2006-06-26 00:48:02 +00:00
|
|
|
/*
|
2012-08-24 17:22:53 +00:00
|
|
|
* include/proto/channel.h
|
|
|
|
* Channel management definitions, macros and inline functions.
|
2009-12-13 14:53:05 +00:00
|
|
|
*
|
2014-11-27 21:10:04 +00:00
|
|
|
* Copyright (C) 2000-2014 Willy Tarreau - w@1wt.eu
|
2009-12-13 14:53:05 +00:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation, version 2.1
|
|
|
|
* exclusively.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
*/
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-24 17:22:53 +00:00
|
|
|
#ifndef _PROTO_CHANNEL_H
|
|
|
|
#define _PROTO_CHANNEL_H
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2007-05-13 17:56:02 +00:00
|
|
|
#include <stdio.h>
|
2006-12-23 19:51:41 +00:00
|
|
|
#include <stdlib.h>
|
2007-05-13 17:56:02 +00:00
|
|
|
#include <string.h>
|
2006-12-23 19:51:41 +00:00
|
|
|
|
2006-06-29 16:54:54 +00:00
|
|
|
#include <common/config.h>
|
2012-08-24 17:22:53 +00:00
|
|
|
#include <common/chunk.h>
|
2008-07-06 22:09:58 +00:00
|
|
|
#include <common/ticks.h>
|
2007-06-03 13:59:52 +00:00
|
|
|
#include <common/time.h>
|
|
|
|
|
2014-12-16 14:41:18 +00:00
|
|
|
#include <types/channel.h>
|
2009-12-13 14:53:05 +00:00
|
|
|
#include <types/global.h>
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
#include <types/stream.h>
|
2014-11-28 13:10:28 +00:00
|
|
|
#include <types/stream_interface.h>
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2007-05-13 17:56:02 +00:00
|
|
|
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
|
2012-08-27 22:06:31 +00:00
|
|
|
int init_channel();
|
2007-05-13 17:56:02 +00:00
|
|
|
|
2012-10-25 22:21:52 +00:00
|
|
|
unsigned long long __channel_forward(struct channel *chn, unsigned long long bytes);
|
2012-08-27 22:06:31 +00:00
|
|
|
|
|
|
|
/* SI-to-channel functions working with buffers */
|
2012-10-12 21:11:02 +00:00
|
|
|
int bi_putblk(struct channel *chn, const char *str, int len);
|
2014-12-08 17:14:53 +00:00
|
|
|
struct buffer *bi_swpbuf(struct channel *chn, struct buffer *buf);
|
2012-10-12 21:11:02 +00:00
|
|
|
int bi_putchr(struct channel *chn, char c);
|
2015-02-16 18:26:48 +00:00
|
|
|
int bi_getline_nc(struct channel *chn, char **blk1, int *len1, char **blk2, int *len2);
|
|
|
|
int bi_getblk_nc(struct channel *chn, char **blk1, int *len1, char **blk2, int *len2);
|
2012-10-12 21:11:02 +00:00
|
|
|
int bo_inject(struct channel *chn, const char *msg, int len);
|
|
|
|
int bo_getline(struct channel *chn, char *str, int len);
|
|
|
|
int bo_getblk(struct channel *chn, char *blk, int len, int offset);
|
2015-02-16 18:26:48 +00:00
|
|
|
int bo_getline_nc(struct channel *chn, char **blk1, int *len1, char **blk2, int *len2);
|
|
|
|
int bo_getblk_nc(struct channel *chn, char **blk1, int *len1, char **blk2, int *len2);
|
|
|
|
|
2010-09-08 15:04:31 +00:00
|
|
|
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
/* returns a pointer to the stream the channel belongs to */
|
2015-09-25 06:36:11 +00:00
|
|
|
static inline struct stream *chn_strm(const struct channel *chn)
|
2014-12-28 12:03:53 +00:00
|
|
|
{
|
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return LIST_ELEM(chn, struct stream *, res);
|
2014-12-28 12:03:53 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return LIST_ELEM(chn, struct stream *, req);
|
2014-12-28 12:03:53 +00:00
|
|
|
}
|
|
|
|
|
2014-11-28 13:10:28 +00:00
|
|
|
/* returns a pointer to the stream interface feeding the channel (producer) */
|
|
|
|
static inline struct stream_interface *chn_prod(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:22:12 +00:00
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, res)->si[1];
