RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-26 15:40:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
dd164d0240
haproxy/src/frontend.c

590 lines
17 KiB
C
Raw Normal View History

[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
/*
[CLEANUP] rename client -> frontend The 'client.c' file now only contained frontend-specific functions, so it has naturally be renamed 'frontend.c'. Same for client.h. This has also been an opportunity to remove some cross references from files that should not have depended on it. In the end, this file should contain a protocol-agnostic accept() code, which would initialize a session, task, etc... based on an accept() from a lower layer. Right now there are still references to TCP.
2010-05-24 19:02:37 +00:00
* Frontend variables and functions.
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
*
[MINOR] frontend: add a make_proxy_line function This function will build a PROXY protocol line header from two addresses (IPv4 or IPv6). AF_UNIX family will be reported as UNKNOWN.
2011-03-20 09:15:22 +00:00
* Copyright 2000-2011 Willy Tarreau <w@1wt.eu>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
[CLEANUP] renamed include/haproxy to include/common
2006-06-29 15:53:05 +00:00
#include <string.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
[MINOR] tcp: add support for dynamic MSS setting By passing a negative value to the "mss" argument of "bind" lines, it becomes possible to subtract this value to the MSS advertised by the client, which results in segments smaller than advertised. The effect is useful with some TCP stacks which ACK less often when segments are not full, because they only ACK every other full segment as suggested by RFC1122. NOTE: currently this has no effect on Linux kernel 2.6, a kernel patch is still required to change the MSS of established connections.
2010-12-24 14:26:39 +00:00
#include <netinet/tcp.h>
[CLEANUP] renamed include/haproxy to include/common
2006-06-29 15:53:05 +00:00
#include <common/compat.h>
[CLEANUP] included common/version.h everywhere
2006-06-29 16:54:54 +00:00
#include <common/config.h>
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
#include <common/debug.h>
#include <common/standard.h>
[CLEANUP] renamed include/haproxy to include/common
2006-06-29 15:53:05 +00:00
#include <common/time.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <types/global.h>
[MEDIUM] added several ACL criteria and matches Many ACL criteria have been added. Some others are still commented out because some functions are still missing.
2007-05-06 22:55:35 +00:00
#include <proto/acl.h>
[MEDIUM] started the changes towards I/O completion callbacks Now the event_* functions find their buffer in the fdtab itself.
2006-07-29 14:59:06 +00:00
#include <proto/buffers.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <proto/fd.h>
[CLEANUP] rename client -> frontend The 'client.c' file now only contained frontend-specific functions, so it has naturally be renamed 'frontend.c'. Same for client.h. This has also been an opportunity to remove some cross references from files that should not have depended on it. In the end, this file should contain a protocol-agnostic accept() code, which would initialize a session, task, etc... based on an accept() from a lower layer. Right now there are still references to TCP.
2010-05-24 19:02:37 +00:00
#include <proto/frontend.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <proto/log.h>
[MEDIUM] added the hdr_idx structure for future HTTP header indexing This structure will consume 4 bytes per header to keep track of headers within a request or a response without having to parse the whole request for each regex. As it's not possible to allocate only 4 bytes, we define a max number of HTTP headers. We set it to (BUFSIZE+79)/80 so that 8kB buffers can contain 100 headers (like Apache), resulting in 400 bytes dedicated to indexation, or about 400/(2*8kB) ~= 2.4% of the memory usage.
2006-12-03 14:21:35 +00:00
#include <proto/hdr_idx.h>
[MEDIUM] move connection establishment from backend to the SI. The connection establishment was completely handled by backend.c which normally just handles LB algos. Since it's purely TCP, it must move to proto_tcp.c. Also, instead of calling it directly, we now call it via the stream interface, which will later help us unify session handling.
2009-08-16 12:02:45 +00:00
#include <proto/proto_tcp.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <proto/proto_http.h>
[MEDIUM] measure and report session rate on frontend, backends and servers With this change, all frontends, backends, and servers maintain a session counter and a timer to compute a session rate over the last second. This value will be very useful because it varies instantly and can be used to check thresholds. This value is also reported in the stats in a new "rate" column.
2009-03-05 17:43:00 +00:00
#include <proto/proxy.h>
[MAJOR] migrated task, tree64 and session to pool2 task and tree64 are already very close in size and are merged together. Overall performance gained slightly by this simple change.
2007-05-13 17:43:47 +00:00
#include <proto/session.h>
[MINOR] replace client_retnclose() with stream_int_retnclose() This makes more sense to return a message to a stream interface than to a session. senddata.{c,h} have been removed.
2008-11-30 18:48:07 +00:00
#include <proto/stream_interface.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
#include <proto/stream_sock.h>
#include <proto/task.h>
[MEDIUM] store the original destination address in the session There are multiple places where the client's destination address is required. Let's store it in the session when needed, and add a flag to inform that it has been retrieved.
