Blame - src/frontend.c - haproxy

blob: 73802553d21e2f05b17290bf581c9865c4c9cb11 [file] [log] [blame]

Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	1	/*
Willy Tarreau	03fa5df	2010-05-24 21:02:37 +0200	[diff] [blame]	2	* Frontend variables and functions.
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	3	*
Willy Tarreau	a73fcaf	2011-03-20 10:15:22 +0100	[diff] [blame]	4	* Copyright 2000-2011 Willy Tarreau <w@1wt.eu>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	5	*
				6	* This program is free software; you can redistribute it and/or
				7	* modify it under the terms of the GNU General Public License
				8	* as published by the Free Software Foundation; either version
				9	* 2 of the License, or (at your option) any later version.
				10	*
				11	*/
				12
				13	#include <errno.h>
				14	#include <fcntl.h>
				15	#include <stdio.h>
				16	#include <stdlib.h>
Willy Tarreau	2dd0d47	2006-06-29 17:53:05 +0200	[diff] [blame]	17	#include <string.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	18
				19	#include <sys/socket.h>
				20	#include <sys/stat.h>
				21	#include <sys/types.h>
				22
Willy Tarreau	48a7e72	2010-12-24 15:26:39 +0100	[diff] [blame]	23	#include <netinet/tcp.h>
				24
Willy Tarreau	c7e4238	2012-08-24 19:22:53 +0200	[diff] [blame]	25	#include <common/chunk.h>
Willy Tarreau	2dd0d47	2006-06-29 17:53:05 +0200	[diff] [blame]	26	#include <common/compat.h>
Willy Tarreau	e3ba5f0	2006-06-29 18:54:54 +0200	[diff] [blame]	27	#include <common/config.h>
Willy Tarreau	8b0cbf9	2010-10-15 23:23:19 +0200	[diff] [blame]	28	#include <common/debug.h>
				29	#include <common/standard.h>
Willy Tarreau	2dd0d47	2006-06-29 17:53:05 +0200	[diff] [blame]	30	#include <common/time.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	31
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	32	#include <types/global.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	33
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	34	#include <proto/acl.h>
Willy Tarreau	61612d4	2012-04-19 18:42:05 +0200	[diff] [blame]	35	#include <proto/arg.h>
Willy Tarreau	c7e4238	2012-08-24 19:22:53 +0200	[diff] [blame]	36	#include <proto/channel.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	37	#include <proto/fd.h>
Willy Tarreau	03fa5df	2010-05-24 21:02:37 +0200	[diff] [blame]	38	#include <proto/frontend.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	39	#include <proto/log.h>
Willy Tarreau	e5f20dc	2006-12-03 15:21:35 +0100	[diff] [blame]	40	#include <proto/hdr_idx.h>
Willy Tarreau	9650f37	2009-08-16 14:02:45 +0200	[diff] [blame]	41	#include <proto/proto_tcp.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	42	#include <proto/proto_http.h>
Willy Tarreau	7f062c4	2009-03-05 18:43:00 +0100	[diff] [blame]	43	#include <proto/proxy.h>
Willy Tarreau	c6ca1a0	2007-05-13 19:43:47 +0200	[diff] [blame]	44	#include <proto/session.h>
Willy Tarreau	dded32d	2008-11-30 19:48:07 +0100	[diff] [blame]	45	#include <proto/stream_interface.h>
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	46	#include <proto/task.h>
				47
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	48	/* Finish a session accept() for a proxy (TCP or HTTP). It returns a negative
Willy Tarreau	abe8ea5	2010-11-11 10:56:04 +0100	[diff] [blame]	49	* value in case of a critical failure which must cause the listener to be
				50	* disabled, a positive value in case of success, or zero if it is a success
				51	* but the session must be closed ASAP (eg: monitoring).
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	52	*/
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	53	int frontend_accept(struct session *s)
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	54	{
Willy Tarreau	fb7508a	2012-05-21 16:47:54 +0200	[diff] [blame]	55	int cfd = si_fd(&s->si[0]);
Emeric Brun	b982a3d	2010-01-04 15:45:53 +0100	[diff] [blame]	56
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	57	tv_zero(&s->logs.tv_request);
				58	s->logs.t_queue = -1;
				59	s->logs.t_connect = -1;
				60	s->logs.t_data = -1;
				61	s->logs.t_close = 0;
				62	s->logs.bytes_in = s->logs.bytes_out = 0;
				63	s->logs.prx_queue_size = 0; /* we get the number of pending conns before us */
				64	s->logs.srv_queue_size = 0; /* we will get this number soon */
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	65
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	66	/* FIXME: the logs are horribly complicated now, because they are
				67	* defined in <p>, <p>, and later <be> and <be>.
