upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-20 00:10:41 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
haproxy/src/stream.c

4120 lines
135 KiB
C
Raw Normal View History

[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
/*
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* Stream management functions.
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
*
MAJOR: acl: make acl_find_targets also resolve proxy names at config time Proxy names are now resolved when the config is parsed and not at runtime. This means that errors will be caught for real instead of having an ACL silently never match. Another benefit is that the fetch will be much faster since the lookup will not have to be performed anymore, eg for all ACLs based on explicitly named stick-tables. However some buggy configurations which used to silently fail in the past will now refuse to load, hence the MAJOR tag.
2012-04-19 13:28:33 -04:00
* Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
#include <stdlib.h>
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
#include <unistd.h>
#include <fcntl.h>
[CLEANUP] included common/version.h everywhere
2006-06-29 12:54:54 -04:00
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
#include <common/cfgparse.h>
[CLEANUP] included common/version.h everywhere
2006-06-29 12:54:54 -04:00
#include <common/config.h>
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
#include <common/buffer.h>
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
#include <common/debug.h>
[CLEANUP] renamed include/haproxy to include/common
2006-06-29 11:53:05 -04:00
#include <common/memory.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
REORG: applet: move the applet definitions out of stream_interface We're tidying the definitions so that appctx lives on its own. A new set of applet.h files has been added for this purpose.
2015-04-13 07:24:54 -04:00
#include <types/applet.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
#include <types/capture.h>
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
#include <types/cli.h>
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
#include <types/filters.h>
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#include <types/global.h>
REORG: cli: split dumpstats.h in stats.h and cli.h proto/dumpstats.h has been split in 4 files: * proto/cli.h contains protypes for the CLI * proto/stats.h contains prototypes for the stats * types/cli.h contains definition for the CLI * types/stats.h contains definition for the stats
2016-11-21 11:49:11 -05:00
#include <types/stats.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
#include <proto/acl.h>
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
#include <proto/action.h>
MAJOR: acl: store the ACL argument types in the ACL keyword declaration The types and minimal number of ACL keyword arguments are now stored in their declaration. This will allow many more fantasies if some ACL use several arguments or types. Doing so required to rework all ACL keyword declarations to add two parameters. So this was a good opportunity for a general cleanup and to sort all entries in alphabetical order. We still have two pending issues : - parse_acl_expr() checks for errors but has no way to report them to the user ; - the types of some arguments are still not resolved and kept as strings (eg: ARGT_FE/BE/TAB) for compatibility reasons, which must be resolved in acl_find_targets()
2012-04-19 12:42:05 -04:00
#include <proto/arg.h>
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#include <proto/backend.h>
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
#include <proto/channel.h>
[MEDIUM] Decrease server health based on http responses / events, version 3 Implement decreasing health based on observing communication between HAProxy and servers. Changes in this version 2: - documentation - close race between a started check and health analysis event - don't force fastinter if it is not set - better names for options - layer4 support Changes in this version 3: - add stats - port to the current 1.4 tree
2009-12-15 16:31:24 -05:00
#include <proto/checks.h>
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
#include <proto/cli.h>
MAJOR: connection: replace direct I/O callbacks with the connection callback Almost all direct I/O callbacks have been changed to use the connection callback instead. Only the TCP connection validation remains.
2012-07-06 08:29:45 -04:00
#include <proto/connection.h>
REORG: cli: split dumpstats.h in stats.h and cli.h proto/dumpstats.h has been split in 4 files: * proto/cli.h contains protypes for the CLI * proto/stats.h contains prototypes for the stats * types/cli.h contains definition for the CLI * types/stats.h contains definition for the stats
2016-11-21 11:49:11 -05:00
#include <proto/stats.h>
CLEANUP: includes: fix includes for a number of users of fd.h It appears that fd.h includes a number of unneeded files and was included from standard.h, and as such served as an intermediary to provide almost everything to everyone. By removing its useless includes, a long dependency chain broke but could easily be fixed.
