/* * Stream management functions. * * Copyright 2000-2012 Willy Tarreau * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include DECLARE_POOL(pool_head_stream, "stream", sizeof(struct stream)); DECLARE_POOL(pool_head_uniqueid, "uniqueid", UNIQUEID_LEN); /* incremented by each "show sess" to fix a delimiter between streams */ unsigned stream_epoch = 0; /* List of all use-service keywords. */ static struct list service_keywords = LIST_HEAD_INIT(service_keywords); /* trace source and events */ static void strm_trace(enum trace_level level, uint64_t mask, const struct trace_source *src, const struct ist where, const struct ist func, const void *a1, const void *a2, const void *a3, const void *a4); /* The event representation is split like this : * strm - stream * sc - stream connector * http - http analyzis * tcp - tcp analyzis * * STRM_EV_* macros are defined in */ static const struct trace_event strm_trace_events[] = { { .mask = STRM_EV_STRM_NEW, .name = "strm_new", .desc = "new stream" }, { .mask = STRM_EV_STRM_FREE, .name = "strm_free", .desc = "release stream" }, { .mask = STRM_EV_STRM_ERR, .name = "strm_err", .desc = "error during stream processing" }, { .mask = STRM_EV_STRM_ANA, .name = "strm_ana", .desc = "stream analyzers" }, { .mask = STRM_EV_STRM_PROC, .name = "strm_proc", .desc = "stream processing" }, { .mask = STRM_EV_CS_ST, .name = "sc_state", .desc = "processing connector states" }, { .mask = STRM_EV_HTTP_ANA, .name = "http_ana", .desc = "HTTP analyzers" }, { .mask = STRM_EV_HTTP_ERR, .name = "http_err", .desc = "error during HTTP analyzis" }, { .mask = STRM_EV_TCP_ANA, .name = "tcp_ana", .desc = "TCP analyzers" }, { .mask = STRM_EV_TCP_ERR, .name = "tcp_err", .desc = "error during TCP analyzis" }, { .mask = STRM_EV_FLT_ANA, .name = "flt_ana", .desc = "Filter analyzers" }, { .mask = STRM_EV_FLT_ERR, .name = "flt_err", .desc = "error during filter analyzis" }, {} }; static const struct name_desc strm_trace_lockon_args[4] = { /* arg1 */ { /* already used by the stream */ }, /* arg2 */ { }, /* arg3 */ { }, /* arg4 */ { } }; static const struct name_desc strm_trace_decoding[] = { #define STRM_VERB_CLEAN 1 { .name="clean", .desc="only user-friendly stuff, generally suitable for level \"user\"" }, #define STRM_VERB_MINIMAL 2 { .name="minimal", .desc="report info on streams and connectors" }, #define STRM_VERB_SIMPLE 3 { .name="simple", .desc="add info on request and response channels" }, #define STRM_VERB_ADVANCED 4 { .name="advanced", .desc="add info on channel's buffer for data and developer levels only" }, #define STRM_VERB_COMPLETE 5 { .name="complete", .desc="add info on channel's buffer" }, { /* end */ } }; struct trace_source trace_strm = { .name = IST("stream"), .desc = "Applicative stream", .arg_def = TRC_ARG1_STRM, // TRACE()'s first argument is always a stream .default_cb = strm_trace, .known_events = strm_trace_events, .lockon_args = strm_trace_lockon_args, .decoding = strm_trace_decoding, .report_events = ~0, // report everything by default }; #define TRACE_SOURCE &trace_strm INITCALL1(STG_REGISTER, trace_register_source, TRACE_SOURCE); /* the stream traces always expect that arg1, if non-null, is of a stream (from * which we can derive everything), that arg2, if non-null, is an http * transaction, that arg3, if non-null, is an http message. */ static void strm_trace(enum trace_level level, uint64_t mask, const struct trace_source *src, const struct ist where, const struct ist func, const void *a1, const void *a2, const void *a3, const void *a4) { const struct stream *s = a1; const struct http_txn *txn = a2; const struct http_msg *msg = a3; struct task *task; const struct channel *req, *res; struct htx *htx; if (!s || src->verbosity < STRM_VERB_CLEAN) return; task = s->task; req = &s->req; res = &s->res; htx = (msg ? htxbuf(&msg->chn->buf) : NULL); /* General info about the stream (htx/tcp, id...) */ chunk_appendf(&trace_buf, " : [%u,%s]", s->uniq_id, ((s->flags & SF_HTX) ? "HTX" : "TCP")); if (isttest(s->unique_id)) { chunk_appendf(&trace_buf, " id="); b_putist(&trace_buf, s->unique_id); } /* Front and back stream connector state */ chunk_appendf(&trace_buf, " SC=(%s,%s)", sc_state_str(s->scf->state), sc_state_str(s->scb->state)); /* If txn is defined, HTTP req/rep states */ if (txn) chunk_appendf(&trace_buf, " HTTP=(%s,%s)", h1_msg_state_str(txn->req.msg_state), h1_msg_state_str(txn->rsp.msg_state)); if (msg) chunk_appendf(&trace_buf, " %s", ((msg->chn->flags & CF_ISRESP) ? "RESPONSE" : "REQUEST")); if (src->verbosity == STRM_VERB_CLEAN) return; /* If msg defined, display status-line if possible (verbosity > MINIMAL) */ if (src->verbosity > STRM_VERB_MINIMAL && htx && htx_nbblks(htx)) { const struct htx_blk *blk = __htx_get_head_blk(htx); const struct htx_sl *sl = htx_get_blk_ptr(htx, blk); enum htx_blk_type type = htx_get_blk_type(blk); if (type == HTX_BLK_REQ_SL || type == HTX_BLK_RES_SL) chunk_appendf(&trace_buf, " - \"%.*s %.*s %.*s\"", HTX_SL_P1_LEN(sl), HTX_SL_P1_PTR(sl), HTX_SL_P2_LEN(sl), HTX_SL_P2_PTR(sl), HTX_SL_P3_LEN(sl), HTX_SL_P3_PTR(sl)); } /* If txn defined info about HTTP msgs, otherwise info about SI. */ if (txn) { chunk_appendf(&trace_buf, " - t=%p s=(%p,0x%08x,0x%x) txn.flags=0x%08x, http.flags=(0x%08x,0x%08x) status=%d", task, s, s->flags, s->conn_err_type, txn->flags, txn->req.flags, txn->rsp.flags, txn->status); } else { chunk_appendf(&trace_buf, " - t=%p s=(%p,0x%08x,0x%x) scf=(%p,%d,0x%08x) scb=(%p,%d,0x%08x) retries=%d", task, s, s->flags, s->conn_err_type, s->scf, s->scf->state, s->scf->flags, s->scb, s->scb->state, s->scb->flags, s->conn_retries); } if (src->verbosity == STRM_VERB_MINIMAL) return; /* If txn defined, don't display all channel info */ if (src->verbosity == STRM_VERB_SIMPLE || txn) { chunk_appendf(&trace_buf, " req=(%p .fl=0x%08x .exp(r,w,a)=(%u,%u,%u))", req, req->flags, req->rex, req->wex, req->analyse_exp); chunk_appendf(&trace_buf, " res=(%p .fl=0x%08x .exp(r,w,a)=(%u,%u,%u))", res, res->flags, res->rex, res->wex, res->analyse_exp); } else { chunk_appendf(&trace_buf, " req=(%p .fl=0x%08x .ana=0x%08x .exp(r,w,a)=(%u,%u,%u) .o=%lu .tot=%llu .to_fwd=%u)", req, req->flags, req->analysers, req->rex, req->wex, req->analyse_exp, (long)req->output, req->total, req->to_forward); chunk_appendf(&trace_buf, " res=(%p .fl=0x%08x .ana=0x%08x .exp(r,w,a)=(%u,%u,%u) .o=%lu .tot=%llu .to_fwd=%u)", res, res->flags, res->analysers, res->rex, res->wex, res->analyse_exp, (long)res->output, res->total, res->to_forward); } if (src->verbosity == STRM_VERB_SIMPLE || (src->verbosity == STRM_VERB_ADVANCED && src->level < TRACE_LEVEL_DATA)) return; /* channels' buffer info */ if (s->flags & SF_HTX) { struct htx *rqhtx = htxbuf(&req->buf); struct htx *rphtx = htxbuf(&res->buf); chunk_appendf(&trace_buf, " htx=(%u/%u#%u, %u/%u#%u)", rqhtx->data, rqhtx->size, htx_nbblks(rqhtx), rphtx->data, rphtx->size, htx_nbblks(rphtx)); } else { chunk_appendf(&trace_buf, " buf=(%u@%p+%u/%u, %u@%p+%u/%u)", (unsigned int)b_data(&req->buf), b_orig(&req->buf), (unsigned int)b_head_ofs(&req->buf), (unsigned int)b_size(&req->buf), (unsigned int)b_data(&res->buf), b_orig(&res->buf), (unsigned int)b_head_ofs(&res->buf), (unsigned int)b_size(&res->buf)); } /* If msg defined, display htx info if defined (level > USER) */ if (src->level > TRACE_LEVEL_USER && htx && htx_nbblks(htx)) { int full = 0; /* Full htx info (level > STATE && verbosity > SIMPLE) */ if (src->level > TRACE_LEVEL_STATE) { if (src->verbosity == STRM_VERB_COMPLETE) full = 1; } chunk_memcat(&trace_buf, "\n\t", 2); htx_dump(&trace_buf, htx, full); } } /* Upgrade an existing stream for stream connector . Return < 0 on error. This * is only valid right after a TCP to H1 upgrade. The stream should be * "reativated" by removing SF_IGNORE flag. And the right mode must be set. On * success, buffer is transferred to the stream and thus points to * BUF_NULL. On error, it is unchanged and it is the caller responsibility to * release it (this never happens for now). */ int stream_upgrade_from_sc(struct stconn *sc, struct buffer *input) { struct stream *s = __sc_strm(sc); const struct mux_ops *mux = sc_mux_ops(sc); if (mux) { if (mux->flags & MX_FL_HTX) s->flags |= SF_HTX; } if (!b_is_null(input)) { /* Xfer the input buffer to the request channel. will * than point to BUF_NULL. From this point, it is the stream * responsibility to release it. */ s->req.buf = *input; *input = BUF_NULL; s->req.total = (IS_HTX_STRM(s) ? htxbuf(&s->req.buf)->data : b_data(&s->req.buf)); s->req.flags |= (s->req.total ? CF_READ_PARTIAL : 0); } s->flags &= ~SF_IGNORE; task_wakeup(s->task, TASK_WOKEN_INIT); return 0; } /* Callback used to wake up a stream when an input buffer is available. The * stream 's stream connectors are checked for a failed buffer allocation * as indicated by the presence of the SC_FL_NEED_BUFF flag and the lack of a * buffer, and and input buffer is assigned there (at most one). The function * returns 1 and wakes the stream up if a buffer was taken, otherwise zero. * It's designed to be called from __offer_buffer(). */ int stream_buf_available(void *arg) { struct stream *s = arg; if (!s->req.buf.size && !s->req.pipe && s->scf->flags & SC_FL_NEED_BUFF && b_alloc(&s->req.buf)) sc_have_buff(s->scf); else if (!s->res.buf.size && !s->res.pipe && s->scb->flags & SC_FL_NEED_BUFF && b_alloc(&s->res.buf)) sc_have_buff(s->scb); else return 0; task_wakeup(s->task, TASK_WOKEN_RES); return 1; } /* This function is called from the session handler which detects the end of * handshake, in order to complete initialization of a valid stream. It must be * called with a completely initialized session. It returns the pointer to * the newly created stream, or NULL in case of fatal error. The client-facing * end point is assigned to , which must be valid. The stream's task * is configured with a nice value inherited from the listener's nice if any. * The task's context is set to the new stream, and its function is set to * process_stream(). Target and analysers are null. is used as input * buffer for the request channel and may contain data. On success, it is * transfer to the stream and is set to BUF_NULL. On error, * buffer is unchanged and it is the caller responsibility to release it. */ struct stream *stream_new(struct session *sess, struct stconn *sc, struct buffer *input) { struct stream *s; struct task *t; DBG_TRACE_ENTER(STRM_EV_STRM_NEW); if (unlikely((s = pool_alloc(pool_head_stream)) == NULL)) goto out_fail_alloc; /* minimum stream initialization required for an embryonic stream is * fairly low. We need very little to execute L4 ACLs, then we need a * task to make the client-side connection live on its own. * - flags * - stick-entry tracking */ s->flags = 0; s->logs.logwait = sess->fe->to_log; s->logs.level = 0; tv_zero(&s->logs.tv_request); s->logs.t_queue = -1; s->logs.t_connect = -1; s->logs.t_data = -1; s->logs.t_close = 0; s->logs.bytes_in = s->logs.bytes_out = 0; s->logs.prx_queue_pos = 0; /* we get the number of pending conns before us */ s->logs.srv_queue_pos = 0; /* we will get this number soon */ s->obj_type = OBJ_TYPE_STREAM; s->logs.accept_date = sess->accept_date; s->logs.tv_accept = sess->tv_accept; s->logs.t_handshake = sess->t_handshake; s->logs.t_idle = sess->t_idle; /* default logging function */ s->do_log = strm_log; /* default error reporting function, may be changed by analysers */ s->srv_error = default_srv_error; /* Initialise the current rule list pointer to NULL. We are sure that * any rulelist match the NULL pointer. */ s->current_rule_list = NULL; s->current_rule = NULL; s->rules_exp = TICK_ETERNITY; s->last_rule_file = NULL; s->last_rule_line = 0; /* Copy SC counters for the stream. We don't touch refcounts because * any reference we have is inherited from the session. Since the stream * doesn't exist without the session, the session's existence guarantees * we don't lose the entry. During the store operation, the stream won't * touch these ones. */ memcpy(s->stkctr, sess->stkctr, sizeof(s->stkctr)); s->sess = sess; s->stream_epoch = _HA_ATOMIC_LOAD(&stream_epoch); s->uniq_id = _HA_ATOMIC_FETCH_ADD(&global.req_count, 1); /* OK, we're keeping the stream, so let's properly initialize the stream */ LIST_INIT(&s->back_refs); LIST_INIT(&s->buffer_wait.list); s->buffer_wait.target = s; s->buffer_wait.wakeup_cb = stream_buf_available; s->call_rate.curr_tick = s->call_rate.curr_ctr = s->call_rate.prev_ctr = 0; s->pcli_next_pid = 0; s->pcli_flags = 0; s->unique_id = IST_NULL; if ((t = task_new_here()) == NULL) goto out_fail_alloc; s->task = t; s->pending_events = 0; s->conn_retries = 0; s->conn_exp = TICK_ETERNITY; s->conn_err_type = STRM_ET_NONE; s->prev_conn_state = SC_ST_INI; t->process = process_stream; t->context = s; t->expire = TICK_ETERNITY; if (sess->listener) t->nice = sess->listener->nice; /* Note: initially, the stream's backend points to the frontend. * This changes later when switching rules are executed or * when the default backend is assigned. */ s->be = sess->fe; s->req_cap = NULL; s->res_cap = NULL; /* Initialize all the variables contexts even if not used. * This permits to prune these contexts without errors. * * We need to make sure that those lists are not re-initialized * by stream-dependant underlying code because we could lose * track of already defined variables, leading to data inconsistency * and memory leaks... * * For reference: we had a very old bug caused by vars_txn and * vars_reqres being accidentally re-initialized in http_create_txn() * (https://github.com/haproxy/haproxy/issues/1935) */ vars_init_head(&s->vars_txn, SCOPE_TXN); vars_init_head(&s->vars_reqres, SCOPE_REQ); /* Set SF_HTX flag for HTTP frontends. */ if (sess->fe->mode == PR_MODE_HTTP) s->flags |= SF_HTX; s->scf = sc; if (sc_attach_strm(s->scf, s) < 0) goto out_fail_attach_scf; s->scb = sc_new_from_strm(s, SC_FL_ISBACK); if (!s->scb) goto out_fail_alloc_scb; sc_set_state(s->scf, SC_ST_EST); s->scf->hcto = sess->fe->timeout.clientfin; if (likely(sess->fe->options2 & PR_O2_INDEPSTR)) s->scf->flags |= SC_FL_INDEP_STR; s->scb->hcto = TICK_ETERNITY; if (likely(sess->fe->options2 & PR_O2_INDEPSTR)) s->scb->flags |= SC_FL_INDEP_STR; if (sc_ep_test(sc, SE_FL_WEBSOCKET)) s->flags |= SF_WEBSOCKET; if (sc_conn(sc)) { const struct mux_ops *mux = sc_mux_ops(sc); if (mux && mux->flags & MX_FL_HTX) s->flags |= SF_HTX; } stream_init_srv_conn(s); s->target = sess->listener ? sess->listener->default_target : NULL; s->pend_pos = NULL; s->priority_class = 0; s->priority_offset = 0; /* init store persistence */ s->store_count = 0; channel_init(&s->req); s->req.flags |= CF_READ_ATTACHED; /* the producer is already connected */ s->req.analysers = sess->listener ? sess->listener->analysers : sess->fe->fe_req_ana; if (IS_HTX_STRM(s)) { /* Be sure to have HTTP analysers because in case of * "destructive" stream upgrade, they may be missing (e.g * TCP>H2) */ s->req.analysers |= AN_REQ_WAIT_HTTP|AN_REQ_HTTP_PROCESS_FE; } if (!sess->fe->fe_req_ana) { channel_auto_connect(&s->req); /* don't wait to establish connection */ channel_auto_close(&s->req); /* let the producer forward close requests */ } s->req.rto = sess->fe->timeout.client; s->req.wto = TICK_ETERNITY; s->req.rex = TICK_ETERNITY; s->req.wex = TICK_ETERNITY; s->req.analyse_exp = TICK_ETERNITY; channel_init(&s->res); s->res.flags |= CF_ISRESP; s->res.analysers = 0; if (sess->fe->options2 & PR_O2_NODELAY) { s->req.flags |= CF_NEVER_WAIT; s->res.flags |= CF_NEVER_WAIT; } s->res.wto = sess->fe->timeout.client; s->res.rto = TICK_ETERNITY; s->res.rex = TICK_ETERNITY; s->res.wex = TICK_ETERNITY; s->res.analyse_exp = TICK_ETERNITY; s->txn = NULL; s->hlua = NULL; s->resolv_ctx.requester = NULL; s->resolv_ctx.hostname_dn = NULL; s->resolv_ctx.hostname_dn_len = 0; s->resolv_ctx.parent = NULL; s->tunnel_timeout = TICK_ETERNITY; LIST_APPEND(&th_ctx->streams, &s->list); if (flt_stream_init(s) < 0 || flt_stream_start(s) < 0) goto out_fail_accept; /* just in case the caller would have pre-disabled it */ se_will_consume(s->scf->sedesc); if (sess->fe->accept && sess->fe->accept(s) < 0) goto out_fail_accept; if (!b_is_null(input)) { /* Xfer the input buffer to the request channel. will * than point to BUF_NULL. From this point, it is the stream * responsibility to release it. */ s->req.buf = *input; *input = BUF_NULL; s->req.total = (IS_HTX_STRM(s) ? htxbuf(&s->req.buf)->data : b_data(&s->req.buf)); s->req.flags |= (s->req.total ? CF_READ_PARTIAL : 0); } /* it is important not to call the wakeup function directly but to * pass through task_wakeup(), because this one knows how to apply * priorities to tasks. Using multi thread we must be sure that * stream is fully initialized before calling task_wakeup. So * the caller must handle the task_wakeup */ DBG_TRACE_LEAVE(STRM_EV_STRM_NEW, s); task_wakeup(s->task, TASK_WOKEN_INIT); return s; /* Error unrolling */ out_fail_accept: flt_stream_release(s, 0); LIST_DELETE(&s->list); sc_free(s->scb); out_fail_alloc_scb: out_fail_attach_scf: task_destroy(t); out_fail_alloc: pool_free(pool_head_stream, s); DBG_TRACE_DEVEL("leaving on error", STRM_EV_STRM_NEW|STRM_EV_STRM_ERR); return NULL; } /* * frees the context associated to a stream. It must have been removed first. */ void stream_free(struct stream *s) { struct session *sess = strm_sess(s); struct proxy *fe = sess->fe; struct bref *bref, *back; int i; DBG_TRACE_POINT(STRM_EV_STRM_FREE, s); /* detach the stream from its own task before even releasing it so * that walking over a task list never exhibits a dying stream. */ s->task->context = NULL; __ha_barrier_store(); pendconn_free(s); if (objt_server(s->target)) { /* there may be requests left pending in queue */ if (s->flags & SF_CURR_SESS) { s->flags &= ~SF_CURR_SESS; _HA_ATOMIC_DEC(&__objt_server(s->target)->cur_sess); } if (may_dequeue_tasks(__objt_server(s->target), s->be)) process_srv_queue(__objt_server(s->target)); } if (unlikely(s->srv_conn)) { /* the stream still has a reserved slot on a server, but * it should normally be only the same as the one above, * so this should not happen in fact. */ sess_change_server(s, NULL); } if (s->req.pipe) put_pipe(s->req.pipe); if (s->res.pipe) put_pipe(s->res.pipe); /* We may still be present in the buffer wait queue */ if (LIST_INLIST(&s->buffer_wait.list)) LIST_DEL_INIT(&s->buffer_wait.list); if (s->req.buf.size || s->res.buf.size) { int count = !!s->req.buf.size + !!s->res.buf.size; b_free(&s->req.buf); b_free(&s->res.buf); offer_buffers(NULL, count); } pool_free(pool_head_uniqueid, s->unique_id.ptr); s->unique_id = IST_NULL; flt_stream_stop(s); flt_stream_release(s, 0); hlua_ctx_destroy(s->hlua); s->hlua = NULL; if (s->txn) http_destroy_txn(s); /* ensure the client-side transport layer is destroyed */ /* Be sure it is useless !! */ /* if (cli_cs) */ /* cs_close(cli_cs); */ for (i = 0; i < s->store_count; i++) { if (!s->store[i].ts) continue; stksess_free(s->store[i].table, s->store[i].ts); s->store[i].ts = NULL; } if (s->resolv_ctx.requester) { __decl_thread(struct resolvers *resolvers = s->resolv_ctx.parent->arg.resolv.resolvers); HA_SPIN_LOCK(DNS_LOCK, &resolvers->lock); ha_free(&s->resolv_ctx.hostname_dn); s->resolv_ctx.hostname_dn_len = 0; resolv_unlink_resolution(s->resolv_ctx.requester); HA_SPIN_UNLOCK(DNS_LOCK, &resolvers->lock); pool_free(resolv_requester_pool, s->resolv_ctx.requester); s->resolv_ctx.requester = NULL; } if (fe) { if (s->req_cap) { struct cap_hdr *h; for (h = fe->req_cap; h; h = h->next) pool_free(h->pool, s->req_cap[h->index]); } if (s->res_cap) { struct cap_hdr *h; for (h = fe->rsp_cap; h; h = h->next) pool_free(h->pool, s->res_cap[h->index]); } pool_free(fe->rsp_cap_pool, s->res_cap); pool_free(fe->req_cap_pool, s->req_cap); } /* Cleanup all variable contexts. */ if (!LIST_ISEMPTY(&s->vars_txn.head)) vars_prune(&s->vars_txn, s->sess, s); if (!LIST_ISEMPTY(&s->vars_reqres.head)) vars_prune(&s->vars_reqres, s->sess, s); stream_store_counters(s); list_for_each_entry_safe(bref, back, &s->back_refs, users) { /* we have to unlink all watchers. We must not relink them if * this stream was the last one in the list. This is safe to do * here because we're touching our thread's list so we know * that other streams are not active, and the watchers will * only touch their node under thread isolation. */ LIST_DEL_INIT(&bref->users); if (s->list.n != &th_ctx->streams) LIST_APPEND(&LIST_ELEM(s->list.n, struct stream *, list)->back_refs, &bref->users); bref->ref = s->list.n; __ha_barrier_store(); } LIST_DELETE(&s->list); sc_destroy(s->scb); sc_destroy(s->scf); pool_free(pool_head_stream, s); /* We may want to free the maximum amount of pools if the proxy is stopping */ if (fe && unlikely(fe->flags & (PR_FL_DISABLED|PR_FL_STOPPED))) { pool_flush(pool_head_buffer); pool_flush(pool_head_http_txn); pool_flush(pool_head_requri); pool_flush(pool_head_capture); pool_flush(pool_head_stream); pool_flush(pool_head_session); pool_flush(pool_head_connection); pool_flush(pool_head_pendconn); pool_flush(fe->req_cap_pool); pool_flush(fe->rsp_cap_pool); } } /* Allocates a work buffer for stream . It is meant to be called inside * process_stream(). It will only allocate the side needed for the function * to work fine, which is the response buffer so that an error message may be * built and returned. Response buffers may be allocated from the reserve, this * is critical to ensure that a response may always flow and will never block a * server from releasing a connection. Returns 0 in case of failure, non-zero * otherwise. */ static int stream_alloc_work_buffer(struct stream *s) { if (b_alloc(&s->res.buf)) return 1; return 0; } /* releases unused buffers after processing. Typically used at the end of the * update() functions. It will try to wake up as many tasks/applets as the * number of buffers that it releases. In practice, most often streams are * blocked on a single buffer, so it makes sense to try to wake two up when two * buffers are released at once. */ void stream_release_buffers(struct stream *s) { int offer = 0; if (c_size(&s->req) && c_empty(&s->req)) { offer++; b_free(&s->req.buf); } if (c_size(&s->res) && c_empty(&s->res)) { offer++; b_free(&s->res.buf); } /* if we're certain to have at least 1 buffer available, and there is * someone waiting, we can wake up a waiter and offer them. */ if (offer) offer_buffers(s, offer); } void stream_process_counters(struct stream *s) { struct session *sess = s->sess; unsigned long long bytes; int i; bytes = s->req.total - s->logs.bytes_in; s->logs.bytes_in = s->req.total; if (bytes) { _HA_ATOMIC_ADD(&sess->fe->fe_counters.bytes_in, bytes); _HA_ATOMIC_ADD(&s->be->be_counters.bytes_in, bytes); if (objt_server(s->target)) _HA_ATOMIC_ADD(&__objt_server(s->target)->counters.bytes_in, bytes); if (sess->listener && sess->listener->counters) _HA_ATOMIC_ADD(&sess->listener->counters->bytes_in, bytes); for (i = 0; i < MAX_SESS_STKCTR; i++) { if (!stkctr_inc_bytes_in_ctr(&s->stkctr[i], bytes)) stkctr_inc_bytes_in_ctr(&sess->stkctr[i], bytes); } } bytes = s->res.total - s->logs.bytes_out; s->logs.bytes_out = s->res.total; if (bytes) { _HA_ATOMIC_ADD(&sess->fe->fe_counters.bytes_out, bytes); _HA_ATOMIC_ADD(&s->be->be_counters.bytes_out, bytes); if (objt_server(s->target)) _HA_ATOMIC_ADD(&__objt_server(s->target)->counters.bytes_out, bytes); if (sess->listener && sess->listener->counters) _HA_ATOMIC_ADD(&sess->listener->counters->bytes_out, bytes); for (i = 0; i < MAX_SESS_STKCTR; i++) { if (!stkctr_inc_bytes_out_ctr(&s->stkctr[i], bytes)) stkctr_inc_bytes_out_ctr(&sess->stkctr[i], bytes); } } } /* * Returns a message to the client ; the connection is shut down for read, * and the request is cleared so that no server connection can be initiated. * The buffer is marked for read shutdown on the other side to protect the * message, and the buffer write is enabled. The message is contained in a * "chunk". If it is null, then an empty message is used. The reply buffer does * not need to be empty before this, and its contents will not be overwritten. * The primary goal of this function is to return error messages to a client. */ void stream_retnclose(struct stream *s, const struct buffer *msg) { struct channel *ic = &s->req; struct channel *oc = &s->res; channel_auto_read(ic); channel_abort(ic); channel_auto_close(ic); channel_erase(ic); channel_truncate(oc); if (likely(msg && msg->data)) co_inject(oc, msg->area, msg->data); oc->wex = tick_add_ifset(now_ms, oc->wto); channel_auto_read(oc); channel_auto_close(oc); channel_shutr_now(oc); } int stream_set_timeout(struct stream *s, enum act_timeout_name name, int timeout) { switch (name) { case ACT_TIMEOUT_SERVER: s->req.wto = timeout; s->res.rto = timeout; return 1; case ACT_TIMEOUT_TUNNEL: s->tunnel_timeout = timeout; return 1; default: return 0; } } /* * This function handles the transition between the SC_ST_CON state and the * SC_ST_EST state. It must only be called after switching from SC_ST_CON (or * SC_ST_INI or SC_ST_RDY) to SC_ST_EST, but only when a ->proto is defined. * Note that it will switch the interface to SC_ST_DIS if we already have * the CF_SHUTR flag, it means we were able to forward the request, and * receive the response, before process_stream() had the opportunity to * make the switch from SC_ST_CON to SC_ST_EST. When that happens, we want * to go through back_establish() anyway, to make sure the analysers run. * Timeouts are cleared. Error are reported on the channel so that analysers * can handle them. */ static void back_establish(struct stream *s) { struct connection *conn = sc_conn(s->scb); struct channel *req = &s->req; struct channel *rep = &s->res; DBG_TRACE_ENTER(STRM_EV_STRM_PROC|STRM_EV_CS_ST, s); /* First, centralize the timers information, and clear any irrelevant * timeout. */ s->logs.t_connect = tv_ms_elapsed(&s->logs.tv_accept, &now); s->conn_exp = TICK_ETERNITY; s->flags &= ~SF_CONN_EXP; /* errors faced after sending data need to be reported */ if (sc_ep_test(s->scb, SE_FL_ERROR) && req->flags & CF_WROTE_DATA) { /* Don't add CF_WRITE_ERROR if we're here because * early data were rejected by the server, or * http_wait_for_response() will never be called * to send a 425. */ if (conn && conn->err_code != CO_ER_SSL_EARLY_FAILED) req->flags |= CF_WRITE_ERROR; rep->flags |= CF_READ_ERROR; s->conn_err_type = STRM_ET_DATA_ERR; DBG_TRACE_STATE("read/write error", STRM_EV_STRM_PROC|STRM_EV_CS_ST|STRM_EV_STRM_ERR, s); } if (objt_server(s->target)) health_adjust(__objt_server(s->target), HANA_STATUS_L4_OK); if (!IS_HTX_STRM(s)) { /* let's allow immediate data connection in this case */ /* if the user wants to log as soon as possible, without counting * bytes from the server, then this is the right moment. */ if (!LIST_ISEMPTY(&strm_fe(s)->logformat) && !(s->logs.logwait & LW_BYTES)) { /* note: no pend_pos here, session is established */ s->logs.t_close = s->logs.t_connect; /* to get a valid end date */ s->do_log(s); } } else { rep->flags |= CF_READ_DONTWAIT; /* a single read is enough to get response headers */ } rep->analysers |= strm_fe(s)->fe_rsp_ana | s->be->be_rsp_ana; se_have_more_data(s->scb->sedesc); rep->flags |= CF_READ_ATTACHED; /* producer is now attached */ if (conn) { /* real connections have timeouts * if already defined, it means that a set-timeout rule has * been executed so do not overwrite them */ if (!tick_isset(req->wto)) req->wto = s->be->timeout.server; if (!tick_isset(rep->rto)) rep->rto = s->be->timeout.server; if (!tick_isset(s->tunnel_timeout)) s->tunnel_timeout = s->be->timeout.tunnel; /* The connection is now established, try to read data from the * underlying layer, and subscribe to recv events. We use a * delayed recv here to give a chance to the data to flow back * by the time we process other tasks. */ sc_chk_rcv(s->scb); } req->wex = TICK_ETERNITY; /* If we managed to get the whole response, and we don't have anything * left to send, or can't, switch to SC_ST_DIS now. */ if (rep->flags & (CF_SHUTR | CF_SHUTW)) { s->scb->state = SC_ST_DIS; DBG_TRACE_STATE("response channel shutdwn for read/write", STRM_EV_STRM_PROC|STRM_EV_CS_ST|STRM_EV_STRM_ERR, s); } DBG_TRACE_LEAVE(STRM_EV_STRM_PROC|STRM_EV_CS_ST, s); } /* Set correct stream termination flags in case no analyser has done it. It * also counts a failed request if the server state has not reached the request * stage. */ static void sess_set_term_flags(struct stream *s) { if (!