Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 9ed6203aef1e319d6a76c36d109ad9cc7c39bd36 / . / src / cli.c
blob: e15fc8af7384226bc397da5068c2e37619e4c890 [file] [log] [blame]
William Lallemand74c24fb2016-11-21 17:18:36 +0100[diff] [blame]1/*
2 * Functions dedicated to statistics output and the stats socket
3 *
4 * Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
5 * Copyright 2007-2009 Krzysztof Piotr Oledzki <ole@ans.pl>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
11 *
12 */
13
14#include <ctype.h>
15#include <errno.h>
16#include <fcntl.h>
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20#include <pwd.h>
21#include <grp.h>
22
23#include <sys/socket.h>
24#include <sys/stat.h>
25#include <sys/types.h>
26
27#include <common/cfgparse.h>
28#include <common/compat.h>
29#include <common/config.h>
30#include <common/debug.h>
31#include <common/memory.h>
32#include <common/mini-clist.h>
33#include <common/standard.h>
34#include <common/ticks.h>
35#include <common/time.h>
36#include <common/uri_auth.h>
37#include <common/version.h>
38#include <common/base64.h>
39
40#include <types/applet.h>
William Lallemand9ed62032016-11-21 17:49:11 +0100[diff] [blame^]41#include <types/cli.h>
William Lallemand74c24fb2016-11-21 17:18:36 +0100[diff] [blame]42#include <types/global.h>
43#include <types/dns.h>
William Lallemand9ed62032016-11-21 17:49:11 +0100[diff] [blame^]44#include <types/stats.h>
William Lallemand74c24fb2016-11-21 17:18:36 +0100[diff] [blame]45
46#include <proto/backend.h>
47#include <proto/channel.h>
48#include <proto/checks.h>
49#include <proto/compression.h>
William Lallemand9ed62032016-11-21 17:49:11 +0100[diff] [blame^]50#include <proto/stats.h>
William Lallemand74c24fb2016-11-21 17:18:36 +0100[diff] [blame]51#include <proto/fd.h>
52#include <proto/freq_ctr.h>
53#include <proto/frontend.h>
54#include <proto/log.h>
55#include <proto/pattern.h>
56#include <proto/pipe.h>
57#include <proto/listener.h>
58#include <proto/map.h>
59#include <proto/proto_http.h>
60#include <proto/proto_uxst.h>
61#include <proto/proxy.h>
62#include <proto/sample.h>
63#include <proto/session.h>
64#include <proto/stream.h>
65#include <proto/server.h>
66#include <proto/raw_sock.h>
67#include <proto/stream_interface.h>
68#include <proto/task.h>
69
70#ifdef USE_OPENSSL
71#include <proto/ssl_sock.h>
72#include <types/ssl_sock.h>
73#endif
74
75/* These are the field names for each INF_* field position. Please pay attention
76 * to always use the exact same name except that the strings for new names must
77 * be lower case or CamelCase while the enum entries must be upper case.
78 */
79const char *info_field_names[INF_TOTAL_FIELDS] = {
80 [INF_NAME] = "Name",
81 [INF_VERSION] = "Version",
82 [INF_RELEASE_DATE] = "Release_date",
83 [INF_NBPROC] = "Nbproc",
84 [INF_PROCESS_NUM] = "Process_num",
85 [INF_PID] = "Pid",
86 [INF_UPTIME] = "Uptime",
87 [INF_UPTIME_SEC] = "Uptime_sec",
88 [INF_MEMMAX_MB] = "Memmax_MB",
89 [INF_POOL_ALLOC_MB] = "PoolAlloc_MB",
90 [INF_POOL_USED_MB] = "PoolUsed_MB",
91 [INF_POOL_FAILED] = "PoolFailed",
92 [INF_ULIMIT_N] = "Ulimit-n",
93 [INF_MAXSOCK] = "Maxsock",
94 [INF_MAXCONN] = "Maxconn",
95 [INF_HARD_MAXCONN] = "Hard_maxconn",
96 [INF_CURR_CONN] = "CurrConns",
97 [INF_CUM_CONN] = "CumConns",
98 [INF_CUM_REQ] = "CumReq",
99 [INF_MAX_SSL_CONNS] = "MaxSslConns",
100 [INF_CURR_SSL_CONNS] = "CurrSslConns",
101 [INF_CUM_SSL_CONNS] = "CumSslConns",
102 [INF_MAXPIPES] = "Maxpipes",
103 [INF_PIPES_USED] = "PipesUsed",
104 [INF_PIPES_FREE] = "PipesFree",
105 [INF_CONN_RATE] = "ConnRate",
106 [INF_CONN_RATE_LIMIT] = "ConnRateLimit",
107 [INF_MAX_CONN_RATE] = "MaxConnRate",
108 [INF_SESS_RATE] = "SessRate",
109 [INF_SESS_RATE_LIMIT] = "SessRateLimit",
110 [INF_MAX_SESS_RATE] = "MaxSessRate",
111 [INF_SSL_RATE] = "SslRate",
112 [INF_SSL_RATE_LIMIT] = "SslRateLimit",
113 [INF_MAX_SSL_RATE] = "MaxSslRate",
114 [INF_SSL_FRONTEND_KEY_RATE] = "SslFrontendKeyRate",
115 [INF_SSL_FRONTEND_MAX_KEY_RATE] = "SslFrontendMaxKeyRate",
116 [INF_SSL_FRONTEND_SESSION_REUSE_PCT] = "SslFrontendSessionReuse_pct",
117 [INF_SSL_BACKEND_KEY_RATE] = "SslBackendKeyRate",
118 [INF_SSL_BACKEND_MAX_KEY_RATE] = "SslBackendMaxKeyRate",
119 [INF_SSL_CACHE_LOOKUPS] = "SslCacheLookups",
120 [INF_SSL_CACHE_MISSES] = "SslCacheMisses",
121 [INF_COMPRESS_BPS_IN] = "CompressBpsIn",
122 [INF_COMPRESS_BPS_OUT] = "CompressBpsOut",
123 [INF_COMPRESS_BPS_RATE_LIM] = "CompressBpsRateLim",
124 [INF_ZLIB_MEM_USAGE] = "ZlibMemUsage",
125 [INF_MAX_ZLIB_MEM_USAGE] = "MaxZlibMemUsage",
126 [INF_TASKS] = "Tasks",
127 [INF_RUN_QUEUE] = "Run_queue",
128 [INF_IDLE_PCT] = "Idle_pct",
129 [INF_NODE] = "node",
130 [INF_DESCRIPTION] = "description",
131};
132
133/* one line of stats */
134static struct field info[INF_TOTAL_FIELDS];
135
136static int stats_dump_backend_to_buffer(struct stream_interface *si);
137static int stats_dump_env_to_buffer(struct stream_interface *si);
138static int stats_dump_info_to_buffer(struct stream_interface *si);
139static int stats_dump_servers_state_to_buffer(struct stream_interface *si);
140static int stats_dump_pools_to_buffer(struct stream_interface *si);
141static int stats_dump_full_sess_to_buffer(struct stream_interface *si, struct stream *sess);
142static int stats_dump_sess_to_buffer(struct stream_interface *si);
143static int stats_dump_errors_to_buffer(struct stream_interface *si);
144static int stats_table_request(struct stream_interface *si, int show);
145static int stats_dump_resolvers_to_buffer(struct stream_interface *si);
146static int stats_pats_list(struct stream_interface *si);
147static int stats_pat_list(struct stream_interface *si);
148static int stats_map_lookup(struct stream_interface *si);
149#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
150static int stats_tlskeys_list(struct stream_interface *si);
151#endif
152
153static int dump_servers_state(struct stream_interface *si, struct chunk *buf);
154
155static struct applet cli_applet;
156
157static const char stats_sock_usage_msg[] =
158 "Unknown command. Please enter one of the following commands only :\n"
159 " clear counters : clear max statistics counters (add 'all' for all counters)\n"
160 " clear table : remove an entry from a table\n"
161 " help : this message\n"
162 " prompt : toggle interactive mode with prompt\n"
163 " quit : disconnect\n"
164 " show backend : list backends in the current running config\n"
165 " show env [var] : dump environment variables known to the process\n"
166 " show info : report information about the running process\n"
167 " show pools : report information about the memory pools usage\n"
168 " show stat : report counters for each proxy and server\n"
169 " show stat resolvers [id]: dumps counters from all resolvers section and\n"
170 " associated name servers\n"
171 " show errors : report last request and response errors for each proxy\n"
172 " show sess [id] : report the list of current sessions or dump this session\n"
173 " show table [id]: report table usage stats or dump this table's contents\n"
174 " show servers state [id]: dump volatile server information (for backend <id>)\n"
175 " get weight : report a server's current weight\n"
176 " set weight : change a server's weight\n"
177 " set server : change a server's state, weight or address\n"
178 " set table [id] : update or create a table entry's data\n"
179 " set timeout : change a timeout setting\n"
180 " set maxconn : change a maxconn setting\n"
181 " set rate-limit : change a rate limiting value\n"
182 " disable : put a server or frontend in maintenance mode\n"
183 " enable : re-enable a server or frontend which is in maintenance mode\n"
184 " shutdown : kill a session or a frontend (eg:to release listening ports)\n"
185 " show acl [id] : report available acls or dump an acl's contents\n"
186 " get acl : reports the patterns matching a sample for an ACL\n"
187 " add acl : add acl entry\n"
188 " del acl : delete acl entry\n"
189 " clear acl <id> : clear the content of this acl\n"
190 " show map [id] : report available maps or dump a map's contents\n"
191 " get map : reports the keys and values matching a sample for a map\n"
192 " set map : modify map entry\n"
193 " add map : add map entry\n"
194 " del map : delete map entry\n"
195 " clear map <id> : clear the content of this map\n"
196 " set ssl <stmt> : set statement for ssl\n"
197#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
198 " show tls-keys [id|*]: show tls keys references or dump tls ticket keys when id specified\n"
199#endif
200 "";
201
202static const char stats_permission_denied_msg[] =
203 "Permission denied\n"
204 "";
205
206
207static char *dynamic_usage_msg = NULL;
208
209/* List head of cli keywords */
210static struct cli_kw_list cli_keywords = {
211 .list = LIST_HEAD_INIT(cli_keywords.list)
212};
213
214extern const char *stat_status_codes[];
215
216char *cli_gen_usage_msg()
217{
218 struct cli_kw_list *kw_list;
219 struct cli_kw *kw;
220 struct chunk *tmp = get_trash_chunk();
221 struct chunk out;
222
223 free(dynamic_usage_msg);
224 dynamic_usage_msg = NULL;
225
226 if (LIST_ISEMPTY(&cli_keywords.list))
227 return NULL;
228
229 chunk_reset(tmp);
230 chunk_strcat(tmp, stats_sock_usage_msg);
231 list_for_each_entry(kw_list, &cli_keywords.list, list) {
232 kw = &kw_list->kw[0];
233 while (kw->usage) {
234 chunk_appendf(tmp, " %s\n", kw->usage);
235 kw++;
236 }
237 }
238 chunk_init(&out, NULL, 0);
239 chunk_dup(&out, tmp);
240 dynamic_usage_msg = out.str;
241 return dynamic_usage_msg;
242}
243
244struct cli_kw* cli_find_kw(char **args)
245{
246 struct cli_kw_list *kw_list;
247 struct cli_kw *kw;/* current cli_kw */
248 char **tmp_args;
249 const char **tmp_str_kw;
250 int found = 0;
251
252 if (LIST_ISEMPTY(&cli_keywords.list))
253 return NULL;
254
255 list_for_each_entry(kw_list, &cli_keywords.list, list) {
256 kw = &kw_list->kw[0];
257 while (*kw->str_kw) {
258 tmp_args = args;
259 tmp_str_kw = kw->str_kw;
260 while (*tmp_str_kw) {
261 if (strcmp(*tmp_str_kw, *tmp_args) == 0) {
262 found = 1;
263 } else {
264 found = 0;
265 break;
266 }
267 tmp_args++;
268 tmp_str_kw++;
269 }
270 if (found)
271 return (kw);
272 kw++;
273 }
274 }
275 return NULL;
276}
277
278void cli_register_kw(struct cli_kw_list *kw_list)
279{
280 LIST_ADDQ(&cli_keywords.list, &kw_list->list);
281}
282
283
284/* allocate a new stats frontend named <name>, and return it
285 * (or NULL in case of lack of memory).
286 */
287static struct proxy *alloc_stats_fe(const char *name, const char *file, int line)
288{
289 struct proxy *fe;
290
291 fe = calloc(1, sizeof(*fe));
292 if (!fe)
293 return NULL;
294
295 init_new_proxy(fe);
296 fe->next = proxy;
297 proxy = fe;
298 fe->last_change = now.tv_sec;
299 fe->id = strdup("GLOBAL");
300 fe->cap = PR_CAP_FE;
301 fe->maxconn = 10; /* default to 10 concurrent connections */
302 fe->timeout.client = MS_TO_TICKS(10000); /* default timeout of 10 seconds */
303 fe->conf.file = strdup(file);
304 fe->conf.line = line;
305 fe->accept = frontend_accept;
306 fe->default_target = &cli_applet.obj_type;
307
308 /* the stats frontend is the only one able to assign ID #0 */
309 fe->conf.id.key = fe->uuid = 0;
310 eb32_insert(&used_proxy_id, &fe->conf.id);
311 return fe;
312}
313
314/* This function parses a "stats" statement in the "global" section. It returns
315 * -1 if there is any error, otherwise zero. If it returns -1, it will write an
316 * error message into the <err> buffer which will be preallocated. The trailing
317 * '\n' must not be written. The function must be called with <args> pointing to
318 * the first word after "stats".
319 */
320static int stats_parse_global(char **args, int section_type, struct proxy *curpx,
321 struct proxy *defpx, const char *file, int line,
322 char **err)
323{
324 struct bind_conf *bind_conf;
325 struct listener *l;
326
327 if (!strcmp(args[1], "socket")) {
328 int cur_arg;
329
330 if (*args[2] == 0) {
331 memprintf(err, "'%s %s' in global section expects an address or a path to a UNIX socket", args[0], args[1]);
332 return -1;
333 }
334
335 if (!global.stats_fe) {
336 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
337 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
338 return -1;
339 }
340 }
341
342 bind_conf = bind_conf_alloc(&global.stats_fe->conf.bind, file, line, args[2]);
343 bind_conf->level = ACCESS_LVL_OPER; /* default access level */
344
345 if (!str2listener(args[2], global.stats_fe, bind_conf, file, line, err)) {
346 memprintf(err, "parsing [%s:%d] : '%s %s' : %s\n",
347 file, line, args[0], args[1], err && *err ? *err : "error");
348 return -1;
349 }
350
351 cur_arg = 3;
352 while (*args[cur_arg]) {
353 static int bind_dumped;
354 struct bind_kw *kw;
355
356 kw = bind_find_kw(args[cur_arg]);
357 if (kw) {
358 if (!kw->parse) {
359 memprintf(err, "'%s %s' : '%s' option is not implemented in this version (check build options).",
360 args[0], args[1], args[cur_arg]);
361 return -1;
362 }
363
364 if (kw->parse(args, cur_arg, global.stats_fe, bind_conf, err) != 0) {
365 if (err && *err)
366 memprintf(err, "'%s %s' : '%s'", args[0], args[1], *err);
367 else
368 memprintf(err, "'%s %s' : error encountered while processing '%s'",
369 args[0], args[1], args[cur_arg]);
370 return -1;
371 }
372
373 cur_arg += 1 + kw->skip;
374 continue;
375 }
376
377 if (!bind_dumped) {
378 bind_dump_kws(err);
379 indent_msg(err, 4);
380 bind_dumped = 1;
381 }
382
383 memprintf(err, "'%s %s' : unknown keyword '%s'.%s%s",
384 args[0], args[1], args[cur_arg],
385 err && *err ? " Registered keywords :" : "", err && *err ? *err : "");
386 return -1;
387 }
388
389 list_for_each_entry(l, &bind_conf->listeners, by_bind) {
390 l->maxconn = global.stats_fe->maxconn;
391 l->backlog = global.stats_fe->backlog;
392 l->accept = session_accept_fd;
393 l->handler = process_stream;
394 l->default_target = global.stats_fe->default_target;
395 l->options |= LI_O_UNLIMITED; /* don't make the peers subject to global limits */
396 l->nice = -64; /* we want to boost priority for local stats */
397 global.maxsock += l->maxconn;
398 }
399 }
400 else if (!strcmp(args[1], "timeout")) {
401 unsigned timeout;
402 const char *res = parse_time_err(args[2], &timeout, TIME_UNIT_MS);
403
404 if (res) {
405 memprintf(err, "'%s %s' : unexpected character '%c'", args[0], args[1], *res);
406 return -1;
407 }
408
409 if (!timeout) {
410 memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
411 return -1;
412 }
413 if (!global.stats_fe) {
414 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
415 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
416 return -1;
417 }
418 }
419 global.stats_fe->timeout.client = MS_TO_TICKS(timeout);
420 }
421 else if (!strcmp(args[1], "maxconn")) {
422 int maxconn = atol(args[2]);
423
424 if (maxconn <= 0) {
425 memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
426 return -1;
427 }
428
429 if (!global.stats_fe) {
430 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
431 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
432 return -1;
433 }
434 }
435 global.stats_fe->maxconn = maxconn;
436 }
437 else if (!strcmp(args[1], "bind-process")) { /* enable the socket only on some processes */
438 int cur_arg = 2;
439 unsigned long set = 0;
440
441 if (!global.stats_fe) {
442 if ((global.stats_fe = alloc_stats_fe("GLOBAL", file, line)) == NULL) {
443 memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
444 return -1;
445 }
446 }
447
448 while (*args[cur_arg]) {
449 unsigned int low, high;
450
451 if (strcmp(args[cur_arg], "all") == 0) {
452 set = 0;
453 break;
454 }
455 else if (strcmp(args[cur_arg], "odd") == 0) {
456 set |= ~0UL/3UL; /* 0x555....555 */
457 }
458 else if (strcmp(args[cur_arg], "even") == 0) {
459 set |= (~0UL/3UL) << 1; /* 0xAAA...AAA */
460 }
461 else if (isdigit((int)*args[cur_arg])) {
462 char *dash = strchr(args[cur_arg], '-');
463
464 low = high = str2uic(args[cur_arg]);
465 if (dash)
466 high = str2uic(dash + 1);
467
468 if (high < low) {
469 unsigned int swap = low;
470 low = high;
471 high = swap;
472 }
473
474 if (low < 1 || high > LONGBITS) {
475 memprintf(err, "'%s %s' supports process numbers from 1 to %d.\n",
476 args[0], args[1], LONGBITS);
477 return -1;
478 }
479 while (low <= high)
480 set |= 1UL << (low++ - 1);
481 }
482 else {
483 memprintf(err,
484 "'%s %s' expects 'all', 'odd', 'even', or a list of process ranges with numbers from 1 to %d.\n",
485 args[0], args[1], LONGBITS);
486 return -1;
487 }
488 cur_arg++;
489 }
490 global.stats_fe->bind_proc = set;
491 }
492 else {
493 memprintf(err, "'%s' only supports 'socket', 'maxconn', 'bind-process' and 'timeout' (got '%s')", args[0], args[1]);
494 return -1;
495 }
496 return 0;
497}
498
499
500/* print a string of text buffer to <out>. The format is :
501 * Non-printable chars \t, \n, \r and \e are * encoded in C format.
502 * Other non-printable chars are encoded "\xHH". Space, '\', and '=' are also escaped.
503 * Print stopped if null char or <bsize> is reached, or if no more place in the chunk.
504 */
505static int dump_text(struct chunk *out, const char *buf, int bsize)
506{
507 unsigned char c;
508 int ptr = 0;
509
510 while (buf[ptr] && ptr < bsize) {
511 c = buf[ptr];
512 if (isprint(c) && isascii(c) && c != '\\' && c != ' ' && c != '=') {
513 if (out->len > out->size - 1)
514 break;
515 out->str[out->len++] = c;
516 }
517 else if (c == '\t' || c == '\n' || c == '\r' || c == '\e' || c == '\\' || c == ' ' || c == '=') {
518 if (out->len > out->size - 2)
519 break;
520 out->str[out->len++] = '\\';
521 switch (c) {
522 case ' ': c = ' '; break;
523 case '\t': c = 't'; break;
524 case '\n': c = 'n'; break;
525 case '\r': c = 'r'; break;
526 case '\e': c = 'e'; break;
527 case '\\': c = '\\'; break;
528 case '=': c = '='; break;
529 }
530 out->str[out->len++] = c;
531 }
532 else {
533 if (out->len > out->size - 4)
534 break;
535 out->str[out->len++] = '\\';
536 out->str[out->len++] = 'x';
537 out->str[out->len++] = hextab[(c >> 4) & 0xF];
538 out->str[out->len++] = hextab[c & 0xF];
539 }
540 ptr++;
541 }
542
543 return ptr;
544}
545
546/* print a buffer in hexa.
547 * Print stopped if <bsize> is reached, or if no more place in the chunk.
548 */
549static int dump_binary(struct chunk *out, const char *buf, int bsize)
550{
551 unsigned char c;
552 int ptr = 0;
553
554 while (ptr < bsize) {
555 c = buf[ptr];
556
557 if (out->len > out->size - 2)
558 break;
559 out->str[out->len++] = hextab[(c >> 4) & 0xF];
560 out->str[out->len++] = hextab[c & 0xF];
561
562 ptr++;
563 }
564 return ptr;
565}
566
567/* Dump the status of a table to a stream interface's
568 * read buffer. It returns 0 if the output buffer is full
569 * and needs to be called again, otherwise non-zero.
570 */
571static int stats_dump_table_head_to_buffer(struct chunk *msg, struct stream_interface *si,
572 struct proxy *proxy, struct proxy *target)
573{
574 struct stream *s = si_strm(si);
575
576 chunk_appendf(msg, "# table: %s, type: %s, size:%d, used:%d\n",
577 proxy->id, stktable_types[proxy->table.type].kw, proxy->table.size, proxy->table.current);
578
579 /* any other information should be dumped here */
580
581 if (target && strm_li(s)->bind_conf->level < ACCESS_LVL_OPER)
582 chunk_appendf(msg, "# contents not dumped due to insufficient privileges\n");
583
584 if (bi_putchk(si_ic(si), msg) == -1) {
585 si_applet_cant_put(si);
586 return 0;
587 }
588
589 return 1;
590}
591
592/* Dump the a table entry to a stream interface's
593 * read buffer. It returns 0 if the output buffer is full
594 * and needs to be called again, otherwise non-zero.