2012-09-02 16:34:23 -04:00
#include <proto/fd.h>
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
#include <proto/filters.h>
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
#include <proto/freq_ctr.h>
[MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections This analyser must absolutely be the earliest one to process contents, given the nature of the protocol.
2010-10-15 17:25:20 -04:00
#include <proto/frontend.h>
[MAJOR] huge rework of the HTTP request FSM The HTTP parser has been rewritten for better compliance to RFC2616. The same parser is now usable for both requests and responses, and it now supports HTTP/0.9 as well as multi-line headers. It has also been improved for speed ; a typicial HTTP request is parsed in about 2 microseconds on a 1 GHz processor. The monitor-uri check has been moved so that the requests are not logged. The httpclose option now tries to change as little as possible in the request, and does not affect the first header if it is already set to 'close'. HTTP/0.9 requests are converted to HTTP/1.0 before being forwarded. Headers and request transformations are now distinct. The headers list is updated after each insertion/removal/transformation. The request is re-parsed and checked after each transformation. It is not possible anymore to remove a request, and requests which lead to invalid request lines are now rejected.
2007-01-21 13:16:41 -05:00
#include <proto/hdr_idx.h>
MINOR: lua: txn: create class TXN associated with the transaction. This class of functions permit to access to all the functions associated with the transaction like http header, HAProxy internal fetches, etc ... This patch puts the skeleton of this class. The class will be enhanced later.
2015-02-16 14:11:43 -05:00
#include <proto/hlua.h>
REORG: split "protocols" files into protocol and listener It was becoming confusing to have protocols and listeners in the same files, split them.
2012-09-12 16:58:11 -04:00
#include <proto/listener.h>
[MAJOR] ported requri to use mempools v2
2007-05-13 15:36:56 -04:00
#include <proto/log.h>
MINOR: session: do not send an HTTP/500 error on SSL sockets If a session fails its initialization, we don't want to send HTTP/500 over the socket if it's not a raw data layer.
2012-09-06 05:32:07 -04:00
#include <proto/raw_sock.h>
MEDIUM: stream: allocate the session when a stream is created This is where we'll put some session-wide information.
2015-04-03 08:10:06 -04:00
#include <proto/session.h>
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
#include <proto/stream.h>
[MEDIUM] splice: make use of pipe pools Using pipe pools makes pipe management a lot easier. It also allows to remove quite a bunch of #ifdefs in areas which depended on the presence or not of support for kernel splicing. The buffer now holds a pointer to a pipe structure which is always NULL except if there are still data in the pipe. When it needs to use that pipe, it dynamically allocates it from the pipe pool. When the data is consumed, the pipe is immediately released. That way, there is no need anymore to care about pipe closure upon session termination, nor about pipe creation when trying to use splice(). Another immediate advantage of this method is that it considerably reduces the number of pipes needed to use splice(). Tests have shown that even with 0.2 pipe per connection, almost all sessions can use splice(), because the same pipe may be used by several consecutive calls to splice().
2009-01-25 07:56:13 -05:00
#include <proto/pipe.h>
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#include <proto/proto_http.h>
#include <proto/proto_tcp.h>
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
#include <proto/proxy.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
#include <proto/queue.h>
[MEDIUM] measure and report session rate on frontend, backends and servers With this change, all frontends, backends, and servers maintain a session counter and a timer to compute a session rate over the last second. This value will be very useful because it varies instantly and can be used to check thresholds. This value is also reported in the stats in a new "rate" column.
2009-03-05 12:43:00 -05:00
#include <proto/server.h>
REORG: rename "pattern" files They're now called "sample" everywhere to match their description.
2012-04-27 15:52:18 -04:00
#include <proto/sample.h>
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
#include <proto/stick_table.h>
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#include <proto/stream_interface.h>
#include <proto/task.h>
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
#include <proto/vars.h>
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
struct pool_head *pool2_stream;
struct list streams;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* list of streams waiting for at least one buffer */
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
struct list buffer_wq = LIST_HEAD_INIT(buffer_wq);
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
/* List of all use-service keywords. */
static struct list service_keywords = LIST_HEAD_INIT(service_keywords);
REORG: session: move the session parts out of stream.c This concerns everythins related to accepting a new session and expiring the embryonic session. There's still a hard-coded call to stream_accept_session() which could be set somewhere in the frontend, but for now it's not a problem.