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	68	*/
William Lallemand	bddd4fd	2012-02-27 11:23:10 +0100	[diff] [blame]	69	s->do_log = sess_log;
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	70
				71	/* default error reporting function, may be changed by analysers */
				72	s->srv_error = default_srv_error;
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	73
Willy Tarreau	f67c978	2010-05-23 22:59:00 +0200	[diff] [blame]	74	/* Adjust some socket options */
Willy Tarreau	9c3bc22	2010-12-24 14:49:37 +0100	[diff] [blame]	75	if (s->listener->addr.ss_family == AF_INET \|\| s->listener->addr.ss_family == AF_INET6) {
				76	if (setsockopt(cfd, IPPROTO_TCP, TCP_NODELAY,
				77	(char *) &one, sizeof(one)) == -1)
				78	goto out_return;
Willy Tarreau	f67c978	2010-05-23 22:59:00 +0200	[diff] [blame]	79
Willy Tarreau	9c3bc22	2010-12-24 14:49:37 +0100	[diff] [blame]	80	if (s->fe->options & PR_O_TCP_CLI_KA)
				81	setsockopt(cfd, SOL_SOCKET, SO_KEEPALIVE,
				82	(char *) &one, sizeof(one));
Willy Tarreau	f67c978	2010-05-23 22:59:00 +0200	[diff] [blame]	83
Willy Tarreau	9c3bc22	2010-12-24 14:49:37 +0100	[diff] [blame]	84	if (s->fe->options & PR_O_TCP_NOLING)
				85	setsockopt(cfd, SOL_SOCKET, SO_LINGER,
				86	(struct linger *) &nolinger, sizeof(struct linger));
Willy Tarreau	48a7e72	2010-12-24 15:26:39 +0100	[diff] [blame]	87	#if defined(TCP_MAXSEG)
				88	if (s->listener->maxseg < 0) {
				89	/* we just want to reduce the current MSS by that value */
				90	int mss;
Willy Tarreau	7d286a0	2011-01-05 15:42:54 +0100	[diff] [blame]	91	socklen_t mss_len = sizeof(mss);
Willy Tarreau	48a7e72	2010-12-24 15:26:39 +0100	[diff] [blame]	92	if (getsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, &mss_len) == 0) {
				93	mss += s->listener->maxseg; /* remember, it's < 0 */
				94	setsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, sizeof(mss));
				95	}
				96	}
				97	#endif
Willy Tarreau	9c3bc22	2010-12-24 14:49:37 +0100	[diff] [blame]	98	}
Willy Tarreau	f67c978	2010-05-23 22:59:00 +0200	[diff] [blame]	99
				100	if (global.tune.client_sndbuf)
				101	setsockopt(cfd, SOL_SOCKET, SO_SNDBUF, &global.tune.client_sndbuf, sizeof(global.tune.client_sndbuf));
				102
				103	if (global.tune.client_rcvbuf)
				104	setsockopt(cfd, SOL_SOCKET, SO_RCVBUF, &global.tune.client_rcvbuf, sizeof(global.tune.client_rcvbuf));
				105
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	106	if (s->fe->mode == PR_MODE_HTTP) {
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	107	/* the captures are only used in HTTP frontends */
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	108	if (unlikely(s->fe->nb_req_cap > 0 &&
				109	(s->txn.req.cap = pool_alloc2(s->fe->req_cap_pool)) == NULL))
Willy Tarreau	abe8ea5	2010-11-11 10:56:04 +0100	[diff] [blame]	110	goto out_return; /* no memory */
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	111
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	112	if (unlikely(s->fe->nb_rsp_cap > 0 &&
				113	(s->txn.rsp.cap = pool_alloc2(s->fe->rsp_cap_pool)) == NULL))
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	114	goto out_free_reqcap; /* no memory */
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	115	}
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	116
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	117	if (s->fe->acl_requires & ACL_USE_L7_ANY) {
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	118	/* we have to allocate header indexes only if we know
				119	* that we may make use of them. This of course includes
				120	* (mode == PR_MODE_HTTP).