2007-05-08 17:46:30 +00:00
/* Retrieves the original destination address used by the client, and sets the
* SN_FRT_ADDR_SET flag.
*/
void get_frt_addr(struct session *s)
{
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
socklen_t namelen = sizeof(s->si[0].addr.c.to);
[MEDIUM] store the original destination address in the session There are multiple places where the client's destination address is required. Let's store it in the session when needed, and add a flag to inform that it has been retrieved.
2007-05-08 17:46:30 +00:00
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
if (get_original_dst(s->si[0].fd, (struct sockaddr_in *)&s->si[0].addr.c.to, &namelen) == -1)
getsockname(s->si[0].fd, (struct sockaddr *)&s->si[0].addr.c.to, &namelen);
[MEDIUM] store the original destination address in the session There are multiple places where the client's destination address is required. Let's store it in the session when needed, and add a flag to inform that it has been retrieved.
2007-05-08 17:46:30 +00:00
s->flags |= SN_FRT_ADDR_SET;
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
/* Finish a session accept() for a proxy (TCP or HTTP). It returns a negative
[BUG] accept: don't close twice upon error The stream_sock's accept() used to close the FD upon error, but this was also sometimes performed by the frontend's accept() called via the session's accept(). Those interlaced calls were also responsible for the spaghetti-looking error unrolling code in session.c and stream_sock.c. Now the frontend must not close the FD anymore, the session is responsible for that. It also takes care of just closing the FD or also removing from the FD lists, depending on its state. The socket-level accept() does not have to care about that anymore.
2010-11-11 09:56:04 +00:00
* value in case of a critical failure which must cause the listener to be
* disabled, a positive value in case of success, or zero if it is a success
* but the session must be closed ASAP (eg: monitoring).
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
*/
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
int frontend_accept(struct session *s)
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
{
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
int cfd = s->si[0].fd;
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
tv_zero(&s->logs.tv_request);
s->logs.t_queue = -1;
s->logs.t_connect = -1;
s->logs.t_data = -1;
s->logs.t_close = 0;
s->logs.bytes_in = s->logs.bytes_out = 0;
s->logs.prx_queue_size = 0; /* we get the number of pending conns before us */
s->logs.srv_queue_size = 0; /* we will get this number soon */
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
/* FIXME: the logs are horribly complicated now, because they are
* defined in <p>, <p>, and later <be> and <be>.
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
*/
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
if (s->logs.logwait & LW_REQ)
s->do_log = http_sess_log;
else
s->do_log = tcp_sess_log;
/* default error reporting function, may be changed by analysers */
s->srv_error = default_srv_error;
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
[MEDIUM] tcp: check for pure layer4 rules immediately after accept() The tcp inspection rules were fast but were only processed after a schedule had occurred and all resources were allocated. When defending against DDoS, it's important to be able to apply some protection the earliest possible instant. Thus we introduce a new set of rules : tcp-request rules which act on pure layer4 information (no content). They are evaluated even before the buffers are allocated for the session, saving as much time as possible. That way it becomes possible to check an incoming connection's source IP address against a list of authorized/blocked networks, and immediately drop the connection. The rules are checked even before we perform any socket-specific operation, so that we can optimize the reject case, which will be the problematic one during a DDoS. The second stream interface and s->txn are also now initialized after the rules are parsed for the same reason. All these optimisations have permitted to reach up to 212000 connnections/s with a real rule rejecting based on the source IP address.
2010-05-23 20:59:00 +00:00
/* Adjust some socket options */
[CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets It's useless to apply keep-alive or lingering to non-TCP sockets.
2010-12-24 13:49:37 +00:00
if (s->listener->addr.ss_family == AF_INET || s->listener->addr.ss_family == AF_INET6) {
if (setsockopt(cfd, IPPROTO_TCP, TCP_NODELAY,
(char *) &one, sizeof(one)) == -1)
goto out_return;
if (s->fe->options & PR_O_TCP_CLI_KA)
setsockopt(cfd, SOL_SOCKET, SO_KEEPALIVE,
(char *) &one, sizeof(one));
if (s->fe->options & PR_O_TCP_NOLING)
setsockopt(cfd, SOL_SOCKET, SO_LINGER,
(struct linger *) &nolinger, sizeof(struct linger));
[MINOR] tcp: add support for dynamic MSS setting By passing a negative value to the "mss" argument of "bind" lines, it becomes possible to subtract this value to the MSS advertised by the client, which results in segments smaller than advertised. The effect is useful with some TCP stacks which ACK less often when segments are not full, because they only ACK every other full segment as suggested by RFC1122. NOTE: currently this has no effect on Linux kernel 2.6, a kernel patch is still required to change the MSS of established connections.