2015-04-04 12:50:31 -04:00
/* This function is called from the session handler which detects the end of
MINOR: stream: pass the pointer to the origin explicitly to stream_new() We don't pass sess->origin anymore but the pointer to the previous step. Now it should be much easier to chain elements together once applets are moved out of streams. Indeed, the session is only used for configuration and not for the dynamic chaining anymore.
2015-04-08 12:26:29 -04:00
* handshake, in order to complete initialization of a valid stream. It must be
* called with a session (which may be embryonic). It returns the pointer to
* the newly created stream, or NULL in case of fatal error. The client-facing
* end point is assigned to <origin>, which must be valid. The task's context
* is set to the new stream, and its function is set to process_stream().
* Target and analysers are null.
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
*/
MINOR: stream: pass the pointer to the origin explicitly to stream_new() We don't pass sess->origin anymore but the pointer to the previous step. Now it should be much easier to chain elements together once applets are moved out of streams. Indeed, the session is only used for configuration and not for the dynamic chaining anymore.
2015-04-08 12:26:29 -04:00
struct stream *stream_new(struct session *sess, struct task *t, enum obj_type *origin)
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
{
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
struct stream *s;
MINOR: stream: pass the pointer to the origin explicitly to stream_new() We don't pass sess->origin anymore but the pointer to the previous step. Now it should be much easier to chain elements together once applets are moved out of streams. Indeed, the session is only used for configuration and not for the dynamic chaining anymore.
2015-04-08 12:26:29 -04:00
struct connection *conn = objt_conn(origin);
struct appctx *appctx = objt_appctx(origin);
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
if (unlikely((s = pool_alloc2(pool2_stream)) == NULL))
MEDIUM: stream: return the stream upon accept() The function was called stream_accept_session(), let's rename it stream_new() and make it return the newly allocated pointer. It's more convenient for some callers who need it.
2015-04-05 06:00:52 -04:00
return s;
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
/* minimum stream initialization required for an embryonic stream is
* fairly low. We need very little to execute L4 ACLs, then we need a
* task to make the client-side connection live on its own.
* - flags
* - stick-entry tracking
*/
s->flags = 0;
CLEANUP: frontend: remove one useless local variable "p" was a copy of sess->fe which itself is also used. It's used in a few cases, let's remove it and reduce the code as well.
2015-04-05 12:19:23 -04:00
s->logs.logwait = sess->fe->to_log;
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
s->logs.level = 0;
MEDIUM: frontend: move some stream initialisation to stream_new() This is mostly what is related to logging, and which is more of a stream initialization than anything frontend-specific.
2015-04-05 06:03:54 -04:00
s->logs.accept_date = sess->accept_date; /* user-visible date for logging */
s->logs.tv_accept = sess->tv_accept; /* corrected date for internal use */
MEDIUM: log: Decompose %Tq in %Th %Ti %TR Tq is the time between the instant the connection is accepted and a complete valid request is received. This time includes the handshake (SSL / Proxy-Protocol), the idle when the browser does preconnect and the request reception. This patch decomposes %Tq in 3 measurements names %Th, %Ti, and %TR which returns respectively the handshake time, the idle time and the duration of valid request reception. It also adds %Ta which reports the request's active time, which is the total time without %Th nor %Ti. It replaces %Tt as the total time, reporting accurate measurements for HTTP persistent connections. %Th is avalaible for TCP and HTTP sessions, %Ti, %TR and %Ta are only avalaible for HTTP connections. In addition to this, we have new timestamps %tr, %trg and %trl, which log the date of start of receipt of the request, respectively in the default format, in GMT time and in local time (by analogy with %t, %T and %Tl). All of them are obviously only available for HTTP. These values are more relevant as they more accurately represent the request date without being skewed by a browser's preconnect nor a keep-alive idle time. The HTTP log format and the CLF log format have been modified to use %tr, %TR, and %Ta respectively instead of %t, %Tq and %Tt. This way the default