1 files changed, 528 insertions, 0 deletions
diff --git a/src/session.c b/src/session.c
new file mode 100644
index 0000000..ce9ccbf
--- /dev/null
+++ b/src/session.c
@@ -0,0 +1,528 @@
+/*
+ * Session management functions.
+ *
+ * Copyright 2000-2015 Willy Tarreau <w@1wt.eu>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ */
+
+#include <haproxy/ssl_sock-t.h>
+
+#include <haproxy/api.h>
+#include <haproxy/connection.h>
+#include <haproxy/global.h>
+#include <haproxy/http.h>
+#include <haproxy/listener.h>
+#include <haproxy/log.h>
+#include <haproxy/pool.h>
+#include <haproxy/proxy.h>
+#include <haproxy/session.h>
+#include <haproxy/tcp_rules.h>
+#include <haproxy/tools.h>
+#include <haproxy/vars.h>
+
+
+DECLARE_POOL(pool_head_session, "session", sizeof(struct session));
+DECLARE_POOL(pool_head_sess_srv_list, "session server list",
+		sizeof(struct sess_srv_list));
+
+int conn_complete_session(struct connection *conn);
+
+/* Create a a new session and assign it to frontend <fe>, listener <li>,
+ * origin <origin>, set the current date and clear the stick counters pointers.
+ * Returns the session upon success or NULL. The session may be released using
+ * session_free(). Note: <li> may be NULL.
+ */
+struct session *session_new(struct proxy *fe, struct listener *li, enum obj_type *origin)
+{
+	struct session *sess;
+
+	sess = pool_alloc(pool_head_session);
+	if (sess) {
+		sess->listener = li;
+		sess->fe = fe;
+		sess->origin = origin;
+		sess->accept_date = date; /* user-visible date for logging */
+		sess->accept_ts = now_ns;  /* corrected date for internal use */
+		sess->stkctr = NULL;
+		if (pool_head_stk_ctr) {
+			sess->stkctr = pool_alloc(pool_head_stk_ctr);
+			if (!sess->stkctr)
+				goto out_fail_alloc;
+			memset(sess->stkctr, 0, sizeof(sess->stkctr[0]) * global.tune.nb_stk_ctr);
+		}
+		vars_init_head(&sess->vars, SCOPE_SESS);
+		sess->task = NULL;
+		sess->t_handshake = -1; /* handshake not done yet */
+		sess->t_idle = -1;
+		_HA_ATOMIC_INC(&totalconn);
+		_HA_ATOMIC_INC(&jobs);
+		LIST_INIT(&sess->srv_list);
+		sess->idle_conns = 0;
+		sess->flags = SESS_FL_NONE;
+		sess->src = NULL;
+		sess->dst = NULL;
+	}
+	return sess;
+ out_fail_alloc:
+	pool_free(pool_head_session, sess);
+	return NULL;
+}
+
+void session_free(struct session *sess)
+{
+	struct connection *conn, *conn_back;
+	struct sess_srv_list *srv_list, *srv_list_back;
+
+	if (sess->listener)
+		listener_release(sess->listener);
+	session_store_counters(sess);
+	pool_free(pool_head_stk_ctr, sess->stkctr);
+	vars_prune_per_sess(&sess->vars);
+	conn = objt_conn(sess->origin);
+	if (conn != NULL && conn->mux)
+		conn->mux->destroy(conn->ctx);
+	list_for_each_entry_safe(srv_list, srv_list_back, &sess->srv_list, srv_list) {
+		list_for_each_entry_safe(conn, conn_back, &srv_list->conn_list, session_list) {
+			LIST_DEL_INIT(&conn->session_list);
+			if (conn->mux) {
+				conn->owner = NULL;
+				conn->flags &= ~CO_FL_SESS_IDLE;
+				conn->mux->destroy(conn->ctx);
+			} else {
+				/* We have a connection, but not yet an associated mux.
+				 * So destroy it now.
+				 */
+				conn_stop_tracking(conn);
+				conn_full_close(conn);
+				conn_free(conn);
+			}
+		}
+		pool_free(pool_head_sess_srv_list, srv_list);
+	}
+	sockaddr_free(&sess->src);
+	sockaddr_free(&sess->dst);
+	pool_free(pool_head_session, sess);
+	_HA_ATOMIC_DEC(&jobs);
+}
+
+/* callback used from the connection/mux layer to notify that a connection is
+ * going to be released.