2010-12-24 14:26:39 +00:00
#if defined(TCP_MAXSEG)
if (s->listener->maxseg < 0) {
/* we just want to reduce the current MSS by that value */
int mss;
[BUILD] frontend: shut a warning with TCP_MAXSEG src/frontend.c: In function 'frontend_accept': src/frontend.c:110: warning: pointer targets in passing argument 5 of 'getsockopt' differ in signedness The argument should be socklen_t and not int.
2011-01-05 14:42:54 +00:00
socklen_t mss_len = sizeof(mss);
[MINOR] tcp: add support for dynamic MSS setting By passing a negative value to the "mss" argument of "bind" lines, it becomes possible to subtract this value to the MSS advertised by the client, which results in segments smaller than advertised. The effect is useful with some TCP stacks which ACK less often when segments are not full, because they only ACK every other full segment as suggested by RFC1122. NOTE: currently this has no effect on Linux kernel 2.6, a kernel patch is still required to change the MSS of established connections.
2010-12-24 14:26:39 +00:00
if (getsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, &mss_len) == 0) {
mss += s->listener->maxseg; /* remember, it's < 0 */
setsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, sizeof(mss));
}
}
#endif
[CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets It's useless to apply keep-alive or lingering to non-TCP sockets.
2010-12-24 13:49:37 +00:00
}
[MEDIUM] tcp: check for pure layer4 rules immediately after accept() The tcp inspection rules were fast but were only processed after a schedule had occurred and all resources were allocated. When defending against DDoS, it's important to be able to apply some protection the earliest possible instant. Thus we introduce a new set of rules : tcp-request rules which act on pure layer4 information (no content). They are evaluated even before the buffers are allocated for the session, saving as much time as possible. That way it becomes possible to check an incoming connection's source IP address against a list of authorized/blocked networks, and immediately drop the connection. The rules are checked even before we perform any socket-specific operation, so that we can optimize the reject case, which will be the problematic one during a DDoS. The second stream interface and s->txn are also now initialized after the rules are parsed for the same reason. All these optimisations have permitted to reach up to 212000 connnections/s with a real rule rejecting based on the source IP address.
2010-05-23 20:59:00 +00:00
if (global.tune.client_sndbuf)
setsockopt(cfd, SOL_SOCKET, SO_SNDBUF, &global.tune.client_sndbuf, sizeof(global.tune.client_sndbuf));
if (global.tune.client_rcvbuf)
setsockopt(cfd, SOL_SOCKET, SO_RCVBUF, &global.tune.client_rcvbuf, sizeof(global.tune.client_rcvbuf));
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (s->fe->mode == PR_MODE_HTTP) {
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* the captures are only used in HTTP frontends */
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (unlikely(s->fe->nb_req_cap > 0 &&
(s->txn.req.cap = pool_alloc2(s->fe->req_cap_pool)) == NULL))
[BUG] accept: don't close twice upon error The stream_sock's accept() used to close the FD upon error, but this was also sometimes performed by the frontend's accept() called via the session's accept(). Those interlaced calls were also responsible for the spaghetti-looking error unrolling code in session.c and stream_sock.c. Now the frontend must not close the FD anymore, the session is responsible for that. It also takes care of just closing the FD or also removing from the FD lists, depending on its state. The socket-level accept() does not have to care about that anymore.
2010-11-11 09:56:04 +00:00
goto out_return; /* no memory */
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (unlikely(s->fe->nb_rsp_cap > 0 &&
(s->txn.rsp.cap = pool_alloc2(s->fe->rsp_cap_pool)) == NULL))
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
goto out_free_reqcap; /* no memory */
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
}
[MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1) This is a first attempt at separating data processing from the TCP state machine. Those two states have been replaced with flags in the session indicating what needs to be analyzed. The corresponding code is still called before and in lieu of TCP states. Next change should get rid of the specific SV_STANALYZE which is in fact a client state. Then next change should consist in making it possible to analyze TCP contents while being in CL_STDATA (or CL_STSHUT*).
2008-08-10 20:55:22 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (s->fe->acl_requires & ACL_USE_L7_ANY) {
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* we have to allocate header indexes only if we know
* that we may make use of them. This of course includes
* (mode == PR_MODE_HTTP).
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
*/
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
s->txn.hdr_idx.size = MAX_HTTP_HDR;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (unlikely((s->txn.hdr_idx.v = pool_alloc2(s->fe->hdr_idx_pool)) == NULL))
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
goto out_free_rspcap; /* no memory */
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* and now initialize the HTTP transaction state */
http_init_txn(s);
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if ((s->fe->mode == PR_MODE_TCP || s->fe->mode == PR_MODE_HTTP)
&& (s->fe->logfac1 >= 0 || s->fe->logfac2 >= 0)) {
if (likely(s->fe->to_log)) {
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* we have the client ip */
if (s->logs.logwait & LW_CLIP)
if (!(s->logs.logwait &= ~LW_CLIP))
s->do_log(s);
[MINOR] http: rely on proxy->acl_requires to allocate hdr_idx Right now only HTTP proxies may use HTTP headers in ACLs, but when this evolves, we'll need to be able to allocate the hdr_idx on demand. The solution consists in allocating it only when it is certain that at least one ACL requires HTTP parsing, regardless of the mode the proxy is in. This is what is achieved by this patch.