|
2014-11-28 13:22:12 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, req)->si[0];
|
2014-11-28 13:10:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* returns a pointer to the stream interface consuming the channel (producer) */
|
|
|
|
static inline struct stream_interface *chn_cons(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:22:12 +00:00
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, res)->si[0];
|
2014-11-28 13:22:12 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, req)->si[1];
|
2014-11-28 13:10:28 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Initialize all fields in the channel. */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_init(struct channel *chn)
|
2006-07-29 14:59:06 +00:00
|
|
|
{
|
2014-11-24 10:39:34 +00:00
|
|
|
chn->buf = &buf_empty;
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2014-02-09 16:45:16 +00:00
|
|
|
chn->last_read = now_ms;
|
2014-02-09 07:31:49 +00:00
|
|
|
chn->xfer_small = chn->xfer_large = 0;
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->total = 0;
|
|
|
|
chn->pipe = NULL;
|
|
|
|
chn->analysers = 0;
|
|
|
|
chn->flags = 0;
|
2009-12-13 14:53:05 +00:00
|
|
|
}
|
|
|
|
|
2012-10-25 22:21:52 +00:00
|
|
|
/* Schedule up to <bytes> more bytes to be forwarded via the channel without
|
|
|
|
* notifying the owner task. Any data pending in the buffer are scheduled to be
|
|
|
|
* sent as well, in the limit of the number of bytes to forward. This must be
|
|
|
|
* the only method to use to schedule bytes to be forwarded. If the requested
|
|
|
|
* number is too large, it is automatically adjusted. The number of bytes taken
|
|
|
|
* into account is returned. Directly touching ->to_forward will cause lockups
|
|
|
|
* when buf->o goes down to zero if nobody is ready to push the remaining data.
|
|
|
|
*/
|
|
|
|
static inline unsigned long long channel_forward(struct channel *chn, unsigned long long bytes)
|
|
|
|
{
|
|
|
|
/* hint: avoid comparisons on long long for the fast case, since if the
|
|
|
|
* length does not fit in an unsigned it, it will never be forwarded at
|
|
|
|
* once anyway.
|
|
|
|
*/
|
|
|
|
if (bytes <= ~0U) {
|
|
|
|
unsigned int bytes32 = bytes;
|
|
|
|
|
|
|
|
if (bytes32 <= chn->buf->i) {
|
|
|
|
/* OK this amount of bytes might be forwarded at once */
|
|
|
|
b_adv(chn->buf, bytes32);
|
|
|
|
return bytes;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return __channel_forward(chn, bytes);
|
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/*********************************************************************/
|
|
|
|
/* These functions are used to compute various channel content sizes */
|
|
|
|
/*********************************************************************/
|
2011-11-25 19:33:58 +00:00
|
|
|
|
2012-08-24 20:40:29 +00:00
|
|
|
/* Reports non-zero if the channel is empty, which means both its
|
|
|
|
* buffer and pipe are empty. The construct looks strange but is
|
|
|
|
* jump-less and much more efficient on both 32 and 64-bit than
|
|
|
|
* the boolean test.
|
|
|
|
*/
|
|
|
|
static inline unsigned int channel_is_empty(struct channel *c)
|
|
|
|
{
|
2012-10-12 21:49:43 +00:00
|
|
|
return !(c->buf->o | (long)c->pipe);
|
2012-08-24 20:40:29 +00:00
|
|
|
}
|
|
|
|
|
2015-01-13 13:39:16 +00:00
|
|
|
/* Returns non-zero if the channel is rewritable, which means that the buffer
|
|
|
|
* it is attached to has at least <maxrewrite> bytes immediately available.
|
|
|
|
* This is used to decide when a request or response may be parsed when some
|
|
|
|
* data from a previous exchange might still be present.