Willy Tarreau	042cc79	2007-03-19 16:20:06 +0100	[diff] [blame]	121	*/
Willy Tarreau	ac1932d	2011-10-24 19:14:41 +0200	[diff] [blame]	122	s->txn.hdr_idx.size = global.tune.max_http_hdr;
Willy Tarreau	45e73e3	2006-12-17 00:05:15 +0100	[diff] [blame]	123
Willy Tarreau	34eb671	2011-10-24 18:15:04 +0200	[diff] [blame]	124	if (unlikely((s->txn.hdr_idx.v = pool_alloc2(pool2_hdr_idx)) == NULL))
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	125	goto out_free_rspcap; /* no memory */
Willy Tarreau	45e73e3	2006-12-17 00:05:15 +0100	[diff] [blame]	126
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	127	/* and now initialize the HTTP transaction state */
				128	http_init_txn(s);
				129	}
Willy Tarreau	e5f20dc	2006-12-03 15:21:35 +0100	[diff] [blame]	130
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	131	if ((s->fe->mode == PR_MODE_TCP \|\| s->fe->mode == PR_MODE_HTTP)
William Lallemand	0f99e34	2011-10-12 17:50:54 +0200	[diff] [blame]	132	&& (!LIST_ISEMPTY(&s->fe->logsrvs))) {
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	133	if (likely(s->fe->to_log)) {
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	134	/* we have the client ip */
				135	if (s->logs.logwait & LW_CLIP)
				136	if (!(s->logs.logwait &= ~LW_CLIP))
				137	s->do_log(s);
Willy Tarreau	a3445fc	2010-05-20 16:17:07 +0200	[diff] [blame]	138	}
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	139	else {
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	140	char pn[INET6_ADDRSTRLEN], sn[INET6_ADDRSTRLEN];
Willy Tarreau	14c8aac	2007-05-08 19:46:30 +0200	[diff] [blame]	141
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	142	conn_get_from_addr(&s->req->prod->conn);
				143	conn_get_to_addr(&s->req->prod->conn);
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	144
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	145	switch (addr_to_str(&s->req->prod->conn.addr.from, pn, sizeof(pn))) {
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	146	case AF_INET:
				147	case AF_INET6:
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	148	addr_to_str(&s->req->prod->conn.addr.to, sn, sizeof(sn));
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	149	send_log(s->fe, LOG_INFO, "Connect from %s:%d to %s:%d (%s/%s)\n",
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	150	pn, get_host_port(&s->req->prod->conn.addr.from),
				151	sn, get_host_port(&s->req->prod->conn.addr.to),
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	152	s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	153	break;
				154	case AF_UNIX:
				155	/* UNIX socket, only the destination is known */
				156	send_log(s->fe, LOG_INFO, "Connect to unix:%d (%s/%s)\n",
				157	s->listener->luid,
				158	s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
				159	break;
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	160	}
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	161	}
				162	}
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	163
Willy Tarreau	2281b7f	2010-05-28 19:29:49 +0200	[diff] [blame]	164	if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) \|\| (global.mode & MODE_VERBOSE)))) {
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	165	char pn[INET6_ADDRSTRLEN];
Willy Tarreau	b0f7532	2011-09-09 11:21:06 +0200	[diff] [blame]	166	int len = 0;
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	167
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	168	conn_get_from_addr(&s->req->prod->conn);
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	169
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	170	switch (addr_to_str(&s->req->prod->conn.addr.from, pn, sizeof(pn))) {
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	171	case AF_INET:
				172	case AF_INET6:
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	173	len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [%s:%d]\n",
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	174	s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
Willy Tarreau	986a9d2	2012-08-30 21:11:38 +0200	[diff] [blame]	175	pn, get_host_port(&s->req->prod->conn.addr.from));
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	176	break;
				177	case AF_UNIX:
				178	/* UNIX socket, only the destination is known */
Emeric Brun	ab844ea	2010-10-22 16:33:18 +0200	[diff] [blame]	179	len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [unix:%d]\n",
				180	s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
				181	s->listener->luid);
Willy Tarreau	631f01c	2011-09-05 00:36:48 +0200	[diff] [blame]	182	break;
Emeric Brun	ab844ea	2010-10-22 16:33:18 +0200	[diff] [blame]	183	}