log formats now produce the expected output for users who don't want to manually fiddle with the log-format directive. Example with the following log-format : log-format "%ci:%cp [%tr] %ft %b/%s h=%Th/i=%Ti/R=%TR/w=%Tw/c=%Tc/r=%Tr/a=%Ta/t=%Tt %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r" The request was sent by hand using "openssl s_client -connect" : Aug 23 14:43:20 haproxy[25446]: 127.0.0.1:45636 [23/Aug/2016:14:43:20.221] test~ test/test h=6/i=2375/R=261/w=0/c=1/r=0/a=262/t=2643 200 145 - - ---- 1/1/0/0/0 0/0 "GET / HTTP/1.1" => 6 ms of SSL handshake, 2375 waiting before sending the first char (in fact the time to type the first line), 261 ms before the end of the request, no time spent in queue, 1 ms spend connecting to the server, immediate response, total active time for this request = 262ms. Total time from accept to close : 2643 ms. The timing now decomposes like this : first request 2nd request |<-------------------------------->|<-------------- ... t tr t tr ... ---|----|----|----|----|----|----|----|----|-- : Th Ti TR Tw Tc Tr Td : Ti ... :<---- Tq ---->: : :<-------------- Tt -------------->: :<--------- Ta --------->:
2016-07-28 11:19:45 -04:00
/* This function is called just after the handshake, so the handshake duration is
* between the accept time and now.
*/
s->logs.t_handshake = tv_ms_elapsed(&sess->tv_accept, &now);
s->logs.t_idle = -1;
MEDIUM: frontend: move some stream initialisation to stream_new() This is mostly what is related to logging, and which is more of a stream initialization than anything frontend-specific.
2015-04-05 06:03:54 -04:00
tv_zero(&s->logs.tv_request);
s->logs.t_queue = -1;
s->logs.t_connect = -1;
s->logs.t_data = -1;
s->logs.t_close = 0;
s->logs.bytes_in = s->logs.bytes_out = 0;
s->logs.prx_queue_size = 0; /* we get the number of pending conns before us */
s->logs.srv_queue_size = 0; /* we will get this number soon */
/* default logging function */
s->do_log = strm_log;
/* default error reporting function, may be changed by analysers */
s->srv_error = default_srv_error;
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
/* Initialise the current rule list pointer to NULL. We are sure that
* any rulelist match the NULL pointer.
*/
s->current_rule_list = NULL;
MINOR: stream: initialize the current_rule field to NULL on stream init Currently it is possible for the current_rule field to be evaluated before being set, leading to valgrind complaining: ==16783== Conditional jump or move depends on uninitialised value(s) ==16783== at 0x44E662: http_res_get_intercept_rule (proto_http.c:3730) ==16783== by 0x44E662: http_process_res_common (proto_http.c:6528) ==16783== by 0x4797B7: process_stream (stream.c:1851) ==16783== by 0x414634: process_runnable_tasks (task.c:238) ==16783== by 0x40B02F: run_poll_loop (haproxy.c:1528) ==16783== by 0x407F25: main (haproxy.c:1887) This was introduced by commit 152b81e7b2565862956af883820d4f79177d0651.
2015-07-22 11:10:58 -04:00
s->current_rule = NULL;
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries Mailing list participant "mlist" reported negative conn_cur values in stick tables as the result of "tcp-request connection track-sc". The reason is that after the stick entry it copied from the session to the stream, both the session and the stream grab a reference to the entry and when the stream ends, it decrements one reference and one connection, then the same is done for the session. In fact this problem was already encountered slightly differently in the past and addressed by Thierry using the patch below as it was believed by then to be only a refcount issue since it was the observable symptom : 827752e "BUG/MEDIUM: stick-tables: refcount error after copying SC..." In reality the problem is that the stream must touch neither the refcount nor the connection count for entries it inherits from the session. While we have no way to tell whether a track entry was inherited from the session (since they're simply memcpy'd), it is possible to prevent the stream from touching an entry that already exists in the session because that's a guarantee that it was inherited from it. Note that it may be a temporary fix. Maybe in the future when a session gives birth to multiple streams we'll face a situation where a session may be updated to add more tracked entries after instanciating some streams. The correct long-term fix is to mark some tracked entries as shared or private (or RO/RW). That will allow the session to track more entries even after the same trackers are being used by early streams. No backport is needed, this is only caused by the session/stream split in 1.6.