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
*/
|
2015-01-13 13:39:16 +00:00
|
|
|
static inline int channel_is_rewritable(const struct channel *chn)
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
{
|
|
|
|
int rem = chn->buf->size;
|
|
|
|
|
|
|
|
rem -= chn->buf->o;
|
|
|
|
rem -= chn->buf->i;
|
|
|
|
rem -= global.tune.maxrewrite;
|
|
|
|
return rem >= 0;
|
|
|
|
}
|
|
|
|
|
2016-05-02 14:05:10 +00:00
|
|
|
/* Returns non-zero if the channel is congested with data in transit waiting
|
|
|
|
* for leaving, indicating to the caller that it should wait for the reserve to
|
|
|
|
* be released before starting to process new data in case it needs the ability
|
|
|
|
* to append data. This is meant to be used while waiting for a clean response
|
|
|
|
* buffer before processing a request.
|
|
|
|
*/
|
|
|
|
static inline int channel_congested(const struct channel *chn)
|
|
|
|
{
|
|
|
|
if (!chn->buf->o)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (!channel_is_rewritable(chn))
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
if (chn->buf->p + chn->buf->i >
|
|
|
|
chn->buf->data + chn->buf->size - global.tune.maxrewrite)
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2015-01-14 15:08:45 +00:00
|
|
|
/* Tells whether data are likely to leave the buffer. This is used to know when
|
|
|
|
* we can safely ignore the reserve since we know we cannot retry a connection.
|
|
|
|
* It returns zero if data are blocked, non-zero otherwise.
|
|
|
|
*/
|
|
|
|
static inline int channel_may_send(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:10:28 +00:00
|
|
|
return chn_cons(chn)->state == SI_ST_EST;
|
2015-01-14 15:08:45 +00:00
|
|
|
}
|
|
|
|
|
2015-01-13 19:20:10 +00:00
|
|
|
/* Returns non-zero if the channel can still receive data. This is used to
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
* decide when to stop reading into a buffer when we want to ensure that we
|
|
|
|
* leave the reserve untouched after all pending outgoing data are forwarded.
|
|
|
|
* The reserved space is taken into account if ->to_forward indicates that an
|
|
|
|
* end of transfer is close to happen. Note that both ->buf->o and ->to_forward
|
|
|
|
* are considered as available since they're supposed to leave the buffer. The
|
|
|
|
* test is optimized to avoid as many operations as possible for the fast case
|
2016-04-20 18:09:22 +00:00
|
|
|
* and to be used as an "if" condition. Just like channel_recv_limit(), we
|
|
|
|
* never allow to overwrite the reserve until the output stream interface is
|
|
|
|
* connected, otherwise we could spin on a POST with http-send-name-header.
|
2011-11-25 19:33:58 +00:00
|
|
|
*/
|
2015-01-13 19:20:10 +00:00
|
|
|
static inline int channel_may_recv(const struct channel *chn)
|
2011-11-25 19:33:58 +00:00
|
|
|
{
|
2012-10-12 21:49:43 +00:00
|
|
|
int rem = chn->buf->size;
|
2012-05-07 09:56:55 +00:00
|
|
|
|
2014-11-28 19:54:13 +00:00
|
|
|
if (chn->buf == &buf_empty)
|
2015-01-13 19:20:10 +00:00
|
|
|
return 1;
|
2014-11-28 19:54:13 +00:00
|
|
|
|
2012-10-12 21:49:43 +00:00
|
|
|
rem -= chn->buf->o;
|
|
|
|
rem -= chn->buf->i;
|
2012-05-07 09:56:55 +00:00
|
|
|
if (!rem)
|
2015-01-13 19:20:10 +00:00
|
|
|
return 0; /* buffer already full */
|
2012-05-07 09:56:55 +00:00
|
|
|
|
2016-04-21 10:12:45 +00:00
|
|
|
if (rem > global.tune.maxrewrite)
|
|
|
|
return 1; /* reserve not yet reached */
|
|
|
|
|
|
|
|
if (!channel_may_send(chn))
|
|
|
|
return 0; /* don't touch reserve until we can send */
|
|
|
|
|
|
|
|
/* Now we know there's some room left in the reserve and we may
|
|
|
|
* forward. As long as i-to_fwd < size-maxrw, we may still
|
|
|
|
* receive. This is equivalent to i+maxrw-size < to_fwd,
|
|
|
|
* which is logical since i+maxrw-size is what overlaps with
|
|
|
|
* the reserve, and we want to ensure they're covered by scheduled
|
|
|
|
* forwards.