595 */
596static int stats_dump_table_entry_to_buffer(struct chunk *msg, struct stream_interface *si,
597 struct proxy *proxy, struct stksess *entry)
598{
599 int dt;
600
601 chunk_appendf(msg, "%p:", entry);
602
603 if (proxy->table.type == SMP_T_IPV4) {
604 char addr[INET_ADDRSTRLEN];
605 inet_ntop(AF_INET, (const void *)&entry->key.key, addr, sizeof(addr));
606 chunk_appendf(msg, " key=%s", addr);
607 }
608 else if (proxy->table.type == SMP_T_IPV6) {
609 char addr[INET6_ADDRSTRLEN];
610 inet_ntop(AF_INET6, (const void *)&entry->key.key, addr, sizeof(addr));
611 chunk_appendf(msg, " key=%s", addr);
612 }
613 else if (proxy->table.type == SMP_T_SINT) {
614 chunk_appendf(msg, " key=%u", *(unsigned int *)entry->key.key);
615 }
616 else if (proxy->table.type == SMP_T_STR) {
617 chunk_appendf(msg, " key=");
618 dump_text(msg, (const char *)entry->key.key, proxy->table.key_size);
619 }
620 else {
621 chunk_appendf(msg, " key=");
622 dump_binary(msg, (const char *)entry->key.key, proxy->table.key_size);
623 }
624
625 chunk_appendf(msg, " use=%d exp=%d", entry->ref_cnt - 1, tick_remain(now_ms, entry->expire));
626
627 for (dt = 0; dt < STKTABLE_DATA_TYPES; dt++) {
628 void *ptr;
629
630 if (proxy->table.data_ofs[dt] == 0)
631 continue;
632 if (stktable_data_types[dt].arg_type == ARG_T_DELAY)
633 chunk_appendf(msg, " %s(%d)=", stktable_data_types[dt].name, proxy->table.data_arg[dt].u);
634 else
635 chunk_appendf(msg, " %s=", stktable_data_types[dt].name);
636
637 ptr = stktable_data_ptr(&proxy->table, entry, dt);
638 switch (stktable_data_types[dt].std_type) {
639 case STD_T_SINT:
640 chunk_appendf(msg, "%d", stktable_data_cast(ptr, std_t_sint));
641 break;
642 case STD_T_UINT:
643 chunk_appendf(msg, "%u", stktable_data_cast(ptr, std_t_uint));
644 break;
645 case STD_T_ULL:
646 chunk_appendf(msg, "%lld", stktable_data_cast(ptr, std_t_ull));
647 break;
648 case STD_T_FRQP:
649 chunk_appendf(msg, "%d",
650 read_freq_ctr_period(&stktable_data_cast(ptr, std_t_frqp),
651 proxy->table.data_arg[dt].u));
652 break;
653 }
654 }
655 chunk_appendf(msg, "\n");
656
657 if (bi_putchk(si_ic(si), msg) == -1) {
658 si_applet_cant_put(si);
659 return 0;
660 }
661
662 return 1;
663}
664
665static void stats_sock_table_key_request(struct stream_interface *si, char **args, int action)
666{
667 struct stream *s = si_strm(si);
668 struct appctx *appctx = __objt_appctx(si->end);
669 struct proxy *px = appctx->ctx.table.target;
670 struct stksess *ts;
671 uint32_t uint32_key;
672 unsigned char ip6_key[sizeof(struct in6_addr)];
673 long long value;
674 int data_type;
675 int cur_arg;
676 void *ptr;
677 struct freq_ctr_period *frqp;
678
679 appctx->st0 = STAT_CLI_OUTPUT;
680
681 if (!*args[4]) {
682 appctx->ctx.cli.msg = "Key value expected\n";
683 appctx->st0 = STAT_CLI_PRINT;
684 return;
685 }
686
687 switch (px->table.type) {
688 case SMP_T_IPV4:
689 uint32_key = htonl(inetaddr_host(args[4]));
690 static_table_key->key = &uint32_key;
691 break;
692 case SMP_T_IPV6:
693 inet_pton(AF_INET6, args[4], ip6_key);
694 static_table_key->key = &ip6_key;
695 break;
696 case SMP_T_SINT:
697 {
698 char *endptr;
699 unsigned long val;
700 errno = 0;
701 val = strtoul(args[4], &endptr, 10);
702 if ((errno == ERANGE && val == ULONG_MAX) ||
703 (errno != 0 && val == 0) || endptr == args[4] ||
704 val > 0xffffffff) {
705 appctx->ctx.cli.msg = "Invalid key\n";
706 appctx->st0 = STAT_CLI_PRINT;
707 return;
708 }
709 uint32_key = (uint32_t) val;
710 static_table_key->key = &uint32_key;
711 break;
712 }
713 break;
714 case SMP_T_STR:
715 static_table_key->key = args[4];
716 static_table_key->key_len = strlen(args[4]);
717 break;
718 default:
719 switch (action) {
720 case STAT_CLI_O_TAB:
721 appctx->ctx.cli.msg = "Showing keys from tables of type other than ip, ipv6, string and integer is not supported\n";
722 break;
723 case STAT_CLI_O_CLR:
724 appctx->ctx.cli.msg = "Removing keys from ip tables of type other than ip, ipv6, string and integer is not supported\n";
725 break;
726 default:
727 appctx->ctx.cli.msg = "Unknown action\n";
728 break;
729 }
730 appctx->st0 = STAT_CLI_PRINT;
731 return;
732 }
733
734 /* check permissions */
735 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
736 appctx->ctx.cli.msg = stats_permission_denied_msg;
737 appctx->st0 = STAT_CLI_PRINT;
738 return;
739 }
740
741 ts = stktable_lookup_key(&px->table, static_table_key);
742
743 switch (action) {
744 case STAT_CLI_O_TAB:
745 if (!ts)
746 return;
747 chunk_reset(&trash);
748 if (!stats_dump_table_head_to_buffer(&trash, si, px, px))
749 return;
750 stats_dump_table_entry_to_buffer(&trash, si, px, ts);
751 return;
752
753 case STAT_CLI_O_CLR:
754 if (!ts)
755 return;
756 if (ts->ref_cnt) {
757 /* don't delete an entry which is currently referenced */
758 appctx->ctx.cli.msg = "Entry currently in use, cannot remove\n";
759 appctx->st0 = STAT_CLI_PRINT;
760 return;
761 }
762 stksess_kill(&px->table, ts);
763 break;
764
765 case STAT_CLI_O_SET:
766 if (ts)
767 stktable_touch(&px->table, ts, 1);
768 else {
769 ts = stksess_new(&px->table, static_table_key);
770 if (!ts) {
771 /* don't delete an entry which is currently referenced */
772 appctx->ctx.cli.msg = "Unable to allocate a new entry\n";
773 appctx->st0 = STAT_CLI_PRINT;
774 return;
775 }
776 stktable_store(&px->table, ts, 1);
777 }
778
779 for (cur_arg = 5; *args[cur_arg]; cur_arg += 2) {
780 if (strncmp(args[cur_arg], "data.", 5) != 0) {
781 appctx->ctx.cli.msg = "\"data.<type>\" followed by a value expected\n";
782 appctx->st0 = STAT_CLI_PRINT;
783 return;
784 }
785
786 data_type = stktable_get_data_type(args[cur_arg] + 5);
787 if (data_type < 0) {
788 appctx->ctx.cli.msg = "Unknown data type\n";
789 appctx->st0 = STAT_CLI_PRINT;
790 return;
791 }
792
793 if (!px->table.data_ofs[data_type]) {
794 appctx->ctx.cli.msg = "Data type not stored in this table\n";
795 appctx->st0 = STAT_CLI_PRINT;
796 return;
797 }
798
799 if (!*args[cur_arg+1] || strl2llrc(args[cur_arg+1], strlen(args[cur_arg+1]), &value) != 0) {
800 appctx->ctx.cli.msg = "Require a valid integer value to store\n";
801 appctx->st0 = STAT_CLI_PRINT;
802 return;
803 }
804
805 ptr = stktable_data_ptr(&px->table, ts, data_type);
806
807 switch (stktable_data_types[data_type].std_type) {
808 case STD_T_SINT:
809 stktable_data_cast(ptr, std_t_sint) = value;
810 break;
811 case STD_T_UINT:
812 stktable_data_cast(ptr, std_t_uint) = value;
813 break;
814 case STD_T_ULL:
815 stktable_data_cast(ptr, std_t_ull) = value;
816 break;
817 case STD_T_FRQP:
818 /* We set both the current and previous values. That way
819 * the reported frequency is stable during all the period
820 * then slowly fades out. This allows external tools to
821 * push measures without having to update them too often.
822 */
823 frqp = &stktable_data_cast(ptr, std_t_frqp);
824 frqp->curr_tick = now_ms;
825 frqp->prev_ctr = 0;
826 frqp->curr_ctr = value;
827 break;
828 }
829 }
830 break;
831
832 default:
833 appctx->ctx.cli.msg = "Unknown action\n";
834 appctx->st0 = STAT_CLI_PRINT;
835 break;
836 }
837}
838
839static void stats_sock_table_data_request(struct stream_interface *si, char **args, int action)
840{
841 struct appctx *appctx = __objt_appctx(si->end);
842
843 if (action != STAT_CLI_O_TAB && action != STAT_CLI_O_CLR) {
844 appctx->ctx.cli.msg = "content-based lookup is only supported with the \"show\" and \"clear\" actions";
845 appctx->st0 = STAT_CLI_PRINT;
846 return;
847 }
848
849 /* condition on stored data value */
850 appctx->ctx.table.data_type = stktable_get_data_type(args[3] + 5);
851 if (appctx->ctx.table.data_type < 0) {
852 appctx->ctx.cli.msg = "Unknown data type\n";
853 appctx->st0 = STAT_CLI_PRINT;
854 return;
855 }
856
857 if (!((struct proxy *)appctx->ctx.table.target)->table.data_ofs[appctx->ctx.table.data_type]) {
858 appctx->ctx.cli.msg = "Data type not stored in this table\n";
859 appctx->st0 = STAT_CLI_PRINT;
860 return;
861 }
862
863 appctx->ctx.table.data_op = get_std_op(args[4]);
864 if (appctx->ctx.table.data_op < 0) {
865 appctx->ctx.cli.msg = "Require and operator among \"eq\", \"ne\", \"le\", \"ge\", \"lt\", \"gt\"\n";
866 appctx->st0 = STAT_CLI_PRINT;
867 return;
868 }
869
870 if (!*args[5] || strl2llrc(args[5], strlen(args[5]), &appctx->ctx.table.value) != 0) {
871 appctx->ctx.cli.msg = "Require a valid integer value to compare against\n";
872 appctx->st0 = STAT_CLI_PRINT;
873 return;
874 }
875}
876
877static void stats_sock_table_request(struct stream_interface *si, char **args, int action)
878{
879 struct appctx *appctx = __objt_appctx(si->end);
880
881 appctx->ctx.table.data_type = -1;
882 appctx->st2 = STAT_ST_INIT;
883 appctx->ctx.table.target = NULL;
884 appctx->ctx.table.proxy = NULL;
885 appctx->ctx.table.entry = NULL;
886 appctx->st0 = action;
887
888 if (*args[2]) {
889 appctx->ctx.table.target = proxy_tbl_by_name(args[2]);
890 if (!appctx->ctx.table.target) {
891 appctx->ctx.cli.msg = "No such table\n";
892 appctx->st0 = STAT_CLI_PRINT;
893 return;
894 }
895 }
896 else {
897 if (action != STAT_CLI_O_TAB)
898 goto err_args;
899 return;
900 }
901
902 if (strcmp(args[3], "key") == 0)
903 stats_sock_table_key_request(si, args, action);
904 else if (strncmp(args[3], "data.", 5) == 0)
905 stats_sock_table_data_request(si, args, action);
906 else if (*args[3])
907 goto err_args;
908
909 return;
910
911err_args:
912 switch (action) {
913 case STAT_CLI_O_TAB:
914 appctx->ctx.cli.msg = "Optional argument only supports \"data.<store_data_type>\" <operator> <value> and key <key>\n";
915 break;
916 case STAT_CLI_O_CLR:
917 appctx->ctx.cli.msg = "Required arguments: <table> \"data.<store_data_type>\" <operator> <value> or <table> key <key>\n";
918 break;
919 default:
920 appctx->ctx.cli.msg = "Unknown action\n";
921 break;
922 }
923 appctx->st0 = STAT_CLI_PRINT;
924}
925
926/* Expects to find a frontend named <arg> and returns it, otherwise displays various
927 * adequate error messages and returns NULL. This function also expects the stream
928 * level to be admin.
929 */
930static struct proxy *expect_frontend_admin(struct stream *s, struct stream_interface *si, const char *arg)
931{
932 struct appctx *appctx = __objt_appctx(si->end);
933 struct proxy *px;
934
935 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
936 appctx->ctx.cli.msg = stats_permission_denied_msg;
937 appctx->st0 = STAT_CLI_PRINT;
938 return NULL;
939 }
940
941 if (!*arg) {
942 appctx->ctx.cli.msg = "A frontend name is expected.\n";
943 appctx->st0 = STAT_CLI_PRINT;
944 return NULL;
945 }
946
947 px = proxy_fe_by_name(arg);
948 if (!px) {
949 appctx->ctx.cli.msg = "No such frontend.\n";
950 appctx->st0 = STAT_CLI_PRINT;
951 return NULL;
952 }
953 return px;
954}
955
956/* Expects to find a backend and a server in <arg> under the form <backend>/<server>,
957 * and returns the pointer to the server. Otherwise, display adequate error messages
958 * and returns NULL. This function also expects the stream level to be admin. Note:
959 * the <arg> is modified to remove the '/'.
960 */
961static struct server *expect_server_admin(struct stream *s, struct stream_interface *si, char *arg)
962{
963 struct appctx *appctx = __objt_appctx(si->end);
964 struct proxy *px;
965 struct server *sv;
966 char *line;
967
968 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
969 appctx->ctx.cli.msg = stats_permission_denied_msg;
970 appctx->st0 = STAT_CLI_PRINT;
971 return NULL;
972 }
973
974 /* split "backend/server" and make <line> point to server */
975 for (line = arg; *line; line++)
976 if (*line == '/') {
977 *line++ = '\0';
978 break;
979 }
980
981 if (!*line || !*arg) {
982 appctx->ctx.cli.msg = "Require 'backend/server'.\n";
983 appctx->st0 = STAT_CLI_PRINT;
984 return NULL;
985 }
986
987 if (!get_backend_server(arg, line, &px, &sv)) {
988 appctx->ctx.cli.msg = px ? "No such server.\n" : "No such backend.\n";
989 appctx->st0 = STAT_CLI_PRINT;
990 return NULL;
991 }
992
993 if (px->state == PR_STSTOPPED) {
994 appctx->ctx.cli.msg = "Proxy is disabled.\n";
995 appctx->st0 = STAT_CLI_PRINT;
996 return NULL;
997 }
998
999 return sv;
1000}
1001
1002/* This function is used with TLS ticket keys management. It permits to browse
1003 * each reference. The variable <getnext> must contain the current node,
1004 * <end> point to the root node.
1005 */
1006#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1007static inline
1008struct tls_keys_ref *tlskeys_list_get_next(struct tls_keys_ref *getnext, struct list *end)
1009{
1010 struct tls_keys_ref *ref = getnext;
1011
1012 while (1) {
1013
1014 /* Get next list entry. */
1015 ref = LIST_NEXT(&ref->list, struct tls_keys_ref *, list);
1016
1017 /* If the entry is the last of the list, return NULL. */
1018 if (&ref->list == end)
1019 return NULL;
1020
1021 return ref;
1022 }
1023}
1024
1025static inline
1026struct tls_keys_ref *tlskeys_ref_lookup_ref(const char *reference)
1027{
1028 int id;
1029 char *error;
1030
1031 /* If the reference starts by a '#', this is numeric id. */
1032 if (reference[0] == '#') {
1033 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
1034 id = strtol(reference + 1, &error, 10);
1035 if (*error != '\0')
1036 return NULL;
1037
1038 /* Perform the unique id lookup. */
1039 return tlskeys_ref_lookupid(id);
1040 }
1041
1042 /* Perform the string lookup. */
1043 return tlskeys_ref_lookup(reference);
1044}
1045#endif
1046
1047/* This function is used with map and acl management. It permits to browse
1048 * each reference. The variable <getnext> must contain the current node,
1049 * <end> point to the root node and the <flags> permit to filter required
1050 * nodes.
1051 */
1052static inline
1053struct pat_ref *pat_list_get_next(struct pat_ref *getnext, struct list *end,
1054 unsigned int flags)
1055{
1056 struct pat_ref *ref = getnext;
1057
1058 while (1) {
1059
1060 /* Get next list entry. */
1061 ref = LIST_NEXT(&ref->list, struct pat_ref *, list);
1062
1063 /* If the entry is the last of the list, return NULL. */
1064 if (&ref->list == end)
1065 return NULL;
1066
1067 /* If the entry match the flag, return it. */
1068 if (ref->flags & flags)
1069 return ref;
1070 }
1071}
1072
1073static inline
1074struct pat_ref *pat_ref_lookup_ref(const char *reference)
1075{
1076 int id;
1077 char *error;
1078
1079 /* If the reference starts by a '#', this is numeric id. */
1080 if (reference[0] == '#') {
1081 /* Try to convert the numeric id. If the conversion fails, the lookup fails. */
1082 id = strtol(reference + 1, &error, 10);
1083 if (*error != '\0')
1084 return NULL;
1085
1086 /* Perform the unique id lookup. */
1087 return pat_ref_lookupid(id);
1088 }
1089
1090 /* Perform the string lookup. */
1091 return pat_ref_lookup(reference);
1092}
1093
1094/* This function is used with map and acl management. It permits to browse
1095 * each reference.
1096 */
1097static inline
1098struct pattern_expr *pat_expr_get_next(struct pattern_expr *getnext, struct list *end)
1099{
1100 struct pattern_expr *expr;
1101 expr = LIST_NEXT(&getnext->list, struct pattern_expr *, list);
1102 if (&expr->list == end)
1103 return NULL;
1104 return expr;
1105}
1106
1107/* Processes the stats interpreter on the statistics socket. This function is
1108 * called from an applet running in a stream interface. The function returns 1
1109 * if the request was understood, otherwise zero. It sets appctx->st0 to a value
1110 * designating the function which will have to process the request, which can
1111 * also be the print function to display the return message set into cli.msg.