2015-09-21 11:48:24 -04:00
/* Copy SC counters for the stream. We don't touch refcounts because
* any reference we have is inherited from the session. Since the stream
* doesn't exist without the session, the session's existence guarantees
* we don't lose the entry. During the store operation, the stream won't
* touch these ones.
BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream Each copyied SC counter will be used and released by the stream, so we need to increment the refcount.
2015-08-18 05:34:18 -04:00
*/
BUG/MEDIUM: stream: The stream doen't inherit SC from the session During the processing of tcp-request connection, the stream doesn't exists, so the stick counters are stored in the session. When the stream is created it must inherit from the session sc. This patch fix this behavior. [WT: this is specific to 1.6, no backport needed]
2015-08-16 06:03:39 -04:00
memcpy(s->stkctr, sess->stkctr, sizeof(s->stkctr));
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
s->sess = sess;
s->si[0].flags = SI_FL_NONE;
s->si[1].flags = SI_FL_ISBACK;
s->uniq_id = global.req_count++;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* OK, we're keeping the stream, so let's properly initialize the stream */
LIST_ADDQ(&streams, &s->list);
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
LIST_INIT(&s->back_refs);
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
LIST_INIT(&s->buffer_wait);
MEDIUM: session: attach incoming connection to target on embryonic sessions In order to reduce the dependency over stream-interfaces, we now attach the incoming connection to the embryonic session's target instead of the stream-interface's connection. This means we won't need to initialize stream interfaces anymore after we implement dynamic connection allocation. The session's target is reset to NULL after the session has been converted to a complete session.
2013-10-14 15:32:07 -04:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_INITIALIZED;
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
s->unique_id = NULL;
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
s->task = t;
MEDIUM: stream: don't rely on the session's listener anymore in stream_new() When the stream is instanciated from an applet, it doesn't necessarily have a listener. The listener was sparsely used there, just to retrieve the task function, update the listeners' stats, and set the analysers and default target, both of which are often zero from applets. Thus these elements are now initialized with default values that the caller is free to change if desired.
2015-04-05 18:25:48 -04:00
t->process = process_stream;
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
t->context = s;
t->expire = TICK_ETERNITY;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Note: initially, the stream's backend points to the frontend.
MAJOR: session: introduce embryonic sessions When an incoming connection request is accepted, a connection structure is needed to store its state. However we don't want to fully initialize a session until the data layer is about to be ready. As long as the connection is physically stored into the session, it's not easy to split both allocations. As such, we only initialize the minimum requirements of a session, which results in what we call an embryonic session. Then once the data layer is ready, we can complete the function's initialization. Doing so avoids buffers allocation and ensures that a session only sees ready connections. The frontend's client timeout is used as the handshake timeout. It is likely that another timeout will be used in the future.
2012-08-31 10:01:23 -04:00
* This changes later when switching rules are executed or
* when the default backend is assigned.
*/
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
s->be = sess->fe;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.buf = s->res.buf = NULL;
MEDIUM: http: move header captures from http_txn to struct stream The header captures are now general purpose captures since tcp rules can use them to capture various contents. That removes a dependency on http_txn that appeared in some sample fetch functions and in the order by which captures and http_txn were allocated. Interestingly the reset of the header captures were done at too many places as http_init_txn() used to do it while it was done previously in every call place.