|
2015-01-13 18:07:23 +00:00
|
|
|
*/
|
2016-04-21 10:12:45 +00:00
|
|
|
rem = chn->buf->i + global.tune.maxrewrite - chn->buf->size;
|
|
|
|
return rem < 0 || (unsigned int)rem < chn->to_forward;
|
2012-05-07 09:56:55 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Returns true if the channel's input is already closed */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int channel_input_closed(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
return ((chn->flags & CF_SHUTR) != 0);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Returns true if the channel's output is already closed */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int channel_output_closed(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
return ((chn->flags & CF_SHUTW) != 0);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Check channel timeouts, and set the corresponding flags. The likely/unlikely
|
|
|
|
* have been optimized for fastest normal path. The read/write timeouts are not
|
|
|
|
* set if there was activity on the channel. That way, we don't have to update
|
|
|
|
* the timeout on every I/O. Note that the analyser timeout is always checked.
|
2008-09-04 07:14:08 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_check_timeouts(struct channel *chn)
|
2008-09-04 07:14:08 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
if (likely(!(chn->flags & (CF_SHUTR|CF_READ_TIMEOUT|CF_READ_ACTIVITY|CF_READ_NOEXP))) &&
|
|
|
|
unlikely(tick_is_expired(chn->rex, now_ms)))
|
|
|
|
chn->flags |= CF_READ_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
if (likely(!(chn->flags & (CF_SHUTW|CF_WRITE_TIMEOUT|CF_WRITE_ACTIVITY))) &&
|
|
|
|
unlikely(tick_is_expired(chn->wex, now_ms)))
|
|
|
|
chn->flags |= CF_WRITE_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
if (likely(!(chn->flags & CF_ANA_TIMEOUT)) &&
|
|
|
|
unlikely(tick_is_expired(chn->analyse_exp, now_ms)))
|
|
|
|
chn->flags |= CF_ANA_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Erase any content from channel <buf> and adjusts flags accordingly. Note
|
[MEDIUM] i/o: rework ->to_forward and ->send_max
The way the buffers and stream interfaces handled ->to_forward was
really not handy for multiple reasons. Now we've moved its control
to the receive-side of the buffer, which is also responsible for
keeping send_max up to date. This makes more sense as it now becomes
possible to send some pre-formatted data followed by forwarded data.
The following explanation has also been added to buffer.h to clarify
the situation. Right now, tests show that the I/O is behaving extremely
well. Some work will have to be done to adapt existing splice code
though.
/* Note about the buffer structure
The buffer contains two length indicators, one to_forward counter and one
send_max limit. First, it must be understood that the buffer is in fact
split in two parts :
- the visible data (->data, for ->l bytes)
- the invisible data, typically in kernel buffers forwarded directly from
the source stream sock to the destination stream sock (->splice_len
bytes). Those are used only during forward.
In order not to mix data streams, the producer may only feed the invisible
data with data to forward, and only when the visible buffer is empty. The
consumer may not always be able to feed the invisible buffer due to platform
limitations (lack of kernel support).
Conversely, the consumer must always take data from the invisible data first
before ever considering visible data. There is no limit to the size of data
to consume from the invisible buffer, as platform-specific implementations
will rarely leave enough control on this. So any byte fed into the invisible
buffer is expected to reach the destination file descriptor, by any means.