(s->flags & SF_FINST_MASK)) { if (s->scb->state == SC_ST_INI) { /* anything before REQ in fact */ _HA_ATOMIC_INC(&strm_fe(s)->fe_counters.failed_req); if (strm_li(s) && strm_li(s)->counters) _HA_ATOMIC_INC(&strm_li(s)->counters->failed_req); s->flags |= SF_FINST_R; } else if (s->scb->state == SC_ST_QUE) s->flags |= SF_FINST_Q; else if (sc_state_in(s->scb->state, SC_SB_REQ|SC_SB_TAR|SC_SB_ASS|SC_SB_CON|SC_SB_CER|SC_SB_RDY)) s->flags |= SF_FINST_C; else if (s->scb->state == SC_ST_EST || s->prev_conn_state == SC_ST_EST) s->flags |= SF_FINST_D; else s->flags |= SF_FINST_L; } } /* This function parses the use-service action ruleset. It executes * the associated ACL and set an applet as a stream or txn final node. * it returns ACT_RET_ERR if an error occurs, the proxy left in * consistent state. It returns ACT_RET_STOP in success case because * use-service must be a terminal action. Returns ACT_RET_YIELD * if the initialisation function require more data. */ enum act_return process_use_service(struct act_rule *rule, struct proxy *px, struct session *sess, struct stream *s, int flags) { struct appctx *appctx; /* Initialises the applet if it is required. */ if (flags & ACT_OPT_FIRST) { /* Register applet. this function schedules the applet. */ s->target = &rule->applet.obj_type; appctx = sc_applet_create(s->scb, objt_applet(s->target)); if (unlikely(!appctx)) return ACT_RET_ERR; /* Finish initialisation of the context. */ appctx->rule = rule; if (appctx_init(appctx) == -1) return ACT_RET_ERR; } else appctx = __sc_appctx(s->scb); if (rule->from != ACT_F_HTTP_REQ) { if (sess->fe == s->be) /* report it if the request was intercepted by the frontend */ _HA_ATOMIC_INC(&sess->fe->fe_counters.intercepted_req); /* The flag SF_ASSIGNED prevent from server assignment. */ s->flags |= SF_ASSIGNED; } /* Now we can schedule the applet. */ applet_need_more_data(appctx); appctx_wakeup(appctx); return ACT_RET_STOP; } /* This stream analyser checks the switching rules and changes the backend * if appropriate. The default_backend rule is also considered, then the * target backend's forced persistence rules are also evaluated last if any. * It returns 1 if the processing can continue on next analysers, or zero if it * either needs more data or wants to immediately abort the request. */ static int process_switching_rules(struct stream *s, struct channel *req, int an_bit) { struct persist_rule *prst_rule; struct session *sess = s->sess; struct proxy *fe = sess->fe; req->analysers &= ~an_bit; req->analyse_exp = TICK_ETERNITY; DBG_TRACE_ENTER(STRM_EV_STRM_ANA, s); /* now check whether we have some switching rules for this request */ if (!(s->flags & SF_BE_ASSIGNED)) { struct switching_rule *rule; list_for_each_entry(rule, &fe->switching_rules, list) { int ret = 1; if (rule->cond) { ret = acl_exec_cond(rule->cond, fe, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; } if (ret) { /* If the backend name is dynamic, try to resolve the name. * If we can't resolve the name, or if any error occurs, break * the loop and fallback to the default backend. */ struct proxy *backend = NULL; if (rule->dynamic) { struct buffer *tmp; tmp = alloc_trash_chunk(); if (!tmp) goto sw_failed; if (build_logline(s, tmp->area, tmp->size, &rule->be.expr)) backend = proxy_be_by_name(tmp->area); free_trash_chunk(tmp); tmp = NULL; if (!backend) break; } else backend = rule->be.backend; if (!stream_set_backend(s, backend)) goto sw_failed; break; } } /* To ensure correct connection accounting on the backend, we * have to assign one if it was not set (eg: a listen). This * measure also takes care of correctly setting the default * backend if any. Don't do anything if an upgrade is already in * progress. */ if (!(s->flags & (SF_BE_ASSIGNED|SF_IGNORE))) if (!stream_set_backend(s, fe->defbe.be ? fe->defbe.be : s->be)) goto sw_failed; /* No backend assigned but no error reported. It happens when a * TCP stream is upgraded to HTTP/2. */ if ((s->flags & (SF_BE_ASSIGNED|SF_IGNORE)) == SF_IGNORE) { DBG_TRACE_DEVEL("leaving with no backend because of a destructive upgrade", STRM_EV_STRM_ANA, s); return 0; } } /* we don't want to run the TCP or HTTP filters again if the backend has not changed */ if (fe == s->be) { s->req.analysers &= ~AN_REQ_INSPECT_BE; s->req.analysers &= ~AN_REQ_HTTP_PROCESS_BE; s->req.analysers &= ~AN_REQ_FLT_START_BE; } /* as soon as we know the backend, we must check if we have a matching forced or ignored * persistence rule, and report that in the stream. */ list_for_each_entry(prst_rule, &s->be->persist_rules, list) { int ret = 1; if (prst_rule->cond) { ret = acl_exec_cond(prst_rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (prst_rule->cond->pol == ACL_COND_UNLESS) ret = !ret; } if (ret) { /* no rule, or the rule matches */ if (prst_rule->type == PERSIST_TYPE_FORCE) { s->flags |= SF_FORCE_PRST; } else { s->flags |= SF_IGNORE_PRST; } break; } } DBG_TRACE_LEAVE(STRM_EV_STRM_ANA, s); return 1; sw_failed: /* immediately abort this request in case of allocation failure */ channel_abort(&s->req); channel_abort(&s->res); if (!(s->flags & SF_ERR_MASK)) s->flags |= SF_ERR_RESOURCE; if (!(s->flags & SF_FINST_MASK)) s->flags |= SF_FINST_R; if (s->txn) s->txn->status = 500; s->req.analysers &= AN_REQ_FLT_END; s->req.analyse_exp = TICK_ETERNITY; DBG_TRACE_DEVEL("leaving on error", STRM_EV_STRM_ANA|STRM_EV_STRM_ERR, s); return 0; } /* This stream analyser works on a request. It applies all use-server rules on * it then returns 1. The data must already be present in the buffer otherwise * they won't match. It always returns 1. */ static int process_server_rules(struct stream *s, struct channel *req, int an_bit) { struct proxy *px = s->be; struct session *sess = s->sess; struct server_rule *rule; DBG_TRACE_ENTER(STRM_EV_STRM_ANA, s); if (!(s->flags & SF_ASSIGNED)) { list_for_each_entry(rule, &px->server_rules, list) { int ret; ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; if (ret) { struct server *srv; if (rule->dynamic) { struct buffer *tmp = get_trash_chunk(); if (!build_logline(s, tmp->area, tmp->size, &rule->expr)) break; srv = findserver(s->be, tmp->area); if (!srv) break; } else srv = rule->srv.ptr; if ((srv->cur_state != SRV_ST_STOPPED) || (px->options & PR_O_PERSIST) || (s->flags & SF_FORCE_PRST)) { s->flags |= SF_DIRECT | SF_ASSIGNED; s->target = &srv->obj_type; break; } /* if the server is not UP, let's go on with next rules * just in case another one is suited. */ } } } req->analysers &= ~an_bit; req->analyse_exp = TICK_ETERNITY; DBG_TRACE_LEAVE(STRM_EV_STRM_ANA, s); return 1; } static inline void sticking_rule_find_target(struct stream *s, struct stktable *t, struct stksess *ts) { struct proxy *px = s->be; struct eb32_node *node; struct dict_entry *de; void *ptr; struct server *srv; /* Look for the server name previously stored in stick-table */ HA_RWLOCK_RDLOCK(STK_SESS_LOCK, &ts->lock); ptr = __stktable_data_ptr(t, ts, STKTABLE_DT_SERVER_KEY); de = stktable_data_cast(ptr, std_t_dict); HA_RWLOCK_RDUNLOCK(STK_SESS_LOCK, &ts->lock); if (de) { struct ebpt_node *node; if (t->server_key_type == STKTABLE_SRV_NAME) { node = ebis_lookup(&px->conf.used_server_name, de->value.key); if (node) { srv = container_of(node, struct server, conf.name); goto found; } } else if (t->server_key_type == STKTABLE_SRV_ADDR) { HA_RWLOCK_RDLOCK(PROXY_LOCK, &px->lock); node = ebis_lookup(&px->used_server_addr, de->value.key); HA_RWLOCK_RDUNLOCK(PROXY_LOCK, &px->lock); if (node) { srv = container_of(node, struct server, addr_node); goto found; } } } /* Look for the server ID */ HA_RWLOCK_RDLOCK(STK_SESS_LOCK, &ts->lock); ptr = __stktable_data_ptr(t, ts, STKTABLE_DT_SERVER_ID); node = eb32_lookup(&px->conf.used_server_id, stktable_data_cast(ptr, std_t_sint)); HA_RWLOCK_RDUNLOCK(STK_SESS_LOCK, &ts->lock); if (!node) return; srv = container_of(node, struct server, conf.id); found: if ((srv->cur_state != SRV_ST_STOPPED) || (px->options & PR_O_PERSIST) || (s->flags & SF_FORCE_PRST)) { s->flags |= SF_DIRECT | SF_ASSIGNED; s->target = &srv->obj_type; } } /* This stream analyser works on a request. It applies all sticking rules on * it then returns 1. The data must already be present in the buffer otherwise * they won't match. It always returns 1. */ static int process_sticking_rules(struct stream *s, struct channel *req, int an_bit) { struct proxy *px = s->be; struct session *sess = s->sess; struct sticking_rule *rule; DBG_TRACE_ENTER(STRM_EV_STRM_ANA, s); list_for_each_entry(rule, &px->sticking_rules, list) { int ret = 1 ; int i; /* Only the first stick store-request of each table is applied * and other ones are ignored. The purpose is to allow complex * configurations which look for multiple entries by decreasing * order of precision and to stop at the first which matches. * An example could be a store of the IP address from an HTTP * header first, then from the source if not found. */ if (rule->flags & STK_IS_STORE) { for (i = 0; i < s->store_count; i++) { if (rule->table.t == s->store[i].table) break; } if (i != s->store_count) continue; } if (rule->cond) { ret = acl_exec_cond(rule->cond, px, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; } if (ret) { struct stktable_key *key; key = stktable_fetch_key(rule->table.t, px, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr, NULL); if (!key) continue; if (rule->flags & STK_IS_MATCH) { struct stksess *ts; if ((ts = stktable_lookup_key(rule->table.t, key)) != NULL) { if (!(s->flags & SF_ASSIGNED)) sticking_rule_find_target(s, rule->table.t, ts); stktable_touch_local(rule->table.t, ts, 1); } } if (rule->flags & STK_IS_STORE) { if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) { struct stksess *ts; ts = stksess_new(rule->table.t, key); if (ts) { s->store[s->store_count].table = rule->table.t; s->store[s->store_count++].ts = ts; } } } } } req->analysers &= ~an_bit; req->analyse_exp = TICK_ETERNITY; DBG_TRACE_LEAVE(STRM_EV_STRM_ANA, s); return 1; } /* This stream analyser works on a response. It applies all store rules on it * then returns 1. The data must already be present in the buffer otherwise * they won't match. It always returns 1. */ static int process_store_rules(struct stream *s, struct channel *rep, int an_bit) { struct proxy *px = s->be; struct session *sess = s->sess; struct sticking_rule *rule; int i; int nbreq = s->store_count; DBG_TRACE_ENTER(STRM_EV_STRM_ANA, s); list_for_each_entry(rule, &px->storersp_rules, list) { int ret = 1 ; /* Only the first stick store-response of each table is applied * and other ones are ignored. The purpose is to allow complex * configurations which look for multiple entries by decreasing * order of precision and to stop at the first which matches. * An example could be a store of a set-cookie value, with a * fallback to a parameter found in a 302 redirect. * * The store-response rules are not allowed to override the * store-request rules for the same table, but they may coexist. * Thus we can have up to one store-request entry and one store- * response entry for the same table at any time. */ for (i = nbreq; i < s->store_count; i++) { if (rule->table.t == s->store[i].table) break; } /* skip existing entries for this table */ if (i < s->store_count) continue; if (rule->cond) { ret = acl_exec_cond(rule->cond, px, sess, s, SMP_OPT_DIR_RES|SMP_OPT_FINAL); ret = acl_pass(ret); if (rule->cond->pol == ACL_COND_UNLESS) ret = !ret; } if (ret) { struct stktable_key *key; key = stktable_fetch_key(rule->table.t, px, sess, s, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr, NULL); if (!key) continue; if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) { struct stksess *ts; ts = stksess_new(rule->table.t, key); if (ts) { s->store[s->store_count].table = rule->table.t; s->store[s->store_count++].ts = ts; } } } } /* process store request and store response */ for (i = 0; i < s->store_count; i++) { struct stksess *ts; void *ptr; char *key; struct dict_entry *de; struct stktable *t = s->store[i].table; if (!objt_server(s->target) || (__objt_server(s->target)->flags & SRV_F_NON_STICK)) { stksess_free(s->store[i].table, s->store[i].ts); s->store[i].ts = NULL; continue; } ts = stktable_set_entry(t, s->store[i].ts); if (ts != s->store[i].ts) { /* the entry already existed, we can free ours */ stksess_free(t, s->store[i].ts); } s->store[i].ts = NULL; if (t->server_key_type == STKTABLE_SRV_NAME) key = __objt_server(s->target)->id; else if (t->server_key_type == STKTABLE_SRV_ADDR) key = __objt_server(s->target)->addr_node.key; else key = NULL; HA_RWLOCK_WRLOCK(STK_SESS_LOCK, &ts->lock); ptr = __stktable_data_ptr(t, ts, STKTABLE_DT_SERVER_ID); stktable_data_cast(ptr, std_t_sint) = __objt_server(s->target)->puid; if (key) { de = dict_insert(&server_key_dict, key); if (de) { ptr = __stktable_data_ptr(t, ts, STKTABLE_DT_SERVER_KEY); stktable_data_cast(ptr, std_t_dict) = de; } } HA_RWLOCK_WRUNLOCK(STK_SESS_LOCK, &ts->lock); stktable_touch_local(t, ts, 1); } s->store_count = 0; /* everything is stored */ rep->analysers &= ~an_bit; rep->analyse_exp = TICK_ETERNITY; DBG_TRACE_LEAVE(STRM_EV_STRM_ANA, s); return 1; } /* Set the stream to HTTP mode, if necessary. The minimal request HTTP analysers * are set and the client mux is upgraded. It returns 1 if the stream processing * may continue or 0 if it should be stopped. It happens on error or if the * upgrade required a new stream. The mux protocol may be specified. */ int stream_set_http_mode(struct stream *s, const struct mux_proto_list *mux_proto) { struct stconn *sc = s->scf; struct connection *conn; /* Already an HTTP stream */ if (IS_HTX_STRM(s)) return 1; s->req.analysers |= AN_REQ_WAIT_HTTP|AN_REQ_HTTP_PROCESS_FE; if (unlikely(!s->txn && !http_create_txn(s))) return 0; conn = sc_conn(sc); if (conn) { se_have_more_data(s->scf->sedesc); /* Make sure we're unsubscribed, the the new * mux will probably want to subscribe to * the underlying XPRT */ if (s->scf->wait_event.events) conn->mux->unsubscribe(sc, s->scf->wait_event.events, &(s->scf->wait_event)); if (conn->mux->flags & MX_FL_NO_UPG) return 0; sc_conn_prepare_endp_upgrade(sc); if (conn_upgrade_mux_fe(conn, sc, &s->req.buf, (mux_proto ? mux_proto->token : ist("")), PROTO_MODE_HTTP) == -1) { sc_conn_abort_endp_upgrade(sc); return 0; } sc_conn_commit_endp_upgrade(sc); s->req.flags &= ~(CF_READ_PARTIAL|CF_AUTO_CONNECT); s->req.total = 0; s->flags |= SF_IGNORE; if (sc_ep_test(sc, SE_FL_DETACHED)) { /* If stream connector is detached, it means it was not * reused by the new mux. Son destroy it, disable * logging, and abort the stream process. Thus the * stream will be silently destroyed. The new mux will * create new streams. */ s->logs.logwait = 0; s->logs.level = 0; channel_abort(&s->req); channel_abort(&s->res); s->req.analysers &= AN_REQ_FLT_END; s->req.analyse_exp = TICK_ETERNITY; } } return 1; } /* Updates at once the channel flags, and timers of both stream connectors of a * same stream, to complete the work after the analysers, then updates the data * layer below. This will ensure that any synchronous update performed at the * data layer will be reflected in the channel flags and/or stream connector. * Note that this does not change the stream connector's current state, though * it updates the previous state to the current one. */ static void stream_update_both_sc(struct stream *s) { struct stconn *scf = s->scf; struct stconn *scb = s->scb; struct channel *req = &s->req; struct channel *res = &s->res; req->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_READ_ATTACHED|CF_WRITE_NULL|CF_WRITE_PARTIAL); res->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_READ_ATTACHED|CF_WRITE_NULL|CF_WRITE_PARTIAL); s->prev_conn_state = scb->state; /* let's recompute both sides states */ if (sc_state_in(scf->state, SC_SB_RDY|SC_SB_EST)) sc_update(scf); if (sc_state_in(scb->state, SC_SB_RDY|SC_SB_EST)) sc_update(scb); /* stream connectors are processed outside of process_stream() and must be * handled at the latest moment. */ if (sc_appctx(scf)) { if (sc_is_recv_allowed(scf) || sc_is_send_allowed(scf)) appctx_wakeup(__sc_appctx(scf)); } if (sc_appctx(scb)) { if (sc_is_recv_allowed(scb) || sc_is_send_allowed(scb)) appctx_wakeup(__sc_appctx(scb)); } } /* if the current task's wake_date was set, it's being profiled, thus we may * report latencies and CPU usages in logs, so it's desirable to do that before * logging in order to report accurate CPU usage. In this case we count that * final part and reset the wake date so that the scheduler doesn't do it a * second time, and by doing so we also avoid an extra call to clock_gettime(). * The CPU usage will be off by the little time needed to run over stream_free() * but that's only marginal. */ static void stream_cond_update_cpu_usage(struct stream *s) { uint32_t cpu; /* stats are only registered for non-zero wake dates */ if (likely(!th_ctx->sched_wake_date)) return; cpu = (uint32_t)now_mono_time() - th_ctx->sched_call_date; s->task->cpu_time += cpu; HA_ATOMIC_ADD(&th_ctx->sched_profile_entry->cpu_time, cpu); th_ctx->sched_wake_date = 0; } /* This macro is very specific to the function below. See the comments in * process_stream() below to understand the logic and the tests. */ #define UPDATE_ANALYSERS(real, list, back, flag) { \ list = (((list) & ~(flag)) | ~(back)) & (real); \ back = real; \ if (!