+ */
+void conn_session_free(struct connection *conn)
+{
+	session_free(conn->owner);
+	conn->owner = NULL;
+}
+
+/* count a new session to keep frontend, listener and track stats up to date */
+static void session_count_new(struct session *sess)
+{
+	struct stkctr *stkctr;
+	void *ptr;
+	int i;
+
+	proxy_inc_fe_sess_ctr(sess->listener, sess->fe);
+
+	for (i = 0; i < global.tune.nb_stk_ctr; i++) {
+		stkctr = &sess->stkctr[i];
+		if (!stkctr_entry(stkctr))
+			continue;
+
+		ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_SESS_CNT);
+		if (ptr)
+			HA_ATOMIC_INC(&stktable_data_cast(ptr, std_t_uint));
+
+		ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_SESS_RATE);
+		if (ptr)
+			update_freq_ctr_period(&stktable_data_cast(ptr, std_t_frqp),
+					       stkctr->table->data_arg[STKTABLE_DT_SESS_RATE].u, 1);
+	}
+}
+
+/* This function is called from the protocol layer accept() in order to
+ * instantiate a new session on behalf of a given listener and frontend. It
+ * returns a positive value upon success, 0 if the connection can be ignored,
+ * or a negative value upon critical failure. The accepted connection is
+ * closed if we return <= 0. If no handshake is needed, it immediately tries
+ * to instantiate a new stream. The connection must already have been filled
+ * with the incoming connection handle (a fd), a target (the listener) and a
+ * source address.
+ */
+int session_accept_fd(struct connection *cli_conn)
+{
+	struct listener *l = __objt_listener(cli_conn->target);
+	struct proxy *p = l->bind_conf->frontend;
+	int cfd = cli_conn->handle.fd;
+	struct session *sess;
+	int ret;
+
+	ret = -1; /* assume unrecoverable error by default */
+
+	cli_conn->proxy_netns = l->rx.settings->netns;
+
+	/* Active reversed connection has already been initialized before being
+	 * accepted. It must not be reset.
+	 * TODO use a dedicated accept_fd callback for reverse protocol
+	 */
+	if (!cli_conn->xprt) {
+		if (conn_prepare(cli_conn, l->rx.proto, l->bind_conf->xprt) < 0)
+			goto out_free_conn;
+
+		conn_ctrl_init(cli_conn);
+
+		/* wait for a PROXY protocol header */
+		if (l->bind_conf->options & BC_O_ACC_PROXY)
+			cli_conn->flags |= CO_FL_ACCEPT_PROXY;
+
+		/* wait for a NetScaler client IP insertion protocol header */
+		if (l->bind_conf->options & BC_O_ACC_CIP)
+			cli_conn->flags |= CO_FL_ACCEPT_CIP;
+
+		/* Add the handshake pseudo-XPRT */
+		if (cli_conn->flags & (CO_FL_ACCEPT_PROXY | CO_FL_ACCEPT_CIP)) {
+			if (xprt_add_hs(cli_conn) != 0)
+				goto out_free_conn;
+		}
+	}
+
+	sess = session_new(p, l, &cli_conn->obj_type);
+	if (!sess)
+		goto out_free_conn;
+
+	conn_set_owner(cli_conn, sess, NULL);
+
+	/* now evaluate the tcp-request layer4 rules. We only need a session
+	 * and no stream for these rules.
+	 */
+	if (!LIST_ISEMPTY(&p->tcp_req.l4_rules) && !tcp_exec_l4_rules(sess)) {
+		/* let's do a no-linger now to close with a single RST. */
+		if (!(cli_conn->flags & CO_FL_FDLESS))
+			setsockopt(cfd, SOL_SOCKET, SO_LINGER, (struct linger *) &nolinger, sizeof(struct linger));
+		ret = 0; /* successful termination */
+		goto out_free_sess;
+	}
+	/* TCP rules may flag the connection as needing proxy protocol, now that it's done we can start ourxprt */
+	if (conn_xprt_start(cli_conn) < 0)
+		goto out_free_sess;
+
+	/* FIXME/WTA: we should implement the setsockopt() calls at the proto
+	 * level instead and let non-inet protocols implement their own equivalent.