However, it's the consumer's responsibility to ensure that the invisible
data has been entirely consumed before consuming visible data. This must be
reflected by ->splice_len. This is very important as this and only this can
ensure strict ordering of data between buffers.
The producer is responsible for decreasing ->to_forward and increasing
->send_max. The ->to_forward parameter indicates how many bytes may be fed
into either data buffer without waking the parent up. The ->send_max
parameter says how many bytes may be read from the visible buffer. Thus it
may never exceed ->l. This parameter is updated by any buffer_write() as
well as any data forwarded through the visible buffer.
The consumer is responsible for decreasing ->send_max when it sends data
from the visible buffer, and ->splice_len when it sends data from the
invisible buffer.
A real-world example consists in part in an HTTP response waiting in a
buffer to be forwarded. We know the header length (300) and the amount of
data to forward (content-length=9000). The buffer already contains 1000
bytes of data after the 300 bytes of headers. Thus the caller will set
->send_max to 300 indicating that it explicitly wants to send those data,
and set ->to_forward to 9000 (content-length). This value must be normalised
immediately after updating ->to_forward : since there are already 1300 bytes
in the buffer, 300 of which are already counted in ->send_max, and that size
is smaller than ->to_forward, we must update ->send_max to 1300 to flush the
whole buffer, and reduce ->to_forward to 8000. After that, the producer may
try to feed the additional data through the invisible buffer using a
platform-specific method such as splice().
*/
2009-01-07 23:09:41 +00:00
|
|
|
* that any spliced data is not affected since we may not have any access to
|
|
|
|
* it.
|
2008-08-16 20:18:07 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_erase(struct channel *chn)
|
2006-06-26 00:48:02 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2014-11-24 09:54:47 +00:00
|
|
|
b_reset(chn->buf);
|
2006-06-26 00:48:02 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP for reads */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_shutr_now(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTR_NOW;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP for writes */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_shutw_now(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTW_NOW;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP in both directions */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_abort(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTR_NOW | CF_SHUTW_NOW;
|
|
|
|
chn->flags &= ~CF_AUTO_CONNECT;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* allow the consumer to try to establish a new connection. */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_connect(struct channel *chn)
|
2008-08-29 07:58:42 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_AUTO_CONNECT;
|
2008-08-29 07:58:42 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* prevent the consumer from trying to establish a new connection, and also
|
|
|
|
* disable auto shutdown forwarding.
|
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_connect(struct channel *chn)
|
2008-08-29 07:58:42 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~(CF_AUTO_CONNECT|CF_AUTO_CLOSE);
|
2008-08-29 07:58:42 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* allow the producer to forward shutdown requests */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_close(struct channel *chn)
|
2008-11-23 18:31:35 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_AUTO_CLOSE;
|
2008-11-23 18:31:35 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* prevent the producer from forwarding shutdown requests */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_close(struct channel *chn)
|
2008-11-23 18:31:35 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~CF_AUTO_CLOSE;
|
2008-11-23 18:31:35 +00:00
|
|
|
}
|
|
|
|
|
2010-01-06 23:20:41 +00:00
|
|
|
/* allow the producer to read / poll the input */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_read(struct channel *chn)
|
2010-01-06 23:20:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~CF_DONT_READ;
|
2010-01-06 23:20:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* prevent the producer from read / poll the input */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_read(struct channel *chn)
|
2010-01-06 23:20:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_DONT_READ;
|
2010-01-06 23:20:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
|
|
|
|
/*************************************************/
|
|
|
|
/* Buffer operations in the context of a channel */
|
|
|
|
/*************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
/* Return the max number of bytes the buffer can contain so that once all the
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* pending bytes are forwarded, the buffer still has global.tune.maxrewrite
|
2012-10-12 21:11:02 +00:00
|
|
|
* bytes free. The result sits between chn->size - maxrewrite and chn->size.
