4464 };
4465 next:
4466 appctx->ctx.errors.bol = 0;
4467 appctx->ctx.errors.ptr = -1;
4468 appctx->ctx.errors.buf++;
4469 if (appctx->ctx.errors.buf > 1) {
4470 appctx->ctx.errors.buf = 0;
4471 appctx->ctx.errors.px = appctx->ctx.errors.px->next;
4472 }
4473 }
4474
4475 /* dump complete */
4476 return 1;
4477}
4478
4479/* This function dumps all environmnent variables to the buffer. It returns 0
4480 * if the output buffer is full and it needs to be called again, otherwise
4481 * non-zero. Dumps only one entry if st2 == STAT_ST_END.
4482 */
4483static int stats_dump_env_to_buffer(struct stream_interface *si)
4484{
4485 struct appctx *appctx = __objt_appctx(si->end);
4486
4487 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
4488 return 1;
4489
4490 chunk_reset(&trash);
4491
4492 /* we have two inner loops here, one for the proxy, the other one for
4493 * the buffer.
4494 */
4495 while (*appctx->ctx.env.var) {
4496 chunk_printf(&trash, "%s\n", *appctx->ctx.env.var);
4497
4498 if (bi_putchk(si_ic(si), &trash) == -1) {
4499 si_applet_cant_put(si);
4500 return 0;
4501 }
4502 if (appctx->st2 == STAT_ST_END)
4503 break;
4504 appctx->ctx.env.var++;
4505 }
4506
4507 /* dump complete */
4508 return 1;
4509}
4510
4511/* parse the "level" argument on the bind lines */
4512static int bind_parse_level(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4513{
4514 if (!*args[cur_arg + 1]) {
4515 memprintf(err, "'%s' : missing level", args[cur_arg]);
4516 return ERR_ALERT | ERR_FATAL;
4517 }
4518
4519 if (!strcmp(args[cur_arg+1], "user"))
4520 conf->level = ACCESS_LVL_USER;
4521 else if (!strcmp(args[cur_arg+1], "operator"))
4522 conf->level = ACCESS_LVL_OPER;
4523 else if (!strcmp(args[cur_arg+1], "admin"))
4524 conf->level = ACCESS_LVL_ADMIN;
4525 else {
4526 memprintf(err, "'%s' only supports 'user', 'operator', and 'admin' (got '%s')",
4527 args[cur_arg], args[cur_arg+1]);
4528 return ERR_ALERT | ERR_FATAL;
4529 }
4530
4531 return 0;
4532}
4533
4534static struct applet cli_applet = {
4535 .obj_type = OBJ_TYPE_APPLET,
4536 .name = "<CLI>", /* used for logging */
4537 .fct = cli_io_handler,
4538 .release = cli_release_handler,
4539};
4540
4541static struct cfg_kw_list cfg_kws = {ILH, {
4542 { CFG_GLOBAL, "stats", stats_parse_global },
4543 { 0, NULL, NULL },
4544}};
4545
4546static struct bind_kw_list bind_kws = { "STAT", { }, {
4547 { "level", bind_parse_level, 1 }, /* set the unix socket admin level */
4548 { NULL, NULL, 0 },
4549}};
4550
4551__attribute__((constructor))
4552static void __dumpstats_module_init(void)
4553{
4554 cfg_register_keywords(&cfg_kws);
4555 bind_register_keywords(&bind_kws);
4556}
4557
4558/*
4559 * Local variables:
4560 * c-indent-level: 8
4561 * c-basic-offset: 8
4562 * End:
4563 */