Willy Tarreau	9a2d154	2008-08-30 12:31:07 +0200	[diff] [blame]	184
Willy Tarreau	2133782	2012-04-29 14:11:38 +0200	[diff] [blame]	185	if (write(1, trash, len) < 0) /* shut gcc warning */;
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	186	}
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	187
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	188	if (s->fe->mode == PR_MODE_HTTP)
Willy Tarreau	03cdb7c	2012-08-27 23:14:58 +0200	[diff] [blame]	189	s->req->flags \|= CF_READ_DONTWAIT; /* one read is usually enough */
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	190
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	191	/* note: this should not happen anymore since there's always at least the switching rules */
				192	if (!s->req->analysers) {
Willy Tarreau	8263d2b	2012-08-28 00:06:31 +0200	[diff] [blame]	193	channel_auto_connect(s->req); /* don't wait to establish connection */
				194	channel_auto_close(s->req); /* let the producer forward close requests */
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	195	}
Willy Tarreau	d797128	2006-07-29 18:36:34 +0200	[diff] [blame]	196
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	197	s->req->rto = s->fe->timeout.client;
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	198	s->rep->wto = s->fe->timeout.client;
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	199
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	200	fdtab[cfd].flags = FD_FL_TCP \| FD_FL_TCP_NODELAY;
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	201	if (s->fe->options & PR_O_TCP_NOLING)
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	202	fdtab[cfd].flags \|= FD_FL_TCP_NOLING;
Willy Tarreau	6e6fb2b	2009-08-16 18:20:44 +0200	[diff] [blame]	203
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	204	if (unlikely((s->fe->mode == PR_MODE_HTTP && (s->flags & SN_MONITOR)) \|\|
Willy Tarreau	1620ec3	2011-08-06 17:05:02 +0200	[diff] [blame]	205	(s->fe->mode == PR_MODE_HEALTH && ((s->fe->options2 & PR_O2_CHK_ANY) == PR_O2_HTTP_CHK)))) {
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	206	/* Either we got a request from a monitoring system on an HTTP instance,
				207	* or we're in health check mode with the 'httpchk' option enabled. In
				208	* both cases, we return a fake "HTTP/1.0 200 OK" response and we exit.
				209	*/
				210	struct chunk msg;
				211	chunk_initstr(&msg, "HTTP/1.0 200 OK\r\n\r\n");
				212	stream_int_retnclose(&s->si[0], &msg); /* forge a 200 response */
				213	s->req->analysers = 0;
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	214	s->task->expire = s->rep->wex;
Willy Tarreau	49b046d	2012-08-09 12:11:58 +0200	[diff] [blame]	215	fd_stop_recv(cfd);
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	216	}
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	217	else if (unlikely(s->fe->mode == PR_MODE_HEALTH)) { /* health check mode, no client reading */
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	218	struct chunk msg;
				219	chunk_initstr(&msg, "OK\n");
				220	stream_int_retnclose(&s->si[0], &msg); /* forge an "OK" response */
				221	s->req->analysers = 0;
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	222	s->task->expire = s->rep->wex;
Willy Tarreau	49b046d	2012-08-09 12:11:58 +0200	[diff] [blame]	223	fd_stop_recv(cfd);
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	224	}
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	225	/* everything's OK, let's go on */
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	226	return 1;
Willy Tarreau	8ced9a4	2007-11-04 17:51:50 +0100	[diff] [blame]	227
				228	/* Error unrolling */
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	229	out_free_rspcap:
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	230	pool_free2(s->fe->rsp_cap_pool, s->txn.rsp.cap);
Willy Tarreau	35a0994	2010-06-01 17:12:40 +0200	[diff] [blame]	231	out_free_reqcap:
Willy Tarreau	81f9aa3	2010-06-01 17:45:26 +0200	[diff] [blame]	232	pool_free2(s->fe->req_cap_pool, s->txn.req.cap);
Willy Tarreau	abe8ea5	2010-11-11 10:56:04 +0100	[diff] [blame]	233	out_return:
Willy Tarreau	eb47268	2010-05-28 18:46:57 +0200	[diff] [blame]	234	return -1;
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	235	}
				236
Willy Tarreau	22cda21	2012-08-31 17:43:29 +0200	[diff] [blame]	237	/* This handshake handler waits a PROXY protocol header at the beginning of the
				238	* raw data stream. The header looks like this :
				239	*
				240	* "PROXY" <SP> PROTO <SP> SRC3 <SP> DST3 <SP> SRC4 <SP> <DST4> "\r\n"
				241	*
				242	* There must be exactly one space between each field. Fields are :
				243	* - PROTO : layer 4 protocol, which must be "TCP4" or "TCP6".