2009-07-10 21:52:51 +00:00
}
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
else {
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
char pn[INET6_ADDRSTRLEN], sn[INET6_ADDRSTRLEN];
[MEDIUM] store the original destination address in the session There are multiple places where the client's destination address is required. Let's store it in the session when needed, and add a flag to inform that it has been retrieved.
2007-05-08 17:46:30 +00:00
if (!(s->flags & SN_FRT_ADDR_SET))
get_frt_addr(s);
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
switch (addr_to_str(&s->req->prod->addr.c.from, pn, sizeof(pn))) {
case AF_INET:
case AF_INET6:
addr_to_str(&s->req->prod->addr.c.to, sn, sizeof(sn));
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
send_log(s->fe, LOG_INFO, "Connect from %s:%d to %s:%d (%s/%s)\n",
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
pn, get_host_port(&s->req->prod->addr.c.from),
sn, get_host_port(&s->req->prod->addr.c.to),
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
break;
case AF_UNIX:
/* UNIX socket, only the destination is known */
send_log(s->fe, LOG_INFO, "Connect to unix:%d (%s/%s)\n",
s->listener->luid,
s->fe->id, (s->fe->mode == PR_MODE_HTTP) ? "HTTP" : "TCP");
break;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
}
}
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[OPTIM] frontend: tell the compiler that errors are unlikely to occur Doing this brings better, more linear object code with less jumps in the normal path.
2010-05-28 17:29:49 +00:00
if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) {
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
char pn[INET6_ADDRSTRLEN];
[MINOR] frontend: ensure debug message length is always initialized If the socket family ever changes from AF_INET*/AF_UNIX, we'd have a problem.
2011-09-09 09:21:06 +00:00
int len = 0;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
if (!(s->flags & SN_FRT_ADDR_SET))
get_frt_addr(s);
[MEDIUM] session: move the analysis bit field to the buffer It makes more sense to store the list of analysers in the buffer than in the session since they are precisely plugged onto one buffer.
2008-08-17 13:20:19 +00:00
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
switch (addr_to_str(&s->req->prod->addr.c.from, pn, sizeof(pn))) {
case AF_INET:
case AF_INET6:
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [%s:%d]\n",
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
pn, get_host_port(&s->req->prod->addr.c.from));
break;
case AF_UNIX:
/* UNIX socket, only the destination is known */
[MINOR] Support of unix listener sockets for debug and log event messages on frontend.c
2010-10-22 14:33:18 +00:00
len = sprintf(trash, "%08x:%s.accept(%04x)=%04x from [unix:%d]\n",
s->uniq_id, s->fe->id, (unsigned short)s->listener->fd, (unsigned short)cfd,
s->listener->luid);
[MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() Many inet_ntop calls were partially right, which was hard to detect given the complex combinations. Some of them were relying on the listener's proto instead of the address itself, which could have been different when dealing with an accept-proxy connection. The new addr_to_str() function does the dirty job and returns the family, which makes it particularly suited to calls from switch/case statements. A large number of if/else statements were removed and the stats output could even be cleaned up in the case of session dump. As a side effect of doing this, the resulting code is smaller by almost 1kB. All changed parts have been tested and provided expected output.
2011-09-04 22:36:48 +00:00
break;
[MINOR] Support of unix listener sockets for debug and log event messages on frontend.c
2010-10-22 14:33:18 +00:00
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
write(1, trash, len);
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (s->fe->mode == PR_MODE_HTTP)
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
s->req->flags |= BF_READ_DONTWAIT; /* one read is usually enough */
[MEDIUM] Collect & provide separate statistics for sockets, v2 This patch allows to collect & provide separate statistics for each socket. It can be very useful if you would like to distinguish between traffic generate by local and remote users or between different types of remote clients (peerings, domestic, foreign). Currently no "Session rate" is supported, but adding it should be possible if we found it useful.