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* It is important to mention that if buf->i is already larger than size-maxrw
|
|
|
|
* the condition above cannot be satisfied and the lowest size will be returned
|
|
|
|
* anyway. The principles are the following :
|
|
|
|
* 0) the empty buffer has a limit of zero
|
|
|
|
* 1) a non-connected buffer cannot touch the reserve
|
|
|
|
* 2) infinite forward can always fill the buffer since all data will leave
|
|
|
|
* 3) all output bytes are considered in transit since they're leaving
|
|
|
|
* 4) all input bytes covered by to_forward are considered in transit since
|
|
|
|
* they'll be converted to output bytes.
|
|
|
|
* 5) all input bytes not covered by to_forward as considered remaining
|
|
|
|
* 6) all bytes scheduled to be forwarded minus what is already in the input
|
|
|
|
* buffer will be in transit during future rounds.
|
|
|
|
* 7) 4+5+6 imply that the amount of input bytes (i) is irrelevant to the max
|
|
|
|
* usable length, only to_forward and output count. The difference is
|
|
|
|
* visible when to_forward > i.
|
|
|
|
* 8) the reserve may be covered up to the amount of bytes in transit since
|
|
|
|
* these bytes will only take temporary space.
|
2016-01-25 00:09:11 +00:00
|
|
|
*
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* A typical buffer looks like this :
|
2016-01-25 00:09:11 +00:00
|
|
|
*
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* <-------------- max_len ----------->
|
|
|
|
* <---- o ----><----- i -----> <--- 0..maxrewrite --->
|
|
|
|
* +------------+--------------+-------+----------------------+
|
|
|
|
* |////////////|\\\\\\\\\\\\\\|xxxxxxx| reserve |
|
|
|
|
* +------------+--------+-----+-------+----------------------+
|
|
|
|
* <- fwd -> <-avail->
|
|
|
|
*
|
|
|
|
* Or when to_forward > i :
|
|
|
|
*
|
|
|
|
* <-------------- max_len ----------->
|
|
|
|
* <---- o ----><----- i -----> <--- 0..maxrewrite --->
|
|
|
|
* +------------+--------------+-------+----------------------+
|
|
|
|
* |////////////|\\\\\\\\\\\\\\|xxxxxxx| reserve |
|
|
|
|
* +------------+--------+-----+-------+----------------------+
|
|
|
|
* <-avail->
|
|
|
|
* <------------------ fwd ---------------->
|
|
|
|
*
|
|
|
|
* - the amount of buffer bytes in transit is : min(i, fwd) + o
|
|
|
|
* - some scheduled bytes may be in transit (up to fwd - i)
|
|
|
|
* - the reserve is max(0, maxrewrite - transit)
|
|
|
|
* - the maximum usable buffer length is size - reserve.
|
|
|
|
* - the available space is max_len - i - o
|
|
|
|
*
|
|
|
|
* So the formula to compute the buffer's maximum length to protect the reserve
|
|
|
|
* when reading new data is :
|
|
|
|
*
|
|
|
|
* max = size - maxrewrite + min(maxrewrite, transit)
|
|
|
|
* = size - max(maxrewrite - transit, 0)
|
|
|
|
*
|
|
|
|
* But WARNING! The conditions might change during the transfer and it could
|
|
|
|
* very well happen that a buffer would contain more bytes than max_len due to
|
|
|
|
* i+o already walking over the reserve (eg: after a header rewrite), including
|
|
|
|
* i or o alone hitting the limit. So it is critical to always consider that
|
|
|
|
* bounds may have already been crossed and that available space may be negative
|
|
|
|
* for example. Due to this it is perfectly possible for this function to return
|
|
|
|
* a value that is lower than current i+o.