1112 */
1113static int stats_sock_parse_request(struct stream_interface *si, char *line)
1114{
1115 struct stream *s = si_strm(si);
1116 struct appctx *appctx = __objt_appctx(si->end);
1117 char *args[MAX_STATS_ARGS + 1];
1118 struct cli_kw *kw;
1119 int arg;
1120 int i, j;
1121
1122 while (isspace((unsigned char)*line))
1123 line++;
1124
1125 arg = 0;
1126 args[arg] = line;
1127
1128 while (*line && arg < MAX_STATS_ARGS) {
1129 if (*line == '\\') {
1130 line++;
1131 if (*line == '\0')
1132 break;
1133 }
1134 else if (isspace((unsigned char)*line)) {
1135 *line++ = '\0';
1136
1137 while (isspace((unsigned char)*line))
1138 line++;
1139
1140 args[++arg] = line;
1141 continue;
1142 }
1143
1144 line++;
1145 }
1146
1147 while (++arg <= MAX_STATS_ARGS)
1148 args[arg] = line;
1149
1150 /* remove \ */
1151 arg = 0;
1152 while (*args[arg] != '\0') {
1153 j = 0;
1154 for (i=0; args[arg][i] != '\0'; i++) {
1155 if (args[arg][i] == '\\')
1156 continue;
1157 args[arg][j] = args[arg][i];
1158 j++;
1159 }
1160 args[arg][j] = '\0';
1161 arg++;
1162 }
1163
1164 appctx->ctx.stats.scope_str = 0;
1165 appctx->ctx.stats.scope_len = 0;
1166 appctx->ctx.stats.flags = 0;
1167 if ((kw = cli_find_kw(args))) {
1168 if (kw->parse) {
1169 if (kw->parse(args, appctx, kw->private) == 0 && kw->io_handler) {
1170 appctx->st0 = STAT_CLI_O_CUSTOM;
1171 appctx->io_handler = kw->io_handler;
1172 appctx->io_release = kw->io_release;
1173 }
1174 }
1175 } else if (strcmp(args[0], "show") == 0) {
1176 if (strcmp(args[1], "backend") == 0) {
1177 appctx->ctx.be.px = NULL;
1178 appctx->st2 = STAT_ST_INIT;
1179 appctx->st0 = STAT_CLI_O_BACKEND;
1180 }
1181 else if (strcmp(args[1], "env") == 0) {
1182 extern char **environ;
1183
1184 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1185 appctx->ctx.cli.msg = stats_permission_denied_msg;
1186 appctx->st0 = STAT_CLI_PRINT;
1187 return 1;
1188 }
1189 appctx->ctx.env.var = environ;
1190 appctx->st2 = STAT_ST_INIT;
1191 appctx->st0 = STAT_CLI_O_ENV; // stats_dump_env_to_buffer
1192
1193 if (*args[2]) {
1194 int len = strlen(args[2]);
1195
1196 for (; *appctx->ctx.env.var; appctx->ctx.env.var++) {
1197 if (strncmp(*appctx->ctx.env.var, args[2], len) == 0 &&
1198 (*appctx->ctx.env.var)[len] == '=')
1199 break;
1200 }
1201 if (!*appctx->ctx.env.var) {
1202 appctx->ctx.cli.msg = "Variable not found\n";
1203 appctx->st0 = STAT_CLI_PRINT;
1204 return 1;
1205 }
1206 appctx->st2 = STAT_ST_END;
1207 }
1208 }
1209 else if (strcmp(args[1], "stat") == 0) {
1210 if (strcmp(args[2], "resolvers") == 0) {
1211 struct dns_resolvers *presolvers;
1212
1213 if (*args[3]) {
1214 appctx->ctx.resolvers.ptr = NULL;
1215 list_for_each_entry(presolvers, &dns_resolvers, list) {
1216 if (strcmp(presolvers->id, args[3]) == 0) {
1217 appctx->ctx.resolvers.ptr = presolvers;
1218 break;
1219 }
1220 }
1221 if (appctx->ctx.resolvers.ptr == NULL) {
1222 appctx->ctx.cli.msg = "Can't find that resolvers section\n";
1223 appctx->st0 = STAT_CLI_PRINT;
1224 return 1;
1225 }
1226 }
1227
1228 appctx->st2 = STAT_ST_INIT;
1229 appctx->st0 = STAT_CLI_O_RESOLVERS;
1230 return 1;
1231 }
1232 else if (*args[2] && *args[3] && *args[4]) {
1233 appctx->ctx.stats.flags |= STAT_BOUND;
1234 appctx->ctx.stats.iid = atoi(args[2]);
1235 appctx->ctx.stats.type = atoi(args[3]);
1236 appctx->ctx.stats.sid = atoi(args[4]);
1237 if (strcmp(args[5], "typed") == 0)
1238 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1239 }
1240 else if (strcmp(args[2], "typed") == 0)
1241 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1242
1243 appctx->st2 = STAT_ST_INIT;
1244 appctx->st0 = STAT_CLI_O_STAT; // stats_dump_stat_to_buffer
1245 }
1246 else if (strcmp(args[1], "info") == 0) {
1247 if (strcmp(args[2], "typed") == 0)
1248 appctx->ctx.stats.flags |= STAT_FMT_TYPED;
1249 appctx->st2 = STAT_ST_INIT;
1250 appctx->st0 = STAT_CLI_O_INFO; // stats_dump_info_to_buffer
1251 }
1252 else if (strcmp(args[1], "servers") == 0 && strcmp(args[2], "state") == 0) {
1253 appctx->ctx.server_state.iid = 0;
1254 appctx->ctx.server_state.px = NULL;
1255 appctx->ctx.server_state.sv = NULL;
1256
1257 /* check if a backend name has been provided */
1258 if (*args[3]) {
1259 /* read server state from local file */
1260 appctx->ctx.server_state.px = proxy_be_by_name(args[3]);
1261
1262 if (!appctx->ctx.server_state.px) {
1263 appctx->ctx.cli.msg = "Can't find backend.\n";
1264 appctx->st0 = STAT_CLI_PRINT;
1265 return 1;
1266 }
1267 appctx->ctx.server_state.iid = appctx->ctx.server_state.px->uuid;
1268 }
1269 appctx->st2 = STAT_ST_INIT;
1270 appctx->st0 = STAT_CLI_O_SERVERS_STATE; // stats_dump_servers_state_to_buffer
1271 return 1;
1272 }
1273 else if (strcmp(args[1], "pools") == 0) {
1274 appctx->st2 = STAT_ST_INIT;
1275 appctx->st0 = STAT_CLI_O_POOLS; // stats_dump_pools_to_buffer
1276 }
1277 else if (strcmp(args[1], "sess") == 0) {
1278 appctx->st2 = STAT_ST_INIT;
1279 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1280 appctx->ctx.cli.msg = stats_permission_denied_msg;
1281 appctx->st0 = STAT_CLI_PRINT;
1282 return 1;
1283 }
1284 if (*args[2] && strcmp(args[2], "all") == 0)
1285 appctx->ctx.sess.target = (void *)-1;
1286 else if (*args[2])
1287 appctx->ctx.sess.target = (void *)strtoul(args[2], NULL, 0);
1288 else
1289 appctx->ctx.sess.target = NULL;
1290 appctx->ctx.sess.section = 0; /* start with stream status */
1291 appctx->ctx.sess.pos = 0;
1292 appctx->st0 = STAT_CLI_O_SESS; // stats_dump_sess_to_buffer
1293 }
1294 else if (strcmp(args[1], "errors") == 0) {
1295 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER) {
1296 appctx->ctx.cli.msg = stats_permission_denied_msg;
1297 appctx->st0 = STAT_CLI_PRINT;
1298 return 1;
1299 }
1300 if (*args[2])
1301 appctx->ctx.errors.iid = atoi(args[2]);
1302 else
1303 appctx->ctx.errors.iid = -1;
1304 appctx->ctx.errors.px = NULL;
1305 appctx->st2 = STAT_ST_INIT;
1306 appctx->st0 = STAT_CLI_O_ERR; // stats_dump_errors_to_buffer
1307 }
1308 else if (strcmp(args[1], "table") == 0) {
1309 stats_sock_table_request(si, args, STAT_CLI_O_TAB);
1310 }
1311 else if (strcmp(args[1], "tls-keys") == 0) {
1312#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
1313 appctx->ctx.tlskeys.dump_all = 0;
1314 /* no parameter, shows only file list */
1315 if (!*args[2]) {
1316 appctx->ctx.tlskeys.dump_all = 1;
1317 appctx->st2 = STAT_ST_INIT;
1318 appctx->st0 = STAT_CLI_O_TLSK;
1319 return 1;
1320 }
1321
1322 if (args[2][0] == '*') {
1323 /* list every TLS ticket keys */
1324 appctx->ctx.tlskeys.ref = NULL;
1325 appctx->ctx.tlskeys.dump_all = 1;
1326 } else {
1327 appctx->ctx.tlskeys.ref = tlskeys_ref_lookup_ref(args[2]);
1328 if(!appctx->ctx.tlskeys.ref) {
1329 appctx->ctx.cli.msg = "'show tls-keys' unable to locate referenced filename\n";
1330 appctx->st0 = STAT_CLI_PRINT;
1331 return 1;
1332 }
1333 }
1334 appctx->st2 = STAT_ST_INIT;
1335 appctx->st0 = STAT_CLI_O_TLSK_ENT;
1336
1337#else
1338 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL "
1339 "that doesn't support specifying TLS ticket keys\n";
1340 appctx->st0 = STAT_CLI_PRINT;
1341#endif
1342 return 1;
1343 }
1344 else if (strcmp(args[1], "map") == 0 ||
1345 strcmp(args[1], "acl") == 0) {
1346
1347 /* Set ACL or MAP flags. */
1348 if (args[1][0] == 'm')
1349 appctx->ctx.map.display_flags = PAT_REF_MAP;
1350 else
1351 appctx->ctx.map.display_flags = PAT_REF_ACL;
1352
1353 /* no parameter: display all map available */
1354 if (!*args[2]) {
1355 appctx->st2 = STAT_ST_INIT;
1356 appctx->st0 = STAT_CLI_O_PATS;
1357 return 1;
1358 }
1359
1360 /* lookup into the refs and check the map flag */
1361 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1362 if (!appctx->ctx.map.ref ||
1363 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
1364 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1365 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1366 else
1367 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1368 appctx->st0 = STAT_CLI_PRINT;
1369 return 1;
1370 }
1371 appctx->st2 = STAT_ST_INIT;
1372 appctx->st0 = STAT_CLI_O_PAT;
1373 }
1374 else { /* neither "stat" nor "info" nor "sess" nor "errors" nor "table" */
1375 return 0;
1376 }
1377 }
1378 else if (strcmp(args[0], "clear") == 0) {
1379 if (strcmp(args[1], "counters") == 0) {
1380 struct proxy *px;
1381 struct server *sv;
1382 struct listener *li;
1383 int clrall = 0;
1384
1385 if (strcmp(args[2], "all") == 0)
1386 clrall = 1;
1387
1388 /* check permissions */
1389 if (strm_li(s)->bind_conf->level < ACCESS_LVL_OPER ||
1390 (clrall && strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN)) {
1391 appctx->ctx.cli.msg = stats_permission_denied_msg;
1392 appctx->st0 = STAT_CLI_PRINT;
1393 return 1;
1394 }
1395
1396 for (px = proxy; px; px = px->next) {
1397 if (clrall) {
1398 memset(&px->be_counters, 0, sizeof(px->be_counters));
1399 memset(&px->fe_counters, 0, sizeof(px->fe_counters));
1400 }
1401 else {
1402 px->be_counters.conn_max = 0;
1403 px->be_counters.p.http.rps_max = 0;
1404 px->be_counters.sps_max = 0;
1405 px->be_counters.cps_max = 0;
1406 px->be_counters.nbpend_max = 0;
1407
1408 px->fe_counters.conn_max = 0;
1409 px->fe_counters.p.http.rps_max = 0;
1410 px->fe_counters.sps_max = 0;
1411 px->fe_counters.cps_max = 0;
1412 px->fe_counters.nbpend_max = 0;
1413 }
1414
1415 for (sv = px->srv; sv; sv = sv->next)
1416 if (clrall)
1417 memset(&sv->counters, 0, sizeof(sv->counters));
1418 else {
1419 sv->counters.cur_sess_max = 0;
1420 sv->counters.nbpend_max = 0;
1421 sv->counters.sps_max = 0;
1422 }
1423
1424 list_for_each_entry(li, &px->conf.listeners, by_fe)
1425 if (li->counters) {
1426 if (clrall)
1427 memset(li->counters, 0, sizeof(*li->counters));
1428 else
1429 li->counters->conn_max = 0;
1430 }
1431 }
1432
1433 global.cps_max = 0;
1434 global.sps_max = 0;
1435 return 1;
1436 }
1437 else if (strcmp(args[1], "table") == 0) {
1438 stats_sock_table_request(si, args, STAT_CLI_O_CLR);
1439 /* end of processing */
1440 return 1;
1441 }
1442 else if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
1443 /* Set ACL or MAP flags. */
1444 if (args[1][0] == 'm')
1445 appctx->ctx.map.display_flags = PAT_REF_MAP;
1446 else
1447 appctx->ctx.map.display_flags = PAT_REF_ACL;
1448
1449 /* no parameter */
1450 if (!*args[2]) {
1451 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1452 appctx->ctx.cli.msg = "Missing map identifier.\n";
1453 else
1454 appctx->ctx.cli.msg = "Missing ACL identifier.\n";
1455 appctx->st0 = STAT_CLI_PRINT;
1456 return 1;
1457 }
1458
1459 /* lookup into the refs and check the map flag */
1460 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1461 if (!appctx->ctx.map.ref ||
1462 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
1463 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1464 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1465 else
1466 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1467 appctx->st0 = STAT_CLI_PRINT;
1468 return 1;
1469 }
1470
1471 /* Clear all. */
1472 pat_ref_prune(appctx->ctx.map.ref);
1473
1474 /* return response */
1475 appctx->st0 = STAT_CLI_PROMPT;
1476 return 1;
1477 }
1478 else {
1479 /* unknown "clear" argument */
1480 return 0;
1481 }
1482 }
1483 else if (strcmp(args[0], "get") == 0) {
1484 if (strcmp(args[1], "weight") == 0) {
1485 struct proxy *px;
1486 struct server *sv;
1487
1488 /* split "backend/server" and make <line> point to server */
1489 for (line = args[2]; *line; line++)
1490 if (*line == '/') {
1491 *line++ = '\0';
1492 break;
1493 }
1494
1495 if (!*line) {
1496 appctx->ctx.cli.msg = "Require 'backend/server'.\n";
1497 appctx->st0 = STAT_CLI_PRINT;
1498 return 1;
1499 }
1500
1501 if (!get_backend_server(args[2], line, &px, &sv)) {
1502 appctx->ctx.cli.msg = px ? "No such server.\n" : "No such backend.\n";
1503 appctx->st0 = STAT_CLI_PRINT;
1504 return 1;
1505 }
1506
1507 /* return server's effective weight at the moment */
1508 snprintf(trash.str, trash.size, "%d (initial %d)\n", sv->uweight, sv->iweight);
1509 if (bi_putstr(si_ic(si), trash.str) == -1)
1510 si_applet_cant_put(si);
1511
1512 return 1;
1513 }
1514 else if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
1515 /* Set flags. */
1516 if (args[1][0] == 'm')
1517 appctx->ctx.map.display_flags = PAT_REF_MAP;
1518 else
1519 appctx->ctx.map.display_flags = PAT_REF_ACL;
1520
1521 /* No parameter. */
1522 if (!*args[2] || !*args[3]) {
1523 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1524 appctx->ctx.cli.msg = "Missing map identifier and/or key.\n";
1525 else
1526 appctx->ctx.cli.msg = "Missing ACL identifier and/or key.\n";
1527 appctx->st0 = STAT_CLI_PRINT;
1528 return 1;
1529 }
1530
1531 /* lookup into the maps */
1532 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1533 if (!appctx->ctx.map.ref) {
1534 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
1535 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1536 else
1537 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
1538 appctx->st0 = STAT_CLI_PRINT;
1539 return 1;
1540 }
1541
1542 /* copy input string. The string must be allocated because
1543 * it may be used over multiple iterations. It's released
1544 * at the end and upon abort anyway.
1545 */
1546 appctx->ctx.map.chunk.len = strlen(args[3]);
1547 appctx->ctx.map.chunk.size = appctx->ctx.map.chunk.len + 1;
1548 appctx->ctx.map.chunk.str = strdup(args[3]);
1549 if (!appctx->ctx.map.chunk.str) {
1550 appctx->ctx.cli.msg = "Out of memory error.\n";
1551 appctx->st0 = STAT_CLI_PRINT;
1552 return 1;
1553 }
1554
1555 /* prepare response */
1556 appctx->st2 = STAT_ST_INIT;
1557 appctx->st0 = STAT_CLI_O_MLOOK;
1558 }
1559 else { /* not "get weight" */
1560 return 0;
1561 }
1562 }
1563 else if (strcmp(args[0], "set") == 0) {
1564 if (strcmp(args[1], "weight") == 0) {
1565 struct server *sv;
1566 const char *warning;
1567
1568 sv = expect_server_admin(s, si, args[2]);
1569 if (!sv)
1570 return 1;
1571
1572 warning = server_parse_weight_change_request(sv, args[3]);
1573 if (warning) {
1574 appctx->ctx.cli.msg = warning;
1575 appctx->st0 = STAT_CLI_PRINT;
1576 }
1577 return 1;
1578 }
1579 else if (strcmp(args[1], "server") == 0) {
1580 struct server *sv;
1581 const char *warning;
1582
1583 sv = expect_server_admin(s, si, args[2]);
1584 if (!sv)
1585 return 1;
1586
1587 if (strcmp(args[3], "weight") == 0) {
1588 warning = server_parse_weight_change_request(sv, args[4]);
1589 if (warning) {
1590 appctx->ctx.cli.msg = warning;
1591 appctx->st0 = STAT_CLI_PRINT;
1592 }
1593 }
1594 else if (strcmp(args[3], "state") == 0) {
1595 if (strcmp(args[4], "ready") == 0)
1596 srv_adm_set_ready(sv);
1597 else if (strcmp(args[4], "drain") == 0)
1598 srv_adm_set_drain(sv);
1599 else if (strcmp(args[4], "maint") == 0)
1600 srv_adm_set_maint(sv);
1601 else {
1602 appctx->ctx.cli.msg = "'set server <srv> state' expects 'ready', 'drain' and 'maint'.\n";
1603 appctx->st0 = STAT_CLI_PRINT;
1604 }
1605 }
1606 else if (strcmp(args[3], "health") == 0) {
1607 if (sv->track) {
1608 appctx->ctx.cli.msg = "cannot change health on a tracking server.\n";
1609 appctx->st0 = STAT_CLI_PRINT;
1610 }
1611 else if (strcmp(args[4], "up") == 0) {
1612 sv->check.health = sv->check.rise + sv->check.fall - 1;
1613 srv_set_running(sv, "changed from CLI");
1614 }
1615 else if (strcmp(args[4], "stopping") == 0) {
1616 sv->check.health = sv->check.rise + sv->check.fall - 1;
1617 srv_set_stopping(sv, "changed from CLI");
1618 }
1619 else if (strcmp(args[4], "down") == 0) {
1620 sv->check.health = 0;
1621 srv_set_stopped(sv, "changed from CLI");
1622 }
1623 else {
1624 appctx->ctx.cli.msg = "'set server <srv> health' expects 'up', 'stopping', or 'down'.\n";
1625 appctx->st0 = STAT_CLI_PRINT;
1626 }
1627 }
1628 else if (strcmp(args[3], "agent") == 0) {
1629 if (!(sv->agent.state & CHK_ST_ENABLED)) {
1630 appctx->ctx.cli.msg = "agent checks are not enabled on this server.\n";
1631 appctx->st0 = STAT_CLI_PRINT;
1632 }
1633 else if (strcmp(args[4], "up") == 0) {
1634 sv->agent.health = sv->agent.rise + sv->agent.fall - 1;
1635 srv_set_running(sv, "changed from CLI");
1636 }
1637 else if (strcmp(args[4], "down") == 0) {
1638 sv->agent.health = 0;
1639 srv_set_stopped(sv, "changed from CLI");
1640 }
1641 else {
1642 appctx->ctx.cli.msg = "'set server <srv> agent' expects 'up' or 'down'.\n";
1643 appctx->st0 = STAT_CLI_PRINT;
1644 }
1645 }
1646 else if (strcmp(args[3], "check-port") == 0) {
1647 int i = 0;
1648 if (strl2irc(args[4], strlen(args[4]), &i) != 0) {
1649 appctx->ctx.cli.msg = "'set server <srv> check-port' expects an integer as argument.\n";
1650 appctx->st0 = STAT_CLI_PRINT;
1651 }
1652 if ((i < 0) || (i > 65535)) {
1653 appctx->ctx.cli.msg = "provided port is not valid.\n";
1654 appctx->st0 = STAT_CLI_PRINT;
1655 }
1656 /* prevent the update of port to 0 if MAPPORTS are in use */
1657 if ((sv->flags & SRV_F_MAPPORTS) && (i == 0)) {
1658 appctx->ctx.cli.msg = "can't unset 'port' since MAPPORTS is in use.\n";
1659 appctx->st0 = STAT_CLI_PRINT;
1660 return 1;
1661 }
1662 sv->check.port = i;
1663 appctx->ctx.cli.msg = "health check port updated.\n";
1664 appctx->st0 = STAT_CLI_PRINT;
1665 }
1666 else if (strcmp(args[3], "addr") == 0) {
1667 char *addr = NULL;
1668 char *port = NULL;
1669 if (strlen(args[4]) == 0) {
1670 appctx->ctx.cli.msg = "set server <b>/<s> addr requires an address and optionally a port.\n";
1671 appctx->st0 = STAT_CLI_PRINT;
1672 return 1;
1673 }
1674 else {
1675 addr = args[4];
1676 }
1677 if (strcmp(args[5], "port") == 0) {
1678 port = args[6];
1679 }
1680 warning = update_server_addr_port(sv, addr, port, "stats socket command");
1681 if (warning) {
1682 appctx->ctx.cli.msg = warning;
1683 appctx->st0 = STAT_CLI_PRINT;
1684 }
1685 srv_clr_admin_flag(sv, SRV_ADMF_RMAINT);
1686 }
1687 else {
1688 appctx->ctx.cli.msg = "'set server <srv>' only supports 'agent', 'health', 'state', 'weight', 'addr' and 'check-port'.\n";
1689 appctx->st0 = STAT_CLI_PRINT;
1690 }
1691 return 1;
1692 }
1693 else if (strcmp(args[1], "timeout") == 0) {
1694 if (strcmp(args[2], "cli") == 0) {
1695 unsigned timeout;
1696 const char *res;
1697
1698 if (!*args[3]) {
1699 appctx->ctx.cli.msg = "Expects an integer value.\n";
1700 appctx->st0 = STAT_CLI_PRINT;
1701 return 1;
1702 }
1703
1704 res = parse_time_err(args[3], &timeout, TIME_UNIT_S);
1705 if (res || timeout < 1) {
1706 appctx->ctx.cli.msg = "Invalid timeout value.\n";
1707 appctx->st0 = STAT_CLI_PRINT;
1708 return 1;
1709 }
1710
1711 s->req.rto = s->res.wto = 1 + MS_TO_TICKS(timeout*1000);
1712 task_wakeup(s->task, TASK_WOKEN_MSG); // recompute timeouts
1713 return 1;
1714 }
1715 else {
1716 appctx->ctx.cli.msg = "'set timeout' only supports 'cli'.\n";
1717 appctx->st0 = STAT_CLI_PRINT;
1718 return 1;
1719 }
1720 }
1721 else if (strcmp(args[1], "maxconn") == 0) {
1722 if (strcmp(args[2], "frontend") == 0) {
1723 struct proxy *px;
1724 struct listener *l;
1725 int v;
1726
1727 px = expect_frontend_admin(s, si, args[3]);
1728 if (!px)
1729 return 1;
1730
1731 if (!*args[4]) {
1732 appctx->ctx.cli.msg = "Integer value expected.\n";
1733 appctx->st0 = STAT_CLI_PRINT;
1734 return 1;
1735 }
1736
1737 v = atoi(args[4]);
1738 if (v < 0) {
1739 appctx->ctx.cli.msg = "Value out of range.\n";
1740 appctx->st0 = STAT_CLI_PRINT;
1741 return 1;
1742 }
1743
1744 /* OK, the value is fine, so we assign it to the proxy and to all of
1745 * its listeners. The blocked ones will be dequeued.