2009-10-04 13:43:17 +00:00
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* note: this should not happen anymore since there's always at least the switching rules */
if (!s->req->analysers) {
buffer_auto_connect(s->req); /* don't wait to establish connection */
buffer_auto_close(s->req); /* let the producer forward close requests */
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
s->req->rto = s->fe->timeout.client;
s->rep->wto = s->fe->timeout.client;
fdtab[cfd].flags = FD_FL_TCP | FD_FL_TCP_NODELAY;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (s->fe->options & PR_O_TCP_NOLING)
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
fdtab[cfd].flags |= FD_FL_TCP_NOLING;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
if (unlikely((s->fe->mode == PR_MODE_HTTP && (s->flags & SN_MONITOR)) ||
[MEDIUM] checks: group health checks methods by values and save option bits Adding health checks has become a real pain, with cross-references to all checks everywhere because they're all a single bit. Since they're all exclusive, let's change this to have a check number only. We reserve 4 bits allowing up to 16 checks (15+tcp), only 7 of which are currently used. The code has shrunk by almost 1kB and we saved a few option bits. The "dispatch" option has been moved to px->options, making a few tests a bit cleaner.
2011-08-06 15:05:02 +00:00
(s->fe->mode == PR_MODE_HEALTH && ((s->fe->options2 & PR_O2_CHK_ANY) == PR_O2_HTTP_CHK)))) {
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
/* Either we got a request from a monitoring system on an HTTP instance,
* or we're in health check mode with the 'httpchk' option enabled. In
* both cases, we return a fake "HTTP/1.0 200 OK" response and we exit.
*/
struct chunk msg;
chunk_initstr(&msg, "HTTP/1.0 200 OK\r\n\r\n");
stream_int_retnclose(&s->si[0], &msg); /* forge a 200 response */
s->req->analysers = 0;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
s->task->expire = s->rep->wex;
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
EV_FD_CLR(cfd, DIR_RD);
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
}
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
else if (unlikely(s->fe->mode == PR_MODE_HEALTH)) { /* health check mode, no client reading */
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
struct chunk msg;
chunk_initstr(&msg, "OK\n");
stream_int_retnclose(&s->si[0], &msg); /* forge an "OK" response */
s->req->analysers = 0;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
s->task->expire = s->rep->wex;
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
EV_FD_CLR(cfd, DIR_RD);
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
}
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
/* everything's OK, let's go on */
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
return 1;
[MEDIUM] simplify error path in event_accept() The error path in event_accept() was complicated by many code duplications. Use the classical unrolling with the gotos. This fix alone reduced the code by 2.5 kB.
2007-11-04 16:51:50 +00:00
/* Error unrolling */
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
out_free_rspcap:
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
pool_free2(s->fe->rsp_cap_pool, s->txn.rsp.cap);
[MAJOR] frontend: reorder the session initialization upon accept This will be needed for the last factoring step which adds support for application-level accept(). The tcp/http accept() code has now been isolated and will have to move to a separate function.
2010-06-01 15:12:40 +00:00
out_free_reqcap:
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 15:45:26 +00:00
pool_free2(s->fe->req_cap_pool, s->txn.req.cap);
[BUG] accept: don't close twice upon error The stream_sock's accept() used to close the FD upon error, but this was also sometimes performed by the frontend's accept() called via the session's accept(). Those interlaced calls were also responsible for the spaghetti-looking error unrolling code in session.c and stream_sock.c. Now the frontend must not close the FD anymore, the session is responsible for that. It also takes care of just closing the FD or also removing from the FD lists, depending on its state. The socket-level accept() does not have to care about that anymore.
2010-11-11 09:56:04 +00:00
out_return:
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 16:46:57 +00:00
return -1;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
}
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
/* This analyser tries to fetch a line from the request buffer which looks like :
*
* "PROXY" <SP> PROTO <SP> SRC3 <SP> DST3 <SP> SRC4 <SP> <DST4> "\r\n"
*
* There must be exactly one space between each field. Fields are :
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
* - PROTO : layer 4 protocol, which must be "TCP4" or "TCP6".
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
* - SRC3 : layer 3 (eg: IP) source address in standard text form
* - DST3 : layer 3 (eg: IP) destination address in standard text form
* - SRC4 : layer 4 (eg: TCP port) source address in standard text form
* - DST4 : layer 4 (eg: TCP port) destination address in standard text form
*
* This line MUST be at the beginning of the buffer and MUST NOT wrap.
*
* Once the data is fetched, the values are set in the session's field and data
* are removed from the buffer. The function returns zero if it needs to wait
* for more data (max: timeout_client), or 1 if it has finished and removed itself.
*/
int frontend_decode_proxy_request(struct session *s, struct buffer *req, int an_bit)
{
char *line = req->data;
char *end = req->data + req->l;
int len;
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bl=%d analysers=%02x\n",
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
req->l,
req->analysers);
if (req->flags & (BF_READ_ERROR|BF_READ_TIMEOUT))
goto fail;
[MINOR] frontend: improve accept-proxy header parsing The accept-proxy now automatically fails as soon as a character does not match the expected syntax.
2010-10-29 13:16:55 +00:00
len = MIN(req->l, 6);
if (!len)
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
goto missing;
[MINOR] frontend: improve accept-proxy header parsing The accept-proxy now automatically fails as soon as a character does not match the expected syntax.