(list)) \ break; \ if (((list) ^ ((list) & ((list) - 1))) < (flag)) \ continue; \ } /* These 2 following macros call an analayzer for the specified channel if the * right flag is set. The first one is used for "filterable" analyzers. If a * stream has some registered filters, pre and post analyaze callbacks are * called. The second are used for other analyzers (AN_REQ/RES_FLT_* and * AN_REQ/RES_HTTP_XFER_BODY) */ #define FLT_ANALYZE(strm, chn, fun, list, back, flag, ...) \ { \ if ((list) & (flag)) { \ if (HAS_FILTERS(strm)) { \ if (!flt_pre_analyze((strm), (chn), (flag))) \ break; \ if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \ break; \ if (!flt_post_analyze((strm), (chn), (flag))) \ break; \ } \ else { \ if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \ break; \ } \ UPDATE_ANALYSERS((chn)->analysers, (list), \ (back), (flag)); \ } \ } #define ANALYZE(strm, chn, fun, list, back, flag, ...) \ { \ if ((list) & (flag)) { \ if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \ break; \ UPDATE_ANALYSERS((chn)->analysers, (list), \ (back), (flag)); \ } \ } /* Processes the client, server, request and response jobs of a stream task, * then puts it back to the wait queue in a clean state, or cleans up its * resources if it must be deleted. Returns in the date the task wants * to be woken up, or TICK_ETERNITY. In order not to call all functions for * nothing too many times, the request and response buffers flags are monitored * and each function is called only if at least another function has changed at * least one flag it is interested in. */ struct task *process_stream(struct task *t, void *context, unsigned int state) { struct server *srv; struct stream *s = context; struct session *sess = s->sess; unsigned int rqf_last, rpf_last; unsigned int rq_prod_last, rq_cons_last; unsigned int rp_cons_last, rp_prod_last; unsigned int req_ana_back; struct channel *req, *res; struct stconn *scf, *scb; unsigned int rate; DBG_TRACE_ENTER(STRM_EV_STRM_PROC, s); activity[tid].stream_calls++; req = &s->req; res = &s->res; scf = s->scf; scb = s->scb; /* First, attempt to receive pending data from I/O layers */ sc_conn_sync_recv(scf); sc_conn_sync_recv(scb); /* Let's check if we're looping without making any progress, e.g. due * to a bogus analyser or the fact that we're ignoring a read0. The * call_rate counter only counts calls with no progress made. */ if (!((req->flags | res->flags) & (CF_READ_PARTIAL|CF_WRITE_PARTIAL))) { rate = update_freq_ctr(&s->call_rate, 1); if (rate >= 100000 && s->call_rate.prev_ctr) // make sure to wait at least a full second stream_dump_and_crash(&s->obj_type, read_freq_ctr(&s->call_rate)); } /* this data may be no longer valid, clear it */ if (s->txn) memset(&s->txn->auth, 0, sizeof(s->txn->auth)); /* This flag must explicitly be set every time */ req->flags &= ~(CF_READ_NOEXP|CF_WAKE_WRITE); res->flags &= ~(CF_READ_NOEXP|CF_WAKE_WRITE); /* Keep a copy of req/rep flags so that we can detect shutdowns */ rqf_last = req->flags & ~CF_MASK_ANALYSER; rpf_last = res->flags & ~CF_MASK_ANALYSER; /* we don't want the stream connector functions to recursively wake us up */ scf->flags |= SC_FL_DONT_WAKE; scb->flags |= SC_FL_DONT_WAKE; /* update pending events */ s->pending_events |= (state & TASK_WOKEN_ANY); /* 1a: Check for low level timeouts if needed. We just set a flag on * stream connectors when their timeouts have expired. */ if (unlikely(s->pending_events & TASK_WOKEN_TIMER)) { stream_check_conn_timeout(s); /* check channel timeouts, and close the corresponding stream connectors * for future reads or writes. Note: this will also concern upper layers * but we do not touch any other flag. We must be careful and correctly * detect state changes when calling them. */ channel_check_timeouts(req); if (unlikely((req->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) { scb->flags |= SC_FL_NOLINGER; sc_shutw(scb); } if (unlikely((req->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) { if (scf->flags & SC_FL_NOHALF) scf->flags |= SC_FL_NOLINGER; sc_shutr(scf); } channel_check_timeouts(res); if (unlikely((res->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) { scf->flags |= SC_FL_NOLINGER; sc_shutw(scf); } if (unlikely((res->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) { if (scb->flags & SC_FL_NOHALF) scb->flags |= SC_FL_NOLINGER; sc_shutr(scb); } if (HAS_FILTERS(s)) flt_stream_check_timeouts(s); /* Once in a while we're woken up because the task expires. But * this does not necessarily mean that a timeout has been reached. * So let's not run a whole stream processing if only an expiration * timeout needs to be refreshed. */ if (!((req->flags | res->flags) & (CF_SHUTR|CF_READ_ACTIVITY|CF_READ_TIMEOUT|CF_SHUTW| CF_WRITE_ACTIVITY|CF_WRITE_TIMEOUT|CF_ANA_TIMEOUT)) && !(s->flags & SF_CONN_EXP) && !((sc_ep_get(scf) | scb->flags) & SE_FL_ERROR) && ((s->pending_events & TASK_WOKEN_ANY) == TASK_WOKEN_TIMER)) { scf->flags &= ~SC_FL_DONT_WAKE; scb->flags &= ~SC_FL_DONT_WAKE; goto update_exp_and_leave; } } resync_stconns: /* below we may emit error messages so we have to ensure that we have * our buffers properly allocated. If the allocation failed, an error is * triggered. * * NOTE: An error is returned because the mechanism to queue entities * waiting for a buffer is totally broken for now. However, this * part must be refactored. When it will be handled, this part * must be be reviewed too. */ if (!stream_alloc_work_buffer(s)) { sc_ep_set(s->scf, SE_FL_ERROR); s->conn_err_type = STRM_ET_CONN_RES; sc_ep_set(s->scb, SE_FL_ERROR); s->conn_err_type = STRM_ET_CONN_RES; if (!(s->flags & SF_ERR_MASK)) s->flags |= SF_ERR_RESOURCE; sess_set_term_flags(s); } /* 1b: check for low-level errors reported at the stream connector. * First we check if it's a retryable error (in which case we don't * want to tell the buffer). Otherwise we report the error one level * upper by setting flags into the buffers. Note that the side towards * the client cannot have connect (hence retryable) errors. Also, the * connection setup code must be able to deal with any type of abort. */ srv = objt_server(s->target); if (unlikely(sc_ep_test(scf, SE_FL_ERROR))) { if (sc_state_in(scf->state, SC_SB_EST|SC_SB_DIS)) { sc_shutr(scf); sc_shutw(scf); sc_report_error(scf); if (!(req->analysers) && !(res->analysers)) { _HA_ATOMIC_INC(&s->be->be_counters.cli_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.cli_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->cli_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.cli_aborts); if (!(s->flags & SF_ERR_MASK)) s->flags |= SF_ERR_CLICL; if (!(s->flags & SF_FINST_MASK)) s->flags |= SF_FINST_D; } } } if (unlikely(sc_ep_test(scb, SE_FL_ERROR))) { if (sc_state_in(scb->state, SC_SB_EST|SC_SB_DIS)) { sc_shutr(scb); sc_shutw(scb); sc_report_error(scb); _HA_ATOMIC_INC(&s->be->be_counters.failed_resp); if (srv) _HA_ATOMIC_INC(&srv->counters.failed_resp); if (!(req->analysers) && !(res->analysers)) { _HA_ATOMIC_INC(&s->be->be_counters.srv_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.srv_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->srv_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.srv_aborts); if (!(s->flags & SF_ERR_MASK)) s->flags |= SF_ERR_SRVCL; if (!(s->flags & SF_FINST_MASK)) s->flags |= SF_FINST_D; } } /* note: maybe we should process connection errors here ? */ } if (sc_state_in(scb->state, SC_SB_CON|SC_SB_RDY)) { /* we were trying to establish a connection on the server side, * maybe it succeeded, maybe it failed, maybe we timed out, ... */ if (scb->state == SC_ST_RDY) back_handle_st_rdy(s); else if (s->scb->state == SC_ST_CON) back_handle_st_con(s); if (scb->state == SC_ST_CER) back_handle_st_cer(s); else if (scb->state == SC_ST_EST) back_establish(s); /* state is now one of SC_ST_CON (still in progress), SC_ST_EST * (established), SC_ST_DIS (abort), SC_ST_CLO (last error), * SC_ST_ASS/SC_ST_TAR/SC_ST_REQ for retryable errors. */ } rq_prod_last = scf->state; rq_cons_last = scb->state; rp_cons_last = scf->state; rp_prod_last = scb->state; /* Check for connection closure */ DBG_TRACE_POINT(STRM_EV_STRM_PROC, s); /* nothing special to be done on client side */ if (unlikely(scf->state == SC_ST_DIS)) { scf->state = SC_ST_CLO; /* This is needed only when debugging is enabled, to indicate * client-side close. */ if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) { chunk_printf(&trash, "%08x:%s.clicls[%04x:%04x]\n", s->uniq_id, s->be->id, (unsigned short)conn_fd(sc_conn(scf)), (unsigned short)conn_fd(sc_conn(scb))); DISGUISE(write(1, trash.area, trash.data)); } } /* When a server-side connection is released, we have to count it and * check for pending connections on this server. */ if (unlikely(scb->state == SC_ST_DIS)) { scb->state = SC_ST_CLO; srv = objt_server(s->target); if (srv) { if (s->flags & SF_CURR_SESS) { s->flags &= ~SF_CURR_SESS; _HA_ATOMIC_DEC(&srv->cur_sess); } sess_change_server(s, NULL); if (may_dequeue_tasks(srv, s->be)) process_srv_queue(srv); } /* This is needed only when debugging is enabled, to indicate * server-side close. */ if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) { if (s->prev_conn_state == SC_ST_EST) { chunk_printf(&trash, "%08x:%s.srvcls[%04x:%04x]\n", s->uniq_id, s->be->id, (unsigned short)conn_fd(sc_conn(scf)), (unsigned short)conn_fd(sc_conn(scb))); DISGUISE(write(1, trash.area, trash.data)); } } } /* * Note: of the transient states (REQ, CER, DIS), only REQ may remain * at this point. */ resync_request: /* Analyse request */ if (((req->flags & ~rqf_last) & CF_MASK_ANALYSER) || ((req->flags ^ rqf_last) & CF_MASK_STATIC) || (req->analysers && (req->flags & CF_SHUTW)) || scf->state != rq_prod_last || scb->state != rq_cons_last || s->pending_events & TASK_WOKEN_MSG) { unsigned int flags = req->flags; if (sc_state_in(scf->state, SC_SB_EST|SC_SB_DIS|SC_SB_CLO)) { int max_loops = global.tune.maxpollevents; unsigned int ana_list; unsigned int ana_back; /* it's up to the analysers to stop new connections, * disable reading or closing. Note: if an analyser * disables any of these bits, it is responsible for * enabling them again when it disables itself, so * that other analysers are called in similar conditions. */ channel_auto_read(req); channel_auto_connect(req); channel_auto_close(req); /* We will call all analysers for which a bit is set in * req->analysers, following the bit order from LSB * to MSB. The analysers must remove themselves from * the list when not needed. Any analyser may return 0 * to break out of the loop, either because of missing * data to take a decision, or because it decides to * kill the stream. We loop at least once through each * analyser, and we may loop again if other analysers * are added in the middle. * * We build a list of analysers to run. We evaluate all * of these analysers in the order of the lower bit to * the higher bit. This ordering is very important. * An analyser will often add/remove other analysers, * including itself. Any changes to itself have no effect * on the loop. If it removes any other analysers, we * want those analysers not to be called anymore during * this loop. If it adds an analyser that is located * after itself, we want it to be scheduled for being * processed during the loop. If it adds an analyser * which is located before it, we want it to switch to * it immediately, even if it has already been called * once but removed since. * * In order to achieve this, we compare the analyser * list after the call with a copy of it before the * call. The work list is fed with analyser bits that * appeared during the call. Then we compare previous * work list with the new one, and check the bits that * appeared. If the lowest of these bits is lower than * the current bit, it means we have enabled a previous * analyser and must immediately loop again. */ ana_list = ana_back = req->analysers; while (ana_list && max_loops--) { /* Warning! ensure that analysers are always placed in ascending order! */ ANALYZE (s, req, flt_start_analyze, ana_list, ana_back, AN_REQ_FLT_START_FE); FLT_ANALYZE(s, req, tcp_inspect_request, ana_list, ana_back, AN_REQ_INSPECT_FE); FLT_ANALYZE(s, req, http_wait_for_request, ana_list, ana_back, AN_REQ_WAIT_HTTP); FLT_ANALYZE(s, req, http_wait_for_request_body, ana_list, ana_back, AN_REQ_HTTP_BODY); FLT_ANALYZE(s, req, http_process_req_common, ana_list, ana_back, AN_REQ_HTTP_PROCESS_FE, sess->fe); FLT_ANALYZE(s, req, process_switching_rules, ana_list, ana_back, AN_REQ_SWITCHING_RULES); ANALYZE (s, req, flt_start_analyze, ana_list, ana_back, AN_REQ_FLT_START_BE); FLT_ANALYZE(s, req, tcp_inspect_request, ana_list, ana_back, AN_REQ_INSPECT_BE); FLT_ANALYZE(s, req, http_process_req_common, ana_list, ana_back, AN_REQ_HTTP_PROCESS_BE, s->be); FLT_ANALYZE(s, req, http_process_tarpit, ana_list, ana_back, AN_REQ_HTTP_TARPIT); FLT_ANALYZE(s, req, process_server_rules, ana_list, ana_back, AN_REQ_SRV_RULES); FLT_ANALYZE(s, req, http_process_request, ana_list, ana_back, AN_REQ_HTTP_INNER); FLT_ANALYZE(s, req, tcp_persist_rdp_cookie, ana_list, ana_back, AN_REQ_PRST_RDP_COOKIE); FLT_ANALYZE(s, req, process_sticking_rules, ana_list, ana_back, AN_REQ_STICKING_RULES); ANALYZE (s, req, flt_analyze_http_headers, ana_list, ana_back, AN_REQ_FLT_HTTP_HDRS); ANALYZE (s, req, http_request_forward_body, ana_list, ana_back, AN_REQ_HTTP_XFER_BODY); ANALYZE (s, req, pcli_wait_for_request, ana_list, ana_back, AN_REQ_WAIT_CLI); ANALYZE (s, req, flt_xfer_data, ana_list, ana_back, AN_REQ_FLT_XFER_DATA); ANALYZE (s, req, flt_end_analyze, ana_list, ana_back, AN_REQ_FLT_END); break; } } rq_prod_last = scf->state; rq_cons_last = scb->state; req->flags &= ~CF_WAKE_ONCE; rqf_last = req->flags; if ((req->flags ^ flags) & (CF_SHUTR|CF_SHUTW)) goto resync_request; } /* we'll monitor the request analysers while parsing the response, * because some response analysers may indirectly enable new request * analysers (eg: HTTP keep-alive). */ req_ana_back = req->analysers; resync_response: /* Analyse response */ if (((res->flags & ~rpf_last) & CF_MASK_ANALYSER) || (res->flags ^ rpf_last) & CF_MASK_STATIC || (res->analysers && (res->flags & CF_SHUTW)) || scf->state != rp_cons_last || scb->state != rp_prod_last || s->pending_events & TASK_WOKEN_MSG) { unsigned int flags = res->flags; if (sc_state_in(scb->state, SC_SB_EST|SC_SB_DIS|SC_SB_CLO)) { int max_loops = global.tune.maxpollevents; unsigned int ana_list; unsigned int ana_back; /* it's up to the analysers to stop disable reading or * closing. Note: if an analyser disables any of these * bits, it is responsible for enabling them again when * it disables itself, so that other analysers are called * in similar conditions. */ channel_auto_read(res); channel_auto_close(res); /* We will call all analysers for which a bit is set in * res->analysers, following the bit order from LSB * to MSB. The analysers must remove themselves from * the list when not needed. Any analyser may return 0 * to break out of the loop, either because of missing * data to take a decision, or because it decides to * kill the stream. We loop at least once through each * analyser, and we may loop again if other analysers * are added in the middle. */ ana_list = ana_back = res->analysers; while (ana_list && max_loops--) { /* Warning! ensure that analysers are always placed in ascending order! */ ANALYZE (s, res, flt_start_analyze, ana_list, ana_back, AN_RES_FLT_START_FE); ANALYZE (s, res, flt_start_analyze, ana_list, ana_back, AN_RES_FLT_START_BE); FLT_ANALYZE(s, res, tcp_inspect_response, ana_list, ana_back, AN_RES_INSPECT); FLT_ANALYZE(s, res, http_wait_for_response, ana_list, ana_back, AN_RES_WAIT_HTTP); FLT_ANALYZE(s, res, process_store_rules, ana_list, ana_back, AN_RES_STORE_RULES); FLT_ANALYZE(s, res, http_process_res_common, ana_list, ana_back, AN_RES_HTTP_PROCESS_BE, s->be); ANALYZE (s, res, flt_analyze_http_headers, ana_list, ana_back, AN_RES_FLT_HTTP_HDRS); ANALYZE (s, res, http_response_forward_body, ana_list, ana_back, AN_RES_HTTP_XFER_BODY); ANALYZE (s, res, pcli_wait_for_response, ana_list, ana_back, AN_RES_WAIT_CLI); ANALYZE (s, res, flt_xfer_data, ana_list, ana_back, AN_RES_FLT_XFER_DATA); ANALYZE (s, res, flt_end_analyze, ana_list, ana_back, AN_RES_FLT_END); break; } } rp_cons_last = scf->state; rp_prod_last = scb->state; res->flags &= ~CF_WAKE_ONCE; rpf_last = res->flags; if ((res->flags ^ flags) & (CF_SHUTR|CF_SHUTW)) goto resync_response; } /* maybe someone has added some request analysers, so we must check and loop */ if (req->analysers & ~req_ana_back) goto resync_request; if ((req->flags & ~rqf_last) & CF_MASK_ANALYSER) goto resync_request; /* FIXME: here we should call protocol handlers which rely on * both buffers. */ /* * Now we propagate unhandled errors to the stream. Normally * we're just in a data phase here since it means we have not * seen any analyser who could set an error status. */ srv = objt_server(s->target); if (unlikely(!(s->flags & SF_ERR_MASK))) { if (req->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) { /* Report it if the client got an error or a read timeout expired */ req->analysers &= AN_REQ_FLT_END; if (req->flags & CF_READ_ERROR) { _HA_ATOMIC_INC(&s->be->be_counters.cli_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.cli_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->cli_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.cli_aborts); s->flags |= SF_ERR_CLICL; } else if (req->flags & CF_READ_TIMEOUT) { _HA_ATOMIC_INC(&s->be->be_counters.cli_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.cli_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->cli_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.cli_aborts); s->flags |= SF_ERR_CLITO; } else if (req->flags & CF_WRITE_ERROR) { _HA_ATOMIC_INC(&s->be->be_counters.srv_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.srv_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->srv_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.srv_aborts); s->flags |= SF_ERR_SRVCL; } else { _HA_ATOMIC_INC(&s->be->be_counters.srv_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.srv_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->srv_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.srv_aborts); s->flags |= SF_ERR_SRVTO; } sess_set_term_flags(s); /* Abort the request if a client error occurred while * the backend stream connector is in the SC_ST_INI * state. It is switched into the SC_ST_CLO state and * the request channel is erased. */ if (scb->state == SC_ST_INI) { s->scb->state = SC_ST_CLO; channel_abort(req); if (IS_HTX_STRM(s)) channel_htx_erase(req, htxbuf(&req->buf)); else channel_erase(req); } } else if (res->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) { /* Report it if the server got an error or a read timeout expired */ res->analysers &= AN_RES_FLT_END; if (res->flags & CF_READ_ERROR) { _HA_ATOMIC_INC(&s->be->be_counters.srv_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.srv_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->srv_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.srv_aborts); s->flags |= SF_ERR_SRVCL; } else if (res->flags & CF_READ_TIMEOUT) { _HA_ATOMIC_INC(&s->be->be_counters.srv_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.srv_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->srv_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.srv_aborts); s->flags |= SF_ERR_SRVTO; } else if (res->flags & CF_WRITE_ERROR) { _HA_ATOMIC_INC(&s->be->be_counters.cli_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.cli_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->cli_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.cli_aborts); s->flags |= SF_ERR_CLICL; } else { _HA_ATOMIC_INC(&s->be->be_counters.cli_aborts); _HA_ATOMIC_INC(&sess->fe->fe_counters.cli_aborts); if (sess->listener && sess->listener->counters) _HA_ATOMIC_INC(&sess->listener->counters->cli_aborts); if (srv) _HA_ATOMIC_INC(&srv->counters.cli_aborts); s->flags |= SF_ERR_CLITO; } sess_set_term_flags(s); } } /* * Here we take care of forwarding unhandled data. This also includes * connection establishments and shutdown requests. */ /* If no one is interested in analysing data, it's time to forward * everything. We configure the buffer to forward indefinitely. * Note that we're checking CF_SHUTR_NOW as an indication of a possible * recent call to channel_abort(). */ if (unlikely((!req->analysers || (req->analysers == AN_REQ_FLT_END && !(req->flags & CF_FLT_ANALYZE))) && !(req->flags & (CF_SHUTW|CF_SHUTR_NOW)) && (sc_state_in(scf->state, SC_SB_EST|SC_SB_DIS|SC_SB_CLO)) && (req->to_forward != CHN_INFINITE_FORWARD))) { /* This buffer is freewheeling, there's no analyser * attached to it. If any data are left in, we'll permit them to * move. */ channel_auto_read(req); channel_auto_connect(req); channel_auto_close(req); if (IS_HTX_STRM(s)) { struct htx *htx = htxbuf(&req->buf); /* We'll let data flow between the producer (if still connected) * to the consumer. */ co_set_data(req, htx->data); if (!(req->flags & (CF_SHUTR|CF_SHUTW_NOW))) channel_htx_forward_forever(req, htx); } else { /* We'll let data flow between the producer (if still connected) * to the consumer (which might possibly not be connected yet). */ c_adv(req, ci_data(req)); if (!(req->flags & (CF_SHUTR|CF_SHUTW_NOW))) channel_forward_forever(req); } } /* check if it is wise to enable kernel splicing to forward request data */ if (!(req->flags & (CF_KERN_SPLICING|CF_SHUTR)) && req->to_forward && (global.tune.options & GTUNE_USE_SPLICE) && (sc_conn(scf) && __sc_conn(scf)->xprt && __sc_conn(scf)->xprt->rcv_pipe && __sc_conn(scf)->mux && __sc_conn(scf)->mux->rcv_pipe) && (sc_conn(scb) && __sc_conn(scb)->xprt && __sc_conn(scb)->xprt->snd_pipe && __sc_conn(scb)->mux && __sc_conn(scb)->mux->snd_pipe) && (pipes_used < global.maxpipes) && (((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_REQ) || (((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) && (req->flags & CF_STREAMER_FAST)))) { req->flags |= CF_KERN_SPLICING; } /* reflect what the L7 analysers have seen last */ rqf_last = req->flags; /* it's possible that an upper layer has requested a connection setup or abort. * There are 2 situations where we decide to establish a new connection : * - there are data scheduled for emission in the buffer * - the CF_AUTO_CONNECT flag is set (active connection) */ if (scb->state == SC_ST_INI) { if (!(req->flags & CF_SHUTW)) { if ((req->flags & CF_AUTO_CONNECT) || !channel_is_empty(req)) { /* If we have an appctx, there is no connect method, so we * immediately switch to the connected state, otherwise we * perform a connection request. */ scb->state = SC_ST_REQ; /* new connection requested */ s->conn_retries = 0; if ((s->be->retry_type &~ PR_RE_CONN_FAILED) && (s->be->mode == PR_MODE_HTTP) && !(s->txn->flags & TX_D_L7_RETRY)) s->txn->flags |= TX_L7_RETRY; } } else { s->scb->state = SC_ST_CLO; /* shutw+ini = abort */ channel_shutw_now(req); /* fix buffer flags upon abort */ channel_shutr_now(res); } } /* we may have a pending connection request, or a connection waiting * for completion. */ if (sc_state_in(scb->state, SC_SB_REQ|SC_SB_QUE|SC_SB_TAR|SC_SB_ASS)) { /* prune the request variables and swap to the response variables. */ if (s->vars_reqres.scope != SCOPE_RES) { if (!LIST_ISEMPTY(&s->vars_reqres.head)) vars_prune(&s->vars_reqres, s->sess, s); vars_init_head(&s->vars_reqres, SCOPE_RES); } do { /* nb: step 1 might switch from QUE to ASS, but we first want * to give a chance to step 2 to perform a redirect if needed. */ if (scb->state != SC_ST_REQ) back_try_conn_req(s); if (scb->state == SC_ST_REQ) back_handle_st_req(s); /* get a chance to complete an immediate connection setup */ if (scb->state == SC_ST_RDY) goto resync_stconns; /* applets directly go to the ESTABLISHED state. Similarly, * servers experience the same fate when their connection * is reused. */ if (unlikely(scb->state == SC_ST_EST)) back_establish(s); srv = objt_server(s->target); if (scb->state == SC_ST_ASS && srv && srv->rdr_len && (s->flags & SF_REDIRECTABLE)) http_perform_server_redirect(s, scb); } while (scb->state == SC_ST_ASS); } /* Let's see if we can send the pending request now */ sc_conn_sync_send(scb); /* * Now forward all shutdown requests between both sides of the request buffer */ /* first, let's check if the request buffer needs to shutdown(write), which may * happen either because the input is closed or because we want to force a close * once the server has begun to respond. If a half-closed timeout is set, we adjust * the other side's timeout as well. However this doesn't have effect during the * connection setup unless the backend has abortonclose set. */ if (unlikely((req->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) == (CF_AUTO_CLOSE|CF_SHUTR) && (scb->state != SC_ST_CON || (s->be->options & PR_O_ABRT_CLOSE)))) { channel_shutw_now(req); } /* shutdown(write) pending */ if (unlikely((req->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW && channel_is_empty(req))) { if (req->flags & CF_READ_ERROR) scb->flags |= SC_FL_NOLINGER; sc_shutw(scb); } /* shutdown(write) done on server side, we must stop the client too */ if (unlikely((req->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW && !req->analysers)) channel_shutr_now(req); /* shutdown(read) pending */ if (unlikely((req->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) { if (scf->flags & SC_FL_NOHALF) scf->flags |= SC_FL_NOLINGER; sc_shutr(scf); } /* Benchmarks have shown that it's optimal to do a full resync now */ if (scf->state == SC_ST_DIS || sc_state_in(scb->state, SC_SB_RDY|SC_SB_DIS) || (sc_ep_test(scf, SE_FL_ERROR) && scf->state != SC_ST_CLO) || (sc_ep_test(scb, SE_FL_ERROR) && scb->state != SC_ST_CLO)) goto resync_stconns; /* otherwise we want to check if we need to resync the req buffer or not */ if ((req->flags ^ rqf_last) & (CF_SHUTR|CF_SHUTW)) goto resync_request; /* perform output updates to the response buffer */ /* If no one is interested in analysing data, it's time to forward * everything. We configure the buffer to forward indefinitely. * Note that we're checking CF_SHUTR_NOW as an indication of a possible * recent call to channel_abort(). */ if (unlikely((!res->analysers || (res->analysers == AN_RES_FLT_END && !(res->flags & CF_FLT_ANALYZE))) && !(res->flags & (CF_SHUTW|CF_SHUTR_NOW)) && sc_state_in(scb->state, SC_SB_EST|SC_SB_DIS|SC_SB_CLO) && (res->to_forward != CHN_INFINITE_FORWARD))) { /* This buffer is freewheeling, there's no analyser * attached to it. If any data are left in, we'll permit them to * move. */ channel_auto_read(res); channel_auto_close(res); if (IS_HTX_STRM(s)) { struct htx *htx = htxbuf(&res->buf); /* We'll let data flow between the producer (if still connected) * to the consumer. */ co_set_data(res, htx->data); if (!(res->flags & (CF_SHUTR|CF_SHUTW_NOW))) channel_htx_forward_forever(res, htx); } else { /* We'll let data flow between the producer (if still connected) * to the consumer. */ c_adv(res, ci_data(res)); if (!(res->flags & (CF_SHUTR|CF_SHUTW_NOW))) channel_forward_forever(res); } /* if we have no analyser anymore in any direction and have a * tunnel timeout set, use it now. Note that we must respect * the half-closed timeouts as well. */ if (!req->analysers && s->tunnel_timeout) { req->rto = req->wto = res->rto = res->wto = s->tunnel_timeout; if ((req->flags & CF_SHUTR) && tick_isset(sess->fe->timeout.clientfin)) res->wto = sess->fe->timeout.clientfin; if ((req->flags & CF_SHUTW) && tick_isset(s->be->timeout.serverfin)) res->rto = s->be->timeout.serverfin; if ((res->flags & CF_SHUTR) && tick_isset(s->be->timeout.serverfin)) req->wto = s->be->timeout.serverfin; if ((res->flags & CF_SHUTW) && tick_isset(sess->fe->timeout.clientfin)) req->rto = sess->fe->timeout.clientfin; req->rex = tick_add(now_ms, req->rto); req->wex = tick_add(now_ms, req->wto); res->rex = tick_add(now_ms, res->rto); res->wex = tick_add(now_ms, res->wto); } } /* check if it is wise to enable kernel splicing to forward response data */ if (!