1746 */
1747 px->maxconn = v;
1748 list_for_each_entry(l, &px->conf.listeners, by_fe) {
1749 l->maxconn = v;
1750 if (l->state == LI_FULL)
1751 resume_listener(l);
1752 }
1753
1754 if (px->maxconn > px->feconn && !LIST_ISEMPTY(&px->listener_queue))
1755 dequeue_all_listeners(&px->listener_queue);
1756
1757 return 1;
1758 }
1759 else if (strcmp(args[2], "server") == 0) {
1760 struct server *sv;
1761 const char *warning;
1762
1763 sv = expect_server_admin(s, si, args[3]);
1764 if (!sv)
1765 return 1;
1766
1767 warning = server_parse_maxconn_change_request(sv, args[4]);
1768 if (warning) {
1769 appctx->ctx.cli.msg = warning;
1770 appctx->st0 = STAT_CLI_PRINT;
1771 }
1772
1773 return 1;
1774 }
1775 else if (strcmp(args[2], "global") == 0) {
1776 int v;
1777
1778 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1779 appctx->ctx.cli.msg = stats_permission_denied_msg;
1780 appctx->st0 = STAT_CLI_PRINT;
1781 return 1;
1782 }
1783
1784 if (!*args[3]) {
1785 appctx->ctx.cli.msg = "Expects an integer value.\n";
1786 appctx->st0 = STAT_CLI_PRINT;
1787 return 1;
1788 }
1789
1790 v = atoi(args[3]);
1791 if (v > global.hardmaxconn) {
1792 appctx->ctx.cli.msg = "Value out of range.\n";
1793 appctx->st0 = STAT_CLI_PRINT;
1794 return 1;
1795 }
1796
1797 /* check for unlimited values */
1798 if (v <= 0)
1799 v = global.hardmaxconn;
1800
1801 global.maxconn = v;
1802
1803 /* Dequeues all of the listeners waiting for a resource */
1804 if (!LIST_ISEMPTY(&global_listener_queue))
1805 dequeue_all_listeners(&global_listener_queue);
1806
1807 return 1;
1808 }
1809 else {
1810 appctx->ctx.cli.msg = "'set maxconn' only supports 'frontend', 'server', and 'global'.\n";
1811 appctx->st0 = STAT_CLI_PRINT;
1812 return 1;
1813 }
1814 }
1815 else if (strcmp(args[1], "rate-limit") == 0) {
1816 if (strcmp(args[2], "connections") == 0) {
1817 if (strcmp(args[3], "global") == 0) {
1818 int v;
1819
1820 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1821 appctx->ctx.cli.msg = stats_permission_denied_msg;
1822 appctx->st0 = STAT_CLI_PRINT;
1823 return 1;
1824 }
1825
1826 if (!*args[4]) {
1827 appctx->ctx.cli.msg = "Expects an integer value.\n";
1828 appctx->st0 = STAT_CLI_PRINT;
1829 return 1;
1830 }
1831
1832 v = atoi(args[4]);
1833 if (v < 0) {
1834 appctx->ctx.cli.msg = "Value out of range.\n";
1835 appctx->st0 = STAT_CLI_PRINT;
1836 return 1;
1837 }
1838
1839 global.cps_lim = v;
1840
1841 /* Dequeues all of the listeners waiting for a resource */
1842 if (!LIST_ISEMPTY(&global_listener_queue))
1843 dequeue_all_listeners(&global_listener_queue);
1844
1845 return 1;
1846 }
1847 else {
1848 appctx->ctx.cli.msg = "'set rate-limit connections' only supports 'global'.\n";
1849 appctx->st0 = STAT_CLI_PRINT;
1850 return 1;
1851 }
1852 }
1853 else if (strcmp(args[2], "sessions") == 0) {
1854 if (strcmp(args[3], "global") == 0) {
1855 int v;
1856
1857 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1858 appctx->ctx.cli.msg = stats_permission_denied_msg;
1859 appctx->st0 = STAT_CLI_PRINT;
1860 return 1;
1861 }
1862
1863 if (!*args[4]) {
1864 appctx->ctx.cli.msg = "Expects an integer value.\n";
1865 appctx->st0 = STAT_CLI_PRINT;
1866 return 1;
1867 }
1868
1869 v = atoi(args[4]);
1870 if (v < 0) {
1871 appctx->ctx.cli.msg = "Value out of range.\n";
1872 appctx->st0 = STAT_CLI_PRINT;
1873 return 1;
1874 }
1875
1876 global.sps_lim = v;
1877
1878 /* Dequeues all of the listeners waiting for a resource */
1879 if (!LIST_ISEMPTY(&global_listener_queue))
1880 dequeue_all_listeners(&global_listener_queue);
1881
1882 return 1;
1883 }
1884 else {
1885 appctx->ctx.cli.msg = "'set rate-limit sessions' only supports 'global'.\n";
1886 appctx->st0 = STAT_CLI_PRINT;
1887 return 1;
1888 }
1889 }
1890#ifdef USE_OPENSSL
1891 else if (strcmp(args[2], "ssl-sessions") == 0) {
1892 if (strcmp(args[3], "global") == 0) {
1893 int v;
1894
1895 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1896 appctx->ctx.cli.msg = stats_permission_denied_msg;
1897 appctx->st0 = STAT_CLI_PRINT;
1898 return 1;
1899 }
1900
1901 if (!*args[4]) {
1902 appctx->ctx.cli.msg = "Expects an integer value.\n";
1903 appctx->st0 = STAT_CLI_PRINT;
1904 return 1;
1905 }
1906
1907 v = atoi(args[4]);
1908 if (v < 0) {
1909 appctx->ctx.cli.msg = "Value out of range.\n";
1910 appctx->st0 = STAT_CLI_PRINT;
1911 return 1;
1912 }
1913
1914 global.ssl_lim = v;
1915
1916 /* Dequeues all of the listeners waiting for a resource */
1917 if (!LIST_ISEMPTY(&global_listener_queue))
1918 dequeue_all_listeners(&global_listener_queue);
1919
1920 return 1;
1921 }
1922 else {
1923 appctx->ctx.cli.msg = "'set rate-limit ssl-sessions' only supports 'global'.\n";
1924 appctx->st0 = STAT_CLI_PRINT;
1925 return 1;
1926 }
1927 }
1928#endif
1929 else if (strcmp(args[2], "http-compression") == 0) {
1930 if (strcmp(args[3], "global") == 0) {
1931 int v;
1932
1933 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
1934 appctx->ctx.cli.msg = stats_permission_denied_msg;
1935 appctx->st0 = STAT_CLI_PRINT;
1936 return 1;
1937 }
1938
1939 if (!*args[4]) {
1940 appctx->ctx.cli.msg = "Expects a maximum input byte rate in kB/s.\n";
1941 appctx->st0 = STAT_CLI_PRINT;
1942 return 1;
1943 }
1944
1945 v = atoi(args[4]);
1946 global.comp_rate_lim = v * 1024; /* Kilo to bytes. */
1947 }
1948 else {
1949 appctx->ctx.cli.msg = "'set rate-limit http-compression' only supports 'global'.\n";
1950 appctx->st0 = STAT_CLI_PRINT;
1951 return 1;
1952 }
1953 }
1954 else {
1955 appctx->ctx.cli.msg = "'set rate-limit' supports 'connections', 'sessions', 'ssl-sessions', and 'http-compression'.\n";
1956 appctx->st0 = STAT_CLI_PRINT;
1957 return 1;
1958 }
1959 }
1960 else if (strcmp(args[1], "table") == 0) {
1961 stats_sock_table_request(si, args, STAT_CLI_O_SET);
1962 }
1963 else if (strcmp(args[1], "map") == 0) {
1964 char *err;
1965
1966 /* Set flags. */
1967 appctx->ctx.map.display_flags = PAT_REF_MAP;
1968
1969 /* Expect three parameters: map name, key and new value. */
1970 if (!*args[2] || !*args[3] || !*args[4]) {
1971 appctx->ctx.cli.msg = "'set map' expects three parameters: map identifier, key and value.\n";
1972 appctx->st0 = STAT_CLI_PRINT;
1973 return 1;
1974 }
1975
1976 /* Lookup the reference in the maps. */
1977 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
1978 if (!appctx->ctx.map.ref) {
1979 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
1980 appctx->st0 = STAT_CLI_PRINT;
1981 return 1;
1982 }
1983
1984 /* If the entry identifier start with a '#', it is considered as
1985 * pointer id
1986 */
1987 if (args[3][0] == '#' && args[3][1] == '0' && args[3][2] == 'x') {
1988 struct pat_ref_elt *ref;
1989 long long int conv;
1990 char *error;
1991
1992 /* Convert argument to integer value. */
1993 conv = strtoll(&args[3][1], &error, 16);
1994 if (*error != '\0') {
1995 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
1996 appctx->st0 = STAT_CLI_PRINT;
1997 return 1;
1998 }
1999
2000 /* Convert and check integer to pointer. */
2001 ref = (struct pat_ref_elt *)(long)conv;
2002 if ((long long int)(long)ref != conv) {
2003 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2004 appctx->st0 = STAT_CLI_PRINT;
2005 return 1;
2006 }
2007
2008 /* Try to delete the entry. */
2009 err = NULL;
2010 if (!pat_ref_set_by_id(appctx->ctx.map.ref, ref, args[4], &err)) {
2011 if (err)
2012 memprintf(&err, "%s.\n", err);
2013 appctx->ctx.cli.err = err;
2014 appctx->st0 = STAT_CLI_PRINT_FREE;
2015 return 1;
2016 }
2017 }
2018 else {
2019 /* Else, use the entry identifier as pattern
2020 * string, and update the value.
2021 */
2022 err = NULL;
2023 if (!pat_ref_set(appctx->ctx.map.ref, args[3], args[4], &err)) {
2024 if (err)
2025 memprintf(&err, "%s.\n", err);
2026 appctx->ctx.cli.err = err;
2027 appctx->st0 = STAT_CLI_PRINT_FREE;
2028 return 1;
2029 }
2030 }
2031
2032 /* The set is done, send message. */
2033 appctx->st0 = STAT_CLI_PROMPT;
2034 return 1;
2035 }
2036#ifdef USE_OPENSSL
2037 else if (strcmp(args[1], "ssl") == 0) {
2038 if (strcmp(args[2], "ocsp-response") == 0) {
2039#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP)
2040 char *err = NULL;
2041
2042 /* Expect one parameter: the new response in base64 encoding */
2043 if (!*args[3]) {
2044 appctx->ctx.cli.msg = "'set ssl ocsp-response' expects response in base64 encoding.\n";
2045 appctx->st0 = STAT_CLI_PRINT;
2046 return 1;
2047 }
2048
2049 trash.len = base64dec(args[3], strlen(args[3]), trash.str, trash.size);
2050 if (trash.len < 0) {
2051 appctx->ctx.cli.msg = "'set ssl ocsp-response' received invalid base64 encoded response.\n";
2052 appctx->st0 = STAT_CLI_PRINT;
2053 return 1;
2054 }
2055
2056 if (ssl_sock_update_ocsp_response(&trash, &err)) {
2057 if (err) {
2058 memprintf(&err, "%s.\n", err);
2059 appctx->ctx.cli.err = err;
2060 appctx->st0 = STAT_CLI_PRINT_FREE;
2061 }
2062 return 1;
2063 }
2064 appctx->ctx.cli.msg = "OCSP Response updated!";
2065 appctx->st0 = STAT_CLI_PRINT;
2066 return 1;
2067#else
2068 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL that doesn't support OCSP stapling.\n";
2069 appctx->st0 = STAT_CLI_PRINT;
2070 return 1;
2071#endif
2072 }
2073 else if (strcmp(args[2], "tls-key") == 0) {
2074#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
2075 /* Expect two parameters: the filename and the new new TLS key in encoding */
2076 if (!*args[3] || !*args[4]) {
2077 appctx->ctx.cli.msg = "'set ssl tls-key' expects a filename and the new TLS key in base64 encoding.\n";
2078 appctx->st0 = STAT_CLI_PRINT;
2079 return 1;
2080 }
2081
2082 appctx->ctx.tlskeys.ref = tlskeys_ref_lookup_ref(args[3]);
2083 if(!appctx->ctx.tlskeys.ref) {
2084 appctx->ctx.cli.msg = "'set ssl tls-key' unable to locate referenced filename\n";
2085 appctx->st0 = STAT_CLI_PRINT;
2086 return 1;
2087 }
2088
2089 trash.len = base64dec(args[4], strlen(args[4]), trash.str, trash.size);
2090 if (trash.len != sizeof(struct tls_sess_key)) {
2091 appctx->ctx.cli.msg = "'set ssl tls-key' received invalid base64 encoded TLS key.\n";
2092 appctx->st0 = STAT_CLI_PRINT;
2093 return 1;
2094 }
2095
2096 memcpy(appctx->ctx.tlskeys.ref->tlskeys + ((appctx->ctx.tlskeys.ref->tls_ticket_enc_index + 2) % TLS_TICKETS_NO), trash.str, trash.len);
2097 appctx->ctx.tlskeys.ref->tls_ticket_enc_index = (appctx->ctx.tlskeys.ref->tls_ticket_enc_index + 1) % TLS_TICKETS_NO;
2098
2099 appctx->ctx.cli.msg = "TLS ticket key updated!";
2100 appctx->st0 = STAT_CLI_PRINT;
2101 return 1;
2102#else
2103 appctx->ctx.cli.msg = "HAProxy was compiled against a version of OpenSSL "
2104 "that doesn't support specifying TLS ticket keys\n";
2105 appctx->st0 = STAT_CLI_PRINT;
2106 return 1;
2107#endif
2108 }
2109 else {
2110 appctx->ctx.cli.msg = "'set ssl' only supports 'ocsp-response'.\n";
2111 appctx->st0 = STAT_CLI_PRINT;
2112 return 1;
2113 }
2114 }
2115#endif
2116 else { /* unknown "set" parameter */
2117 return 0;
2118 }
2119 }
2120 else if (strcmp(args[0], "enable") == 0) {
2121 if (strcmp(args[1], "agent") == 0) {
2122 struct server *sv;
2123
2124 sv = expect_server_admin(s, si, args[2]);
2125 if (!sv)
2126 return 1;
2127
2128 if (!(sv->agent.state & CHK_ST_CONFIGURED)) {
2129 appctx->ctx.cli.msg = "Agent was not configured on this server, cannot enable.\n";
2130 appctx->st0 = STAT_CLI_PRINT;
2131 return 1;
2132 }
2133
2134 sv->agent.state |= CHK_ST_ENABLED;
2135 return 1;
2136 }
2137 else if (strcmp(args[1], "health") == 0) {
2138 struct server *sv;
2139
2140 sv = expect_server_admin(s, si, args[2]);
2141 if (!sv)
2142 return 1;
2143
2144 if (!(sv->check.state & CHK_ST_CONFIGURED)) {
2145 appctx->ctx.cli.msg = "Health checks are not configured on this server, cannot enable.\n";
2146 appctx->st0 = STAT_CLI_PRINT;
2147 return 1;
2148 }
2149
2150 sv->check.state |= CHK_ST_ENABLED;
2151 return 1;
2152 }
2153 else if (strcmp(args[1], "server") == 0) {
2154 struct server *sv;
2155
2156 sv = expect_server_admin(s, si, args[2]);
2157 if (!sv)
2158 return 1;
2159
2160 srv_adm_set_ready(sv);
2161 return 1;
2162 }
2163 else if (strcmp(args[1], "frontend") == 0) {
2164 struct proxy *px;
2165
2166 px = expect_frontend_admin(s, si, args[2]);
2167 if (!px)
2168 return 1;
2169
2170 if (px->state == PR_STSTOPPED) {
2171 appctx->ctx.cli.msg = "Frontend was previously shut down, cannot enable.\n";
2172 appctx->st0 = STAT_CLI_PRINT;
2173 return 1;
2174 }
2175
2176 if (px->state != PR_STPAUSED) {
2177 appctx->ctx.cli.msg = "Frontend is already enabled.\n";
2178 appctx->st0 = STAT_CLI_PRINT;
2179 return 1;
2180 }
2181
2182 if (!resume_proxy(px)) {
2183 appctx->ctx.cli.msg = "Failed to resume frontend, check logs for precise cause (port conflict?).\n";
2184 appctx->st0 = STAT_CLI_PRINT;
2185 return 1;
2186 }
2187 return 1;
2188 }
2189 else { /* unknown "enable" parameter */
2190 appctx->ctx.cli.msg = "'enable' only supports 'agent', 'frontend', 'health', and 'server'.\n";
2191 appctx->st0 = STAT_CLI_PRINT;
2192 return 1;
2193 }
2194 }
2195 else if (strcmp(args[0], "disable") == 0) {
2196 if (strcmp(args[1], "agent") == 0) {
2197 struct server *sv;
2198
2199 sv = expect_server_admin(s, si, args[2]);
2200 if (!sv)
2201 return 1;
2202
2203 sv->agent.state &= ~CHK_ST_ENABLED;
2204 return 1;
2205 }
2206 else if (strcmp(args[1], "health") == 0) {
2207 struct server *sv;
2208
2209 sv = expect_server_admin(s, si, args[2]);
2210 if (!sv)
2211 return 1;
2212
2213 sv->check.state &= ~CHK_ST_ENABLED;
2214 return 1;
2215 }
2216 else if (strcmp(args[1], "server") == 0) {
2217 struct server *sv;
2218
2219 sv = expect_server_admin(s, si, args[2]);
2220 if (!sv)
2221 return 1;
2222
2223 srv_adm_set_maint(sv);
2224 return 1;
2225 }
2226 else if (strcmp(args[1], "frontend") == 0) {
2227 struct proxy *px;
2228
2229 px = expect_frontend_admin(s, si, args[2]);
2230 if (!px)
2231 return 1;
2232
2233 if (px->state == PR_STSTOPPED) {
2234 appctx->ctx.cli.msg = "Frontend was previously shut down, cannot disable.\n";
2235 appctx->st0 = STAT_CLI_PRINT;
2236 return 1;
2237 }
2238
2239 if (px->state == PR_STPAUSED) {
2240 appctx->ctx.cli.msg = "Frontend is already disabled.\n";
2241 appctx->st0 = STAT_CLI_PRINT;
2242 return 1;
2243 }
2244
2245 if (!pause_proxy(px)) {
2246 appctx->ctx.cli.msg = "Failed to pause frontend, check logs for precise cause.\n";
2247 appctx->st0 = STAT_CLI_PRINT;
2248 return 1;
2249 }
2250 return 1;
2251 }
2252 else { /* unknown "disable" parameter */
2253 appctx->ctx.cli.msg = "'disable' only supports 'agent', 'frontend', 'health', and 'server'.\n";
2254 appctx->st0 = STAT_CLI_PRINT;
2255 return 1;
2256 }
2257 }
2258 else if (strcmp(args[0], "shutdown") == 0) {
2259 if (strcmp(args[1], "frontend") == 0) {
2260 struct proxy *px;
2261
2262 px = expect_frontend_admin(s, si, args[2]);
2263 if (!px)
2264 return 1;
2265
2266 if (px->state == PR_STSTOPPED) {
2267 appctx->ctx.cli.msg = "Frontend was already shut down.\n";
2268 appctx->st0 = STAT_CLI_PRINT;
2269 return 1;
2270 }
2271
2272 Warning("Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
2273 px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
2274 send_log(px, LOG_WARNING, "Proxy %s stopped (FE: %lld conns, BE: %lld conns).\n",
2275 px->id, px->fe_counters.cum_conn, px->be_counters.cum_conn);
2276 stop_proxy(px);
2277 return 1;
2278 }
2279 else if (strcmp(args[1], "session") == 0) {
2280 struct stream *sess, *ptr;
2281
2282 if (strm_li(s)->bind_conf->level < ACCESS_LVL_ADMIN) {
2283 appctx->ctx.cli.msg = stats_permission_denied_msg;
2284 appctx->st0 = STAT_CLI_PRINT;
2285 return 1;
2286 }
2287
2288 if (!*args[2]) {
2289 appctx->ctx.cli.msg = "Session pointer expected (use 'show sess').\n";
2290 appctx->st0 = STAT_CLI_PRINT;
2291 return 1;
2292 }
2293
2294 ptr = (void *)strtoul(args[2], NULL, 0);
2295
2296 /* first, look for the requested stream in the stream table */
2297 list_for_each_entry(sess, &streams, list) {
2298 if (sess == ptr)
2299 break;
2300 }
2301
2302 /* do we have the stream ? */
2303 if (sess != ptr) {
2304 appctx->ctx.cli.msg = "No such session (use 'show sess').\n";
2305 appctx->st0 = STAT_CLI_PRINT;
2306 return 1;
2307 }
2308
2309 stream_shutdown(sess, SF_ERR_KILLED);
2310 return 1;
2311 }
2312 else if (strcmp(args[1], "sessions") == 0) {
2313 if (strcmp(args[2], "server") == 0) {
2314 struct server *sv;
2315 struct stream *sess, *sess_bck;
2316
2317 sv = expect_server_admin(s, si, args[3]);
2318 if (!sv)
2319 return 1;
2320
2321 /* kill all the stream that are on this server */
2322 list_for_each_entry_safe(sess, sess_bck, &sv->actconns, by_srv)
2323 if (sess->srv_conn == sv)
2324 stream_shutdown(sess, SF_ERR_KILLED);
2325
2326 return 1;
2327 }
2328 else {
2329 appctx->ctx.cli.msg = "'shutdown sessions' only supports 'server'.\n";
2330 appctx->st0 = STAT_CLI_PRINT;
2331 return 1;
2332 }
2333 }
2334 else { /* unknown "disable" parameter */
2335 appctx->ctx.cli.msg = "'shutdown' only supports 'frontend', 'session' and 'sessions'.\n";
2336 appctx->st0 = STAT_CLI_PRINT;
2337 return 1;
2338 }
2339 }
2340 else if (strcmp(args[0], "del") == 0) {
2341 if (strcmp(args[1], "map") == 0 || strcmp(args[1], "acl") == 0) {
2342 if (args[1][0] == 'm')
2343 appctx->ctx.map.display_flags = PAT_REF_MAP;
2344 else
2345 appctx->ctx.map.display_flags = PAT_REF_ACL;
2346
2347 /* Expect two parameters: map name and key. */
2348 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
2349 if (!*args[2] || !*args[3]) {
2350 appctx->ctx.cli.msg = "This command expects two parameters: map identifier and key.\n";
2351 appctx->st0 = STAT_CLI_PRINT;
2352 return 1;
2353 }
2354 }
2355
2356 else {
2357 if (!*args[2] || !*args[3]) {
2358 appctx->ctx.cli.msg = "This command expects two parameters: ACL identifier and key.\n";
2359 appctx->st0 = STAT_CLI_PRINT;
2360 return 1;
2361 }
2362 }
2363
2364 /* Lookup the reference in the maps. */
2365 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
2366 if (!appctx->ctx.map.ref ||
2367 !(appctx->ctx.map.ref->flags & appctx->ctx.map.display_flags)) {
2368 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
2369 appctx->st0 = STAT_CLI_PRINT;
2370 return 1;
2371 }
2372
2373 /* If the entry identifier start with a '#', it is considered as
2374 * pointer id
2375 */
2376 if (args[3][0] == '#' && args[3][1] == '0' && args[3][2] == 'x') {
2377 struct pat_ref_elt *ref;
2378 long long int conv;
2379 char *error;
2380
2381 /* Convert argument to integer value. */
2382 conv = strtoll(&args[3][1], &error, 16);
2383 if (*error != '\0') {
2384 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2385 appctx->st0 = STAT_CLI_PRINT;
2386 return 1;
2387 }
2388
2389 /* Convert and check integer to pointer. */
2390 ref = (struct pat_ref_elt *)(long)conv;
2391 if ((long long int)(long)ref != conv) {
2392 appctx->ctx.cli.msg = "Malformed identifier. Please use #<id> or <file>.\n";
2393 appctx->st0 = STAT_CLI_PRINT;
2394 return 1;
2395 }
2396
2397 /* Try to delete the entry. */
2398 if (!pat_ref_delete_by_id(appctx->ctx.map.ref, ref)) {
2399 /* The entry is not found, send message. */
2400 appctx->ctx.cli.msg = "Key not found.\n";
2401 appctx->st0 = STAT_CLI_PRINT;
2402 return 1;
2403 }
2404 }
2405 else {
2406 /* Else, use the entry identifier as pattern
2407 * string and try to delete the entry.