2010-10-29 13:16:55 +00:00
/* Decode a possible proxy request, fail early if it does not match */
if (strncmp(line, "PROXY ", len) != 0)
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
goto fail;
[MINOR] frontend: improve accept-proxy header parsing The accept-proxy now automatically fails as soon as a character does not match the expected syntax.
2010-10-29 13:16:55 +00:00
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
line += 6;
[MINOR] frontend: improve accept-proxy header parsing The accept-proxy now automatically fails as soon as a character does not match the expected syntax.
2010-10-29 13:16:55 +00:00
if (req->l < 18) /* shortest possible line */
goto missing;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
if (!memcmp(line, "TCP4 ", 5) != 0) {
u32 src3, dst3, sport, dport;
line += 5;
src3 = inetaddr_host_lim_ret(line, end, &line);
if (line == end)
goto missing;
if (*line++ != ' ')
goto fail;
dst3 = inetaddr_host_lim_ret(line, end, &line);
if (line == end)
goto missing;
if (*line++ != ' ')
goto fail;
sport = read_uint((const char **)&line, end);
if (line == end)
goto missing;
if (*line++ != ' ')
goto fail;
dport = read_uint((const char **)&line, end);
if (line > end - 2)
goto missing;
if (*line++ != '\r')
goto fail;
if (*line++ != '\n')
goto fail;
/* update the session's addresses and mark them set */
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
((struct sockaddr_in *)&s->si[0].addr.c.from)->sin_family = AF_INET;
((struct sockaddr_in *)&s->si[0].addr.c.from)->sin_addr.s_addr = htonl(src3);
((struct sockaddr_in *)&s->si[0].addr.c.from)->sin_port = htons(sport);
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
((struct sockaddr_in *)&s->si[0].addr.c.to)->sin_family = AF_INET;
((struct sockaddr_in *)&s->si[0].addr.c.to)->sin_addr.s_addr = htonl(dst3);
((struct sockaddr_in *)&s->si[0].addr.c.to)->sin_port = htons(dport);
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
s->flags |= SN_FRT_ADDR_SET;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
}
else if (!memcmp(line, "TCP6 ", 5) != 0) {
u32 sport, dport;
char *src_s;
char *dst_s, *sport_s, *dport_s;
struct in6_addr src3, dst3;
line+=5;
src_s = line;
dst_s = sport_s = dport_s = NULL;
while (1) {
if (line > end - 2) {
goto missing;
}
else if (*line == '\r') {
*line = 0;
line++;
if (*line++ != '\n')
goto fail;
break;
}
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
if (*line == ' ') {
*line = 0;
if (!dst_s)
dst_s = line+1;
else if (!sport_s)
sport_s = line+1;
else if (!dport_s)
dport_s = line+1;
}
line++;
}
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
if (!dst_s || !sport_s || !dport_s)
goto fail;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
sport = read_uint((const char **)&sport_s,dport_s-1);
if ( *sport_s != 0 )
goto fail;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
dport = read_uint((const char **)&dport_s,line-2);
if ( *dport_s != 0 )
goto fail;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
if (inet_pton(AF_INET6, src_s, (void *)&src3) != 1)
goto fail;
if (inet_pton(AF_INET6, dst_s, (void *)&dst3) != 1)
goto fail;
/* update the session's addresses and mark them set */
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
((struct sockaddr_in6 *)&s->si[0].addr.c.from)->sin6_family = AF_INET6;
memcpy(&((struct sockaddr_in6 *)&s->si[0].addr.c.from)->sin6_addr, &src3, sizeof(struct in6_addr));
((struct sockaddr_in6 *)&s->si[0].addr.c.from)->sin6_port = htons(sport);
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
[REORG] session: move client and server address to the stream interface This will be needed very soon for the keep-alive.
2011-03-03 16:42:23 +00:00
((struct sockaddr_in6 *)&s->si[0].addr.c.to)->sin6_family = AF_INET6;
memcpy(&((struct sockaddr_in6 *)&s->si[0].addr.c.to)->sin6_addr, &dst3, sizeof(struct in6_addr));
((struct sockaddr_in6 *)&s->si[0].addr.c.to)->sin6_port = htons(dport);
[MINOR] frontend: add tcpv6 support on accept-proxy bind
2010-10-29 10:03:03 +00:00
s->flags |= SN_FRT_ADDR_SET;
}
else {
goto fail;
}
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
/* remove the PROXY line from the request */
len = line - req->data;
buffer_replace2(req, req->data, line, NULL, 0);
req->total -= len; /* don't count the header line */
req->analysers &= ~an_bit;
return 1;
missing:
if (!(req->flags & (BF_SHUTR|BF_FULL))) {
buffer_dont_connect(s->req);
return 0;
}
/* missing data and buffer is either full or shutdown => fail */
fail:
buffer_abort(req);
buffer_abort(s->rep);
req->analysers = 0;
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 22:25:56 +00:00
s->fe->fe_counters.failed_req++;
[MINOR] frontend: add a new analyser to parse a proxied connection The introduction of a new PROXY protocol for proxied connections requires an early analyser to decode the incoming connection and set the session flags accordingly. Some more work is needed, among which setting a flag on the session to indicate it's proxied, and copying the original parameters for later comparisons with new ACLs (eg: real_src, ...).
