Commit Graph

5175 Commits

Author SHA1 Message Date
Willy Tarreau
c1b10d38d7 MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call
This new flag indicates to a custom action that it must not yield because
it will not be called anymore. This addresses an issue introduced by commit
bc4c1ac ("MEDIUM: http/tcp: permit to resume http and tcp custom actions"),
which made it possible to yield even after the last call and causes Lua
actions not to be stopped when the session closes. Note that the Lua issue
is not fixed yet at this point. Also only TCP rules were handled, for now
HTTP rules continue to let the action yield since we don't know whether or
not it is a final call.
2015-09-27 11:04:06 +02:00
Willy Tarreau
658b85b68d MEDIUM: actions: pass a new "flags" argument to custom actions
Since commit bc4c1ac ("MEDIUM: http/tcp: permit to resume http and tcp
custom actions"), some actions may yield and be called back when new
information are available. Unfortunately some of them may continue to
yield because they simply don't know that it's the last call from the
rule set. For this reason we'll need to pass a flag to the custom
action to pass such information and possibly other at the same time.
2015-09-27 11:04:06 +02:00
Thierry FOURNIER
eba6f64a5f BUG/MEDIUM: lua: wakeup task on bad conditions
the condition was :
 * wakeup for read if the output channel contains data
 * wakeup for write if the input channel have some room.
2015-09-27 11:03:19 +02:00
Thierry FOURNIER
5a50a85f4f BUG/MEDIUM: lua: forces a garbage collection
When a thread stops this patch forces a garbage collection which
cleanup and free the memory.

The HAProxy Lua Socket class contains an HAProxy session, so it
uses a big amount of memory, in other this Socket class uses a
filedescriptor and maintain a connection open.

If the class Socket is stored in a global variable, the Socket stay
alive along of the life of the process (except if it is closed by the
other size, or if a timeout is reached). If the class Socket is stored
in a local variable, it must die with this variable.

The socket is closed by a call from the garbage collector. And the
portability and use of a variable is known by the same garbage collector.

so, running the GC just after the end of all Lua code ensure that the
heavy resources like the socket class are freed quickly.
2015-09-27 11:03:08 +02:00
Willy Tarreau
3adac08849 BUG/MEDIUM: lua: properly set the target on the connection
Not having the target set on the connection causes it to be released
at the last moment, and the destination address to randomly be valid
depending on the data found in the memory at this moment. In practice
it works as long as memory poisonning is disabled. The deep reason is
that connect_server() doesn't expect to be called with SF_ADDR_SET and
an existing connection with !reuse. This causes the release of the
connection, its reallocation (!reuse), and taking the address from the
newly allocated connection. This should certainly be improved.
2015-09-26 17:56:23 +02:00
Willy Tarreau
9af89f7905 BUG/MEDIUM: lua: better fix for the protocol check
Commit d75cb0f ("BUG/MAJOR: lua: segfault after the channel data is
modified by some Lua action.") introduced a regression causing an
action run from a TCP rule in an HTTP proxy to end in HTTP error
if it terminated cleanly, because it didn't parse the HTTP request!