(res->flags & (CF_KERN_SPLICING|CF_SHUTR)) && res->to_forward && (global.tune.options & GTUNE_USE_SPLICE) && (sc_conn(scf) && __sc_conn(scf)->xprt && __sc_conn(scf)->xprt->snd_pipe && __sc_conn(scf)->mux && __sc_conn(scf)->mux->snd_pipe) && (sc_conn(scb) && __sc_conn(scb)->xprt && __sc_conn(scb)->xprt->rcv_pipe && __sc_conn(scb)->mux && __sc_conn(scb)->mux->rcv_pipe) && (pipes_used < global.maxpipes) && (((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_RTR) || (((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) && (res->flags & CF_STREAMER_FAST)))) { res->flags |= CF_KERN_SPLICING; } /* reflect what the L7 analysers have seen last */ rpf_last = res->flags; /* Let's see if we can send the pending response now */ sc_conn_sync_send(scf); /* * Now forward all shutdown requests between both sides of the buffer */ /* * FIXME: this is probably where we should produce error responses. */ /* first, let's check if the response buffer needs to shutdown(write) */ if (unlikely((res->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) == (CF_AUTO_CLOSE|CF_SHUTR))) { channel_shutw_now(res); } /* shutdown(write) pending */ if (unlikely((res->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW && channel_is_empty(res))) { sc_shutw(scf); } /* shutdown(write) done on the client side, we must stop the server too */ if (unlikely((res->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW) && !res->analysers) channel_shutr_now(res); /* shutdown(read) pending */ if (unlikely((res->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) { if (scb->flags & SC_FL_NOHALF) scb->flags |= SC_FL_NOLINGER; sc_shutr(scb); } if (scf->state == SC_ST_DIS || sc_state_in(scb->state, SC_SB_RDY|SC_SB_DIS) || (sc_ep_test(scf, SE_FL_ERROR) && scf->state != SC_ST_CLO) || (sc_ep_test(scb, SE_FL_ERROR) && scb->state != SC_ST_CLO)) goto resync_stconns; if ((req->flags & ~rqf_last) & CF_MASK_ANALYSER) goto resync_request; if ((res->flags ^ rpf_last) & CF_MASK_STATIC) goto resync_response; if (((req->flags ^ rqf_last) | (res->flags ^ rpf_last)) & CF_MASK_ANALYSER) goto resync_request; /* we're interested in getting wakeups again */ scf->flags &= ~SC_FL_DONT_WAKE; scb->flags &= ~SC_FL_DONT_WAKE; if (likely((scf->state != SC_ST_CLO) || !sc_state_in(scb->state, SC_SB_INI|SC_SB_CLO) || (req->analysers & AN_REQ_FLT_END) || (res->analysers & AN_RES_FLT_END))) { if ((sess->fe->options & PR_O_CONTSTATS) && (s->flags & SF_BE_ASSIGNED) && !(s->flags & SF_IGNORE)) stream_process_counters(s); stream_update_both_sc(s); /* Trick: if a request is being waiting for the server to respond, * and if we know the server can timeout, we don't want the timeout * to expire on the client side first, but we're still interested * in passing data from the client to the server (eg: POST). Thus, * we can cancel the client's request timeout if the server's * request timeout is set and the server has not yet sent a response. */ if ((res->flags & (CF_AUTO_CLOSE|CF_SHUTR)) == 0 && (tick_isset(req->wex) || tick_isset(res->rex))) { req->flags |= CF_READ_NOEXP; req->rex = TICK_ETERNITY; } /* Reset pending events now */ s->pending_events = 0; update_exp_and_leave: /* Note: please ensure that if you branch here you disable SC_FL_DONT_WAKE */ t->expire = tick_first((tick_is_expired(t->expire, now_ms) ? 0 : t->expire), tick_first(tick_first(req->rex, req->wex), tick_first(res->rex, res->wex))); if (!req->analysers) req->analyse_exp = TICK_ETERNITY; if ((sess->fe->options & PR_O_CONTSTATS) && (s->flags & SF_BE_ASSIGNED) && (!tick_isset(req->analyse_exp) || tick_is_expired(req->analyse_exp, now_ms))) req->analyse_exp = tick_add(now_ms, 5000); t->expire = tick_first(t->expire, req->analyse_exp); t->expire = tick_first(t->expire, res->analyse_exp); t->expire = tick_first(t->expire, s->conn_exp); s->pending_events &= ~(TASK_WOKEN_TIMER | TASK_WOKEN_RES); stream_release_buffers(s); DBG_TRACE_DEVEL("queuing", STRM_EV_STRM_PROC, s); return t; /* nothing more to do */ } DBG_TRACE_DEVEL("releasing", STRM_EV_STRM_PROC, s); if (s->flags & SF_BE_ASSIGNED) _HA_ATOMIC_DEC(&s->be->beconn); if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) { chunk_printf(&trash, "%08x:%s.closed[%04x:%04x]\n", s->uniq_id, s->be->id, (unsigned short)conn_fd(sc_conn(scf)), (unsigned short)conn_fd(sc_conn(scb))); DISGUISE(write(1, trash.area, trash.data)); } if (!(s->flags & SF_IGNORE)) { s->logs.t_close = tv_ms_elapsed(&s->logs.tv_accept, &now); stream_process_counters(s); if (s->txn && s->txn->status) { int n; n = s->txn->status / 100; if (n < 1 || n > 5) n = 0; if (sess->fe->mode == PR_MODE_HTTP) { _HA_ATOMIC_INC(&sess->fe->fe_counters.p.http.rsp[n]); } if ((s->flags & SF_BE_ASSIGNED) && (s->be->mode == PR_MODE_HTTP)) { _HA_ATOMIC_INC(&s->be->be_counters.p.http.rsp[n]); _HA_ATOMIC_INC(&s->be->be_counters.p.http.cum_req); } } /* let's do a final log if we need it */ if (!LIST_ISEMPTY(&sess->fe->logformat) && s->logs.logwait && !(s->flags & SF_MONITOR) && (!(sess->fe->options & PR_O_NULLNOLOG) || req->total)) { /* we may need to know the position in the queue */ pendconn_free(s); stream_cond_update_cpu_usage(s); s->do_log(s); } /* update time stats for this stream */ stream_update_time_stats(s); } /* the task MUST not be in the run queue anymore */ stream_free(s); task_destroy(t); return NULL; } /* Update the stream's backend and server time stats */ void stream_update_time_stats(struct stream *s) { int t_request; int t_queue; int t_connect; int t_data; int t_close; struct server *srv; unsigned int samples_window; t_request = 0; t_queue = s->logs.t_queue; t_connect = s->logs.t_connect; t_close = s->logs.t_close; t_data = s->logs.t_data; if (s->be->mode != PR_MODE_HTTP) t_data = t_connect; if (t_connect < 0 || t_data < 0) return; if (tv_isge(&s->logs.tv_request, &s->logs.tv_accept)) t_request = tv_ms_elapsed(&s->logs.tv_accept, &s->logs.tv_request); t_data -= t_connect; t_connect -= t_queue; t_queue -= t_request; srv = objt_server(s->target); if (srv) { samples_window = (((s->be->mode == PR_MODE_HTTP) ? srv->counters.p.http.cum_req : srv->counters.cum_lbconn) > TIME_STATS_SAMPLES) ? TIME_STATS_SAMPLES : 0; swrate_add_dynamic(&srv->counters.q_time, samples_window, t_queue); swrate_add_dynamic(&srv->counters.c_time, samples_window, t_connect); swrate_add_dynamic(&srv->counters.d_time, samples_window, t_data); swrate_add_dynamic(&srv->counters.t_time, samples_window, t_close); HA_ATOMIC_UPDATE_MAX(&srv->counters.qtime_max, t_queue); HA_ATOMIC_UPDATE_MAX(&srv->counters.ctime_max, t_connect); HA_ATOMIC_UPDATE_MAX(&srv->counters.dtime_max, t_data); HA_ATOMIC_UPDATE_MAX(&srv->counters.ttime_max, t_close); } samples_window = (((s->be->mode == PR_MODE_HTTP) ? s->be->be_counters.p.http.cum_req : s->be->be_counters.cum_lbconn) > TIME_STATS_SAMPLES) ? TIME_STATS_SAMPLES : 0; swrate_add_dynamic(&s->be->be_counters.q_time, samples_window, t_queue); swrate_add_dynamic(&s->be->be_counters.c_time, samples_window, t_connect); swrate_add_dynamic(&s->be->be_counters.d_time, samples_window, t_data); swrate_add_dynamic(&s->be->be_counters.t_time, samples_window, t_close); HA_ATOMIC_UPDATE_MAX(&s->be->be_counters.qtime_max, t_queue); HA_ATOMIC_UPDATE_MAX(&s->be->be_counters.ctime_max, t_connect); HA_ATOMIC_UPDATE_MAX(&s->be->be_counters.dtime_max, t_data); HA_ATOMIC_UPDATE_MAX(&s->be->be_counters.ttime_max, t_close); } /* * This function adjusts sess->srv_conn and maintains the previous and new * server's served stream counts. Setting newsrv to NULL is enough to release * current connection slot. This function also notifies any LB algo which might * expect to be informed about any change in the number of active streams on a * server. */ void sess_change_server(struct stream *strm, struct server *newsrv) { struct server *oldsrv = strm->srv_conn; if (oldsrv == newsrv) return; if (oldsrv) { _HA_ATOMIC_DEC(&oldsrv->served); _HA_ATOMIC_DEC(&oldsrv->proxy->served); __ha_barrier_atomic_store(); if (oldsrv->proxy->lbprm.server_drop_conn) oldsrv->proxy->lbprm.server_drop_conn(oldsrv); stream_del_srv_conn(strm); } if (newsrv) { _HA_ATOMIC_INC(&newsrv->served); _HA_ATOMIC_INC(&newsrv->proxy->served); __ha_barrier_atomic_store(); if (newsrv->proxy->lbprm.server_take_conn) newsrv->proxy->lbprm.server_take_conn(newsrv); stream_add_srv_conn(strm, newsrv); } } /* Handle server-side errors for default protocols. It is called whenever a a * connection setup is aborted or a request is aborted in queue. It sets the * stream termination flags so that the caller does not have to worry about * them. It's installed as ->srv_error for the server-side stream connector. */ void default_srv_error(struct stream *s, struct stconn *sc) { int err_type = s->conn_err_type; int err = 0, fin = 0; if (err_type & STRM_ET_QUEUE_ABRT) { err = SF_ERR_CLICL; fin = SF_FINST_Q; } else if (err_type & STRM_ET_CONN_ABRT) { err = SF_ERR_CLICL; fin = SF_FINST_C; } else if (err_type & STRM_ET_QUEUE_TO) { err = SF_ERR_SRVTO; fin = SF_FINST_Q; } else if (err_type & STRM_ET_QUEUE_ERR) { err = SF_ERR_SRVCL; fin = SF_FINST_Q; } else if (err_type & STRM_ET_CONN_TO) { err = SF_ERR_SRVTO; fin = SF_FINST_C; } else if (err_type & STRM_ET_CONN_ERR) { err = SF_ERR_SRVCL; fin = SF_FINST_C; } else if (err_type & STRM_ET_CONN_RES) { err = SF_ERR_RESOURCE; fin = SF_FINST_C; } else /* STRM_ET_CONN_OTHER and others */ { err = SF_ERR_INTERNAL; fin = SF_FINST_C; } if (!(s->flags & SF_ERR_MASK)) s->flags |= err; if (!(s->flags & SF_FINST_MASK)) s->flags |= fin; } /* kill a stream and set the termination flags to (one of SF_ERR_*) */ void stream_shutdown(struct stream *stream, int why) { if (stream->req.flags & (CF_SHUTW|CF_SHUTW_NOW)) return; channel_shutw_now(&stream->req); channel_shutr_now(&stream->res); stream->task->nice = 1024; if (!(stream->flags & SF_ERR_MASK)) stream->flags |= why; task_wakeup(stream->task, TASK_WOKEN_OTHER); } /* Appends a dump of the state of stream into buffer which must have * preliminary be prepared by its caller, with each line prepended by prefix * , and each line terminated by character . */ void stream_dump(struct buffer *buf, const struct stream *s, const char *pfx, char eol) { const struct stconn *scf, *scb; const struct connection *cof, *cob; const struct appctx *acf, *acb; const struct server *srv; const char *src = "unknown"; const char *dst = "unknown"; char pn[INET6_ADDRSTRLEN]; const struct channel *req, *res; if (!s) { chunk_appendf(buf, "%sstrm=%p%c", pfx, s, eol); return; } if (s->obj_type != OBJ_TYPE_STREAM) { chunk_appendf(buf, "%sstrm=%p [invalid type=%d(%s)]%c", pfx, s, s->obj_type, obj_type_name(&s->obj_type), eol); return; } req = &s->req; res = &s->res; scf = s->scf; cof = sc_conn(scf); acf = sc_appctx(scf); if (cof && cof->src && addr_to_str(cof->src, pn, sizeof(pn)) >= 0) src = pn; else if (acf) src = acf->applet->name; scb = s->scb; cob = sc_conn(scb); acb = sc_appctx(scb); srv = objt_server(s->target); if (srv) dst = srv->id; else if (acb) dst = acb->applet->name; chunk_appendf(buf, "%sstrm=%p,%x src=%s fe=%s be=%s dst=%s%c" "%stxn=%p,%x txn.req=%s,%x txn.rsp=%s,%x%c" "%srqf=%x rqa=%x rpf=%x rpa=%x%c" "%sscf=%p,%s,%x scb=%p,%s,%x%c" "%saf=%p,%u sab=%p,%u%c" "%scof=%p,%x:%s(%p)/%s(%p)/%s(%d)%c" "%scob=%p,%x:%s(%p)/%s(%p)/%s(%d)%c" "", pfx, s, s->flags, src, s->sess->fe->id, s->be->id, dst, eol, pfx, s->txn, (s->txn ? s->txn->flags : 0), (s->txn ? h1_msg_state_str(s->txn->req.msg_state): "-"), (s->txn ? s->txn->req.flags : 0), (s->txn ? h1_msg_state_str(s->txn->rsp.msg_state): "-"), (s->txn ? s->txn->rsp.flags : 0), eol, pfx, req->flags, req->analysers, res->flags, res->analysers, eol, pfx, scf, sc_state_str(scf->state), scf->flags, scb, sc_state_str(scb->state), scb->flags, eol, pfx, acf, acf ? acf->st0 : 0, acb, acb ? acb->st0 : 0, eol, pfx, cof, cof ? cof->flags : 0, conn_get_mux_name(cof), cof?cof->ctx:0, conn_get_xprt_name(cof), cof ? cof->xprt_ctx : 0, conn_get_ctrl_name(cof), conn_fd(cof), eol, pfx, cob, cob ? cob->flags : 0, conn_get_mux_name(cob), cob?cob->ctx:0, conn_get_xprt_name(cob), cob ? cob->xprt_ctx : 0, conn_get_ctrl_name(cob), conn_fd(cob), eol); } /* dumps an error message for type at ptr related to stream , * having reached loop rate , then aborts hoping to retrieve a core. */ void stream_dump_and_crash(enum obj_type *obj, int rate) { const struct stream *s; char *msg = NULL; const void *ptr; ptr = s = objt_stream(obj); if (!s) { const struct appctx *appctx = objt_appctx(obj); if (!appctx) return; ptr = appctx; s = appctx_strm(appctx); if (!s) return; } chunk_reset(&trash); stream_dump(&trash, s, "", ' '); chunk_appendf(&trash, "filters={"); if (HAS_FILTERS(s)) { struct filter *filter; list_for_each_entry(filter, &s->strm_flt.filters, list) { if (filter->list.p != &s->strm_flt.filters) chunk_appendf(&trash, ", "); chunk_appendf(&trash, "%p=\"%s\"", filter, FLT_ID(filter)); } } chunk_appendf(&trash, "}"); if (ptr != s) { // that's an appctx const struct appctx *appctx = ptr; chunk_appendf(&trash, " applet=%p(", appctx->applet); resolve_sym_name(&trash, NULL, appctx->applet); chunk_appendf(&trash, ")"); chunk_appendf(&trash, " handler=%p(", appctx->applet->fct); resolve_sym_name(&trash, NULL, appctx->applet->fct); chunk_appendf(&trash, ")"); } memprintf(&msg, "A bogus %s [%p] is spinning at %d calls per second and refuses to die, " "aborting now! Please report this error to developers " "[%s]\n", obj_type_name(obj), ptr, rate, trash.area); ha_alert("%s", msg); send_log(NULL, LOG_EMERG, "%s", msg); ABORT_NOW(); } /* initialize the require structures */ static void init_stream() { int thr; for (thr = 0; thr < MAX_THREADS; thr++) LIST_INIT(&ha_thread_ctx[thr].streams); } INITCALL0(STG_INIT, init_stream); /* Generates a unique ID based on the given , stores it in the given and * returns the unique ID. * * If this function fails to allocate memory IST_NULL is returned. * * If an ID is already stored within the stream nothing happens existing unique ID is * returned. */ struct ist stream_generate_unique_id(struct stream *strm, struct list *format) { if (isttest(strm->unique_id)) { return strm->unique_id; } else { char *unique_id; int length; if ((unique_id = pool_alloc(pool_head_uniqueid)) == NULL) return IST_NULL; length = build_logline(strm, unique_id, UNIQUEID_LEN, format); strm->unique_id = ist2(unique_id, length); return strm->unique_id; } } /************************************************************************/ /* All supported ACL keywords must be declared here. */ /************************************************************************/ static enum act_return stream_action_set_log_level(struct act_rule *rule, struct proxy *px, struct session *sess, struct stream *s, int flags) { s->logs.level = (uintptr_t)rule->arg.act.p[0]; return ACT_RET_CONT; } /* Parse a "set-log-level" action. It takes the level value as argument. It * returns ACT_RET_PRS_OK on success, ACT_RET_PRS_ERR on error. */ static enum act_parse_ret stream_parse_set_log_level(const char **args, int *cur_arg, struct proxy *px, struct act_rule *rule, char **err) { int level; if (!