2010-10-15 21:23:19 +00:00
if (s->listener->counters)
s->listener->counters->failed_req++;
if (!(s->flags & SN_ERR_MASK))
s->flags |= SN_ERR_PRXCOND;
if (!(s->flags & SN_FINST_MASK))
s->flags |= SN_FINST_R;
return 0;
}
[MINOR] frontend: add a make_proxy_line function This function will build a PROXY protocol line header from two addresses (IPv4 or IPv6). AF_UNIX family will be reported as UNKNOWN.
2011-03-20 09:15:22 +00:00
/* Makes a PROXY protocol line from the two addresses. The output is sent to
* buffer <buf> for a maximum size of <buf_len> (including the trailing zero).
* It returns the number of bytes composing this line (including the trailing
* LF), or zero in case of failure (eg: not enough space). It supports TCP4,
* TCP6 and "UNKNOWN" formats.
*/
int make_proxy_line(char *buf, int buf_len, struct sockaddr_storage *src, struct sockaddr_storage *dst)
{
int ret = 0;
if (src->ss_family == dst->ss_family && src->ss_family == AF_INET) {
ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP4 ");
if (ret >= buf_len)
return 0;
/* IPv4 src */
if (!inet_ntop(src->ss_family, &((struct sockaddr_in *)src)->sin_addr, buf + ret, buf_len - ret))
return 0;
ret += strlen(buf + ret);
if (ret >= buf_len)
return 0;
buf[ret++] = ' ';
/* IPv4 dst */
if (!inet_ntop(dst->ss_family, &((struct sockaddr_in *)dst)->sin_addr, buf + ret, buf_len - ret))
return 0;
ret += strlen(buf + ret);
if (ret >= buf_len)
return 0;
/* source and destination ports */
ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
ntohs(((struct sockaddr_in *)src)->sin_port),
ntohs(((struct sockaddr_in *)dst)->sin_port));
if (ret >= buf_len)
return 0;
}
else if (src->ss_family == dst->ss_family && src->ss_family == AF_INET6) {
ret = snprintf(buf + ret, buf_len - ret, "PROXY TCP6 ");
if (ret >= buf_len)
return 0;
/* IPv6 src */
if (!inet_ntop(src->ss_family, &((struct sockaddr_in6 *)src)->sin6_addr, buf + ret, buf_len - ret))
return 0;
ret += strlen(buf + ret);
if (ret >= buf_len)
return 0;
buf[ret++] = ' ';
/* IPv6 dst */
if (!inet_ntop(dst->ss_family, &((struct sockaddr_in6 *)dst)->sin6_addr, buf + ret, buf_len - ret))
return 0;
ret += strlen(buf + ret);
if (ret >= buf_len)
return 0;
/* source and destination ports */
ret += snprintf(buf + ret, buf_len - ret, " %u %u\r\n",
ntohs(((struct sockaddr_in6 *)src)->sin6_port),
ntohs(((struct sockaddr_in6 *)dst)->sin6_port));
if (ret >= buf_len)
return 0;
}
else {
/* unknown family combination */
ret = snprintf(buf, buf_len, "PROXY UNKNOWN\r\n");
if (ret >= buf_len)
return 0;
}
return ret;
}
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
/* set test->i to the id of the frontend */
[MINOR] acl: specify the direction during fetches Some fetches such as 'line' or 'hdr' need to know the direction of the test (request or response). A new 'dir' parameter is now propagated from the caller to achieve this.
2007-06-10 08:06:18 +00:00
static int
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
acl_fetch_fe_id(struct proxy *px, struct session *l4, void *l7, int dir,
struct acl_expr *expr, struct acl_test *test) {
[MINOR] implement the ACL keywords 'dst' and 'dport' The file client.c now provides acl_fetch_dip and acl_fetch_dport to be able to check the client's destination address and port. The corresponding ACL keywords 'dst' and 'dport' have been added.
2007-05-08 17:56:15 +00:00
test->flags = ACL_TEST_F_READ_ONLY;
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
test->i = l4->fe->uuid;
[MINOR] implement the ACL keywords 'dst' and 'dport' The file client.c now provides acl_fetch_dip and acl_fetch_dport to be able to check the client's destination address and port. The corresponding ACL keywords 'dst' and 'dport' have been added.
2007-05-08 17:56:15 +00:00
[MEDIUM] Add src dst and dport pattern fetches.