Relax the test so that it takes into account the opportunity for the
analysers to parse the message.
2015-09-26 11:50:08 +02:00
Willy Tarreau
de70fa17a9 MINOR: lua: use the proper applet wakeup mechanism
The lua code must the the appropriate wakeup mechanism for cosockets.
It wakes them up from outside the stream and outside the applet, so it
shouldn't use the applet's wakeup callback which is designed only for
use from within the applet itself. For now it didn't cause any trouble
(yet).
2015-09-26 11:25:05 +02:00
Thierry FOURNIER
10e5bc76c7 BUG/MEDIUM: lua: longjmp function must be unregistered
the longjmp function must be unregistered when we leaves the function
who install it.
2015-09-26 01:34:29 +02:00
Willy Tarreau
7a4501757f CLEANUP: lua: remove unneeded memset(0) after calloc()
No need for these memset() anymore, since calloc() was put there
to avoid them.
2015-09-26 01:33:24 +02:00
Thierry FOURNIER
3c7a77c0e7 CLEANUP: lua: use calloc in place of malloc
calloc is safer because it fills the allocated memory zone with zeros.
2015-09-26 01:32:06 +02:00
Willy Tarreau
1895428ef4 DEBUG: add p_malloc() to return a poisonned memory area
This one is useful to detect improperly initialized memory areas
when some suspicious malloc() are involved in random behaviours.
2015-09-26 01:28:43 +02:00
Thierry FOURNIER
d75cb0fce6 BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action.
When an action or a fetch modify the channel data, the http request parser
pointer become inconsistent. This patch detects the modification and call
again the parser.
2015-09-26 00:37:55 +02:00
Thierry FOURNIER
84e73c8882 MEDIUM: lua: use the function lua_rawset in place of lua_settable
The function lua_settable uses the metatable for acessing data,
so in the C part, we want to index value in the real table and
not throught the meta-methods. It's much faster this way.
2015-09-26 00:37:35 +02:00
Thierry FOURNIER
d2a3dcc8bd MINOR: lua: identify userdata objects
This patch adds lua primitives for identifying lua class
associated with userdata.
2015-09-25 23:40:20 +02:00
Thierry FOURNIER
a7b536b53b MINOR: lua: reset pointer after use
After releasing the Lua environment, this patch set the only one pointer to
the Lua stack to NULL. This prevents an accidental re-use.
2015-09-25 23:40:02 +02:00
Thierry FOURNIER
fd50f0bcc8 MINOR: http: split initialization
The goal is to export the http txn initialisation functions for
using it in the Lua code.
2015-09-25 23:39:48 +02:00
Thierry FOURNIER
8d16de0ad0 MINOR: http: export function http_msg_analyzer()
Exports the function http_msg_analyzer().
2015-09-25 23:39:43 +02:00
Thierry FOURNIER
127169e7f5 MINOR: http: export the get_reason() function
This patch exports the get_reason() function.
2015-09-25 23:39:36 +02:00
Thierry FOURNIER
3c3317849f MINOR: http: export http_get_path() function
This patch simply exports the http_get_path() function from the proto_http.c file.
2015-09-25 23:39:27 +02:00
Thierry FOURNIER
0efc94cbb4 CLEANUP: lua: align defines
Align the defined values
2015-09-25 23:28:02 +02:00
Thierry FOURNIER
27929fbfd7 MINOR: channel: rename function chn_sess to chn_strm
The name of the function chn_sess is no longer appropriate.
This patch renames it to chn_strm.
2015-09-25 23:27:33 +02:00
Thierry FOURNIER
ed08d6a9be MEDIUM: proto_http: smp_prefetch_http initialize txn
When we call the function smp_prefetch_http(), if the txn is not initialized,
it doesn't work. This patch fix this. Now, smp_prefecth_http() permits to use
http with any proxy mode.
2015-09-25 23:27:23 +02:00
Willy Tarreau
958f0742a2 BUG/MEDIUM: stream-int: avoid double-call to applet->release
While the SI_ST_DIS state is set *after* doing the close on a connection,
it was set *before* calling release on an applet. Applets have no internal
flags contrary to connections, so they have no way to detect they were
already released. Because of this it happened that applets were closed
twice, once via si_applet_release() and once via si_release_endpoint() at
the end of a transaction. The CLI applet could perform a double free in
this case, though the situation to cause it is quite hard because it
requires that the applet is stuck on output in states that produce very
few data.

In order to solve this, we now assign the SI_ST_DIS state *after* calling
->release, and we refrain from doing so if the state is already assigned.
This makes applets work much more like connections and definitely avoids
this double release.

In the future it might be worth making applets have their own flags like
connections to carry their own state regardless of the stream interface's
state, especially when dealing with connection reuse.

No backport is needed since this issue was caused by the rearchitecture
in 1.6.
2015-09-25 21:16:03 +02:00
Willy Tarreau
5cfa3bcc22 MINOR: cli: do not call the release handler on internal error.
It's dangerous to call this on internal state error, because it risks
to perform a double-free. This can only happen when a state is not
handled. Note that the switch/case currently doesn't offer any option
for missed states since they're all declared. Better fix this anyway.
The fix was tested by commenting out some entries in the switch/case.
2015-09-25 21:16:03 +02:00
Willy Tarreau
c9e930accc BUG/MEDIUM: cli: properly handle closed output
Due to the code inherited from the early CLI mode with the non-interactive
code, the SHUTR status was only considered while waiting for a request,
which prevents the connection from properly being closed during a dump,
and the connection used to remain established. This issue didn't happen
in 1.5 because while this part was missed, the resynchronization performed
in process_session() would detect the situation and handle the cleanup.

No backport is needed.
2015-09-25 21:16:03 +02:00
Willy Tarreau
68c00c7185 BUG/MINOR: stats: do not call cli_release_handler 3 times
If an error happens during a dump on the CLI, an explicit call to
cli_release_handler() is performed. This is not needed anymore since
we introduced ->release() in the applet which is called upon error.
Let's remove this confusing call which can even be risky in some
situations.
2015-09-25 21:16:02 +02:00
Willy Tarreau
eca572fe7f BUG/MEDIUM: applet: fix reporting of broken write situation
If an applet tries to write to a closed connection, it hangs forever.
This results in some "get map" commands on the CLI to leave orphaned
connections alive.