				244	* - SRC3 : layer 3 (eg: IP) source address in standard text form
				245	* - DST3 : layer 3 (eg: IP) destination address in standard text form
				246	* - SRC4 : layer 4 (eg: TCP port) source address in standard text form
				247	* - DST4 : layer 4 (eg: TCP port) destination address in standard text form
				248	*
				249	* This line MUST be at the beginning of the buffer and MUST NOT wrap.
				250	*
				251	* The header line is small and in all cases smaller than the smallest normal
				252	* TCP MSS. So it MUST always be delivered as one segment, which ensures we
				253	* can safely use MSG_PEEK and avoid buffering.
				254	*
				255	* Once the data is fetched, the values are set in the connection's address
				256	* fields, and data are removed from the socket's buffer. The function returns
				257	* zero if it needs to wait for more data or if it fails, or 1 if it completed
				258	* and removed itself.
				259	*/
				260	int conn_recv_proxy(struct connection *conn, int flag)
				261	{
				262	char line, end;
				263	int len;
				264
				265	/* we might have been called just after an asynchronous shutr */
				266	if (conn->flags & CO_FL_SOCK_RD_SH)
				267	goto fail;
				268
				269	do {
				270	len = recv(conn->t.sock.fd, trash, trashlen, MSG_PEEK);
				271	if (len < 0) {
				272	if (errno == EINTR)
				273	continue;
				274	if (errno == EAGAIN) {
				275	conn_sock_poll_recv(conn);
				276	return 0;
				277	}
				278	goto fail;
				279	}
				280	} while (0);
				281
				282	if (len < 6)
				283	goto missing;
				284
				285	line = trash;
				286	end = trash + len;
				287
				288	/* Decode a possible proxy request, fail early if it does not match */
				289	if (strncmp(line, "PROXY ", 6) != 0)
				290	goto fail;
				291
				292	line += 6;
				293	if (len < 18) /* shortest possible line */
				294	goto missing;
				295
				296	if (!memcmp(line, "TCP4 ", 5) != 0) {
				297	u32 src3, dst3, sport, dport;
				298
				299	line += 5;
				300
				301	src3 = inetaddr_host_lim_ret(line, end, &line);
				302	if (line == end)
				303	goto missing;
				304	if (*line++ != ' ')
				305	goto fail;
				306
				307	dst3 = inetaddr_host_lim_ret(line, end, &line);
				308	if (line == end)
				309	goto missing;
				310	if (*line++ != ' ')
				311	goto fail;
				312
				313	sport = read_uint((const char **)&line, end);
				314	if (line == end)
				315	goto missing;
				316	if (*line++ != ' ')
				317	goto fail;
				318
				319	dport = read_uint((const char **)&line, end);
				320	if (line > end - 2)
				321	goto missing;
				322	if (*line++ != '\r')
				323	goto fail;
				324	if (*line++ != '\n')
				325	goto fail;
				326
				327	/* update the session's addresses and mark them set */
				328	((struct sockaddr_in *)&conn->addr.from)->sin_family = AF_INET;
				329	((struct sockaddr_in *)&conn->addr.from)->sin_addr.s_addr = htonl(src3);
				330	((struct sockaddr_in *)&conn->addr.from)->sin_port = htons(sport);
				331
				332	((struct sockaddr_in *)&conn->addr.to)->sin_family = AF_INET;
				333	((struct sockaddr_in *)&conn->addr.to)->sin_addr.s_addr = htonl(dst3);
				334	((struct sockaddr_in *)&conn->addr.to)->sin_port = htons(dport);
				335	conn->flags \|= CO_FL_ADDR_FROM_SET \| CO_FL_ADDR_TO_SET;