*args[*cur_arg]) { bad_log_level: memprintf(err, "expects exactly 1 argument (log level name or 'silent')"); return ACT_RET_PRS_ERR; } if (strcmp(args[*cur_arg], "silent") == 0) level = -1; else if ((level = get_log_level(args[*cur_arg]) + 1) == 0) goto bad_log_level; (*cur_arg)++; /* Register processing function. */ rule->action_ptr = stream_action_set_log_level; rule->action = ACT_CUSTOM; rule->arg.act.p[0] = (void *)(uintptr_t)level; return ACT_RET_PRS_OK; } static enum act_return stream_action_set_nice(struct act_rule *rule, struct proxy *px, struct session *sess, struct stream *s, int flags) { s->task->nice = (uintptr_t)rule->arg.act.p[0]; return ACT_RET_CONT; } /* Parse a "set-nice" action. It takes the nice value as argument. It returns * ACT_RET_PRS_OK on success, ACT_RET_PRS_ERR on error. */ static enum act_parse_ret stream_parse_set_nice(const char **args, int *cur_arg, struct proxy *px, struct act_rule *rule, char **err) { int nice; if (!*args[*cur_arg]) { bad_log_level: memprintf(err, "expects exactly 1 argument (integer value)"); return ACT_RET_PRS_ERR; } nice = atoi(args[*cur_arg]); if (nice < -1024) nice = -1024; else if (nice > 1024) nice = 1024; (*cur_arg)++; /* Register processing function. */ rule->action_ptr = stream_action_set_nice; rule->action = ACT_CUSTOM; rule->arg.act.p[0] = (void *)(uintptr_t)nice; return ACT_RET_PRS_OK; } static enum act_return tcp_action_switch_stream_mode(struct act_rule *rule, struct proxy *px, struct session *sess, struct stream *s, int flags) { enum pr_mode mode = (uintptr_t)rule->arg.act.p[0]; const struct mux_proto_list *mux_proto = rule->arg.act.p[1]; if (!IS_HTX_STRM(s) && mode == PR_MODE_HTTP) { if (!stream_set_http_mode(s, mux_proto)) { channel_abort(&s->req); channel_abort(&s->res); return ACT_RET_ABRT; } } return ACT_RET_STOP; } static int check_tcp_switch_stream_mode(struct act_rule *rule, struct proxy *px, char **err) { const struct mux_proto_list *mux_ent; const struct mux_proto_list *mux_proto = rule->arg.act.p[1]; enum pr_mode pr_mode = (uintptr_t)rule->arg.act.p[0]; enum proto_proxy_mode mode = (1 << (pr_mode == PR_MODE_HTTP)); if (pr_mode == PR_MODE_HTTP) px->options |= PR_O_HTTP_UPG; if (mux_proto) { mux_ent = conn_get_best_mux_entry(mux_proto->token, PROTO_SIDE_FE, mode); if (!mux_ent || !isteq(mux_ent->token, mux_proto->token)) { memprintf(err, "MUX protocol '%.*s' is not compatible with the selected mode", (int)mux_proto->token.len, mux_proto->token.ptr); return 0; } } else { mux_ent = conn_get_best_mux_entry(IST_NULL, PROTO_SIDE_FE, mode); if (!mux_ent) { memprintf(err, "Unable to find compatible MUX protocol with the selected mode"); return 0; } } /* Update the mux */ rule->arg.act.p[1] = (void *)mux_ent; return 1; } static enum act_parse_ret stream_parse_switch_mode(const char **args, int *cur_arg, struct proxy *px, struct act_rule *rule, char **err) { const struct mux_proto_list *mux_proto = NULL; struct ist proto; enum pr_mode mode; /* must have at least the mode */ if (*(args[*cur_arg]) == 0) { memprintf(err, "'%s %s' expects a mode as argument.", args[0], args[*cur_arg-1]); return ACT_RET_PRS_ERR; } if (!(px->cap & PR_CAP_FE)) { memprintf(err, "'%s %s' not allowed because %s '%s' has no frontend capability", args[0], args[*cur_arg-1], proxy_type_str(px), px->id); return ACT_RET_PRS_ERR; } /* Check if the mode. For now "tcp" is disabled because downgrade is not * supported and PT is the only TCP mux. */ if (strcmp(args[*cur_arg], "http") == 0) mode = PR_MODE_HTTP; else { memprintf(err, "'%s %s' expects a valid mode (got '%s').", args[0], args[*cur_arg-1], args[*cur_arg]); return ACT_RET_PRS_ERR; } /* check the proto, if specified */ if (*(args[*cur_arg+1]) && strcmp(args[*cur_arg+1], "proto") == 0) { if (*(args[*cur_arg+2]) == 0) { memprintf(err, "'%s %s': '%s' expects a protocol as argument.", args[0], args[*cur_arg-1], args[*cur_arg+1]); return ACT_RET_PRS_ERR; } proto = ist(args[*cur_arg + 2]); mux_proto = get_mux_proto(proto); if (!mux_proto) { memprintf(err, "'%s %s': '%s' expects a valid MUX protocol, if specified (got '%s')", args[0], args[*cur_arg-1], args[*cur_arg+1], args[*cur_arg+2]); return ACT_RET_PRS_ERR; } *cur_arg += 2; } (*cur_arg)++; /* Register processing function. */ rule->action_ptr = tcp_action_switch_stream_mode; rule->check_ptr = check_tcp_switch_stream_mode; rule->action = ACT_CUSTOM; rule->arg.act.p[0] = (void *)(uintptr_t)mode; rule->arg.act.p[1] = (void *)mux_proto; return ACT_RET_PRS_OK; } /* 0=OK, <0=Alert, >0=Warning */ static enum act_parse_ret stream_parse_use_service(const char **args, int *cur_arg, struct proxy *px, struct act_rule *rule, char **err) { struct action_kw *kw; /* Check if the service name exists. */ if (*(args[*cur_arg]) == 0) { memprintf(err, "'%s' expects a service name.", args[0]); return ACT_RET_PRS_ERR; } /* lookup for keyword corresponding to a service. */ kw = action_lookup(&service_keywords, args[*cur_arg]); if (!kw) { memprintf(err, "'%s' unknown service name.", args[1]); return ACT_RET_PRS_ERR; } (*cur_arg)++; /* executes specific rule parser. */ rule->kw = kw; if (kw->parse((const char **)args, cur_arg, px, rule, err) == ACT_RET_PRS_ERR) return ACT_RET_PRS_ERR; /* Register processing function. */ rule->action_ptr = process_use_service; rule->action = ACT_CUSTOM; return ACT_RET_PRS_OK; } void service_keywords_register(struct action_kw_list *kw_list) { LIST_APPEND(&service_keywords, &kw_list->list); } struct action_kw *service_find(const char *kw) { return action_lookup(&service_keywords, kw); } /* Lists the known services on . If is null, emit them on stdout one * per line. */ void list_services(FILE *out) { const struct action_kw *akwp, *akwn; struct action_kw_list *kw_list; int found = 0; int i; if (out) fprintf(out, "Available services :"); for (akwn = akwp = NULL;; akwp = akwn) { list_for_each_entry(kw_list, &service_keywords, list) { for (i = 0; kw_list->kw[i].kw != NULL; i++) { if (strordered(akwp ? akwp->kw : NULL, kw_list->kw[i].kw, akwn != akwp ? akwn->kw : NULL)) akwn = &kw_list->kw[i]; found = 1; } } if (akwn == akwp) break; if (out) fprintf(out, " %s", akwn->kw); else printf("%s\n", akwn->kw); } if (!found && out) fprintf(out, " none\n"); } /* appctx context used by the "show sess" command */ struct show_sess_ctx { struct bref bref; /* back-reference from the session being dumped */ void *target; /* session we want to dump, or NULL for all */ unsigned int thr; /* the thread number being explored (0..MAX_THREADS-1) */ unsigned int uid; /* if non-null, the uniq_id of the session being dumped */ int section; /* section of the session being dumped */ int pos; /* last position of the current session's buffer */ }; /* This function dumps a complete stream state onto the stream connector's * read buffer. The stream has to be set in strm. It returns 0 if the output * buffer is full and it needs to be called again, otherwise non-zero. It is * designed to be called from stats_dump_strm_to_buffer() below. */ static int stats_dump_full_strm_to_buffer(struct stconn *sc, struct stream *strm) { struct appctx *appctx = __sc_appctx(sc); struct show_sess_ctx *ctx = appctx->svcctx; struct stconn *scf, *scb; struct tm tm; extern const char *monthname[12]; char pn[INET6_ADDRSTRLEN]; struct connection *conn; struct appctx *tmpctx; chunk_reset(&trash); if (ctx->section > 0 && ctx->uid != strm->uniq_id) { /* stream changed, no need to go any further */ chunk_appendf(&trash, " *** session terminated while we were watching it ***\n"); if (applet_putchk(appctx, &trash) == -1) goto full; goto done; } switch (ctx->section) { case 0: /* main status of the stream */ ctx->uid = strm->uniq_id; ctx->section = 1; /* fall through */ case 1: get_localtime(strm->logs.accept_date.tv_sec, &tm); chunk_appendf(&trash, "%p: [%02d/%s/%04d:%02d:%02d:%02d.%06d] id=%u proto=%s", strm, tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900, tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(strm->logs.accept_date.tv_usec), strm->uniq_id, strm_li(strm) ? strm_li(strm)->rx.proto->name : "?"); conn = objt_conn(strm_orig(strm)); switch (conn && conn_get_src(conn) ? addr_to_str(conn->src, pn, sizeof(pn)) : AF_UNSPEC) { case AF_INET: case AF_INET6: chunk_appendf(&trash, " source=%s:%d\n", pn, get_host_port(conn->src)); break; case AF_UNIX: chunk_appendf(&trash, " source=unix:%d\n", strm_li(strm)->luid); break; default: /* no more information to print right now */ chunk_appendf(&trash, "\n"); break; } chunk_appendf(&trash, " flags=0x%x, conn_retries=%d, conn_exp=%s conn_et=0x%03x srv_conn=%p, pend_pos=%p waiting=%d epoch=%#x\n", strm->flags, strm->conn_retries, strm->conn_exp ? tick_is_expired(strm->conn_exp, now_ms) ? "" : human_time(TICKS_TO_MS(strm->conn_exp - now_ms), TICKS_TO_MS(1000)) : "", strm->conn_err_type, strm->srv_conn, strm->pend_pos, LIST_INLIST(&strm->buffer_wait.list), strm->stream_epoch); chunk_appendf(&trash, " frontend=%s (id=%u mode=%s), listener=%s (id=%u)", strm_fe(strm)->id, strm_fe(strm)->uuid, proxy_mode_str(strm_fe(strm)->mode), strm_li(strm) ? strm_li(strm)->name ? strm_li(strm)->name : "?" : "?", strm_li(strm) ? strm_li(strm)->luid : 0); switch (conn && conn_get_dst(conn) ? addr_to_str(conn->dst, pn, sizeof(pn)) : AF_UNSPEC) { case AF_INET: case AF_INET6: chunk_appendf(&trash, " addr=%s:%d\n", pn, get_host_port(conn->dst)); break; case AF_UNIX: chunk_appendf(&trash, " addr=unix:%d\n", strm_li(strm)->luid); break; default: /* no more information to print right now */ chunk_appendf(&trash, "\n"); break; } if (strm->be->cap & PR_CAP_BE) chunk_appendf(&trash, " backend=%s (id=%u mode=%s)", strm->be->id, strm->be->uuid, proxy_mode_str(strm->be->mode)); else chunk_appendf(&trash, " backend= (id=-1 mode=-)"); conn = sc_conn(strm->scb); switch (conn && conn_get_src(conn) ? addr_to_str(conn->src, pn, sizeof(pn)) : AF_UNSPEC) { case AF_INET: case AF_INET6: chunk_appendf(&trash, " addr=%s:%d\n", pn, get_host_port(conn->src)); break; case AF_UNIX: chunk_appendf(&trash, " addr=unix\n"); break; default: /* no more information to print right now */ chunk_appendf(&trash, "\n"); break; } if (strm->be->cap & PR_CAP_BE) chunk_appendf(&trash, " server=%s (id=%u)", objt_server(strm->target) ? __objt_server(strm->target)->id : "", objt_server(strm->target) ? __objt_server(strm->target)->puid : 0); else chunk_appendf(&trash, " server= (id=-1)"); switch (conn && conn_get_dst(conn) ? addr_to_str(conn->dst, pn, sizeof(pn)) : AF_UNSPEC) { case AF_INET: case AF_INET6: chunk_appendf(&trash, " addr=%s:%d\n", pn, get_host_port(conn->dst)); break; case AF_UNIX: chunk_appendf(&trash, " addr=unix\n"); break; default: /* no more information to print right now */ chunk_appendf(&trash, "\n"); break; } chunk_appendf(&trash, " task=%p (state=0x%02x nice=%d calls=%u rate=%u exp=%s tmask=0x%lx%s", strm->task, strm->task->state, strm->task->nice, strm->task->calls, read_freq_ctr(&strm->call_rate), strm->task->expire ? tick_is_expired(strm->task->expire, now_ms) ? "" : human_time(TICKS_TO_MS(strm->task->expire - now_ms), TICKS_TO_MS(1000)) : "", strm->task->thread_mask, task_in_rq(strm->task) ? ", running" : ""); chunk_appendf(&trash, " age=%s)\n", human_time(now.tv_sec - strm->logs.accept_date.tv_sec, 1)); if (strm->txn) chunk_appendf(&trash, " txn=%p flags=0x%x meth=%d status=%d req.st=%s rsp.st=%s req.f=0x%02x rsp.f=0x%02x\n", strm->txn, strm->txn->flags, strm->txn->meth, strm->txn->status, h1_msg_state_str(strm->txn->req.msg_state), h1_msg_state_str(strm->txn->rsp.msg_state), strm->txn->req.flags, strm->txn->rsp.flags); scf = strm->scf; chunk_appendf(&trash, " scf=%p flags=0x%08x state=%s endp=%s,%p,0x%08x sub=%d\n", scf, scf->flags, sc_state_str(scf->state), (sc_ep_test(scf, SE_FL_T_MUX) ? "CONN" : (sc_ep_test(scf, SE_FL_T_APPLET) ? "APPCTX" : "NONE")), scf->sedesc->se, sc_ep_get(scf), scf->wait_event.events); if ((conn = sc_conn(scf)) != NULL) { chunk_appendf(&trash, " co0=%p ctrl=%s xprt=%s mux=%s data=%s target=%s:%p\n", conn, conn_get_ctrl_name(conn), conn_get_xprt_name(conn), conn_get_mux_name(conn), sc_get_data_name(scf), obj_type_name(conn->target), obj_base_ptr(conn->target)); chunk_appendf(&trash, " flags=0x%08x fd=%d fd.state=%02x updt=%d fd.tmask=0x%lx\n", conn->flags, conn_fd(conn), conn_fd(conn) >= 0 ? fdtab[conn->handle.fd].state : 0, conn_fd(conn) >= 0 ? !!(fdtab[conn->handle.fd].update_mask & tid_bit) : 0, conn_fd(conn) >= 0 ? fdtab[conn->handle.fd].thread_mask: 0); } else if ((tmpctx = sc_appctx(scf)) != NULL) { chunk_appendf(&trash, " app0=%p st0=%d st1=%d st2=%d applet=%s tmask=0x%lx nice=%d calls=%u rate=%u cpu=%llu lat=%llu\n", tmpctx, tmpctx->st0, tmpctx->st1, tmpctx->_st2, tmpctx->applet->name, tmpctx->t->thread_mask, tmpctx->t->nice, tmpctx->t->calls, read_freq_ctr(&tmpctx->call_rate), (unsigned long long)tmpctx->t->cpu_time, (unsigned long long)tmpctx->t->lat_time); } scb = strm->scb; chunk_appendf(&trash, " scb=%p flags=0x%08x state=%s endp=%s,%p,0x%08x sub=%d\n", scb, scb->flags, sc_state_str(scb->state), (sc_ep_test(scb, SE_FL_T_MUX) ? "CONN" : (sc_ep_test(scb, SE_FL_T_APPLET) ? "APPCTX" : "NONE")), scb->sedesc->se, sc_ep_get(scb), scb->wait_event.events); if ((conn = sc_conn(scb)) != NULL) { chunk_appendf(&trash, " co1=%p ctrl=%s xprt=%s mux=%s data=%s target=%s:%p\n", conn, conn_get_ctrl_name(conn), conn_get_xprt_name(conn), conn_get_mux_name(conn), sc_get_data_name(scb), obj_type_name(conn->target), obj_base_ptr(conn->target)); chunk_appendf(&trash, " flags=0x%08x fd=%d fd.state=%02x updt=%d fd.tmask=0x%lx\n", conn->flags, conn_fd(conn), conn_fd(conn) >= 0 ? fdtab[conn->handle.fd].state : 0, conn_fd(conn) >= 0 ? !!