|
2012-08-27 22:06:31 +00:00
|
|
|
*/
|
2015-01-14 19:21:43 +00:00
|
|
|
static inline int channel_recv_limit(const struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2016-05-03 15:46:24 +00:00
|
|
|
unsigned int transit;
|
2016-01-25 00:09:11 +00:00
|
|
|
int reserve;
|
|
|
|
|
|
|
|
/* return zero if empty */
|
|
|
|
reserve = chn->buf->size;
|
|
|
|
if (chn->buf == &buf_empty)
|
|
|
|
goto end;
|
|
|
|
|
|
|
|
/* return size - maxrewrite if we can't send */
|
|
|
|
reserve = global.tune.maxrewrite;
|
|
|
|
if (unlikely(!channel_may_send(chn)))
|
|
|
|
goto end;
|
|
|
|
|
2016-05-03 15:46:24 +00:00
|
|
|
/* We need to check what remains of the reserve after o and to_forward
|
|
|
|
* have been transmitted, but they can overflow together and they can
|
|
|
|
* cause an integer underflow in the comparison since both are unsigned
|
|
|
|
* while maxrewrite is signed.
|
|
|
|
* The code below has been verified for being a valid check for this :
|
|
|
|
* - if (o + to_forward) overflow => return size [ large enough ]
|
|
|
|
* - if o + to_forward >= maxrw => return size [ large enough ]
|
|
|
|
* - otherwise return size - (maxrw - (o + to_forward))
|
2016-01-25 00:09:11 +00:00
|
|
|
*/
|
2016-05-03 15:46:24 +00:00
|
|
|
transit = chn->buf->o + chn->to_forward;
|
|
|
|
reserve -= transit;
|
|
|
|
if (transit < chn->to_forward || // addition overflow
|
|
|
|
transit >= (unsigned)global.tune.maxrewrite) // enough transit data
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
return chn->buf->size;
|
2016-01-25 00:09:11 +00:00
|
|
|
end:
|
|
|
|
return chn->buf->size - reserve;
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Returns the amount of space available at the input of the buffer, taking the
|
|
|
|
* reserved space into account if ->to_forward indicates that an end of transfer
|
|
|
|
* is close to happen. The test is optimized to avoid as many operations as
|
|
|
|
* possible for the fast case.
|
|
|
|
*/
|
2015-01-14 19:25:34 +00:00
|
|
|
static inline int channel_recv_max(const struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2015-01-14 14:56:50 +00:00
|
|
|
int ret;
|
2012-08-27 22:06:31 +00:00
|
|
|
|
2015-01-14 19:21:43 +00:00
|
|
|
ret = channel_recv_limit(chn) - chn->buf->i - chn->buf->o;
|
2015-01-14 14:56:50 +00:00
|
|
|
if (ret < 0)
|
|
|
|
ret = 0;
|
|
|
|
return ret;
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
2015-01-14 19:32:59 +00:00
|
|
|
/* Truncate any unread data in the channel's buffer, and disable forwarding.
|
|
|
|
* Outgoing data are left intact. This is mainly to be used to send error
|
|
|
|
* messages after existing data.
|
2012-08-27 22:06:31 +00:00
|
|
|
*/
|
2015-01-14 19:32:59 +00:00
|
|
|
static inline void channel_truncate(struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2012-10-12 21:49:43 +00:00
|
|
|
if (!chn->buf->o)
|
2012-10-12 21:11:02 +00:00
|
|
|
return channel_erase(chn);
|
2012-08-27 22:06:31 +00:00
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2012-10-12 21:49:43 +00:00
|
|
|
if (!chn->buf->i)
|
2012-08-27 22:06:31 +00:00
|
|
|
return;
|
|
|
|
|
2012-10-12 21:49:43 +00:00
|
|
|
chn->buf->i = 0;
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
2009-08-31 05:37:22 +00:00
|
|
|
/*
|
2012-08-27 22:06:31 +00:00
|
|
|
* Advance the channel buffer's read pointer by <len> bytes. This is useful
|
|
|
|
* when data have been read directly from the buffer. It is illegal to call
|
|
|
|
* this function with <len> causing a wrapping at the end of the buffer. It's
|
|
|
|
* the caller's responsibility to ensure that <len> is never larger than
|
2012-10-12 21:11:02 +00:00
|
|
|
* chn->o. Channel flag WRITE_PARTIAL is set.