Now the applet wakeup function detects that the applet still wants to
write while the channel is closed for reads, which is the equivalent
to the common "broken pipe" situation. In this case, an error is
reported on the stream interface, just as it happens with connections
trying to perform a send() in a similar situation.

With this fix the stats socket is properly released.
2015-09-25 21:16:02 +02:00
Willy Tarreau
aa977ba205 MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb()
This function is a callback made only for calls from the applet handler.
Rename it to remove confusion. It's currently called from the Lua code
but that's not correct, we should call the notify and update functions
instead otherwise it will not enable the applet again.
2015-09-25 21:16:02 +02:00
Willy Tarreau
335520305c MEDIUM: stream-int: completely remove stream_int_update_embedded()
This one is not needed anymore as what it used to do is either
completely covered by the new stream_int_notify() function, or undesired
and inherited from the past as a side effect of introducing the
connections.

This update is theorically never called since it's assigned only when
nothing is connected to the stream interface. However a test has been
added to si_update() to stay safe if some foreign code decides to call
si_update() in unsafe situations.
2015-09-25 21:16:02 +02:00
Willy Tarreau
651e18292d MEDIUM: stream-int: use the same stream notification function for applets and conns
The code to report completion after a connection update or an applet update
was almost the same since applets stole it from the connection. But the
differences made them hard to maintain and prevented the creation of new
functions doing only one part of the work.

This patch replaces the common code from the si_conn_wake_cb() and
si_applet_wake_cb() with a single call to stream_int_notify() which only
notifies the stream (si+channels+task) from the outside.

No functional change was made beyond this.
2015-09-25 21:16:02 +02:00
Willy Tarreau
615f28bec1 MINOR: stream-int: implement the stream_int_notify() function
stream_int_notify() was taken from the common part between si_conn_wake_cb()
and si_applet_done(). It is designed to report activity to a stream from
outside its handler. It'll generally be used by lower layers to report I/O
completion but may also be used by remote streams if the buffer processing
is shared.
2015-09-25 21:16:02 +02:00
Willy Tarreau
ea3cc48d64 MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb
The condition to release the SI_FL_WAIT_ROOM flag was abnormally
complicated because it was inherited from 6 years ago before we used
to check for the buffer's emptiness. The CF_READ_PARTIAL flag had to be
removed, and the complex test was replaced with a simpler one checking
if *some* data were moved out or not.

The reason behind this change is to have a condition compatible with
both connections and applets, as applets currently don't work very
well in this area. Specifically, some optimizations on the applet
side cause them not to release the flag above until the buffer is
empty, which may prevent applets from taking together (eg: peers
over large haproxy buffers and small kernel buffers).
2015-09-25 18:07:16 +02:00
Willy Tarreau
388a2385a5 MINOR: stream-int: move the applet_pause call out of the stream updates
It's just to split the part dealing with the stream update and the part
dealing with the applet update in si_applet_done().
2015-09-25 18:07:16 +02:00
Willy Tarreau
cbc32601a6 MINOR: stream-int: export stream_int_update_*
Not only these functions were not static, but we'll also want to export
them.
2015-09-25 18:07:16 +02:00
Willy Tarreau
5d5b2fecac MEDIUM: stream-int: call stream_int_update() from si_update()
Now the call to stream_int_update() is moved to si_update(), which
is exclusively called from the stream, so that the socket layer may
be updated without updating the stream layer. This will later permit
to call it individually from other places (other tasks or applets for
example).
2015-09-25 18:07:16 +02:00
Willy Tarreau
452c7d5d93 MEDIUM: stream-int: factor out the stream update functions
Now that we have a generic stream_int_update() function, we can
replace the equivalent part in stream_int_update_conn() and
stream_int_update_applet() to avoid code duplication.

There is no functional change, as the code is the same but split
in two functions for each call.
2015-09-25 18:07:16 +02:00
Willy Tarreau
25f1310f33 MINOR: stream-int: implement a new stream_int_update() function
This function is designed to be called from within the stream handler to
update the channels' expiration timers and the stream interface's flags
based on the channels' flags. It needs to be called only once after the
channels' flags have settled down, and before they are cleared, though it
doesn't harm to call it as often as desired (it just slightly hurts
performance). It must not be called from outside of the stream handler,
as what it does will be used to compute the stream task's expiration.