(fdtab[conn->handle.fd].update_mask & tid_bit) : 0, conn_fd(conn) >= 0 ? fdtab[conn->handle.fd].thread_mask: 0); } else if ((tmpctx = sc_appctx(scb)) != NULL) { chunk_appendf(&trash, " app1=%p st0=%d st1=%d st2=%d applet=%s tmask=0x%lx nice=%d calls=%u rate=%u cpu=%llu lat=%llu\n", tmpctx, tmpctx->st0, tmpctx->st1, tmpctx->_st2, tmpctx->applet->name, tmpctx->t->thread_mask, tmpctx->t->nice, tmpctx->t->calls, read_freq_ctr(&tmpctx->call_rate), (unsigned long long)tmpctx->t->cpu_time, (unsigned long long)tmpctx->t->lat_time); } chunk_appendf(&trash, " req=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n" " an_exp=%s", &strm->req, strm->req.flags, strm->req.analysers, strm->req.pipe ? strm->req.pipe->data : 0, strm->req.to_forward, strm->req.total, strm->req.analyse_exp ? human_time(TICKS_TO_MS(strm->req.analyse_exp - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, " rex=%s", strm->req.rex ? human_time(TICKS_TO_MS(strm->req.rex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, " wex=%s\n" " buf=%p data=%p o=%u p=%u i=%u size=%u\n", strm->req.wex ? human_time(TICKS_TO_MS(strm->req.wex - now_ms), TICKS_TO_MS(1000)) : "", &strm->req.buf, b_orig(&strm->req.buf), (unsigned int)co_data(&strm->req), (unsigned int)ci_head_ofs(&strm->req), (unsigned int)ci_data(&strm->req), (unsigned int)strm->req.buf.size); if (IS_HTX_STRM(strm)) { struct htx *htx = htxbuf(&strm->req.buf); chunk_appendf(&trash, " htx=%p flags=0x%x size=%u data=%u used=%u wrap=%s extra=%llu\n", htx, htx->flags, htx->size, htx->data, htx_nbblks(htx), (htx->tail >= htx->head) ? "NO" : "YES", (unsigned long long)htx->extra); } if (HAS_FILTERS(strm) && strm_flt(strm)->current[0]) { struct filter *flt = strm_flt(strm)->current[0]; chunk_appendf(&trash, " current_filter=%p (id=\"%s\" flags=0x%x pre=0x%x post=0x%x) \n", flt, flt->config->id, flt->flags, flt->pre_analyzers, flt->post_analyzers); } chunk_appendf(&trash, " res=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n" " an_exp=%s", &strm->res, strm->res.flags, strm->res.analysers, strm->res.pipe ? strm->res.pipe->data : 0, strm->res.to_forward, strm->res.total, strm->res.analyse_exp ? human_time(TICKS_TO_MS(strm->res.analyse_exp - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, " rex=%s", strm->res.rex ? human_time(TICKS_TO_MS(strm->res.rex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, " wex=%s\n" " buf=%p data=%p o=%u p=%u i=%u size=%u\n", strm->res.wex ? human_time(TICKS_TO_MS(strm->res.wex - now_ms), TICKS_TO_MS(1000)) : "", &strm->res.buf, b_orig(&strm->res.buf), (unsigned int)co_data(&strm->res), (unsigned int)ci_head_ofs(&strm->res), (unsigned int)ci_data(&strm->res), (unsigned int)strm->res.buf.size); if (IS_HTX_STRM(strm)) { struct htx *htx = htxbuf(&strm->res.buf); chunk_appendf(&trash, " htx=%p flags=0x%x size=%u data=%u used=%u wrap=%s extra=%llu\n", htx, htx->flags, htx->size, htx->data, htx_nbblks(htx), (htx->tail >= htx->head) ? "NO" : "YES", (unsigned long long)htx->extra); } if (HAS_FILTERS(strm) && strm_flt(strm)->current[1]) { struct filter *flt = strm_flt(strm)->current[1]; chunk_appendf(&trash, " current_filter=%p (id=\"%s\" flags=0x%x pre=0x%x post=0x%x) \n", flt, flt->config->id, flt->flags, flt->pre_analyzers, flt->post_analyzers); } if (strm->current_rule_list && strm->current_rule) { const struct act_rule *rule = strm->current_rule; chunk_appendf(&trash, " current_rule=\"%s\" [%s:%d]\n", rule->kw->kw, rule->conf.file, rule->conf.line); } if (applet_putchk(appctx, &trash) == -1) goto full; /* use other states to dump the contents */ } /* end of dump */ done: ctx->uid = 0; ctx->section = 0; return 1; full: return 0; } static int cli_parse_show_sess(char **args, char *payload, struct appctx *appctx, void *private) { struct show_sess_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx)); if (!cli_has_level(appctx, ACCESS_LVL_OPER)) return 1; if (*args[2] && strcmp(args[2], "all") == 0) ctx->target = (void *)-1; else if (*args[2]) ctx->target = (void *)strtoul(args[2], NULL, 0); else ctx->target = NULL; ctx->section = 0; /* start with stream status */ ctx->pos = 0; ctx->thr = 0; /* The back-ref must be reset, it will be detected and set by * the dump code upon first invocation. */ LIST_INIT(&ctx->bref.users); /* let's set our own stream's epoch to the current one and increment * it so that we know which streams were already there before us. */ appctx_strm(appctx)->stream_epoch = _HA_ATOMIC_FETCH_ADD(&stream_epoch, 1); return 0; } /* This function dumps all streams' states onto the stream connector's * read buffer. It returns 0 if the output buffer is full and it needs * to be called again, otherwise non-zero. It proceeds in an isolated * thread so there is no thread safety issue here. */ static int cli_io_handler_dump_sess(struct appctx *appctx) { struct show_sess_ctx *ctx = appctx->svcctx; struct stconn *sc = appctx_sc(appctx); struct connection *conn; thread_isolate(); if (ctx->thr >= global.nbthread) { /* already terminated */ goto done; } if (unlikely(sc_ic(sc)->flags & (CF_WRITE_ERROR|CF_SHUTW))) { /* If we're forced to shut down, we might have to remove our * reference to the last stream being dumped. */ if (!LIST_ISEMPTY(&ctx->bref.users)) { LIST_DELETE(&ctx->bref.users); LIST_INIT(&ctx->bref.users); } goto done; } chunk_reset(&trash); /* first, let's detach the back-ref from a possible previous stream */ if (!LIST_ISEMPTY(&ctx->bref.users)) { LIST_DELETE(&ctx->bref.users); LIST_INIT(&ctx->bref.users); } else if (!ctx->bref.ref) { /* first call, start with first stream */ ctx->bref.ref = ha_thread_ctx[ctx->thr].streams.n; } /* and start from where we stopped */ while (1) { char pn[INET6_ADDRSTRLEN]; struct stream *curr_strm; int done= 0; if (ctx->bref.ref == &ha_thread_ctx[ctx->thr].streams) done = 1; else { /* check if we've found a stream created after issuing the "show sess" */ curr_strm = LIST_ELEM(ctx->bref.ref, struct stream *, list); if ((int)(curr_strm->stream_epoch - appctx_strm(appctx)->stream_epoch) > 0) done = 1; } if (done) { ctx->thr++; if (ctx->thr >= global.nbthread) break; ctx->bref.ref = ha_thread_ctx[ctx->thr].streams.n; continue; } if (ctx->target) { if (ctx->target != (void *)-1 && ctx->target != curr_strm) goto next_sess; LIST_APPEND(&curr_strm->back_refs, &ctx->bref.users); /* call the proper dump() function and return if we're missing space */ if (!stats_dump_full_strm_to_buffer(sc, curr_strm)) goto full; /* stream dump complete */ LIST_DELETE(&ctx->bref.users); LIST_INIT(&ctx->bref.users); if (ctx->target != (void *)-1) { ctx->target = NULL; break; } else goto next_sess; } chunk_appendf(&trash, "%p: proto=%s", curr_strm, strm_li(curr_strm) ? strm_li(curr_strm)->rx.proto->name : "?"); conn = objt_conn(strm_orig(curr_strm)); switch (conn && conn_get_src(conn) ? addr_to_str(conn->src, pn, sizeof(pn)) : AF_UNSPEC) { case AF_INET: case AF_INET6: chunk_appendf(&trash, " src=%s:%d fe=%s be=%s srv=%s", pn, get_host_port(conn->src), strm_fe(curr_strm)->id, (curr_strm->be->cap & PR_CAP_BE) ? curr_strm->be->id : "", objt_server(curr_strm->target) ? __objt_server(curr_strm->target)->id : "" ); break; case AF_UNIX: chunk_appendf(&trash, " src=unix:%d fe=%s be=%s srv=%s", strm_li(curr_strm)->luid, strm_fe(curr_strm)->id, (curr_strm->be->cap & PR_CAP_BE) ? curr_strm->be->id : "", objt_server(curr_strm->target) ? __objt_server(curr_strm->target)->id : "" ); break; } chunk_appendf(&trash, " ts=%02x epoch=%#x age=%s calls=%u rate=%u cpu=%llu lat=%llu", curr_strm->task->state, curr_strm->stream_epoch, human_time(now.tv_sec - curr_strm->logs.tv_accept.tv_sec, 1), curr_strm->task->calls, read_freq_ctr(&curr_strm->call_rate), (unsigned long long)curr_strm->task->cpu_time, (unsigned long long)curr_strm->task->lat_time); chunk_appendf(&trash, " rq[f=%06xh,i=%u,an=%02xh,rx=%s", curr_strm->req.flags, (unsigned int)ci_data(&curr_strm->req), curr_strm->req.analysers, curr_strm->req.rex ? human_time(TICKS_TO_MS(curr_strm->req.rex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, ",wx=%s", curr_strm->req.wex ? human_time(TICKS_TO_MS(curr_strm->req.wex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, ",ax=%s]", curr_strm->req.analyse_exp ? human_time(TICKS_TO_MS(curr_strm->req.analyse_exp - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, " rp[f=%06xh,i=%u,an=%02xh,rx=%s", curr_strm->res.flags, (unsigned int)ci_data(&curr_strm->res), curr_strm->res.analysers, curr_strm->res.rex ? human_time(TICKS_TO_MS(curr_strm->res.rex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, ",wx=%s", curr_strm->res.wex ? human_time(TICKS_TO_MS(curr_strm->res.wex - now_ms), TICKS_TO_MS(1000)) : ""); chunk_appendf(&trash, ",ax=%s]", curr_strm->res.analyse_exp ? human_time(TICKS_TO_MS(curr_strm->res.analyse_exp - now_ms), TICKS_TO_MS(1000)) : ""); conn = sc_conn(curr_strm->scf); chunk_appendf(&trash, " scf=[%d,%1xh,fd=%d]", curr_strm->scf->state, curr_strm->scf->flags, conn_fd(conn)); conn = sc_conn(curr_strm->scb); chunk_appendf(&trash, " scb=[%d,%1xh,fd=%d]", curr_strm->scb->state, curr_strm->scb->flags, conn_fd(conn)); chunk_appendf(&trash, " exp=%s rc=%d c_exp=%s", curr_strm->task->expire ? human_time(TICKS_TO_MS(curr_strm->task->expire - now_ms), TICKS_TO_MS(1000)) : "", curr_strm->conn_retries, curr_strm->conn_exp ? human_time(TICKS_TO_MS(curr_strm->conn_exp - now_ms), TICKS_TO_MS(1000)) : ""); if (task_in_rq(curr_strm->task)) chunk_appendf(&trash, " run(nice=%d)", curr_strm->task->nice); chunk_appendf(&trash, "\n"); if (applet_putchk(appctx, &trash) == -1) { /* let's try again later from this stream. We add ourselves into * this stream's users so that it can remove us upon termination. */ LIST_APPEND(&curr_strm->back_refs, &ctx->bref.users); goto full; } next_sess: ctx->bref.ref = curr_strm->list.n; } if (ctx->target && ctx->target != (void *)-1) { /* specified stream not found */ if (ctx->section > 0) chunk_appendf(&trash, " *** session terminated while we were watching it ***\n"); else chunk_appendf(&trash, "Session not found.\n"); if (applet_putchk(appctx, &trash) == -1) goto full; ctx->target = NULL; ctx->uid = 0; goto done; } done: thread_release(); return 1; full: thread_release(); return 0; } static void cli_release_show_sess(struct appctx *appctx) { struct show_sess_ctx *ctx = appctx->svcctx; if (ctx->thr < global.nbthread) { /* a dump was aborted, either in error or timeout. We need to * safely detach from the target stream's list. It's mandatory * to lock because a stream on the target thread could be moving * our node. */ thread_isolate(); if (!LIST_ISEMPTY(&ctx->bref.users)) LIST_DELETE(&ctx->bref.users); thread_release(); } } /* Parses the "shutdown session" directive, it always returns 1 */ static int cli_parse_shutdown_session(char **args, char *payload, struct appctx *appctx, void *private) { struct stream *strm, *ptr; int thr; if (!cli_has_level(appctx, ACCESS_LVL_ADMIN)) return 1; ptr = (void *)strtoul(args[2], NULL, 0); if (!ptr) return cli_err(appctx, "Session pointer expected (use 'show sess').\n"); strm = NULL; thread_isolate(); /* first, look for the requested stream in the stream table */ for (thr = 0; strm != ptr && thr < global.nbthread; thr++) { list_for_each_entry(strm, &ha_thread_ctx[thr].streams, list) { if (strm == ptr) { stream_shutdown(strm, SF_ERR_KILLED); break; } } } thread_release(); /* do we have the stream ? */ if (strm != ptr) return cli_err(appctx, "No such session (use 'show sess').\n"); return 1; } /* Parses the "shutdown session server" directive, it always returns 1 */ static int cli_parse_shutdown_sessions_server(char **args, char *payload, struct appctx *appctx, void *private) { struct server *sv; if (!cli_has_level(appctx, ACCESS_LVL_ADMIN)) return 1; sv = cli_find_server(appctx, args[3]); if (!sv) return 1; /* kill all the stream that are on this server */ HA_SPIN_LOCK(SERVER_LOCK, &sv->lock); srv_shutdown_streams(sv, SF_ERR_KILLED); HA_SPIN_UNLOCK(SERVER_LOCK, &sv->lock); return 1; } /* register cli keywords */ static struct cli_kw_list cli_kws = {{ },{ { { "show", "sess", NULL }, "show sess [id] : report the list of current sessions or dump this exact session", cli_parse_show_sess, cli_io_handler_dump_sess, cli_release_show_sess }, { { "shutdown", "session", NULL }, "shutdown session [id] : kill a specific session", cli_parse_shutdown_session, NULL, NULL }, { { "shutdown", "sessions", "server" }, "shutdown sessions server / : kill sessions on a server", cli_parse_shutdown_sessions_server, NULL, NULL }, {{},} }}; INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws); /* main configuration keyword registration. */ static struct action_kw_list stream_tcp_req_keywords = { ILH, { { "set-log-level", stream_parse_set_log_level }, { "set-nice", stream_parse_set_nice }, { "switch-mode", stream_parse_switch_mode }, { "use-service", stream_parse_use_service }, { /* END */ } }}; INITCALL1(STG_REGISTER, tcp_req_cont_keywords_register, &stream_tcp_req_keywords); /* main configuration keyword registration. */ static struct action_kw_list stream_tcp_res_keywords = { ILH, { { "set-log-level", stream_parse_set_log_level }, { "set-nice", stream_parse_set_nice }, { /* END */ } }}; INITCALL1(STG_REGISTER, tcp_res_cont_keywords_register, &stream_tcp_res_keywords); static struct action_kw_list stream_http_req_keywords = { ILH, { { "set-log-level", stream_parse_set_log_level }, { "set-nice", stream_parse_set_nice }, { "use-service", stream_parse_use_service }, { /* END */ } }}; INITCALL1(STG_REGISTER, http_req_keywords_register, &stream_http_req_keywords); static struct action_kw_list stream_http_res_keywords = { ILH, { { "set-log-level", stream_parse_set_log_level }, { "set-nice", stream_parse_set_nice }, { /* END */ } }}; INITCALL1(STG_REGISTER, http_res_keywords_register, &stream_http_res_keywords); static int smp_fetch_cur_server_timeout(const struct arg *args, struct sample *smp, const char *km, void *private) { smp->flags = SMP_F_VOL_TXN; smp->data.type = SMP_T_SINT; if (!smp->strm) return 0; smp->data.u.sint = TICKS_TO_MS(smp->strm->res.rto); return 1; } static int smp_fetch_cur_tunnel_timeout(const struct arg *args, struct sample *smp, const char *km, void *private) { smp->flags = SMP_F_VOL_TXN; smp->data.type = SMP_T_SINT; if (!smp->strm) return 0; smp->data.u.sint = TICKS_TO_MS(smp->strm->tunnel_timeout); return 1; } static int smp_fetch_last_rule_file(const struct arg *args, struct sample *smp, const char *km, void *private) { smp->flags = SMP_F_VOL_TXN; smp->data.type = SMP_T_STR; if (!smp->strm || !smp->strm->last_rule_file) return 0; smp->flags |= SMP_F_CONST; smp->data.u.str.area = (char *)smp->strm->last_rule_file; smp->data.u.str.data = strlen(smp->strm->last_rule_file); return 1; } static int smp_fetch_last_rule_line(const struct arg *args, struct sample *smp, const char *km, void *private) { smp->flags = SMP_F_VOL_TXN; smp->data.type = SMP_T_SINT; if (!smp->strm || !smp->strm->last_rule_line) return 0; smp->data.u.sint = smp->strm->last_rule_line; return 1; } /* Note: must not be declared as its list will be overwritten. * Please take care of keeping this list alphabetically sorted. */ static struct sample_fetch_kw_list smp_kws = {ILH, { { "cur_server_timeout", smp_fetch_cur_server_timeout, 0, NULL, SMP_T_SINT, SMP_USE_BKEND, }, { "cur_tunnel_timeout", smp_fetch_cur_tunnel_timeout, 0, NULL, SMP_T_SINT, SMP_USE_BKEND, }, { "last_rule_file", smp_fetch_last_rule_file, 0, NULL, SMP_T_STR, SMP_USE_INTRN, }, { "last_rule_line", smp_fetch_last_rule_line, 0, NULL, SMP_T_SINT, SMP_USE_INTRN, }, { NULL, NULL, 0, 0, 0 }, }}; INITCALL1(STG_REGISTER, sample_register_fetches, &smp_kws); /* * Local variables: * c-indent-level: 8 * c-basic-offset: 8 * End: */