2010-01-04 14:47:45 +00:00
return 1;
}
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
/* set test->i to the number of connections per second reaching the frontend */
[MINOR] acl: specify the direction during fetches Some fetches such as 'line' or 'hdr' need to know the direction of the test (request or response). A new 'dir' parameter is now propagated from the caller to achieve this.
2007-06-10 08:06:18 +00:00
static int
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
acl_fetch_fe_sess_rate(struct proxy *px, struct session *l4, void *l7, int dir,
struct acl_expr *expr, struct acl_test *test)
[MINOR] implement the ACL keywords 'dst' and 'dport' The file client.c now provides acl_fetch_dip and acl_fetch_dport to be able to check the client's destination address and port. The corresponding ACL keywords 'dst' and 'dport' have been added.
2007-05-08 17:56:15 +00:00
{
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
test->flags = ACL_TEST_F_VOL_TEST;
if (expr->arg_len) {
/* another proxy was designated, we must look for it */
for (px = proxy; px; px = px->next)
if ((px->cap & PR_CAP_FE) && !strcmp(px->id, expr->arg.str))
break;
}
if (!px)
return 0;
[MEDIUM] Add src dst and dport pattern fetches.
2010-01-04 14:47:45 +00:00
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
test->i = read_freq_ctr(&px->fe_sess_per_sec);
[MEDIUM] Add src dst and dport pattern fetches.
2010-01-04 14:47:45 +00:00
return 1;
}
[MEDIUM] New option http_proxy Hello, You will find attached an updated release of previously submitted patch. It polish some part and extend ACL engine to match IP and PORT parsed in HTTP request. (and take care of comments made by Willy ! ;)) Best regards, Alexandre
2007-11-29 14:43:32 +00:00
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
/* set test->i to the number of concurrent connections on the frontend */
[MINOR] acl: specify the direction during fetches Some fetches such as 'line' or 'hdr' need to know the direction of the test (request or response). A new 'dir' parameter is now propagated from the caller to achieve this.
2007-06-10 08:06:18 +00:00
static int
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
acl_fetch_fe_conn(struct proxy *px, struct session *l4, void *l7, int dir,
struct acl_expr *expr, struct acl_test *test)
[MEDIUM] added several ACL criteria and matches Many ACL criteria have been added. Some others are still commented out because some functions are still missing.
2007-05-06 22:55:35 +00:00
{
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
test->flags = ACL_TEST_F_VOL_TEST;
if (expr->arg_len) {
/* another proxy was designated, we must look for it */
for (px = proxy; px; px = px->next)
if ((px->cap & PR_CAP_FE) && !strcmp(px->id, expr->arg.str))
break;
}
if (!px)
return 0;
[MINOR] acl: add fe_id/so_id to match frontend's and socket's id
2010-01-12 20:59:30 +00:00
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
test->i = px->feconn;
[MINOR] acl: add fe_id/so_id to match frontend's and socket's id
2010-01-12 20:59:30 +00:00
return 1;
}
[MEDIUM] added several ACL criteria and matches Many ACL criteria have been added. Some others are still commented out because some functions are still missing.
2007-05-06 22:55:35 +00:00
/* Note: must not be declared <const> as its list will be overwritten */
static struct acl_kw_list acl_kws = {{ },{
[CLEANUP] client: move some ACLs away to their respective locations Some ACLs in the client ought to belong to proto_tcp, or protocols. This file should only contain frontend-specific information and will be renamed that way in next commit.
2010-05-24 18:55:15 +00:00
{ "fe_id", acl_parse_int, acl_fetch_fe_id, acl_match_int, ACL_USE_NOTHING },
{ "fe_sess_rate", acl_parse_int, acl_fetch_fe_sess_rate, acl_match_int, ACL_USE_NOTHING },
{ "fe_conn", acl_parse_int, acl_fetch_fe_conn, acl_match_int, ACL_USE_NOTHING },
[MEDIUM] added several ACL criteria and matches Many ACL criteria have been added. Some others are still commented out because some functions are still missing.
2007-05-06 22:55:35 +00:00
{ NULL, NULL, NULL, NULL },
}};
__attribute__((constructor))
[CLEANUP] rename client -> frontend The 'client.c' file now only contained frontend-specific functions, so it has naturally be renamed 'frontend.c'. Same for client.h. This has also been an opportunity to remove some cross references from files that should not have depended on it. In the end, this file should contain a protocol-agnostic accept() code, which would initialize a session, task, etc... based on an accept() from a lower layer. Right now there are still references to TCP.
2010-05-24 19:02:37 +00:00
static void __frontend_init(void)
[MEDIUM] added several ACL criteria and matches Many ACL criteria have been added. Some others are still commented out because some functions are still missing.
2007-05-06 22:55:35 +00:00
{
acl_register_keywords(&acl_kws);
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-26 00:48:02 +00:00
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in New Issue Copy Permalink