2408 */
2409 if (!pat_ref_delete(appctx->ctx.map.ref, args[3])) {
2410 /* The entry is not found, send message. */
2411 appctx->ctx.cli.msg = "Key not found.\n";
2412 appctx->st0 = STAT_CLI_PRINT;
2413 return 1;
2414 }
2415 }
2416
2417 /* The deletion is done, send message. */
2418 appctx->st0 = STAT_CLI_PROMPT;
2419 return 1;
2420 }
2421 else { /* unknown "del" parameter */
2422 appctx->ctx.cli.msg = "'del' only supports 'map' or 'acl'.\n";
2423 appctx->st0 = STAT_CLI_PRINT;
2424 return 1;
2425 }
2426 }
2427 else if (strcmp(args[0], "add") == 0) {
2428 if (strcmp(args[1], "map") == 0 ||
2429 strcmp(args[1], "acl") == 0) {
2430 int ret;
2431 char *err;
2432
2433 /* Set flags. */
2434 if (args[1][0] == 'm')
2435 appctx->ctx.map.display_flags = PAT_REF_MAP;
2436 else
2437 appctx->ctx.map.display_flags = PAT_REF_ACL;
2438
2439 /* If the keywork is "map", we expect three parameters, if it
2440 * is "acl", we expect only two parameters
2441 */
2442 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
2443 if (!*args[2] || !*args[3] || !*args[4]) {
2444 appctx->ctx.cli.msg = "'add map' expects three parameters: map identifier, key and value.\n";
2445 appctx->st0 = STAT_CLI_PRINT;
2446 return 1;
2447 }
2448 }
2449 else {
2450 if (!*args[2] || !*args[3]) {
2451 appctx->ctx.cli.msg = "'add acl' expects two parameters: ACL identifier and pattern.\n";
2452 appctx->st0 = STAT_CLI_PRINT;
2453 return 1;
2454 }
2455 }
2456
2457 /* Lookup for the reference. */
2458 appctx->ctx.map.ref = pat_ref_lookup_ref(args[2]);
2459 if (!appctx->ctx.map.ref) {
2460 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
2461 appctx->ctx.cli.msg = "Unknown map identifier. Please use #<id> or <file>.\n";
2462 else
2463 appctx->ctx.cli.msg = "Unknown ACL identifier. Please use #<id> or <file>.\n";
2464 appctx->st0 = STAT_CLI_PRINT;
2465 return 1;
2466 }
2467
2468 /* The command "add acl" is prohibited if the reference
2469 * use samples.
2470 */
2471 if ((appctx->ctx.map.display_flags & PAT_REF_ACL) &&
2472 (appctx->ctx.map.ref->flags & PAT_REF_SMP)) {
2473 appctx->ctx.cli.msg = "This ACL is shared with a map containing samples. "
2474 "You must use the command 'add map' to add values.\n";
2475 appctx->st0 = STAT_CLI_PRINT;
2476 return 1;
2477 }
2478
2479 /* Add value. */
2480 err = NULL;
2481 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
2482 ret = pat_ref_add(appctx->ctx.map.ref, args[3], args[4], &err);
2483 else
2484 ret = pat_ref_add(appctx->ctx.map.ref, args[3], NULL, &err);
2485 if (!ret) {
2486 if (err)
2487 memprintf(&err, "%s.\n", err);
2488 appctx->ctx.cli.err = err;
2489 appctx->st0 = STAT_CLI_PRINT_FREE;
2490 return 1;
2491 }
2492
2493 /* The add is done, send message. */
2494 appctx->st0 = STAT_CLI_PROMPT;
2495 return 1;
2496 }
2497 else { /* unknown "del" parameter */
2498 appctx->ctx.cli.msg = "'add' only supports 'map'.\n";
2499 appctx->st0 = STAT_CLI_PRINT;
2500 return 1;
2501 }
2502 }
2503 else { /* not "show" nor "clear" nor "get" nor "set" nor "enable" nor "disable" */
2504 return 0;
2505 }
2506 return 1;
2507}
2508
2509/* This I/O handler runs as an applet embedded in a stream interface. It is
2510 * used to processes I/O from/to the stats unix socket. The system relies on a
2511 * state machine handling requests and various responses. We read a request,
2512 * then we process it and send the response, and we possibly display a prompt.
2513 * Then we can read again. The state is stored in appctx->st0 and is one of the
2514 * STAT_CLI_* constants. appctx->st1 is used to indicate whether prompt is enabled
2515 * or not.
2516 */
2517static void cli_io_handler(struct appctx *appctx)
2518{
2519 struct stream_interface *si = appctx->owner;
2520 struct channel *req = si_oc(si);
2521 struct channel *res = si_ic(si);
2522 int reql;
2523 int len;
2524
2525 if (unlikely(si->state == SI_ST_DIS || si->state == SI_ST_CLO))
2526 goto out;
2527
2528 while (1) {
2529 if (appctx->st0 == STAT_CLI_INIT) {
2530 /* Stats output not initialized yet */
2531 memset(&appctx->ctx.stats, 0, sizeof(appctx->ctx.stats));
2532 appctx->st0 = STAT_CLI_GETREQ;
2533 }
2534 else if (appctx->st0 == STAT_CLI_END) {
2535 /* Let's close for real now. We just close the request
2536 * side, the conditions below will complete if needed.
2537 */
2538 si_shutw(si);
2539 break;
2540 }
2541 else if (appctx->st0 == STAT_CLI_GETREQ) {
2542 /* ensure we have some output room left in the event we
2543 * would want to return some info right after parsing.
2544 */
2545 if (buffer_almost_full(si_ib(si))) {
2546 si_applet_cant_put(si);
2547 break;
2548 }
2549
2550 reql = bo_getline(si_oc(si), trash.str, trash.size);
2551 if (reql <= 0) { /* closed or EOL not found */
2552 if (reql == 0)
2553 break;
2554 appctx->st0 = STAT_CLI_END;
2555 continue;
2556 }
2557
2558 /* seek for a possible unescaped semi-colon. If we find
2559 * one, we replace it with an LF and skip only this part.
2560 */
2561 for (len = 0; len < reql; len++) {
2562 if (trash.str[len] == '\\') {
2563 len++;
2564 continue;
2565 }
2566 if (trash.str[len] == ';') {
2567 trash.str[len] = '\n';
2568 reql = len + 1;
2569 break;
2570 }
2571 }
2572
2573 /* now it is time to check that we have a full line,
2574 * remove the trailing \n and possibly \r, then cut the
2575 * line.
2576 */
2577 len = reql - 1;
2578 if (trash.str[len] != '\n') {
2579 appctx->st0 = STAT_CLI_END;
2580 continue;
2581 }
2582
2583 if (len && trash.str[len-1] == '\r')
2584 len--;
2585
2586 trash.str[len] = '\0';
2587
2588 appctx->st0 = STAT_CLI_PROMPT;
2589 if (len) {
2590 if (strcmp(trash.str, "quit") == 0) {
2591 appctx->st0 = STAT_CLI_END;
2592 continue;
2593 }
2594 else if (strcmp(trash.str, "prompt") == 0)
2595 appctx->st1 = !appctx->st1;
2596 else if (strcmp(trash.str, "help") == 0 ||
2597 !stats_sock_parse_request(si, trash.str)) {
2598 cli_gen_usage_msg();
2599 if (dynamic_usage_msg)
2600 appctx->ctx.cli.msg = dynamic_usage_msg;
2601 else
2602 appctx->ctx.cli.msg = stats_sock_usage_msg;
2603 appctx->st0 = STAT_CLI_PRINT;
2604 }
2605 /* NB: stats_sock_parse_request() may have put
2606 * another STAT_CLI_O_* into appctx->st0.
2607 */
2608 }
2609 else if (!appctx->st1) {
2610 /* if prompt is disabled, print help on empty lines,
2611 * so that the user at least knows how to enable
2612 * prompt and find help.
2613 */
2614 cli_gen_usage_msg();
2615 if (dynamic_usage_msg)
2616 appctx->ctx.cli.msg = dynamic_usage_msg;
2617 else
2618 appctx->ctx.cli.msg = stats_sock_usage_msg;
2619 appctx->st0 = STAT_CLI_PRINT;
2620 }
2621
2622 /* re-adjust req buffer */
2623 bo_skip(si_oc(si), reql);
2624 req->flags |= CF_READ_DONTWAIT; /* we plan to read small requests */
2625 }
2626 else { /* output functions */
2627 switch (appctx->st0) {
2628 case STAT_CLI_PROMPT:
2629 break;
2630 case STAT_CLI_PRINT:
2631 if (bi_putstr(si_ic(si), appctx->ctx.cli.msg) != -1)
2632 appctx->st0 = STAT_CLI_PROMPT;
2633 else
2634 si_applet_cant_put(si);
2635 break;
2636 case STAT_CLI_PRINT_FREE:
2637 if (bi_putstr(si_ic(si), appctx->ctx.cli.err) != -1) {
2638 free(appctx->ctx.cli.err);
2639 appctx->st0 = STAT_CLI_PROMPT;
2640 }
2641 else
2642 si_applet_cant_put(si);
2643 break;
2644 case STAT_CLI_O_BACKEND:
2645 if (stats_dump_backend_to_buffer(si))
2646 appctx->st0 = STAT_CLI_PROMPT;
2647 break;
2648 case STAT_CLI_O_INFO:
2649 if (stats_dump_info_to_buffer(si))
2650 appctx->st0 = STAT_CLI_PROMPT;
2651 break;
2652 case STAT_CLI_O_SERVERS_STATE:
2653 if (stats_dump_servers_state_to_buffer(si))
2654 appctx->st0 = STAT_CLI_PROMPT;
2655 break;
2656 case STAT_CLI_O_STAT:
2657 if (stats_dump_stat_to_buffer(si, NULL))
2658 appctx->st0 = STAT_CLI_PROMPT;
2659 break;
2660 case STAT_CLI_O_RESOLVERS:
2661 if (stats_dump_resolvers_to_buffer(si))
2662 appctx->st0 = STAT_CLI_PROMPT;
2663 break;
2664 case STAT_CLI_O_SESS:
2665 if (stats_dump_sess_to_buffer(si))
2666 appctx->st0 = STAT_CLI_PROMPT;
2667 break;
2668 case STAT_CLI_O_ERR: /* errors dump */
2669 if (stats_dump_errors_to_buffer(si))
2670 appctx->st0 = STAT_CLI_PROMPT;
2671 break;
2672 case STAT_CLI_O_TAB:
2673 case STAT_CLI_O_CLR:
2674 if (stats_table_request(si, appctx->st0))
2675 appctx->st0 = STAT_CLI_PROMPT;
2676 break;
2677 case STAT_CLI_O_PATS:
2678 if (stats_pats_list(si))
2679 appctx->st0 = STAT_CLI_PROMPT;
2680 break;
2681 case STAT_CLI_O_PAT:
2682 if (stats_pat_list(si))
2683 appctx->st0 = STAT_CLI_PROMPT;
2684 break;
2685 case STAT_CLI_O_MLOOK:
2686 if (stats_map_lookup(si))
2687 appctx->st0 = STAT_CLI_PROMPT;
2688 break;
2689 case STAT_CLI_O_POOLS:
2690 if (stats_dump_pools_to_buffer(si))
2691 appctx->st0 = STAT_CLI_PROMPT;
2692 break;
2693#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
2694 case STAT_CLI_O_TLSK:
2695 if (stats_tlskeys_list(si))
2696 appctx->st0 = STAT_CLI_PROMPT;
2697 break;
2698 case STAT_CLI_O_TLSK_ENT:
2699 if (stats_tlskeys_list(si))
2700 appctx->st0 = STAT_CLI_PROMPT;
2701 break;
2702#endif
2703 case STAT_CLI_O_ENV: /* environment dump */
2704 if (stats_dump_env_to_buffer(si))
2705 appctx->st0 = STAT_CLI_PROMPT;
2706 break;
2707 case STAT_CLI_O_CUSTOM: /* use custom pointer */
2708 if (appctx->io_handler)
2709 if (appctx->io_handler(appctx)) {
2710 appctx->st0 = STAT_CLI_PROMPT;
2711 if (appctx->io_release) {
2712 appctx->io_release(appctx);
2713 appctx->io_release = NULL;
2714 }
2715 }
2716 break;
2717 default: /* abnormal state */
2718 si->flags |= SI_FL_ERR;
2719 break;
2720 }
2721
2722 /* The post-command prompt is either LF alone or LF + '> ' in interactive mode */
2723 if (appctx->st0 == STAT_CLI_PROMPT) {
2724 if (bi_putstr(si_ic(si), appctx->st1 ? "\n> " : "\n") != -1)
2725 appctx->st0 = STAT_CLI_GETREQ;
2726 else
2727 si_applet_cant_put(si);
2728 }
2729
2730 /* If the output functions are still there, it means they require more room. */
2731 if (appctx->st0 >= STAT_CLI_OUTPUT)
2732 break;
2733
2734 /* Now we close the output if one of the writers did so,
2735 * or if we're not in interactive mode and the request
2736 * buffer is empty. This still allows pipelined requests
2737 * to be sent in non-interactive mode.
2738 */
2739 if ((res->flags & (CF_SHUTW|CF_SHUTW_NOW)) || (!appctx->st1 && !req->buf->o)) {
2740 appctx->st0 = STAT_CLI_END;
2741 continue;
2742 }
2743
2744 /* switch state back to GETREQ to read next requests */
2745 appctx->st0 = STAT_CLI_GETREQ;
2746 }
2747 }
2748
2749 if ((res->flags & CF_SHUTR) && (si->state == SI_ST_EST)) {
2750 DPRINTF(stderr, "%s@%d: si to buf closed. req=%08x, res=%08x, st=%d\n",
2751 __FUNCTION__, __LINE__, req->flags, res->flags, si->state);
2752 /* Other side has closed, let's abort if we have no more processing to do
2753 * and nothing more to consume. This is comparable to a broken pipe, so
2754 * we forward the close to the request side so that it flows upstream to
2755 * the client.
2756 */
2757 si_shutw(si);
2758 }
2759
2760 if ((req->flags & CF_SHUTW) && (si->state == SI_ST_EST) && (appctx->st0 < STAT_CLI_OUTPUT)) {
2761 DPRINTF(stderr, "%s@%d: buf to si closed. req=%08x, res=%08x, st=%d\n",
2762 __FUNCTION__, __LINE__, req->flags, res->flags, si->state);
2763 /* We have no more processing to do, and nothing more to send, and
2764 * the client side has closed. So we'll forward this state downstream
2765 * on the response buffer.
2766 */
2767 si_shutr(si);
2768 res->flags |= CF_READ_NULL;
2769 }
2770
2771 out:
2772 DPRINTF(stderr, "%s@%d: st=%d, rqf=%x, rpf=%x, rqh=%d, rqs=%d, rh=%d, rs=%d\n",
2773 __FUNCTION__, __LINE__,
2774 si->state, req->flags, res->flags, req->buf->i, req->buf->o, res->buf->i, res->buf->o);
2775}
2776
2777/* Dump all fields from <info> into <out> using the "show info" format (name: value) */
2778static int stats_dump_info_fields(struct chunk *out, const struct field *info)
2779{
2780 int field;
2781
2782 for (field = 0; field < INF_TOTAL_FIELDS; field++) {
2783 if (!field_format(info, field))
2784 continue;
2785
2786 if (!chunk_appendf(out, "%s: ", info_field_names[field]))
2787 return 0;
2788 if (!stats_emit_raw_data_field(out, &info[field]))
2789 return 0;
2790 if (!chunk_strcat(out, "\n"))
2791 return 0;
2792 }
2793 return 1;
2794}
2795
2796/* Dump all fields from <info> into <out> using the "show info typed" format */
2797static int stats_dump_typed_info_fields(struct chunk *out, const struct field *info)
2798{
2799 int field;
2800
2801 for (field = 0; field < INF_TOTAL_FIELDS; field++) {
2802 if (!field_format(info, field))
2803 continue;
2804
2805 if (!chunk_appendf(out, "%d.%s.%u:", field, info_field_names[field], info[INF_PROCESS_NUM].u.u32))
2806 return 0;
2807 if (!stats_emit_field_tags(out, &info[field], ':'))
2808 return 0;
2809 if (!stats_emit_typed_data_field(out, &info[field]))
2810 return 0;
2811 if (!chunk_strcat(out, "\n"))
2812 return 0;
2813 }
2814 return 1;
2815}
2816
2817/* Fill <info> with HAProxy global info. <info> is preallocated
2818 * array of length <len>. The length of the aray must be
2819 * INF_TOTAL_FIELDS. If this length is less then this value, the
2820 * function returns 0, otherwise, it returns 1.
2821 */
2822int stats_fill_info(struct field *info, int len)
2823{
2824 unsigned int up = (now.tv_sec - start_date.tv_sec);
2825 struct chunk *out = get_trash_chunk();
2826
2827#ifdef USE_OPENSSL
2828 int ssl_sess_rate = read_freq_ctr(&global.ssl_per_sec);
2829 int ssl_key_rate = read_freq_ctr(&global.ssl_fe_keys_per_sec);
2830 int ssl_reuse = 0;
2831
2832 if (ssl_key_rate < ssl_sess_rate) {
2833 /* count the ssl reuse ratio and avoid overflows in both directions */
2834 ssl_reuse = 100 - (100 * ssl_key_rate + (ssl_sess_rate - 1) / 2) / ssl_sess_rate;
2835 }
2836#endif
2837
2838 if (len < INF_TOTAL_FIELDS)
2839 return 0;
2840
2841 chunk_reset(out);
2842 memset(info, 0, sizeof(*info) * len);
2843
2844 info[INF_NAME] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, PRODUCT_NAME);
2845 info[INF_VERSION] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, HAPROXY_VERSION);
2846 info[INF_RELEASE_DATE] = mkf_str(FO_PRODUCT|FN_OUTPUT|FS_SERVICE, HAPROXY_DATE);
2847
2848 info[INF_NBPROC] = mkf_u32(FO_CONFIG|FS_SERVICE, global.nbproc);
2849 info[INF_PROCESS_NUM] = mkf_u32(FO_KEY, relative_pid);
2850 info[INF_PID] = mkf_u32(FO_STATUS, pid);
2851
2852 info[INF_UPTIME] = mkf_str(FN_DURATION, chunk_newstr(out));
2853 chunk_appendf(out, "%ud %uh%02um%02us", up / 86400, (up % 86400) / 3600, (up % 3600) / 60, (up % 60));
2854
2855 info[INF_UPTIME_SEC] = mkf_u32(FN_DURATION, up);
2856 info[INF_MEMMAX_MB] = mkf_u32(FO_CONFIG|FN_LIMIT, global.rlimit_memmax);
2857 info[INF_POOL_ALLOC_MB] = mkf_u32(0, (unsigned)(pool_total_allocated() / 1048576L));
2858 info[INF_POOL_USED_MB] = mkf_u32(0, (unsigned)(pool_total_used() / 1048576L));
2859 info[INF_POOL_FAILED] = mkf_u32(FN_COUNTER, pool_total_failures());
2860 info[INF_ULIMIT_N] = mkf_u32(FO_CONFIG|FN_LIMIT, global.rlimit_nofile);
2861 info[INF_MAXSOCK] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxsock);
2862 info[INF_MAXCONN] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxconn);
2863 info[INF_HARD_MAXCONN] = mkf_u32(FO_CONFIG|FN_LIMIT, global.hardmaxconn);
2864 info[INF_CURR_CONN] = mkf_u32(0, actconn);
2865 info[INF_CUM_CONN] = mkf_u32(FN_COUNTER, totalconn);
2866 info[INF_CUM_REQ] = mkf_u32(FN_COUNTER, global.req_count);
2867#ifdef USE_OPENSSL
2868 info[INF_MAX_SSL_CONNS] = mkf_u32(FN_MAX, global.maxsslconn);
2869 info[INF_CURR_SSL_CONNS] = mkf_u32(0, sslconns);
2870 info[INF_CUM_SSL_CONNS] = mkf_u32(FN_COUNTER, totalsslconns);
2871#endif
2872 info[INF_MAXPIPES] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxpipes);
2873 info[INF_PIPES_USED] = mkf_u32(0, pipes_used);
2874 info[INF_PIPES_FREE] = mkf_u32(0, pipes_free);
2875 info[INF_CONN_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.conn_per_sec));
2876 info[INF_CONN_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.cps_lim);
2877 info[INF_MAX_CONN_RATE] = mkf_u32(FN_MAX, global.cps_max);
2878 info[INF_SESS_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.sess_per_sec));
2879 info[INF_SESS_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.sps_lim);
2880 info[INF_MAX_SESS_RATE] = mkf_u32(FN_RATE, global.sps_max);
2881
2882#ifdef USE_OPENSSL
2883 info[INF_SSL_RATE] = mkf_u32(FN_RATE, ssl_sess_rate);
2884 info[INF_SSL_RATE_LIMIT] = mkf_u32(FO_CONFIG|FN_LIMIT, global.ssl_lim);
2885 info[INF_MAX_SSL_RATE] = mkf_u32(FN_MAX, global.ssl_max);
2886 info[INF_SSL_FRONTEND_KEY_RATE] = mkf_u32(0, ssl_key_rate);
2887 info[INF_SSL_FRONTEND_MAX_KEY_RATE] = mkf_u32(FN_MAX, global.ssl_fe_keys_max);
2888 info[INF_SSL_FRONTEND_SESSION_REUSE_PCT] = mkf_u32(0, ssl_reuse);
2889 info[INF_SSL_BACKEND_KEY_RATE] = mkf_u32(FN_RATE, read_freq_ctr(&global.ssl_be_keys_per_sec));
2890 info[INF_SSL_BACKEND_MAX_KEY_RATE] = mkf_u32(FN_MAX, global.ssl_be_keys_max);
2891 info[INF_SSL_CACHE_LOOKUPS] = mkf_u32(FN_COUNTER, global.shctx_lookups);
2892 info[INF_SSL_CACHE_MISSES] = mkf_u32(FN_COUNTER, global.shctx_misses);
2893#endif
2894 info[INF_COMPRESS_BPS_IN] = mkf_u32(FN_RATE, read_freq_ctr(&global.comp_bps_in));
2895 info[INF_COMPRESS_BPS_OUT] = mkf_u32(FN_RATE, read_freq_ctr(&global.comp_bps_out));
2896 info[INF_COMPRESS_BPS_RATE_LIM] = mkf_u32(FO_CONFIG|FN_LIMIT, global.comp_rate_lim);
2897#ifdef USE_ZLIB
2898 info[INF_ZLIB_MEM_USAGE] = mkf_u32(0, zlib_used_memory);
2899 info[INF_MAX_ZLIB_MEM_USAGE] = mkf_u32(FO_CONFIG|FN_LIMIT, global.maxzlibmem);
2900#endif
2901 info[INF_TASKS] = mkf_u32(0, nb_tasks_cur);
2902 info[INF_RUN_QUEUE] = mkf_u32(0, run_queue_cur);
2903 info[INF_IDLE_PCT] = mkf_u32(FN_AVG, idle_pct);
2904 info[INF_NODE] = mkf_str(FO_CONFIG|FN_OUTPUT|FS_SERVICE, global.node);
2905 if (global.desc)
2906 info[INF_DESCRIPTION] = mkf_str(FO_CONFIG|FN_OUTPUT|FS_SERVICE, global.desc);
2907
2908 return 1;
2909}
2910
2911/* This function dumps information onto the stream interface's read buffer.