				336	}
				337	else if (!memcmp(line, "TCP6 ", 5) != 0) {
				338	u32 sport, dport;
				339	char *src_s;
				340	char dst_s, sport_s, *dport_s;
				341	struct in6_addr src3, dst3;
				342
				343	line += 5;
				344
				345	src_s = line;
				346	dst_s = sport_s = dport_s = NULL;
				347	while (1) {
				348	if (line > end - 2) {
				349	goto missing;
				350	}
				351	else if (*line == '\r') {
				352	*line = 0;
				353	line++;
				354	if (*line++ != '\n')
				355	goto fail;
				356	break;
				357	}
				358
				359	if (*line == ' ') {
				360	*line = 0;
				361	if (!dst_s)
				362	dst_s = line + 1;
				363	else if (!sport_s)
				364	sport_s = line + 1;
				365	else if (!dport_s)
				366	dport_s = line + 1;
				367	}
				368	line++;
				369	}
				370
				371	if (!dst_s \|\| !sport_s \|\| !dport_s)
				372	goto fail;
				373
				374	sport = read_uint((const char **)&sport_s,dport_s - 1);
				375	if (*sport_s != 0)
				376	goto fail;
				377
				378	dport = read_uint((const char **)&dport_s,line - 2);
				379	if (*dport_s != 0)
				380	goto fail;
				381
				382	if (inet_pton(AF_INET6, src_s, (void *)&src3) != 1)
				383	goto fail;
				384
				385	if (inet_pton(AF_INET6, dst_s, (void *)&dst3) != 1)
				386	goto fail;
				387
				388	/* update the session's addresses and mark them set */
				389	((struct sockaddr_in6 *)&conn->addr.from)->sin6_family = AF_INET6;
				390	memcpy(&((struct sockaddr_in6 *)&conn->addr.from)->sin6_addr, &src3, sizeof(struct in6_addr));
				391	((struct sockaddr_in6 *)&conn->addr.from)->sin6_port = htons(sport);
				392
				393	((struct sockaddr_in6 *)&conn->addr.to)->sin6_family = AF_INET6;
				394	memcpy(&((struct sockaddr_in6 *)&conn->addr.to)->sin6_addr, &dst3, sizeof(struct in6_addr));
				395	((struct sockaddr_in6 *)&conn->addr.to)->sin6_port = htons(dport);
				396	conn->flags \|= CO_FL_ADDR_FROM_SET \| CO_FL_ADDR_TO_SET;
				397	}
				398	else {
				399	goto fail;
				400	}
				401
				402	/* remove the PROXY line from the request. For this we re-read the
				403	* exact line at once. If we don't get the exact same result, we
				404	* fail.
				405	*/
				406	len = line - trash;
				407	do {
				408	int len2 = recv(conn->t.sock.fd, trash, len, 0);
				409	if (len2 < 0 && errno == EINTR)
				410	continue;
				411	if (len2 != len)
				412	goto fail;
				413	} while (0);
				414
				415	conn->flags &= ~flag;
				416	return 1;
				417
				418	missing:
				419	/* Missing data. Since we're using MSG_PEEK, we can only poll again if
				420	* we have not read anything. Otherwise we need to fail because we won't
				421	* be able to poll anymore.
				422	*/
				423	fail:
				424	conn_sock_stop_both(conn);
				425	conn->flags \|= CO_FL_ERROR;
				426	conn->flags &= ~flag;
				427	return 0;
				428	}
				429
Willy Tarreau	a73fcaf	2011-03-20 10:15:22 +0100	[diff] [blame]	430	/* Makes a PROXY protocol line from the two addresses. The output is sent to
				431	* buffer <buf> for a maximum size of <buf_len> (including the trailing zero).
				432	* It returns the number of bytes composing this line (including the trailing
				433	* LF), or zero in case of failure (eg: not enough space). It supports TCP4,
				434	* TCP6 and "UNKNOWN" formats.