The code was taken directly from stream_int_update_applet() and
stream_int_update_conn() which had exactly the same one except for
applet-specific or connection-specific status update.
2015-09-25 18:07:16 +02:00
Willy Tarreau
2f4e702031 MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts
The purpose is to separate the connection-specific parts so that the
stream-int specific one can be factored out. There's no functional
change here, only code displacement.
2015-09-25 18:07:16 +02:00
Willy Tarreau
9994238adc BUG/MAJOR: applet: use a separate run queue to maintain list integrity
If an applet wakes up and causes the next one to sleep, the active list
is corrupted and cannot be scanned anymore, as the process then loops
over the next element.

In order to avoid this problem, we move the active applet list to a run
queue and reinit the active list. Only the first element of this queue
is checked, and if the element is not removed, it is removed and requeued
into the active list.

Since we're using a distinct list, if an applet wants to requeue another
applet into the active list, it properly gets added to the active list
and not to the run queue.

This stops the infinite loop issue that could be caused with Lua applets,
and in any future configuration where two applets could be attached
together.
2015-09-25 18:07:16 +02:00
Willy Tarreau
64bca9d36a MINOR: applet: rename applet_runq to applet_active_queue
This is not a real run queue and we're facing ugly bugs because
if this : if a an applet removes another applet from the queue,
typically the next one after itself, the list iterator loops
forever because the list's backup pointer is not valid anymore.
Before creating a run queue, let's rename this list.
2015-09-25 18:02:44 +02:00
Willy Tarreau
9bb49f6906 BUG/MEDIUM: acl: always accept match "found"
The pattern match "found" fails to parse on binary type samples. The
reason is that it presents itself as an integer type which bin cannot
be cast into. We must always accept this match since it validates
anything on input regardless of the type. Let's just relax the parser
to accept it.

This problem might also exist in 1.5.
(cherry picked from commit 91cc2368a73198bddc3e140d267cce4ee08cf20e)
2015-09-24 16:38:48 +02:00
Willy Tarreau
d7bdcb874b BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers
Due to a check between offset+len and buf->size, an empty buffer returns
"will never match". Check against tune.bufsize instead.
(cherry picked from commit 43e4039fd5d208fd9d32157d20de93d3ddf9bc0d)
2015-09-24 16:38:48 +02:00
Willy Tarreau
c4b56e4470 MINOR: stream-int: use si_release_endpoint() to close idle conns
We don't want to open-code the connection close code in
si_idle_conn_wake_cb() because we need to centralize some controls.
2015-09-24 11:57:34 +02:00
Thierry FOURNIER
8255a75e08 MINOR: lua: change actions registration
The current Lua action are not registered. The executed function is
selected according with a function name writed in the HAProxy configuration.

This patch add an action registration function. The configuration mode
described above disappear.

This change make some incompatibilities with existing configuration files for
HAProxy 1.6-dev.
2015-09-23 21:44:23 +02:00
Thierry FOURNIER
85c6c97830 MINOR: action: add reference to the original keywork matched for the called parser.
This is usefull because the keyword can contains some condifiguration
data set while the keyword registration.
2015-09-23 21:44:23 +02:00
Thierry FOURNIER
7ea160cb5f MINOR: action: add private configuration
This private configuration pointer is used for storing some configuration
data associated the keyword, So many keywords can use the same parse
function, and this one can use a discriminator.
2015-09-23 21:44:23 +02:00
Willy Tarreau
2c1068cb67 BUG/MEDIUM: stream: do not dereference strm_li(stream)
Some streams do not have a listener (eg: Lua's cosockets) so
let's check for this. For now this problem cannot happen but
it's definitely unsafe.
2015-09-23 13:42:08 +02:00
Willy Tarreau
b746329dc3 BUG/MEDIUM: proxy: do not dereference strm_li(stream)
Some streams do not have a listener (eg: Lua's cosockets) so
let's check for this. For now this problem cannot happen but
it's definitely unsafe.
2015-09-23 13:42:08 +02:00
Willy Tarreau
c29d0cda4b BUG/MEDIUM: http: do not dereference strm_li(stream)
Some streams do not have a listener (eg: Lua's cosockets) so
let's check for this. For now this problem cannot happen but
it's definitely unsafe.
2015-09-23 13:42:08 +02:00
Willy Tarreau
f1e0212d54 BUG/MAJOR: cli: do not dereference strm_li()->proto->name
Or it will crash when dumping streams instanciated by an applet,
like Lua's cosockets.
2015-09-23 13:42:08 +02:00