MEDIUM: connection: add a new local send-proxy transport callback

This callback sends a PROXY protocol line on the outgoing connection, with the local and remote endpoint information. This is used for local connections (eg: health checks) where the other end needs to have a valid address and no connection is relayed.
2025-02-15 01:47:19 +00:00 · 2012-10-04 23:55:57 +02:00 · 2012-10-04 23:55:57 +02:00 · 5f1504f524
commit 5f1504f524
parent e1e4a61e7a
3 changed files with 92 additions and 2 deletions
--- a/include/proto/connection.h
+++ b/include/proto/connection.h
@ -68,6 +68,20 @@ void conn_update_sock_polling(struct connection *c);
 */
 void conn_update_data_polling(struct connection *c);

+/* This callback is used to send a valid PROXY protocol line to a socket being
+ * established from the local machine. It sets the protocol addresses to the
+ * local and remote address. This is typically used with health checks or when
+ * it is not possible to determine the other end's address. It returns 0 if it
+ * fails in a fatal way or needs to poll to go further, otherwise it returns
+ * non-zero and removes itself from the connection's flags (the bit is provided
+ * in <flag> by the caller). It is designed to be called by the connection
+ * handler and relies on it to commit polling changes. Note that this function
+ * expects to be able to send the whole line at once, which should always be
+ * possible since it is supposed to start at the first byte of the outgoing
+ * data segment.
+ */
+int conn_local_send_proxy(struct connection *conn, unsigned int flag);
+
 /* inspects c->flags and returns non-zero if DATA ENA changes from the CURR ENA
 * or if the WAIT flags set new flags that were not in CURR POL. Additionally,
 * non-zero is also returned if an error was reported on the connection. This
--- a/include/types/connection.h
+++ b/include/types/connection.h
@ -133,10 +133,11 @@ enum {
 	 */
 	CO_FL_SI_SEND_PROXY = 0x01000000,  /* send a valid PROXY protocol header */
 	CO_FL_SSL_WAIT_HS   = 0x02000000,  /* wait for an SSL handshake to complete */
-	CO_FL_ACCEPT_PROXY  = 0x04000000,  /* send a valid PROXY protocol header */
+	CO_FL_ACCEPT_PROXY  = 0x04000000,  /* receive a valid PROXY protocol header */
+	CO_FL_LOCAL_SPROXY  = 0x08000000,  /* send a valid local PROXY protocol header */

 	/* below we have all handshake flags grouped into one */
-	CO_FL_HANDSHAKE     = CO_FL_SI_SEND_PROXY | CO_FL_SSL_WAIT_HS | CO_FL_ACCEPT_PROXY,
+	CO_FL_HANDSHAKE     = CO_FL_SI_SEND_PROXY | CO_FL_SSL_WAIT_HS | CO_FL_ACCEPT_PROXY | CO_FL_LOCAL_SPROXY,

 	/* when any of these flags is set, polling is defined by socket-layer
 	 * operations, as opposed to data-layer. Transport is explicitly not
--- a/src/connection.c
+++ b/src/connection.c
@ -17,6 +17,7 @@

 #include <proto/connection.h>
 #include <proto/fd.h>
+#include <proto/frontend.h>
 #include <proto/proto_tcp.h>
 #include <proto/session.h>
 #include <proto/stream_interface.h>
@ -59,6 +60,10 @@ int conn_fd_handler(int fd)
 		if (conn->flags & CO_FL_SI_SEND_PROXY)
 			if (!conn_si_send_proxy(conn, CO_FL_SI_SEND_PROXY))
 				goto leave;
+
+		if (conn->flags & CO_FL_LOCAL_SPROXY)
+			if (!conn_local_send_proxy(conn, CO_FL_LOCAL_SPROXY))
+				goto leave;
 #ifdef USE_OPENSSL
 		if (conn->flags & CO_FL_SSL_WAIT_HS)
 			if (!ssl_sock_handshake(conn, CO_FL_SSL_WAIT_HS))
@ -508,3 +513,73 @@ int make_proxy_line(char *buf, int buf_len, struct sockaddr_storage *src, struct
 	}
 	return ret;
 }
+
+/* This callback is used to send a valid PROXY protocol line to a socket being
+ * established from the local machine. It sets the protocol addresses to the
+ * local and remote address. This is typically used with health checks or when
+ * it is not possible to determine the other end's address. It returns 0 if it
+ * fails in a fatal way or needs to poll to go further, otherwise it returns
+ * non-zero and removes itself from the connection's flags (the bit is provided
+ * in <flag> by the caller). It is designed to be called by the connection
+ * handler and relies on it to commit polling changes. Note that this function
+ * expects to be able to send the whole line at once, which should always be
+ * possible since it is supposed to start at the first byte of the outgoing
+ * data segment.
+ */
+int conn_local_send_proxy(struct connection *conn, unsigned int flag)
+{
+	int ret, len;
+
+	/* we might have been called just after an asynchronous shutw */
+	if (conn->flags & CO_FL_SOCK_WR_SH)
+		goto out_error;
+
+	/* The target server expects a PROXY line to be sent first. */
+	conn_get_from_addr(conn);
+	if (!(conn->flags & CO_FL_ADDR_FROM_SET))
+		goto out_error;
+
+	conn_get_to_addr(conn);
+	if (!(conn->flags & CO_FL_ADDR_TO_SET))
+		goto out_error;
+
+	len = make_proxy_line(trash, trashlen, &conn->addr.from, &conn->addr.to);
+	if (!len)
+		goto out_error;
+
+	/* we have to send trash from len bytes. If the data layer has a
+	 * pending write, we'll also set MSG_MORE.
+	 */
+	ret = send(conn->t.sock.fd, trash, len, (conn->flags & CO_FL_DATA_WR_ENA) ? MSG_MORE : 0);
+
+	if (ret == 0)
+		goto out_wait;
+
+	if (ret < 0) {
+		if (errno == EAGAIN)
+			goto out_wait;
+		goto out_error;
+	}
+
+	if (ret != len)
+		goto out_error;
+
+	/* The connection is ready now, simply return and let the connection
+	 * handler notify upper layers if needed.
+	 */
+	if (conn->flags & CO_FL_WAIT_L4_CONN)
+		conn->flags &= ~CO_FL_WAIT_L4_CONN;
+	conn->flags &= ~flag;
+	return 1;
+
+ out_error:
+	/* Write error on the file descriptor */
+	conn->flags |= CO_FL_ERROR;
+	conn->flags &= ~flag;
+	return 0;
+
+ out_wait:
+	__conn_sock_stop_recv(conn);
+	__conn_sock_poll_send(conn);
+	return 0;
+}