+	 */
+	if (cli_conn->flags & CO_FL_FDLESS)
+		goto skip_fd_setup;
+
+	/* Adjust some socket options */
+	if (l->rx.addr.ss_family == AF_INET || l->rx.addr.ss_family == AF_INET6) {
+		setsockopt(cfd, IPPROTO_TCP, TCP_NODELAY, (char *) &one, sizeof(one));
+
+		if (p->options & PR_O_TCP_CLI_KA) {
+			setsockopt(cfd, SOL_SOCKET, SO_KEEPALIVE, (char *) &one, sizeof(one));
+
+#ifdef TCP_KEEPCNT
+			if (p->clitcpka_cnt)
+				setsockopt(cfd, IPPROTO_TCP, TCP_KEEPCNT, &p->clitcpka_cnt, sizeof(p->clitcpka_cnt));
+#endif
+
+#ifdef TCP_KEEPIDLE
+			if (p->clitcpka_idle)
+				setsockopt(cfd, IPPROTO_TCP, TCP_KEEPIDLE, &p->clitcpka_idle, sizeof(p->clitcpka_idle));
+#endif
+
+#ifdef TCP_KEEPINTVL
+			if (p->clitcpka_intvl)
+				setsockopt(cfd, IPPROTO_TCP, TCP_KEEPINTVL, &p->clitcpka_intvl, sizeof(p->clitcpka_intvl));
+#endif
+		}
+
+		if (p->options & PR_O_TCP_NOLING)
+			HA_ATOMIC_OR(&fdtab[cfd].state, FD_LINGER_RISK);
+
+#if defined(TCP_MAXSEG)
+		if (l->bind_conf->maxseg < 0) {
+			/* we just want to reduce the current MSS by that value */
+			int mss;
+			socklen_t mss_len = sizeof(mss);
+			if (getsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, &mss_len) == 0) {
+				mss += l->bind_conf->maxseg; /* remember, it's < 0 */
+				setsockopt(cfd, IPPROTO_TCP, TCP_MAXSEG, &mss, sizeof(mss));
+			}
+		}
+#endif
+	}
+
+	if (global.tune.client_sndbuf)
+		setsockopt(cfd, SOL_SOCKET, SO_SNDBUF, &global.tune.client_sndbuf, sizeof(global.tune.client_sndbuf));
+
+	if (global.tune.client_rcvbuf)
+		setsockopt(cfd, SOL_SOCKET, SO_RCVBUF, &global.tune.client_rcvbuf, sizeof(global.tune.client_rcvbuf));
+
+ skip_fd_setup:
+	/* OK, now either we have a pending handshake to execute with and then
+	 * we must return to the I/O layer, or we can proceed with the end of
+	 * the stream initialization. In case of handshake, we also set the I/O
+	 * timeout to the frontend's client timeout and register a task in the
+	 * session for this purpose. The connection's owner is left to the
+	 * session during this period.
+	 *
+	 * At this point we set the relation between sess/task/conn this way :
+	 *
+	 *                   +----------------- task
+	 *                   |                    |
+	 *          orig -- sess <-- context      |
+	 *           |       ^           |        |
+	 *           v       |           |        |
+	 *          conn -- owner ---> task <-----+
+	 */
+	if (cli_conn->flags & (CO_FL_WAIT_XPRT | CO_FL_EARLY_SSL_HS)) {
+		int timeout;
+		int clt_tmt = p->timeout.client;
+		int hs_tmt = p->timeout.client_hs;
+
+		if (unlikely((sess->task = task_new_here()) == NULL))
+			goto out_free_sess;
+
+		/* Handshake timeout as default timeout */
+		timeout = hs_tmt ? hs_tmt : clt_tmt;
+		sess->task->context = sess;
+		sess->task->nice    = l->bind_conf->nice;
+		sess->task->process = session_expire_embryonic;
+		sess->task->expire  = tick_add_ifset(now_ms, timeout);
+		task_queue(sess->task);
+		return 1;
+	}
+
+	/* OK let's complete stream initialization since there is no handshake */
+	if (conn_complete_session(cli_conn) >= 0)
+		return 1;
+
+	/* if we reach here we have deliberately decided not to keep this
+	 * session (e.g. tcp-request rule), so that's not an error we should
+	 * try to protect against.