				435	*/
				436	int make_proxy_line(char buf, int buf_len, struct sockaddr_storage src, struct sockaddr_storage *dst)
				437	{
				438	int ret = 0;
				439
				440	if (src->ss_family == dst->ss_family && src->ss_family == AF_INET) {
				441	ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP4 ");
				442	if (ret >= buf_len)
				443	return 0;
				444
				445	/* IPv4 src */
				446	if (!inet_ntop(src->ss_family, &((struct sockaddr_in *)src)->sin_addr, buf + ret, buf_len - ret))
				447	return 0;
				448
				449	ret += strlen(buf + ret);
				450	if (ret >= buf_len)
				451	return 0;
				452
				453	buf[ret++] = ' ';
				454
				455	/* IPv4 dst */
				456	if (!inet_ntop(dst->ss_family, &((struct sockaddr_in *)dst)->sin_addr, buf + ret, buf_len - ret))
				457	return 0;
				458
				459	ret += strlen(buf + ret);
				460	if (ret >= buf_len)
				461	return 0;
				462
				463	/* source and destination ports */
				464	ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
				465	ntohs(((struct sockaddr_in *)src)->sin_port),
				466	ntohs(((struct sockaddr_in *)dst)->sin_port));
				467	if (ret >= buf_len)
				468	return 0;
				469	}
				470	else if (src->ss_family == dst->ss_family && src->ss_family == AF_INET6) {
				471	ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP6 ");
				472	if (ret >= buf_len)
				473	return 0;
				474
				475	/* IPv6 src */
				476	if (!inet_ntop(src->ss_family, &((struct sockaddr_in6 *)src)->sin6_addr, buf + ret, buf_len - ret))
				477	return 0;
				478
				479	ret += strlen(buf + ret);
				480	if (ret >= buf_len)
				481	return 0;
				482
				483	buf[ret++] = ' ';
				484
				485	/* IPv6 dst */
				486	if (!inet_ntop(dst->ss_family, &((struct sockaddr_in6 *)dst)->sin6_addr, buf + ret, buf_len - ret))
				487	return 0;
				488
				489	ret += strlen(buf + ret);
				490	if (ret >= buf_len)
				491	return 0;
				492
				493	/* source and destination ports */
				494	ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
				495	ntohs(((struct sockaddr_in6 *)src)->sin6_port),
				496	ntohs(((struct sockaddr_in6 *)dst)->sin6_port));
				497	if (ret >= buf_len)
				498	return 0;
				499	}
				500	else {
				501	/* unknown family combination */
				502	ret = snprintf(buf, buf_len, "PROXY UNKNOWN\r\n");
				503	if (ret >= buf_len)
				504	return 0;
				505	}
				506	return ret;
				507	}
				508
Willy Tarreau	a5e3756	2011-12-16 17:06:15 +0100	[diff] [blame]	509	/* set temp integer to the id of the frontend */
Willy Tarreau	d41f8d8	2007-06-10 10:06:18 +0200	[diff] [blame]	510	static int
Willy Tarreau	32a6f2e	2012-04-25 10:13:36 +0200	[diff] [blame]	511	acl_fetch_fe_id(struct proxy px, struct session l4, void *l7, unsigned int opt,
Willy Tarreau	24e32d8	2012-04-23 23:55:44 +0200	[diff] [blame]	512	const struct arg args, struct sample smp)
Willy Tarreau	3740635	2012-04-23 16:16:37 +0200	[diff] [blame]	513	{
Willy Tarreau	f853c46	2012-04-23 18:53:56 +0200	[diff] [blame]	514	smp->flags = SMP_F_VOL_SESS;
				515	smp->type = SMP_T_UINT;
				516	smp->data.uint = l4->fe->uuid;
Emeric Brun	5d16eda	2010-01-04 15:47:45 +0100	[diff] [blame]	517	return 1;
				518	}
				519
Willy Tarreau	34db108	2012-04-19 17:16:54 +0200	[diff] [blame]	520	/* set temp integer to the number of connections per second reaching the frontend.
Willy Tarreau	0146c2e	2012-04-20 11:37:56 +0200	[diff] [blame]	521	* Accepts exactly 1 argument. Argument is a frontend, other types will cause
Willy Tarreau	34db108	2012-04-19 17:16:54 +0200	[diff] [blame]	522	* an undefined behaviour.