2912 * It returns 0 as long as it does not complete, non-zero upon completion.
2913 * No state is used.
2914 */
2915static int stats_dump_info_to_buffer(struct stream_interface *si)
2916{
2917 struct appctx *appctx = __objt_appctx(si->end);
2918
2919 if (!stats_fill_info(info, INF_TOTAL_FIELDS))
2920 return 0;
2921
2922 chunk_reset(&trash);
2923
2924 if (appctx->ctx.stats.flags & STAT_FMT_TYPED)
2925 stats_dump_typed_info_fields(&trash, info);
2926 else
2927 stats_dump_info_fields(&trash, info);
2928
2929 if (bi_putchk(si_ic(si), &trash) == -1) {
2930 si_applet_cant_put(si);
2931 return 0;
2932 }
2933
2934 return 1;
2935}
2936
2937/* dumps server state information into <buf> for all the servers found in <backend>
2938 * These information are all the parameters which may change during HAProxy runtime.
2939 * By default, we only export to the last known server state file format.
2940 * These information can be used at next startup to recover same level of server state.
2941 */
2942static int dump_servers_state(struct stream_interface *si, struct chunk *buf)
2943{
2944 struct appctx *appctx = __objt_appctx(si->end);
2945 struct server *srv;
2946 char srv_addr[INET6_ADDRSTRLEN + 1];
2947 time_t srv_time_since_last_change;
2948 int bk_f_forced_id, srv_f_forced_id;
2949
2950
2951 /* we don't want to report any state if the backend is not enabled on this process */
2952 if (appctx->ctx.server_state.px->bind_proc && !(appctx->ctx.server_state.px->bind_proc & (1UL << (relative_pid - 1))))
2953 return 1;
2954
2955 if (!appctx->ctx.server_state.sv)
2956 appctx->ctx.server_state.sv = appctx->ctx.server_state.px->srv;
2957
2958 for (; appctx->ctx.server_state.sv != NULL; appctx->ctx.server_state.sv = srv->next) {
2959 srv = appctx->ctx.server_state.sv;
2960 srv_addr[0] = '\0';
2961
2962 switch (srv->addr.ss_family) {
2963 case AF_INET:
2964 inet_ntop(srv->addr.ss_family, &((struct sockaddr_in *)&srv->addr)->sin_addr,
2965 srv_addr, INET_ADDRSTRLEN + 1);
2966 break;
2967 case AF_INET6:
2968 inet_ntop(srv->addr.ss_family, &((struct sockaddr_in6 *)&srv->addr)->sin6_addr,
2969 srv_addr, INET6_ADDRSTRLEN + 1);
2970 break;
2971 }
2972 srv_time_since_last_change = now.tv_sec - srv->last_change;
2973 bk_f_forced_id = appctx->ctx.server_state.px->options & PR_O_FORCED_ID ? 1 : 0;
2974 srv_f_forced_id = srv->flags & SRV_F_FORCED_ID ? 1 : 0;
2975
2976 chunk_appendf(buf,
2977 "%d %s "
2978 "%d %s %s "
2979 "%d %d %d %d %ld "
2980 "%d %d %d %d %d "
2981 "%d %d"
2982 "\n",
2983 appctx->ctx.server_state.px->uuid, appctx->ctx.server_state.px->id,
2984 srv->puid, srv->id, srv_addr,
2985 srv->state, srv->admin, srv->uweight, srv->iweight, (long int)srv_time_since_last_change,
2986 srv->check.status, srv->check.result, srv->check.health, srv->check.state, srv->agent.state,
2987 bk_f_forced_id, srv_f_forced_id);
2988 if (bi_putchk(si_ic(si), &trash) == -1) {
2989 si_applet_cant_put(si);
2990 return 0;
2991 }
2992 }
2993 return 1;
2994}
2995
2996/* Parses backend list and simply report backend names */
2997static int stats_dump_backend_to_buffer(struct stream_interface *si)
2998{
2999 struct appctx *appctx = __objt_appctx(si->end);
3000 extern struct proxy *proxy;
3001 struct proxy *curproxy;
3002
3003 chunk_reset(&trash);
3004
3005 if (!appctx->ctx.be.px) {
3006 chunk_printf(&trash, "# name\n");
3007 if (bi_putchk(si_ic(si), &trash) == -1) {
3008 si_applet_cant_put(si);
3009 return 0;
3010 }
3011 appctx->ctx.be.px = proxy;
3012 }
3013
3014 for (; appctx->ctx.be.px != NULL; appctx->ctx.be.px = curproxy->next) {
3015 curproxy = appctx->ctx.be.px;
3016
3017 /* looking for backends only */
3018 if (!(curproxy->cap & PR_CAP_BE))
3019 continue;
3020
3021 /* we don't want to list a backend which is bound to this process */
3022 if (curproxy->bind_proc && !(curproxy->bind_proc & (1UL << (relative_pid - 1))))
3023 continue;
3024
3025 chunk_appendf(&trash, "%s\n", curproxy->id);
3026 if (bi_putchk(si_ic(si), &trash) == -1) {
3027 si_applet_cant_put(si);
3028 return 0;
3029 }
3030 }
3031
3032 return 1;
3033}
3034
3035/* Parses backend list or simply use backend name provided by the user to return
3036 * states of servers to stdout.
3037 */
3038static int stats_dump_servers_state_to_buffer(struct stream_interface *si)
3039{
3040 struct appctx *appctx = __objt_appctx(si->end);
3041 extern struct proxy *proxy;
3042 struct proxy *curproxy;
3043
3044 chunk_reset(&trash);
3045
3046 if (appctx->st2 == STAT_ST_INIT) {
3047 if (!appctx->ctx.server_state.px)
3048 appctx->ctx.server_state.px = proxy;
3049 appctx->st2 = STAT_ST_HEAD;
3050 }
3051
3052 if (appctx->st2 == STAT_ST_HEAD) {
3053 chunk_printf(&trash, "%d\n# %s\n", SRV_STATE_FILE_VERSION, SRV_STATE_FILE_FIELD_NAMES);
3054 if (bi_putchk(si_ic(si), &trash) == -1) {
3055 si_applet_cant_put(si);
3056 return 0;
3057 }
3058 appctx->st2 = STAT_ST_INFO;
3059 }
3060
3061 /* STAT_ST_INFO */
3062 for (; appctx->ctx.server_state.px != NULL; appctx->ctx.server_state.px = curproxy->next) {
3063 curproxy = appctx->ctx.server_state.px;
3064 /* servers are only in backends */
3065 if (curproxy->cap & PR_CAP_BE) {
3066 if (!dump_servers_state(si, &trash))
3067 return 0;
3068
3069 if (bi_putchk(si_ic(si), &trash) == -1) {
3070 si_applet_cant_put(si);
3071 return 0;
3072 }
3073 }
3074 /* only the selected proxy is dumped */
3075 if (appctx->ctx.server_state.iid)
3076 break;
3077 }
3078
3079 return 1;
3080}
3081
3082/* This function dumps memory usage information onto the stream interface's
3083 * read buffer. It returns 0 as long as it does not complete, non-zero upon
3084 * completion. No state is used.
3085 */
3086static int stats_dump_pools_to_buffer(struct stream_interface *si)
3087{
3088 dump_pools_to_trash();
3089 if (bi_putchk(si_ic(si), &trash) == -1) {
3090 si_applet_cant_put(si);
3091 return 0;
3092 }
3093 return 1;
3094}
3095
3096static inline const char *get_conn_ctrl_name(const struct connection *conn)
3097{
3098 if (!conn_ctrl_ready(conn))
3099 return "NONE";
3100 return conn->ctrl->name;
3101}
3102
3103static inline const char *get_conn_xprt_name(const struct connection *conn)
3104{
3105 static char ptr[19];
3106
3107 if (!conn_xprt_ready(conn))
3108 return "NONE";
3109
3110 if (conn->xprt == &raw_sock)
3111 return "RAW";
3112
3113#ifdef USE_OPENSSL
3114 if (conn->xprt == &ssl_sock)
3115 return "SSL";
3116#endif
3117 snprintf(ptr, sizeof(ptr), "%p", conn->xprt);
3118 return ptr;
3119}
3120
3121static inline const char *get_conn_data_name(const struct connection *conn)
3122{
3123 static char ptr[19];
3124
3125 if (!conn->data)
3126 return "NONE";
3127
3128 if (conn->data == &sess_conn_cb)
3129 return "SESS";
3130
3131 if (conn->data == &si_conn_cb)
3132 return "STRM";
3133
3134 if (conn->data == &check_conn_cb)
3135 return "CHCK";
3136
3137 snprintf(ptr, sizeof(ptr), "%p", conn->data);
3138 return ptr;
3139}
3140
3141/* This function dumps a complete stream state onto the stream interface's
3142 * read buffer. The stream has to be set in sess->target. It returns
3143 * 0 if the output buffer is full and it needs to be called again, otherwise
3144 * non-zero. It is designed to be called from stats_dump_sess_to_buffer() below.
3145 */
3146static int stats_dump_full_sess_to_buffer(struct stream_interface *si, struct stream *sess)
3147{
3148 struct appctx *appctx = __objt_appctx(si->end);
3149 struct tm tm;
3150 extern const char *monthname[12];
3151 char pn[INET6_ADDRSTRLEN];
3152 struct connection *conn;
3153 struct appctx *tmpctx;
3154
3155 chunk_reset(&trash);
3156
3157 if (appctx->ctx.sess.section > 0 && appctx->ctx.sess.uid != sess->uniq_id) {
3158 /* stream changed, no need to go any further */
3159 chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
3160 if (bi_putchk(si_ic(si), &trash) == -1) {
3161 si_applet_cant_put(si);
3162 return 0;
3163 }
3164 appctx->ctx.sess.uid = 0;
3165 appctx->ctx.sess.section = 0;
3166 return 1;
3167 }
3168
3169 switch (appctx->ctx.sess.section) {
3170 case 0: /* main status of the stream */
3171 appctx->ctx.sess.uid = sess->uniq_id;
3172 appctx->ctx.sess.section = 1;
3173 /* fall through */
3174
3175 case 1:
3176 get_localtime(sess->logs.accept_date.tv_sec, &tm);
3177 chunk_appendf(&trash,
3178 "%p: [%02d/%s/%04d:%02d:%02d:%02d.%06d] id=%u proto=%s",
3179 sess,
3180 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
3181 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(sess->logs.accept_date.tv_usec),
3182 sess->uniq_id,
3183 strm_li(sess) ? strm_li(sess)->proto->name : "?");
3184
3185 conn = objt_conn(strm_orig(sess));
3186 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3187 case AF_INET:
3188 case AF_INET6:
3189 chunk_appendf(&trash, " source=%s:%d\n",
3190 pn, get_host_port(&conn->addr.from));
3191 break;
3192 case AF_UNIX:
3193 chunk_appendf(&trash, " source=unix:%d\n", strm_li(sess)->luid);
3194 break;
3195 default:
3196 /* no more information to print right now */
3197 chunk_appendf(&trash, "\n");
3198 break;
3199 }
3200
3201 chunk_appendf(&trash,
3202 " flags=0x%x, conn_retries=%d, srv_conn=%p, pend_pos=%p\n",
3203 sess->flags, sess->si[1].conn_retries, sess->srv_conn, sess->pend_pos);
3204
3205 chunk_appendf(&trash,
3206 " frontend=%s (id=%u mode=%s), listener=%s (id=%u)",
3207 strm_fe(sess)->id, strm_fe(sess)->uuid, strm_fe(sess)->mode ? "http" : "tcp",
3208 strm_li(sess) ? strm_li(sess)->name ? strm_li(sess)->name : "?" : "?",
3209 strm_li(sess) ? strm_li(sess)->luid : 0);
3210
3211 if (conn)
3212 conn_get_to_addr(conn);
3213
3214 switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
3215 case AF_INET:
3216 case AF_INET6:
3217 chunk_appendf(&trash, " addr=%s:%d\n",
3218 pn, get_host_port(&conn->addr.to));
3219 break;
3220 case AF_UNIX:
3221 chunk_appendf(&trash, " addr=unix:%d\n", strm_li(sess)->luid);
3222 break;
3223 default:
3224 /* no more information to print right now */
3225 chunk_appendf(&trash, "\n");
3226 break;
3227 }
3228
3229 if (sess->be->cap & PR_CAP_BE)
3230 chunk_appendf(&trash,
3231 " backend=%s (id=%u mode=%s)",
3232 sess->be->id,
3233 sess->be->uuid, sess->be->mode ? "http" : "tcp");
3234 else
3235 chunk_appendf(&trash, " backend=<NONE> (id=-1 mode=-)");
3236
3237 conn = objt_conn(sess->si[1].end);
3238 if (conn)
3239 conn_get_from_addr(conn);
3240
3241 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3242 case AF_INET:
3243 case AF_INET6:
3244 chunk_appendf(&trash, " addr=%s:%d\n",
3245 pn, get_host_port(&conn->addr.from));
3246 break;
3247 case AF_UNIX:
3248 chunk_appendf(&trash, " addr=unix\n");
3249 break;
3250 default:
3251 /* no more information to print right now */
3252 chunk_appendf(&trash, "\n");
3253 break;
3254 }
3255
3256 if (sess->be->cap & PR_CAP_BE)
3257 chunk_appendf(&trash,
3258 " server=%s (id=%u)",
3259 objt_server(sess->target) ? objt_server(sess->target)->id : "<none>",
3260 objt_server(sess->target) ? objt_server(sess->target)->puid : 0);
3261 else
3262 chunk_appendf(&trash, " server=<NONE> (id=-1)");
3263
3264 if (conn)
3265 conn_get_to_addr(conn);
3266
3267 switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
3268 case AF_INET:
3269 case AF_INET6:
3270 chunk_appendf(&trash, " addr=%s:%d\n",
3271 pn, get_host_port(&conn->addr.to));
3272 break;
3273 case AF_UNIX:
3274 chunk_appendf(&trash, " addr=unix\n");
3275 break;
3276 default:
3277 /* no more information to print right now */
3278 chunk_appendf(&trash, "\n");
3279 break;
3280 }
3281
3282 chunk_appendf(&trash,
3283 " task=%p (state=0x%02x nice=%d calls=%d exp=%s%s",
3284 sess->task,
3285 sess->task->state,
3286 sess->task->nice, sess->task->calls,
3287 sess->task->expire ?
3288 tick_is_expired(sess->task->expire, now_ms) ? "<PAST>" :
3289 human_time(TICKS_TO_MS(sess->task->expire - now_ms),
3290 TICKS_TO_MS(1000)) : "<NEVER>",
3291 task_in_rq(sess->task) ? ", running" : "");
3292
3293 chunk_appendf(&trash,
3294 " age=%s)\n",
3295 human_time(now.tv_sec - sess->logs.accept_date.tv_sec, 1));
3296
3297 if (sess->txn)
3298 chunk_appendf(&trash,
3299 " txn=%p flags=0x%x meth=%d status=%d req.st=%s rsp.st=%s waiting=%d\n",
3300 sess->txn, sess->txn->flags, sess->txn->meth, sess->txn->status,
3301 http_msg_state_str(sess->txn->req.msg_state), http_msg_state_str(sess->txn->rsp.msg_state), !LIST_ISEMPTY(&sess->buffer_wait));
3302
3303 chunk_appendf(&trash,
3304 " si[0]=%p (state=%s flags=0x%02x endp0=%s:%p exp=%s, et=0x%03x)\n",
3305 &sess->si[0],
3306 si_state_str(sess->si[0].state),
3307 sess->si[0].flags,
3308 obj_type_name(sess->si[0].end),
3309 obj_base_ptr(sess->si[0].end),
3310 sess->si[0].exp ?
3311 tick_is_expired(sess->si[0].exp, now_ms) ? "<PAST>" :
3312 human_time(TICKS_TO_MS(sess->si[0].exp - now_ms),
3313 TICKS_TO_MS(1000)) : "<NEVER>",
3314 sess->si[0].err_type);
3315
3316 chunk_appendf(&trash,
3317 " si[1]=%p (state=%s flags=0x%02x endp1=%s:%p exp=%s, et=0x%03x)\n",
3318 &sess->si[1],
3319 si_state_str(sess->si[1].state),
3320 sess->si[1].flags,
3321 obj_type_name(sess->si[1].end),
3322 obj_base_ptr(sess->si[1].end),
3323 sess->si[1].exp ?
3324 tick_is_expired(sess->si[1].exp, now_ms) ? "<PAST>" :
3325 human_time(TICKS_TO_MS(sess->si[1].exp - now_ms),
3326 TICKS_TO_MS(1000)) : "<NEVER>",
3327 sess->si[1].err_type);
3328
3329 if ((conn = objt_conn(sess->si[0].end)) != NULL) {
3330 chunk_appendf(&trash,
3331 " co0=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
3332 conn,
3333 get_conn_ctrl_name(conn),
3334 get_conn_xprt_name(conn),
3335 get_conn_data_name(conn),
3336 obj_type_name(conn->target),
3337 obj_base_ptr(conn->target));
3338
3339 chunk_appendf(&trash, " flags=0x%08x", conn->flags);
3340
3341 if (conn->t.sock.fd >= 0) {
3342 chunk_appendf(&trash, " fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
3343 conn->t.sock.fd, fdtab[conn->t.sock.fd].state,
3344 fdtab[conn->t.sock.fd].cache, fdtab[conn->t.sock.fd].updated);
3345 }
3346 else
3347 chunk_appendf(&trash, " fd=<dead>\n");
3348 }
3349 else if ((tmpctx = objt_appctx(sess->si[0].end)) != NULL) {
3350 chunk_appendf(&trash,
3351 " app0=%p st0=%d st1=%d st2=%d applet=%s\n",
3352 tmpctx,
3353 tmpctx->st0,
3354 tmpctx->st1,
3355 tmpctx->st2,
3356 tmpctx->applet->name);
3357 }
3358
3359 if ((conn = objt_conn(sess->si[1].end)) != NULL) {
3360 chunk_appendf(&trash,
3361 " co1=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
3362 conn,
3363 get_conn_ctrl_name(conn),
3364 get_conn_xprt_name(conn),
3365 get_conn_data_name(conn),
3366 obj_type_name(conn->target),
3367 obj_base_ptr(conn->target));
3368
3369 chunk_appendf(&trash, " flags=0x%08x", conn->flags);
3370
3371 if (conn->t.sock.fd >= 0) {
3372 chunk_appendf(&trash, " fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
3373 conn->t.sock.fd, fdtab[conn->t.sock.fd].state,
3374 fdtab[conn->t.sock.fd].cache, fdtab[conn->t.sock.fd].updated);
3375 }
3376 else
3377 chunk_appendf(&trash, " fd=<dead>\n");
3378 }
3379 else if ((tmpctx = objt_appctx(sess->si[1].end)) != NULL) {
3380 chunk_appendf(&trash,
3381 " app1=%p st0=%d st1=%d st2=%d applet=%s\n",
3382 tmpctx,
3383 tmpctx->st0,
3384 tmpctx->st1,
3385 tmpctx->st2,
3386 tmpctx->applet->name);
3387 }
3388
3389 chunk_appendf(&trash,
3390 " req=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
3391 " an_exp=%s",
3392 &sess->req,
3393 sess->req.flags, sess->req.analysers,
3394 sess->req.pipe ? sess->req.pipe->data : 0,
3395 sess->req.to_forward, sess->req.total,
3396 sess->req.analyse_exp ?
3397 human_time(TICKS_TO_MS(sess->req.analyse_exp - now_ms),
3398 TICKS_TO_MS(1000)) : "<NEVER>");
3399
3400 chunk_appendf(&trash,
3401 " rex=%s",
3402 sess->req.rex ?
3403 human_time(TICKS_TO_MS(sess->req.rex - now_ms),
3404 TICKS_TO_MS(1000)) : "<NEVER>");
3405
3406 chunk_appendf(&trash,
3407 " wex=%s\n"
3408 " buf=%p data=%p o=%d p=%d req.next=%d i=%d size=%d\n",
3409 sess->req.wex ?
3410 human_time(TICKS_TO_MS(sess->req.wex - now_ms),
3411 TICKS_TO_MS(1000)) : "<NEVER>",
3412 sess->req.buf,
3413 sess->req.buf->data, sess->req.buf->o,
3414 (int)(sess->req.buf->p - sess->req.buf->data),
3415 sess->txn ? sess->txn->req.next : 0, sess->req.buf->i,
3416 sess->req.buf->size);
3417
3418 chunk_appendf(&trash,
3419 " res=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
3420 " an_exp=%s",
3421 &sess->res,
3422 sess->res.flags, sess->res.analysers,
3423 sess->res.pipe ? sess->res.pipe->data : 0,
3424 sess->res.to_forward, sess->res.total,
3425 sess->res.analyse_exp ?
3426 human_time(TICKS_TO_MS(sess->res.analyse_exp - now_ms),
3427 TICKS_TO_MS(1000)) : "<NEVER>");
3428
3429 chunk_appendf(&trash,
3430 " rex=%s",
3431 sess->res.rex ?
3432 human_time(TICKS_TO_MS(sess->res.rex - now_ms),
3433 TICKS_TO_MS(1000)) : "<NEVER>");
3434
3435 chunk_appendf(&trash,
3436 " wex=%s\n"
3437 " buf=%p data=%p o=%d p=%d rsp.next=%d i=%d size=%d\n",
3438 sess->res.wex ?
3439 human_time(TICKS_TO_MS(sess->res.wex - now_ms),
3440 TICKS_TO_MS(1000)) : "<NEVER>",
3441 sess->res.buf,
3442 sess->res.buf->data, sess->res.buf->o,
3443 (int)(sess->res.buf->p - sess->res.buf->data),
3444 sess->txn ? sess->txn->rsp.next : 0, sess->res.buf->i,
3445 sess->res.buf->size);
3446
3447 if (bi_putchk(si_ic(si), &trash) == -1) {
3448 si_applet_cant_put(si);
3449 return 0;
3450 }
3451
3452 /* use other states to dump the contents */
3453 }
3454 /* end of dump */
3455 appctx->ctx.sess.uid = 0;
3456 appctx->ctx.sess.section = 0;
3457 return 1;
3458}
3459
3460#if (defined SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB && TLS_TICKETS_NO > 0)
3461static int stats_tlskeys_list(struct stream_interface *si) {
3462 struct appctx *appctx = __objt_appctx(si->end);
3463
3464 switch (appctx->st2) {
3465 case STAT_ST_INIT:
3466 /* Display the column headers. If the message cannot be sent,
3467 * quit the fucntion with returning 0. The function is called
3468 * later and restart at the state "STAT_ST_INIT".