+	 */
+	ret = 0;
+
+	/* error unrolling */
+ out_free_sess:
+	 /* prevent call to listener_release during session_free. It will be
+	  * done below, for all errors. */
+	sess->listener = NULL;
+	session_free(sess);
+
+ out_free_conn:
+	if (ret < 0 && l->bind_conf->xprt == xprt_get(XPRT_RAW) &&
+	    p->mode == PR_MODE_HTTP && l->bind_conf->mux_proto == NULL &&
+	    !(cli_conn->flags & CO_FL_FDLESS)) {
+		/* critical error, no more memory, try to emit a 500 response */
+		send(cfd, http_err_msgs[HTTP_ERR_500], strlen(http_err_msgs[HTTP_ERR_500]),
+		     MSG_DONTWAIT|MSG_NOSIGNAL);
+	}
+
+	if (cli_conn->mux) {
+		/* Mux is already initialized for active reversed connection. */
+		cli_conn->mux->destroy(cli_conn->ctx);
+	}
+	else {
+		conn_stop_tracking(cli_conn);
+		conn_full_close(cli_conn);
+		conn_free(cli_conn);
+	}
+	listener_release(l);
+	return ret;
+}
+
+
+/* prepare the trash with a log prefix for session <sess>. It only works with
+ * embryonic sessions based on a real connection. This function requires that
+ * at sess->origin points to the incoming connection.
+ */
+static void session_prepare_log_prefix(struct session *sess)
+{
+	const struct sockaddr_storage *src;
+	struct tm tm;
+	char pn[INET6_ADDRSTRLEN];
+	int ret;
+	char *end;
+
+	src = sess_src(sess);
+	ret = (src ? addr_to_str(src, pn, sizeof(pn)) : 0);
+	if (ret <= 0)
+		chunk_printf(&trash, "unknown [");
+	else if (ret == AF_UNIX)
+		chunk_printf(&trash, "%s:%d [", pn, sess->listener->luid);
+	else
+		chunk_printf(&trash, "%s:%d [", pn, get_host_port(src));
+
+	get_localtime(sess->accept_date.tv_sec, &tm);
+	end = date2str_log(trash.area + trash.data, &tm, &(sess->accept_date),
+		           trash.size - trash.data);
+	trash.data = end - trash.area;
+	if (sess->listener->name)
+		chunk_appendf(&trash, "] %s/%s", sess->fe->id, sess->listener->name);
+	else
+		chunk_appendf(&trash, "] %s/%d", sess->fe->id, sess->listener->luid);
+}
+
+
+/* fill the trash buffer with the string to use for send_log during
+ * session_kill_embryonic(). Add log prefix and error string.
+ *
+ * The function is able to dump an SSL error string when CO_ER_SSL_HANDSHAKE
+ * is met.
+ */
+static void session_build_err_string(struct session *sess)
+{
+	struct connection *conn = __objt_conn(sess->origin);
+	const char *err_msg;
+	struct ssl_sock_ctx __maybe_unused *ssl_ctx;
+
+	err_msg	= conn_err_code_str(conn);
+	session_prepare_log_prefix(sess); /* use trash buffer */
+
+#ifdef USE_OPENSSL
+	ssl_ctx = conn_get_ssl_sock_ctx(conn);
+
+	/* when the SSL error code is present and during a SSL Handshake failure,
+	 * try to dump the error string from OpenSSL */
+	if (conn->err_code == CO_ER_SSL_HANDSHAKE && ssl_ctx && ssl_ctx->error_code != 0) {
+		chunk_appendf(&trash, ": SSL handshake failure (");
+		ERR_error_string_n(ssl_ctx->error_code, b_orig(&trash)+b_data(&trash), b_room(&trash));
+		trash.data = strlen(b_orig(&trash));
+		chunk_appendf(&trash, ")\n");
+	}
+
+	else
+#endif /* ! USE_OPENSSL */
+
+	if (err_msg)
+		chunk_appendf(&trash, ": %s\n", err_msg);
+	else
+		chunk_appendf(&trash, ": unknown connection error (code=%d flags=%08x)\n",
+		              conn->err_code, conn->flags);
+
+	return;
+}
+
+
+
+/* This function kills an existing embryonic session. It stops the connection's
+ * transport layer, releases assigned resources, resumes the listener if it was
+ * disabled and finally kills the file descriptor. This function requires that
+ * sess->origin points to the incoming connection.