|
2009-08-31 05:37:22 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void bo_skip(struct channel *chn, int len)
|
2009-08-31 05:37:22 +00:00
|
|
|
{
|
2012-10-12 21:49:43 +00:00
|
|
|
chn->buf->o -= len;
|
2012-05-07 09:56:55 +00:00
|
|
|
|
2012-12-16 18:39:09 +00:00
|
|
|
if (buffer_empty(chn->buf))
|
2012-10-12 21:49:43 +00:00
|
|
|
chn->buf->p = chn->buf->data;
|
2009-08-31 05:37:22 +00:00
|
|
|
|
2009-09-23 21:47:55 +00:00
|
|
|
/* notify that some data was written to the SI from the buffer */
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_WRITE_PARTIAL;
|
2009-08-31 05:37:22 +00:00
|
|
|
}
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Tries to copy chunk <chunk> into the channel's buffer after length controls.
|
2012-10-12 21:11:02 +00:00
|
|
|
* The chn->o and to_forward pointers are updated. If the channel's input is
|
2010-09-08 15:04:31 +00:00
|
|
|
* closed, -2 is returned. If the block is too large for this buffer, -3 is
|
|
|
|
* returned. If there is not enough room left in the buffer, -1 is returned.
|
|
|
|
* Otherwise the number of bytes copied is returned (0 being a valid number).
|
2012-08-27 22:06:31 +00:00
|
|
|
* Channel flag READ_PARTIAL is updated if some data can be transferred. The
|
2012-08-27 18:53:34 +00:00
|
|
|
* chunk's length is updated with the number of bytes sent.
|
2009-08-31 06:09:57 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int bi_putchk(struct channel *chn, struct chunk *chunk)
|
2009-08-31 06:09:57 +00:00
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
ret = bi_putblk(chn, chunk->str, chunk->len);
|
2010-09-08 15:04:31 +00:00
|
|
|
if (ret > 0)
|
|
|
|
chunk->len -= ret;
|
2009-08-31 06:09:57 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Tries to copy string <str> at once into the channel's buffer after length
|
2012-10-12 21:11:02 +00:00
|
|
|
* controls. The chn->o and to_forward pointers are updated. If the channel's
|
2012-08-27 22:06:31 +00:00
|
|
|
* input is closed, -2 is returned. If the block is too large for this buffer,
|
|
|
|
* -3 is returned. If there is not enough room left in the buffer, -1 is
|
|
|
|
* returned. Otherwise the number of bytes copied is returned (0 being a valid
|
|
|
|
* number). Channel flag READ_PARTIAL is updated if some data can be
|
|
|
|
* transferred.
|
2010-09-08 15:04:31 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int bi_putstr(struct channel *chn, const char *str)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
return bi_putblk(chn, str, strlen(str));
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2012-08-27 22:06:31 +00:00
|
|
|
* Return one char from the channel's buffer. If the buffer is empty and the
|
|
|
|
* channel is closed, return -2. If the buffer is just empty, return -1. The
|
|
|
|
* buffer's pointer is not advanced, it's up to the caller to call bo_skip(buf,
|
|
|
|
* 1) when it has consumed the char. Also note that this function respects the
|
2012-10-12 21:11:02 +00:00
|
|
|
* chn->o limit.
|
2010-09-08 15:04:31 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int bo_getchr(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
|
|
|
/* closed or empty + imminent close = -2; empty = -1 */
|
2012-10-12 21:11:02 +00:00
|
|
|
if (unlikely((chn->flags & CF_SHUTW) || channel_is_empty(chn))) {
|
|
|
|
if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW))
|
2010-09-08 15:04:31 +00:00
|
|
|
return -2;
|
|
|
|
return -1;
|
|
|
|
}
|
2012-10-12 21:49:43 +00:00
|
|
|
return *buffer_wrap_sub(chn->buf, chn->buf->p - chn->buf->o);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-24 17:22:53 +00:00
|
|
|
#endif /* _PROTO_CHANNEL_H */
|
2006-06-26 00:48:02 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Local variables:
|
|
|
|
* c-indent-level: 8
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* End:
|
|
|
|
*/
|