3469 */
3470 chunk_reset(&trash);
3471
3472 if (appctx->st0 == STAT_CLI_O_TLSK_ENT)
3473 chunk_appendf(&trash, "# id secret\n");
3474 else
3475 chunk_appendf(&trash, "# id (file)\n");
3476
3477 if (bi_putchk(si_ic(si), &trash) == -1) {
3478 si_applet_cant_put(si);
3479 return 0;
3480 }
3481
3482 appctx->ctx.tlskeys.dump_keys_index = 0;
3483
3484 /* Now, we start the browsing of the references lists.
3485 * Note that the following call to LIST_ELEM return bad pointer. The only
3486 * available field of this pointer is <list>. It is used with the function
3487 * tlskeys_list_get_next() for retruning the first available entry
3488 */
3489 if (appctx->ctx.tlskeys.ref == NULL) {
3490 appctx->ctx.tlskeys.ref = LIST_ELEM(&tlskeys_reference, struct tls_keys_ref *, list);
3491 appctx->ctx.tlskeys.ref = tlskeys_list_get_next(appctx->ctx.tlskeys.ref, &tlskeys_reference);
3492 }
3493
3494 appctx->st2 = STAT_ST_LIST;
3495 /* fall through */
3496
3497 case STAT_ST_LIST:
3498 while (appctx->ctx.tlskeys.ref) {
3499 int head = appctx->ctx.tlskeys.ref->tls_ticket_enc_index;
3500
3501 chunk_reset(&trash);
3502 if (appctx->st0 == STAT_CLI_O_TLSK_ENT && appctx->ctx.tlskeys.dump_keys_index == 0)
3503 chunk_appendf(&trash, "# ");
3504 if (appctx->ctx.tlskeys.dump_keys_index == 0)
3505 chunk_appendf(&trash, "%d (%s)\n", appctx->ctx.tlskeys.ref->unique_id,
3506 appctx->ctx.tlskeys.ref->filename);
3507 if (appctx->st0 == STAT_CLI_O_TLSK_ENT) {
3508 while (appctx->ctx.tlskeys.dump_keys_index < TLS_TICKETS_NO) {
3509 struct chunk *t2 = get_trash_chunk();
3510
3511 chunk_reset(t2);
3512 /* should never fail here because we dump only a key in the t2 buffer */
3513 t2->len = a2base64((char *)(appctx->ctx.tlskeys.ref->tlskeys + (head + 2 + appctx->ctx.tlskeys.dump_keys_index) % TLS_TICKETS_NO),
3514 sizeof(struct tls_sess_key), t2->str, t2->size);
3515 chunk_appendf(&trash, "%d.%d %s\n", appctx->ctx.tlskeys.ref->unique_id, appctx->ctx.tlskeys.dump_keys_index, t2->str);
3516
3517 if (bi_putchk(si_ic(si), &trash) == -1) {
3518 /* let's try again later from this stream. We add ourselves into
3519 * this stream's users so that it can remove us upon termination.
3520 */
3521 si_applet_cant_put(si);
3522 return 0;
3523 }
3524 appctx->ctx.tlskeys.dump_keys_index++;
3525 }
3526 appctx->ctx.tlskeys.dump_keys_index = 0;
3527 }
3528 if (bi_putchk(si_ic(si), &trash) == -1) {
3529 /* let's try again later from this stream. We add ourselves into
3530 * this stream's users so that it can remove us upon termination.
3531 */
3532 si_applet_cant_put(si);
3533 return 0;
3534 }
3535
3536 if (appctx->ctx.tlskeys.dump_all == 0) /* don't display everything if not necessary */
3537 break;
3538
3539 /* get next list entry and check the end of the list */
3540 appctx->ctx.tlskeys.ref = tlskeys_list_get_next(appctx->ctx.tlskeys.ref, &tlskeys_reference);
3541
3542 }
3543
3544 appctx->st2 = STAT_ST_FIN;
3545 /* fall through */
3546
3547 default:
3548 appctx->st2 = STAT_ST_FIN;
3549 return 1;
3550 }
3551 return 0;
3552}
3553#endif
3554
3555static int stats_pats_list(struct stream_interface *si)
3556{
3557 struct appctx *appctx = __objt_appctx(si->end);
3558
3559 switch (appctx->st2) {
3560 case STAT_ST_INIT:
3561 /* Display the column headers. If the message cannot be sent,
3562 * quit the fucntion with returning 0. The function is called
3563 * later and restart at the state "STAT_ST_INIT".
3564 */
3565 chunk_reset(&trash);
3566 chunk_appendf(&trash, "# id (file) description\n");
3567 if (bi_putchk(si_ic(si), &trash) == -1) {
3568 si_applet_cant_put(si);
3569 return 0;
3570 }
3571
3572 /* Now, we start the browsing of the references lists.
3573 * Note that the following call to LIST_ELEM return bad pointer. The only
3574 * available field of this pointer is <list>. It is used with the function
3575 * pat_list_get_next() for retruning the first available entry
3576 */
3577 appctx->ctx.map.ref = LIST_ELEM(&pattern_reference, struct pat_ref *, list);
3578 appctx->ctx.map.ref = pat_list_get_next(appctx->ctx.map.ref, &pattern_reference,
3579 appctx->ctx.map.display_flags);
3580 appctx->st2 = STAT_ST_LIST;
3581 /* fall through */
3582
3583 case STAT_ST_LIST:
3584 while (appctx->ctx.map.ref) {
3585 chunk_reset(&trash);
3586
3587 /* Build messages. If the reference is used by another category than
3588 * the listed categorie, display the information in the massage.
3589 */
3590 chunk_appendf(&trash, "%d (%s) %s\n", appctx->ctx.map.ref->unique_id,
3591 appctx->ctx.map.ref->reference ? appctx->ctx.map.ref->reference : "",
3592 appctx->ctx.map.ref->display);
3593
3594 if (bi_putchk(si_ic(si), &trash) == -1) {
3595 /* let's try again later from this stream. We add ourselves into
3596 * this stream's users so that it can remove us upon termination.
3597 */
3598 si_applet_cant_put(si);
3599 return 0;
3600 }
3601
3602 /* get next list entry and check the end of the list */
3603 appctx->ctx.map.ref = pat_list_get_next(appctx->ctx.map.ref, &pattern_reference,
3604 appctx->ctx.map.display_flags);
3605 }
3606
3607 appctx->st2 = STAT_ST_FIN;
3608 /* fall through */
3609
3610 default:
3611 appctx->st2 = STAT_ST_FIN;
3612 return 1;
3613 }
3614 return 0;
3615}
3616
3617static int stats_map_lookup(struct stream_interface *si)
3618{
3619 struct appctx *appctx = __objt_appctx(si->end);
3620 struct sample sample;
3621 struct pattern *pat;
3622 int match_method;
3623
3624 switch (appctx->st2) {
3625 case STAT_ST_INIT:
3626 /* Init to the first entry. The list cannot be change */
3627 appctx->ctx.map.expr = LIST_ELEM(&appctx->ctx.map.ref->pat, struct pattern_expr *, list);
3628 appctx->ctx.map.expr = pat_expr_get_next(appctx->ctx.map.expr, &appctx->ctx.map.ref->pat);
3629 appctx->st2 = STAT_ST_LIST;
3630 /* fall through */
3631
3632 case STAT_ST_LIST:
3633 /* for each lookup type */
3634 while (appctx->ctx.map.expr) {
3635 /* initialise chunk to build new message */
3636 chunk_reset(&trash);
3637
3638 /* execute pattern matching */
3639 sample.data.type = SMP_T_STR;
3640 sample.flags = SMP_F_CONST;
3641 sample.data.u.str.len = appctx->ctx.map.chunk.len;
3642 sample.data.u.str.str = appctx->ctx.map.chunk.str;
3643 if (appctx->ctx.map.expr->pat_head->match &&
3644 sample_convert(&sample, appctx->ctx.map.expr->pat_head->expect_type))
3645 pat = appctx->ctx.map.expr->pat_head->match(&sample, appctx->ctx.map.expr, 1);
3646 else
3647 pat = NULL;
3648
3649 /* build return message: set type of match */
3650 for (match_method=0; match_method<PAT_MATCH_NUM; match_method++)
3651 if (appctx->ctx.map.expr->pat_head->match == pat_match_fcts[match_method])
3652 break;
3653 if (match_method >= PAT_MATCH_NUM)
3654 chunk_appendf(&trash, "type=unknown(%p)", appctx->ctx.map.expr->pat_head->match);
3655 else
3656 chunk_appendf(&trash, "type=%s", pat_match_names[match_method]);
3657
3658 /* case sensitive */
3659 if (appctx->ctx.map.expr->mflags & PAT_MF_IGNORE_CASE)
3660 chunk_appendf(&trash, ", case=insensitive");
3661 else
3662 chunk_appendf(&trash, ", case=sensitive");
3663
3664 /* Display no match, and set default value */
3665 if (!pat) {
3666 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
3667 chunk_appendf(&trash, ", found=no");
3668 else
3669 chunk_appendf(&trash, ", match=no");
3670 }
3671
3672 /* Display match and match info */
3673 else {
3674 /* display match */
3675 if (appctx->ctx.map.display_flags == PAT_REF_MAP)
3676 chunk_appendf(&trash, ", found=yes");
3677 else
3678 chunk_appendf(&trash, ", match=yes");
3679
3680 /* display index mode */
3681 if (pat->sflags & PAT_SF_TREE)
3682 chunk_appendf(&trash, ", idx=tree");
3683 else
3684 chunk_appendf(&trash, ", idx=list");
3685
3686 /* display pattern */
3687 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
3688 if (pat->ref && pat->ref->pattern)
3689 chunk_appendf(&trash, ", key=\"%s\"", pat->ref->pattern);
3690 else
3691 chunk_appendf(&trash, ", key=unknown");
3692 }
3693 else {
3694 if (pat->ref && pat->ref->pattern)
3695 chunk_appendf(&trash, ", pattern=\"%s\"", pat->ref->pattern);
3696 else
3697 chunk_appendf(&trash, ", pattern=unknown");
3698 }
3699
3700 /* display return value */
3701 if (appctx->ctx.map.display_flags == PAT_REF_MAP) {
3702 if (pat->data && pat->ref && pat->ref->sample)
3703 chunk_appendf(&trash, ", value=\"%s\", type=\"%s\"", pat->ref->sample,
3704 smp_to_type[pat->data->type]);
3705 else
3706 chunk_appendf(&trash, ", value=none");
3707 }
3708 }
3709
3710 chunk_appendf(&trash, "\n");
3711
3712 /* display response */
3713 if (bi_putchk(si_ic(si), &trash) == -1) {
3714 /* let's try again later from this stream. We add ourselves into
3715 * this stream's users so that it can remove us upon termination.
3716 */
3717 si_applet_cant_put(si);
3718 return 0;
3719 }
3720
3721 /* get next entry */
3722 appctx->ctx.map.expr = pat_expr_get_next(appctx->ctx.map.expr,
3723 &appctx->ctx.map.ref->pat);
3724 }
3725
3726 appctx->st2 = STAT_ST_FIN;
3727 /* fall through */
3728
3729 default:
3730 appctx->st2 = STAT_ST_FIN;
3731 free(appctx->ctx.map.chunk.str);
3732 return 1;
3733 }
3734}
3735
3736static int stats_pat_list(struct stream_interface *si)
3737{
3738 struct appctx *appctx = __objt_appctx(si->end);
3739
3740 switch (appctx->st2) {
3741
3742 case STAT_ST_INIT:
3743 /* Init to the first entry. The list cannot be change */
3744 appctx->ctx.map.elt = LIST_NEXT(&appctx->ctx.map.ref->head,
3745 struct pat_ref_elt *, list);
3746 if (&appctx->ctx.map.elt->list == &appctx->ctx.map.ref->head)
3747 appctx->ctx.map.elt = NULL;
3748 appctx->st2 = STAT_ST_LIST;
3749 /* fall through */
3750
3751 case STAT_ST_LIST:
3752 while (appctx->ctx.map.elt) {
3753 chunk_reset(&trash);
3754
3755 /* build messages */
3756 if (appctx->ctx.map.elt->sample)
3757 chunk_appendf(&trash, "%p %s %s\n",
3758 appctx->ctx.map.elt, appctx->ctx.map.elt->pattern,
3759 appctx->ctx.map.elt->sample);
3760 else
3761 chunk_appendf(&trash, "%p %s\n",
3762 appctx->ctx.map.elt, appctx->ctx.map.elt->pattern);
3763
3764 if (bi_putchk(si_ic(si), &trash) == -1) {
3765 /* let's try again later from this stream. We add ourselves into
3766 * this stream's users so that it can remove us upon termination.
3767 */
3768 si_applet_cant_put(si);
3769 return 0;
3770 }
3771
3772 /* get next list entry and check the end of the list */
3773 appctx->ctx.map.elt = LIST_NEXT(&appctx->ctx.map.elt->list,
3774 struct pat_ref_elt *, list);
3775 if (&appctx->ctx.map.elt->list == &appctx->ctx.map.ref->head)
3776 break;
3777 }
3778
3779 appctx->st2 = STAT_ST_FIN;
3780 /* fall through */
3781
3782 default:
3783 appctx->st2 = STAT_ST_FIN;
3784 return 1;
3785 }
3786}
3787
3788/* This function dumps all streams' states onto the stream interface's
3789 * read buffer. It returns 0 if the output buffer is full and it needs
3790 * to be called again, otherwise non-zero. It is designed to be called
3791 * from stats_dump_sess_to_buffer() below.
3792 */
3793static int stats_dump_sess_to_buffer(struct stream_interface *si)
3794{
3795 struct appctx *appctx = __objt_appctx(si->end);
3796 struct connection *conn;
3797
3798 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW))) {
3799 /* If we're forced to shut down, we might have to remove our
3800 * reference to the last stream being dumped.
3801 */
3802 if (appctx->st2 == STAT_ST_LIST) {
3803 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
3804 LIST_DEL(&appctx->ctx.sess.bref.users);
3805 LIST_INIT(&appctx->ctx.sess.bref.users);
3806 }
3807 }
3808 return 1;
3809 }
3810
3811 chunk_reset(&trash);
3812
3813 switch (appctx->st2) {
3814 case STAT_ST_INIT:
3815 /* the function had not been called yet, let's prepare the
3816 * buffer for a response. We initialize the current stream
3817 * pointer to the first in the global list. When a target
3818 * stream is being destroyed, it is responsible for updating
3819 * this pointer. We know we have reached the end when this
3820 * pointer points back to the head of the streams list.
3821 */
3822 LIST_INIT(&appctx->ctx.sess.bref.users);
3823 appctx->ctx.sess.bref.ref = streams.n;
3824 appctx->st2 = STAT_ST_LIST;
3825 /* fall through */
3826
3827 case STAT_ST_LIST:
3828 /* first, let's detach the back-ref from a possible previous stream */
3829 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
3830 LIST_DEL(&appctx->ctx.sess.bref.users);
3831 LIST_INIT(&appctx->ctx.sess.bref.users);
3832 }
3833
3834 /* and start from where we stopped */
3835 while (appctx->ctx.sess.bref.ref != &streams) {
3836 char pn[INET6_ADDRSTRLEN];
3837 struct stream *curr_sess;
3838
3839 curr_sess = LIST_ELEM(appctx->ctx.sess.bref.ref, struct stream *, list);
3840
3841 if (appctx->ctx.sess.target) {
3842 if (appctx->ctx.sess.target != (void *)-1 && appctx->ctx.sess.target != curr_sess)
3843 goto next_sess;
3844
3845 LIST_ADDQ(&curr_sess->back_refs, &appctx->ctx.sess.bref.users);
3846 /* call the proper dump() function and return if we're missing space */
3847 if (!stats_dump_full_sess_to_buffer(si, curr_sess))
3848 return 0;
3849
3850 /* stream dump complete */
3851 LIST_DEL(&appctx->ctx.sess.bref.users);
3852 LIST_INIT(&appctx->ctx.sess.bref.users);
3853 if (appctx->ctx.sess.target != (void *)-1) {
3854 appctx->ctx.sess.target = NULL;
3855 break;
3856 }
3857 else
3858 goto next_sess;
3859 }
3860
3861 chunk_appendf(&trash,
3862 "%p: proto=%s",
3863 curr_sess,
3864 strm_li(curr_sess) ? strm_li(curr_sess)->proto->name : "?");
3865
3866 conn = objt_conn(strm_orig(curr_sess));
3867 switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
3868 case AF_INET:
3869 case AF_INET6:
3870 chunk_appendf(&trash,
3871 " src=%s:%d fe=%s be=%s srv=%s",
3872 pn,
3873 get_host_port(&conn->addr.from),
3874 strm_fe(curr_sess)->id,
3875 (curr_sess->be->cap & PR_CAP_BE) ? curr_sess->be->id : "<NONE>",
3876 objt_server(curr_sess->target) ? objt_server(curr_sess->target)->id : "<none>"
3877 );
3878 break;
3879 case AF_UNIX:
3880 chunk_appendf(&trash,
3881 " src=unix:%d fe=%s be=%s srv=%s",
3882 strm_li(curr_sess)->luid,
3883 strm_fe(curr_sess)->id,
3884 (curr_sess->be->cap & PR_CAP_BE) ? curr_sess->be->id : "<NONE>",
3885 objt_server(curr_sess->target) ? objt_server(curr_sess->target)->id : "<none>"
3886 );
3887 break;
3888 }
3889
3890 chunk_appendf(&trash,
3891 " ts=%02x age=%s calls=%d",
3892 curr_sess->task->state,
3893 human_time(now.tv_sec - curr_sess->logs.tv_accept.tv_sec, 1),
3894 curr_sess->task->calls);
3895
3896 chunk_appendf(&trash,
3897 " rq[f=%06xh,i=%d,an=%02xh,rx=%s",
3898 curr_sess->req.flags,
3899 curr_sess->req.buf->i,
3900 curr_sess->req.analysers,
3901 curr_sess->req.rex ?
3902 human_time(TICKS_TO_MS(curr_sess->req.rex - now_ms),
3903 TICKS_TO_MS(1000)) : "");
3904
3905 chunk_appendf(&trash,
3906 ",wx=%s",
3907 curr_sess->req.wex ?
3908 human_time(TICKS_TO_MS(curr_sess->req.wex - now_ms),
3909 TICKS_TO_MS(1000)) : "");
3910
3911 chunk_appendf(&trash,
3912 ",ax=%s]",
3913 curr_sess->req.analyse_exp ?
3914 human_time(TICKS_TO_MS(curr_sess->req.analyse_exp - now_ms),
3915 TICKS_TO_MS(1000)) : "");
3916
3917 chunk_appendf(&trash,
3918 " rp[f=%06xh,i=%d,an=%02xh,rx=%s",
3919 curr_sess->res.flags,
3920 curr_sess->res.buf->i,
3921 curr_sess->res.analysers,
3922 curr_sess->res.rex ?
3923 human_time(TICKS_TO_MS(curr_sess->res.rex - now_ms),
3924 TICKS_TO_MS(1000)) : "");
3925
3926 chunk_appendf(&trash,
3927 ",wx=%s",
3928 curr_sess->res.wex ?
3929 human_time(TICKS_TO_MS(curr_sess->res.wex - now_ms),
3930 TICKS_TO_MS(1000)) : "");
3931
3932 chunk_appendf(&trash,
3933 ",ax=%s]",
3934 curr_sess->res.analyse_exp ?
3935 human_time(TICKS_TO_MS(curr_sess->res.analyse_exp - now_ms),
3936 TICKS_TO_MS(1000)) : "");
3937
3938 conn = objt_conn(curr_sess->si[0].end);
3939 chunk_appendf(&trash,
3940 " s0=[%d,%1xh,fd=%d,ex=%s]",
3941 curr_sess->si[0].state,
3942 curr_sess->si[0].flags,
3943 (conn && conn->t.sock.fd >= 0) ? conn->t.sock.fd : -1,
3944 curr_sess->si[0].exp ?
3945 human_time(TICKS_TO_MS(curr_sess->si[0].exp - now_ms),
3946 TICKS_TO_MS(1000)) : "");
3947
3948 conn = objt_conn(curr_sess->si[1].end);
3949 chunk_appendf(&trash,
3950 " s1=[%d,%1xh,fd=%d,ex=%s]",
3951 curr_sess->si[1].state,
3952 curr_sess->si[1].flags,
3953 (conn && conn->t.sock.fd >= 0) ? conn->t.sock.fd : -1,
3954 curr_sess->si[1].exp ?
3955 human_time(TICKS_TO_MS(curr_sess->si[1].exp - now_ms),
3956 TICKS_TO_MS(1000)) : "");
3957
3958 chunk_appendf(&trash,
3959 " exp=%s",
3960 curr_sess->task->expire ?
3961 human_time(TICKS_TO_MS(curr_sess->task->expire - now_ms),
3962 TICKS_TO_MS(1000)) : "");
3963 if (task_in_rq(curr_sess->task))
3964 chunk_appendf(&trash, " run(nice=%d)", curr_sess->task->nice);
3965
3966 chunk_appendf(&trash, "\n");
3967
3968 if (bi_putchk(si_ic(si), &trash) == -1) {
3969 /* let's try again later from this stream. We add ourselves into
3970 * this stream's users so that it can remove us upon termination.
3971 */
3972 si_applet_cant_put(si);
3973 LIST_ADDQ(&curr_sess->back_refs, &appctx->ctx.sess.bref.users);
3974 return 0;
3975 }
3976
3977 next_sess:
3978 appctx->ctx.sess.bref.ref = curr_sess->list.n;
3979 }
3980
3981 if (appctx->ctx.sess.target && appctx->ctx.sess.target != (void *)-1) {
3982 /* specified stream not found */
3983 if (appctx->ctx.sess.section > 0)
3984 chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
3985 else
3986 chunk_appendf(&trash, "Session not found.\n");
3987
3988 if (bi_putchk(si_ic(si), &trash) == -1) {
3989 si_applet_cant_put(si);
3990 return 0;
3991 }
3992
3993 appctx->ctx.sess.target = NULL;
3994 appctx->ctx.sess.uid = 0;
3995 return 1;
3996 }
3997
3998 appctx->st2 = STAT_ST_FIN;
3999 /* fall through */
4000
4001 default:
4002 appctx->st2 = STAT_ST_FIN;
4003 return 1;
4004 }
4005}
4006
4007/* This is called when the stream interface is closed. For instance, upon an
4008 * external abort, we won't call the i/o handler anymore so we may need to
4009 * remove back references to the stream currently being dumped.