+ */
+static void session_kill_embryonic(struct session *sess, unsigned int state)
+{
+	int level = LOG_INFO;
+	struct connection *conn = __objt_conn(sess->origin);
+	struct task *task = sess->task;
+	unsigned int log = sess->fe->to_log;
+
+	if (sess->fe->options2 & PR_O2_LOGERRORS)
+		level = LOG_ERR;
+
+	if (log && (sess->fe->options & PR_O_NULLNOLOG)) {
+		/* with "option dontlognull", we don't log connections with no transfer */
+		if (!conn->err_code ||
+		    conn->err_code == CO_ER_PRX_EMPTY || conn->err_code == CO_ER_PRX_ABORT ||
+		    conn->err_code == CO_ER_CIP_EMPTY || conn->err_code == CO_ER_CIP_ABORT ||
+		    conn->err_code == CO_ER_SSL_EMPTY || conn->err_code == CO_ER_SSL_ABORT)
+			log = 0;
+	}
+
+	if (log) {
+		if (!conn->err_code && (state & TASK_WOKEN_TIMER)) {
+			if (conn->flags & CO_FL_ACCEPT_PROXY)
+				conn->err_code = CO_ER_PRX_TIMEOUT;
+			else if (conn->flags & CO_FL_ACCEPT_CIP)
+				conn->err_code = CO_ER_CIP_TIMEOUT;
+			else if (conn->flags & CO_FL_SSL_WAIT_HS)
+				conn->err_code = CO_ER_SSL_TIMEOUT;
+		}
+
+		if(!LIST_ISEMPTY(&sess->fe->logformat_error)) {
+			/* Display a log line following the configured error-log-format. */
+			sess_log(sess);
+		}
+		else {
+			session_build_err_string(sess);
+			send_log(sess->fe, level, "%s", trash.area);
+		}
+	}
+
+	/* kill the connection now */
+	conn_stop_tracking(conn);
+	conn_full_close(conn);
+	conn_free(conn);
+	sess->origin = NULL;
+
+	task_destroy(task);
+	session_free(sess);
+}
+
+/* Manages the embryonic session timeout. It is only called when the timeout
+ * strikes and performs the required cleanup. It's only exported to make it
+ * resolve in "show tasks".
+ */
+struct task *session_expire_embryonic(struct task *t, void *context, unsigned int state)
+{
+	struct session *sess = context;
+
+	if (!(state & TASK_WOKEN_TIMER))
+		return t;
+
+	session_kill_embryonic(sess, state);
+	return NULL;
+}
+
+/* Finish initializing a session from a connection, or kills it if the
+ * connection shows and error. Returns <0 if the connection was killed. It may
+ * be called either asynchronously when ssl handshake is done with an embryonic
+ * session, or synchronously to finalize the session. The distinction is made
+ * on sess->task which is only set in the embryonic session case.
+ */
+int conn_complete_session(struct connection *conn)
+{
+	struct session *sess = conn->owner;
+
+	sess->t_handshake = ns_to_ms(now_ns - sess->accept_ts);
+
+	if (conn->flags & CO_FL_ERROR)
+		goto fail;
+
+	/* if logs require transport layer information, note it on the connection */
+	if (sess->fe->to_log & LW_XPRT)
+		conn->flags |= CO_FL_XPRT_TRACKED;
+
+	/* we may have some tcp-request-session rules */
+	if (!LIST_ISEMPTY(&sess->fe->tcp_req.l5_rules) && !tcp_exec_l5_rules(sess))
+		goto fail;
+
+	session_count_new(sess);
+	if (!conn->mux) {
+		if (conn_install_mux_fe(conn, NULL) < 0)
+			goto fail;
+	}
+
+	/* the embryonic session's task is not needed anymore */
+	task_destroy(sess->task);
+	sess->task = NULL;
+	conn_set_owner(conn, sess, conn_session_free);
+
+	return 0;
+
+ fail:
+	if (sess->task)
+		session_kill_embryonic(sess, 0);
+	return -1;
+}
+
+/*
+ * Local variables:
+ *  c-indent-level: 8
+ *  c-basic-offset: 8
+ * End:
+ */