				523	*/
Willy Tarreau	d41f8d8	2007-06-10 10:06:18 +0200	[diff] [blame]	524	static int
Willy Tarreau	32a6f2e	2012-04-25 10:13:36 +0200	[diff] [blame]	525	acl_fetch_fe_sess_rate(struct proxy px, struct session l4, void *l7, unsigned int opt,
Willy Tarreau	24e32d8	2012-04-23 23:55:44 +0200	[diff] [blame]	526	const struct arg args, struct sample smp)
Willy Tarreau	662b2d8	2007-05-08 19:56:15 +0200	[diff] [blame]	527	{
Willy Tarreau	3740635	2012-04-23 16:16:37 +0200	[diff] [blame]	528	smp->flags = SMP_F_VOL_TEST;
Willy Tarreau	f853c46	2012-04-23 18:53:56 +0200	[diff] [blame]	529	smp->type = SMP_T_UINT;
Willy Tarreau	24e32d8	2012-04-23 23:55:44 +0200	[diff] [blame]	530	smp->data.uint = read_freq_ctr(&args->data.prx->fe_sess_per_sec);
Emeric Brun	5d16eda	2010-01-04 15:47:45 +0100	[diff] [blame]	531	return 1;
				532	}
Alexandre Cassen	5eb1a90	2007-11-29 15:43:32 +0100	[diff] [blame]	533
Willy Tarreau	34db108	2012-04-19 17:16:54 +0200	[diff] [blame]	534	/* set temp integer to the number of concurrent connections on the frontend
Willy Tarreau	0146c2e	2012-04-20 11:37:56 +0200	[diff] [blame]	535	* Accepts exactly 1 argument. Argument is a frontend, other types will cause
Willy Tarreau	34db108	2012-04-19 17:16:54 +0200	[diff] [blame]	536	* an undefined behaviour.
				537	*/
Willy Tarreau	d41f8d8	2007-06-10 10:06:18 +0200	[diff] [blame]	538	static int
Willy Tarreau	32a6f2e	2012-04-25 10:13:36 +0200	[diff] [blame]	539	acl_fetch_fe_conn(struct proxy px, struct session l4, void *l7, unsigned int opt,
Willy Tarreau	24e32d8	2012-04-23 23:55:44 +0200	[diff] [blame]	540	const struct arg args, struct sample smp)
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	541	{
Willy Tarreau	3740635	2012-04-23 16:16:37 +0200	[diff] [blame]	542	smp->flags = SMP_F_VOL_TEST;
Willy Tarreau	f853c46	2012-04-23 18:53:56 +0200	[diff] [blame]	543	smp->type = SMP_T_UINT;
Willy Tarreau	24e32d8	2012-04-23 23:55:44 +0200	[diff] [blame]	544	smp->data.uint = args->data.prx->feconn;
Krzysztof Piotr Oledzki	346f76d	2010-01-12 21:59:30 +0100	[diff] [blame]	545	return 1;
				546	}
				547
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	548
Willy Tarreau	61612d4	2012-04-19 18:42:05 +0200	[diff] [blame]	549	/* Note: must not be declared <const> as its list will be overwritten.
				550	* Please take care of keeping this list alphabetically sorted.
				551	*/
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	552	static struct acl_kw_list acl_kws = {{ },{
Willy Tarreau	fc2c1fd	2012-04-19 23:35:54 +0200	[diff] [blame]	553	{ "fe_conn", acl_parse_int, acl_fetch_fe_conn, acl_match_int, ACL_USE_NOTHING, ARG1(1,FE) },
Willy Tarreau	61612d4	2012-04-19 18:42:05 +0200	[diff] [blame]	554	{ "fe_id", acl_parse_int, acl_fetch_fe_id, acl_match_int, ACL_USE_NOTHING, 0 },
Willy Tarreau	fc2c1fd	2012-04-19 23:35:54 +0200	[diff] [blame]	555	{ "fe_sess_rate", acl_parse_int, acl_fetch_fe_sess_rate, acl_match_int, ACL_USE_NOTHING, ARG1(1,FE) },
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	556	{ NULL, NULL, NULL, NULL },
				557	}};
				558
				559
				560	__attribute__((constructor))
Willy Tarreau	03fa5df	2010-05-24 21:02:37 +0200	[diff] [blame]	561	static void __frontend_init(void)
Willy Tarreau	8797c06	2007-05-07 00:55:35 +0200	[diff] [blame]	562	{
				563	acl_register_keywords(&acl_kws);
				564	}
				565
				566
Willy Tarreau	baaee00	2006-06-26 02:48:02 +0200	[diff] [blame]	567	/*
				568	* Local variables:
				569	* c-indent-level: 8
				570	* c-basic-offset: 8
				571	* End:
				572	*/