4010 */
4011static void cli_release_handler(struct appctx *appctx)
4012{
4013 if (appctx->io_release) {
4014 appctx->io_release(appctx);
4015 appctx->io_release = NULL;
4016 }
4017 if (appctx->st0 == STAT_CLI_O_SESS && appctx->st2 == STAT_ST_LIST) {
4018 if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users))
4019 LIST_DEL(&appctx->ctx.sess.bref.users);
4020 }
4021 else if ((appctx->st0 == STAT_CLI_O_TAB || appctx->st0 == STAT_CLI_O_CLR) &&
4022 appctx->st2 == STAT_ST_LIST) {
4023 appctx->ctx.table.entry->ref_cnt--;
4024 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4025 }
4026 else if (appctx->st0 == STAT_CLI_PRINT_FREE) {
4027 free(appctx->ctx.cli.err);
4028 appctx->ctx.cli.err = NULL;
4029 }
4030 else if (appctx->st0 == STAT_CLI_O_MLOOK) {
4031 free(appctx->ctx.map.chunk.str);
4032 appctx->ctx.map.chunk.str = NULL;
4033 }
4034}
4035
4036/* This function is used to either dump tables states (when action is set
4037 * to STAT_CLI_O_TAB) or clear tables (when action is STAT_CLI_O_CLR).
4038 * It returns 0 if the output buffer is full and it needs to be called
4039 * again, otherwise non-zero.
4040 */
4041static int stats_table_request(struct stream_interface *si, int action)
4042{
4043 struct appctx *appctx = __objt_appctx(si->end);
4044 struct stream *s = si_strm(si);
4045 struct ebmb_node *eb;
4046 int dt;
4047 int skip_entry;
4048 int show = action == STAT_CLI_O_TAB;
4049
4050 /*
4051 * We have 3 possible states in appctx->st2 :
4052 * - STAT_ST_INIT : the first call
4053 * - STAT_ST_INFO : the proxy pointer points to the next table to
4054 * dump, the entry pointer is NULL ;
4055 * - STAT_ST_LIST : the proxy pointer points to the current table
4056 * and the entry pointer points to the next entry to be dumped,
4057 * and the refcount on the next entry is held ;
4058 * - STAT_ST_END : nothing left to dump, the buffer may contain some
4059 * data though.
4060 */
4061
4062 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW))) {
4063 /* in case of abort, remove any refcount we might have set on an entry */
4064 if (appctx->st2 == STAT_ST_LIST) {
4065 appctx->ctx.table.entry->ref_cnt--;
4066 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4067 }
4068 return 1;
4069 }
4070
4071 chunk_reset(&trash);
4072
4073 while (appctx->st2 != STAT_ST_FIN) {
4074 switch (appctx->st2) {
4075 case STAT_ST_INIT:
4076 appctx->ctx.table.proxy = appctx->ctx.table.target;
4077 if (!appctx->ctx.table.proxy)
4078 appctx->ctx.table.proxy = proxy;
4079
4080 appctx->ctx.table.entry = NULL;
4081 appctx->st2 = STAT_ST_INFO;
4082 break;
4083
4084 case STAT_ST_INFO:
4085 if (!appctx->ctx.table.proxy ||
4086 (appctx->ctx.table.target &&
4087 appctx->ctx.table.proxy != appctx->ctx.table.target)) {
4088 appctx->st2 = STAT_ST_END;
4089 break;
4090 }
4091
4092 if (appctx->ctx.table.proxy->table.size) {
4093 if (show && !stats_dump_table_head_to_buffer(&trash, si, appctx->ctx.table.proxy,
4094 appctx->ctx.table.target))
4095 return 0;
4096
4097 if (appctx->ctx.table.target &&
4098 strm_li(s)->bind_conf->level >= ACCESS_LVL_OPER) {
4099 /* dump entries only if table explicitly requested */
4100 eb = ebmb_first(&appctx->ctx.table.proxy->table.keys);
4101 if (eb) {
4102 appctx->ctx.table.entry = ebmb_entry(eb, struct stksess, key);
4103 appctx->ctx.table.entry->ref_cnt++;
4104 appctx->st2 = STAT_ST_LIST;
4105 break;
4106 }
4107 }
4108 }
4109 appctx->ctx.table.proxy = appctx->ctx.table.proxy->next;
4110 break;
4111
4112 case STAT_ST_LIST:
4113 skip_entry = 0;
4114
4115 if (appctx->ctx.table.data_type >= 0) {
4116 /* we're filtering on some data contents */
4117 void *ptr;
4118 long long data;
4119
4120 dt = appctx->ctx.table.data_type;
4121 ptr = stktable_data_ptr(&appctx->ctx.table.proxy->table,
4122 appctx->ctx.table.entry,
4123 dt);
4124
4125 data = 0;
4126 switch (stktable_data_types[dt].std_type) {
4127 case STD_T_SINT:
4128 data = stktable_data_cast(ptr, std_t_sint);
4129 break;
4130 case STD_T_UINT:
4131 data = stktable_data_cast(ptr, std_t_uint);
4132 break;
4133 case STD_T_ULL:
4134 data = stktable_data_cast(ptr, std_t_ull);
4135 break;
4136 case STD_T_FRQP:
4137 data = read_freq_ctr_period(&stktable_data_cast(ptr, std_t_frqp),
4138 appctx->ctx.table.proxy->table.data_arg[dt].u);
4139 break;
4140 }
4141
4142 /* skip the entry if the data does not match the test and the value */
4143 if ((data < appctx->ctx.table.value &&
4144 (appctx->ctx.table.data_op == STD_OP_EQ ||
4145 appctx->ctx.table.data_op == STD_OP_GT ||
4146 appctx->ctx.table.data_op == STD_OP_GE)) ||
4147 (data == appctx->ctx.table.value &&
4148 (appctx->ctx.table.data_op == STD_OP_NE ||
4149 appctx->ctx.table.data_op == STD_OP_GT ||
4150 appctx->ctx.table.data_op == STD_OP_LT)) ||
4151 (data > appctx->ctx.table.value &&
4152 (appctx->ctx.table.data_op == STD_OP_EQ ||
4153 appctx->ctx.table.data_op == STD_OP_LT ||
4154 appctx->ctx.table.data_op == STD_OP_LE)))
4155 skip_entry = 1;
4156 }
4157
4158 if (show && !skip_entry &&
4159 !stats_dump_table_entry_to_buffer(&trash, si, appctx->ctx.table.proxy,
4160 appctx->ctx.table.entry))
4161 return 0;
4162
4163 appctx->ctx.table.entry->ref_cnt--;
4164
4165 eb = ebmb_next(&appctx->ctx.table.entry->key);
4166 if (eb) {
4167 struct stksess *old = appctx->ctx.table.entry;
4168 appctx->ctx.table.entry = ebmb_entry(eb, struct stksess, key);
4169 if (show)
4170 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, old);
4171 else if (!skip_entry && !appctx->ctx.table.entry->ref_cnt)
4172 stksess_kill(&appctx->ctx.table.proxy->table, old);
4173 appctx->ctx.table.entry->ref_cnt++;
4174 break;
4175 }
4176
4177
4178 if (show)
4179 stksess_kill_if_expired(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4180 else if (!skip_entry && !appctx->ctx.table.entry->ref_cnt)
4181 stksess_kill(&appctx->ctx.table.proxy->table, appctx->ctx.table.entry);
4182
4183 appctx->ctx.table.proxy = appctx->ctx.table.proxy->next;
4184 appctx->st2 = STAT_ST_INFO;
4185 break;
4186
4187 case STAT_ST_END:
4188 appctx->st2 = STAT_ST_FIN;
4189 break;
4190 }
4191 }
4192 return 1;
4193}
4194
4195/* print a line of text buffer (limited to 70 bytes) to <out>. The format is :
4196 * <2 spaces> <offset=5 digits> <space or plus> <space> <70 chars max> <\n>
4197 * which is 60 chars per line. Non-printable chars \t, \n, \r and \e are
4198 * encoded in C format. Other non-printable chars are encoded "\xHH". Original
4199 * lines are respected within the limit of 70 output chars. Lines that are
4200 * continuation of a previous truncated line begin with "+" instead of " "
4201 * after the offset. The new pointer is returned.
4202 */
4203static int dump_text_line(struct chunk *out, const char *buf, int bsize, int len,
4204 int *line, int ptr)
4205{
4206 int end;
4207 unsigned char c;
4208
4209 end = out->len + 80;
4210 if (end > out->size)
4211 return ptr;
4212
4213 chunk_appendf(out, " %05d%c ", ptr, (ptr == *line) ? ' ' : '+');
4214
4215 while (ptr < len && ptr < bsize) {
4216 c = buf[ptr];
4217 if (isprint(c) && isascii(c) && c != '\\') {
4218 if (out->len > end - 2)
4219 break;
4220 out->str[out->len++] = c;
4221 } else if (c == '\t' || c == '\n' || c == '\r' || c == '\e' || c == '\\') {
4222 if (out->len > end - 3)
4223 break;
4224 out->str[out->len++] = '\\';
4225 switch (c) {
4226 case '\t': c = 't'; break;
4227 case '\n': c = 'n'; break;
4228 case '\r': c = 'r'; break;
4229 case '\e': c = 'e'; break;
4230 case '\\': c = '\\'; break;
4231 }
4232 out->str[out->len++] = c;
4233 } else {
4234 if (out->len > end - 5)
4235 break;
4236 out->str[out->len++] = '\\';
4237 out->str[out->len++] = 'x';
4238 out->str[out->len++] = hextab[(c >> 4) & 0xF];
4239 out->str[out->len++] = hextab[c & 0xF];
4240 }
4241 if (buf[ptr++] == '\n') {
4242 /* we had a line break, let's return now */
4243 out->str[out->len++] = '\n';
4244 *line = ptr;
4245 return ptr;
4246 }
4247 }
4248 /* we have an incomplete line, we return it as-is */
4249 out->str[out->len++] = '\n';
4250 return ptr;
4251}
4252
4253/* This function dumps counters from all resolvers section and associated name servers.
4254 * It returns 0 if the output buffer is full and it needs
4255 * to be called again, otherwise non-zero.
4256 */
4257static int stats_dump_resolvers_to_buffer(struct stream_interface *si)
4258{
4259 struct appctx *appctx = __objt_appctx(si->end);
4260 struct dns_resolvers *presolvers;
4261 struct dns_nameserver *pnameserver;
4262
4263 chunk_reset(&trash);
4264
4265 switch (appctx->st2) {
4266 case STAT_ST_INIT:
4267 appctx->st2 = STAT_ST_LIST; /* let's start producing data */
4268 /* fall through */
4269
4270 case STAT_ST_LIST:
4271 if (LIST_ISEMPTY(&dns_resolvers)) {
4272 chunk_appendf(&trash, "No resolvers found\n");
4273 }
4274 else {
4275 list_for_each_entry(presolvers, &dns_resolvers, list) {
4276 if (appctx->ctx.resolvers.ptr != NULL && appctx->ctx.resolvers.ptr != presolvers)
4277 continue;
4278
4279 chunk_appendf(&trash, "Resolvers section %s\n", presolvers->id);
4280 list_for_each_entry(pnameserver, &presolvers->nameserver_list, list) {
4281 chunk_appendf(&trash, " nameserver %s:\n", pnameserver->id);
4282 chunk_appendf(&trash, " sent: %ld\n", pnameserver->counters.sent);
4283 chunk_appendf(&trash, " valid: %ld\n", pnameserver->counters.valid);
4284 chunk_appendf(&trash, " update: %ld\n", pnameserver->counters.update);
4285 chunk_appendf(&trash, " cname: %ld\n", pnameserver->counters.cname);
4286 chunk_appendf(&trash, " cname_error: %ld\n", pnameserver->counters.cname_error);
4287 chunk_appendf(&trash, " any_err: %ld\n", pnameserver->counters.any_err);
4288 chunk_appendf(&trash, " nx: %ld\n", pnameserver->counters.nx);
4289 chunk_appendf(&trash, " timeout: %ld\n", pnameserver->counters.timeout);
4290 chunk_appendf(&trash, " refused: %ld\n", pnameserver->counters.refused);
4291 chunk_appendf(&trash, " other: %ld\n", pnameserver->counters.other);
4292 chunk_appendf(&trash, " invalid: %ld\n", pnameserver->counters.invalid);
4293 chunk_appendf(&trash, " too_big: %ld\n", pnameserver->counters.too_big);
4294 chunk_appendf(&trash, " truncated: %ld\n", pnameserver->counters.truncated);
4295 chunk_appendf(&trash, " outdated: %ld\n", pnameserver->counters.outdated);
4296 }
4297 }
4298 }
4299
4300 /* display response */
4301 if (bi_putchk(si_ic(si), &trash) == -1) {
4302 /* let's try again later from this session. We add ourselves into
4303 * this session's users so that it can remove us upon termination.
4304 */
4305 si->flags |= SI_FL_WAIT_ROOM;
4306 return 0;
4307 }
4308
4309 appctx->st2 = STAT_ST_FIN;
4310 /* fall through */
4311
4312 default:
4313 appctx->st2 = STAT_ST_FIN;
4314 return 1;
4315 }
4316}
4317
4318/* This function dumps all captured errors onto the stream interface's
4319 * read buffer. It returns 0 if the output buffer is full and it needs
4320 * to be called again, otherwise non-zero.
4321 */
4322static int stats_dump_errors_to_buffer(struct stream_interface *si)
4323{
4324 struct appctx *appctx = __objt_appctx(si->end);
4325 extern const char *monthname[12];
4326
4327 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
4328 return 1;
4329
4330 chunk_reset(&trash);
4331
4332 if (!appctx->ctx.errors.px) {
4333 /* the function had not been called yet, let's prepare the
4334 * buffer for a response.
4335 */
4336 struct tm tm;
4337
4338 get_localtime(date.tv_sec, &tm);
4339 chunk_appendf(&trash, "Total events captured on [%02d/%s/%04d:%02d:%02d:%02d.%03d] : %u\n",
4340 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
4341 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(date.tv_usec/1000),
4342 error_snapshot_id);
4343
4344 if (bi_putchk(si_ic(si), &trash) == -1) {
4345 /* Socket buffer full. Let's try again later from the same point */
4346 si_applet_cant_put(si);
4347 return 0;
4348 }
4349
4350 appctx->ctx.errors.px = proxy;
4351 appctx->ctx.errors.buf = 0;
4352 appctx->ctx.errors.bol = 0;
4353 appctx->ctx.errors.ptr = -1;
4354 }
4355
4356 /* we have two inner loops here, one for the proxy, the other one for
4357 * the buffer.
4358 */
4359 while (appctx->ctx.errors.px) {
4360 struct error_snapshot *es;
4361
4362 if (appctx->ctx.errors.buf == 0)
4363 es = &appctx->ctx.errors.px->invalid_req;
4364 else
4365 es = &appctx->ctx.errors.px->invalid_rep;
4366
4367 if (!es->when.tv_sec)
4368 goto next;
4369
4370 if (appctx->ctx.errors.iid >= 0 &&
4371 appctx->ctx.errors.px->uuid != appctx->ctx.errors.iid &&
4372 es->oe->uuid != appctx->ctx.errors.iid)
4373 goto next;
4374
4375 if (appctx->ctx.errors.ptr < 0) {
4376 /* just print headers now */
4377
4378 char pn[INET6_ADDRSTRLEN];
4379 struct tm tm;
4380 int port;
4381
4382 get_localtime(es->when.tv_sec, &tm);
4383 chunk_appendf(&trash, " \n[%02d/%s/%04d:%02d:%02d:%02d.%03d]",
4384 tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
4385 tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(es->when.tv_usec/1000));
4386
4387 switch (addr_to_str(&es->src, pn, sizeof(pn))) {
4388 case AF_INET:
4389 case AF_INET6:
4390 port = get_host_port(&es->src);
4391 break;
4392 default:
4393 port = 0;
4394 }
4395
4396 switch (appctx->ctx.errors.buf) {
4397 case 0:
4398 chunk_appendf(&trash,
4399 " frontend %s (#%d): invalid request\n"
4400 " backend %s (#%d)",
4401 appctx->ctx.errors.px->id, appctx->ctx.errors.px->uuid,
4402 (es->oe->cap & PR_CAP_BE) ? es->oe->id : "<NONE>",
4403 (es->oe->cap & PR_CAP_BE) ? es->oe->uuid : -1);
4404 break;
4405 case 1:
4406 chunk_appendf(&trash,
4407 " backend %s (#%d): invalid response\n"
4408 " frontend %s (#%d)",
4409 appctx->ctx.errors.px->id, appctx->ctx.errors.px->uuid,
4410 es->oe->id, es->oe->uuid);
4411 break;
4412 }
4413
4414 chunk_appendf(&trash,
4415 ", server %s (#%d), event #%u\n"
4416 " src %s:%d, session #%d, session flags 0x%08x\n"
4417 " HTTP msg state %d, msg flags 0x%08x, tx flags 0x%08x\n"
4418 " HTTP chunk len %lld bytes, HTTP body len %lld bytes\n"
4419 " buffer flags 0x%08x, out %d bytes, total %lld bytes\n"
4420 " pending %d bytes, wrapping at %d, error at position %d:\n \n",
4421 es->srv ? es->srv->id : "<NONE>", es->srv ? es->srv->puid : -1,
4422 es->ev_id,
4423 pn, port, es->sid, es->s_flags,
4424 es->state, es->m_flags, es->t_flags,
4425 es->m_clen, es->m_blen,
4426 es->b_flags, es->b_out, es->b_tot,
4427 es->len, es->b_wrap, es->pos);
4428
4429 if (bi_putchk(si_ic(si), &trash) == -1) {
4430 /* Socket buffer full. Let's try again later from the same point */
4431 si_applet_cant_put(si);
4432 return 0;
4433 }
4434 appctx->ctx.errors.ptr = 0;
4435 appctx->ctx.errors.sid = es->sid;
4436 }
4437
4438 if (appctx->ctx.errors.sid != es->sid) {
4439 /* the snapshot changed while we were dumping it */
4440 chunk_appendf(&trash,
4441 " WARNING! update detected on this snapshot, dump interrupted. Please re-check!\n");
4442 if (bi_putchk(si_ic(si), &trash) == -1) {
4443 si_applet_cant_put(si);
4444 return 0;
4445 }
4446 goto next;
4447 }
4448
4449 /* OK, ptr >= 0, so we have to dump the current line */
4450 while (es->buf && appctx->ctx.errors.ptr < es->len && appctx->ctx.errors.ptr < global.tune.bufsize) {
4451 int newptr;
4452 int newline;
4453
4454 newline = appctx->ctx.errors.bol;
4455 newptr = dump_text_line(&trash, es->buf, global.tune.bufsize, es->len, &newline, appctx->ctx.errors.ptr);
4456 if (newptr == appctx->ctx.errors.ptr)
4457 return 0;
4458
4459 if (bi_putchk(si_ic(si), &trash) == -1) {
4460 /* Socket buffer full. Let's try again later from the same point */
4461 si_applet_cant_put(si);
4462 return 0;
4463 }
4464 appctx->ctx.errors.ptr = newptr;
4465 appctx->ctx.errors.bol = newline;
4466 };
4467 next:
4468 appctx->ctx.errors.bol = 0;
4469 appctx->ctx.errors.ptr = -1;
4470 appctx->ctx.errors.buf++;
4471 if (appctx->ctx.errors.buf > 1) {
4472 appctx->ctx.errors.buf = 0;
4473 appctx->ctx.errors.px = appctx->ctx.errors.px->next;
4474 }
4475 }
4476
4477 /* dump complete */
4478 return 1;
4479}
4480
4481/* This function dumps all environmnent variables to the buffer. It returns 0
4482 * if the output buffer is full and it needs to be called again, otherwise
4483 * non-zero. Dumps only one entry if st2 == STAT_ST_END.
4484 */
4485static int stats_dump_env_to_buffer(struct stream_interface *si)
4486{
4487 struct appctx *appctx = __objt_appctx(si->end);
4488
4489 if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW)))
4490 return 1;
4491
4492 chunk_reset(&trash);
4493
4494 /* we have two inner loops here, one for the proxy, the other one for
4495 * the buffer.
4496 */
4497 while (*appctx->ctx.env.var) {
4498 chunk_printf(&trash, "%s\n", *appctx->ctx.env.var);
4499
4500 if (bi_putchk(si_ic(si), &trash) == -1) {
4501 si_applet_cant_put(si);
4502 return 0;
4503 }
4504 if (appctx->st2 == STAT_ST_END)
4505 break;
4506 appctx->ctx.env.var++;
4507 }
4508
4509 /* dump complete */
4510 return 1;
4511}
4512
4513/* parse the "level" argument on the bind lines */
4514static int bind_parse_level(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
4515{
4516 if (!*args[cur_arg + 1]) {
4517 memprintf(err, "'%s' : missing level", args[cur_arg]);
4518 return ERR_ALERT | ERR_FATAL;
4519 }
4520
4521 if (!strcmp(args[cur_arg+1], "user"))
4522 conf->level = ACCESS_LVL_USER;
4523 else if (!strcmp(args[cur_arg+1], "operator"))
4524 conf->level = ACCESS_LVL_OPER;
4525 else if (!strcmp(args[cur_arg+1], "admin"))
4526 conf->level = ACCESS_LVL_ADMIN;
4527 else {
4528 memprintf(err, "'%s' only supports 'user', 'operator', and 'admin' (got '%s')",
4529 args[cur_arg], args[cur_arg+1]);
4530 return ERR_ALERT | ERR_FATAL;
4531 }
4532
4533 return 0;
4534}
4535
4536static struct applet cli_applet = {
4537 .obj_type = OBJ_TYPE_APPLET,
4538 .name = "<CLI>", /* used for logging */
4539 .fct = cli_io_handler,
4540 .release = cli_release_handler,
4541};
4542
4543static struct cfg_kw_list cfg_kws = {ILH, {
4544 { CFG_GLOBAL, "stats", stats_parse_global },
4545 { 0, NULL, NULL },
4546}};
4547
4548static struct bind_kw_list bind_kws = { "STAT", { }, {
4549 { "level", bind_parse_level, 1 }, /* set the unix socket admin level */
4550 { NULL, NULL, 0 },
4551}};
4552
4553__attribute__((constructor))
4554static void __dumpstats_module_init(void)
4555{
4556 cfg_register_keywords(&cfg_kws);
4557 bind_register_keywords(&bind_kws);
4558}
4559
4560/*
4561 * Local variables:
4562 * c-indent-level: 8
4563 * c-basic-offset: 8
4564 * End:
4565 */