2015-04-03 16:16:32 -04:00
s->req_cap = NULL;
s->res_cap = NULL;
[BUG] accept: don't close twice upon error The stream_sock's accept() used to close the FD upon error, but this was also sometimes performed by the frontend's accept() called via the session's accept(). Those interlaced calls were also responsible for the spaghetti-looking error unrolling code in session.c and stream_sock.c. Now the frontend must not close the FD anymore, the session is responsible for that. It also takes care of just closing the FD or also removing from the FD lists, depending on its state. The socket-level accept() does not have to care about that anymore.
2010-11-11 04:56:04 -05:00
MEDIUM: vars: move the session variables to the session, not the stream It's important that the session-wide variables are in the session and not in the stream.
2015-06-19 05:59:02 -04:00
/* Initialise all the variables contexts even if not used.
* This permits to prune these contexts without errors.
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
*/
vars_init(&s->vars_txn, SCOPE_TXN);
vars_init(&s->vars_reqres, SCOPE_REQ);
MAJOR: stream interface: dynamically allocate the outgoing connection The outgoing connection is now allocated dynamically upon the first attempt to touch the connection's source or destination address. If this allocation fails, we fail on SN_ERR_RESOURCE. As we didn't use si->conn anymore, it was removed. The endpoints are released upon session_free(), on the error path, and upon a new transaction. That way we are able to carry the existing server's address across retries. The stream interfaces are not initialized anymore before session_complete(), so we could even think about allocating them dynamically as well, though that would not provide much savings. The session initialization now makes use of conn_new()/conn_free(). This slightly simplifies the code and makes it more logical. The connection initialization code is now shorter by about 120 bytes because it's done at once, allowing the compiler to remove all redundant initializations. The si_attach_applet() function now takes care of first detaching the existing endpoint, and it is called from stream_int_register_handler(), so we can safely remove the calls to si_release_endpoint() in the application code around this call. A call to si_detach() was made upon stream_int_unregister_handler() to ensure we always free the allocated connection if one was allocated in parallel to setting an applet (eg: detect HTTP proxy while proceeding with stats maybe).
2013-10-11 13:34:20 -04:00
/* this part should be common with other protocols */
MEDIUM: stream-int: remove any reference to the owner si->owner is not used anymore now, so let's remove any reference to it.
2014-11-28 06:12:34 -05:00
si_reset(&s->si[0]);
MAJOR: stream interface: dynamically allocate the outgoing connection The outgoing connection is now allocated dynamically upon the first attempt to touch the connection's source or destination address. If this allocation fails, we fail on SN_ERR_RESOURCE. As we didn't use si->conn anymore, it was removed. The endpoints are released upon session_free(), on the error path, and upon a new transaction. That way we are able to carry the existing server's address across retries. The stream interfaces are not initialized anymore before session_complete(), so we could even think about allocating them dynamically as well, though that would not provide much savings. The session initialization now makes use of conn_new()/conn_free(). This slightly simplifies the code and makes it more logical. The connection initialization code is now shorter by about 120 bytes because it's done at once, allowing the compiler to remove all redundant initializations. The si_attach_applet() function now takes care of first detaching the existing endpoint, and it is called from stream_int_register_handler(), so we can safely remove the calls to si_release_endpoint() in the application code around this call. A call to si_detach() was made upon stream_int_unregister_handler() to ensure we always free the allocated connection if one was allocated in parallel to setting an applet (eg: detect HTTP proxy while proceeding with stats maybe).
2013-10-11 13:34:20 -04:00
si_set_state(&s->si[0], SI_ST_EST);
CLEANUP: stream: don't set ->target to the incoming connection anymore Now that we have sess->origin to carry that information along, we don't need to put that into strm->target anymore, so we remove one dependence on the stream in embryonic connections.
2015-04-04 08:28:46 -04:00
/* attach the incoming connection to the stream interface now. */
MEDIUM: stream: isolate connection-specific initialization code In stream_accept_session(), we perform some operations that explicitly want a connection as the origin, but we'll soon have other types of origin (eg: applet). Thus change the test to ensure we only call this code with connections. Additionally, we refrain from calling fe->accept() if the origin is not a connection, because for now the only fe->accept() may only use a connection (frontend_accept).
2015-04-04 19:30:42 -04:00
if (conn)
si_attach_conn(&s->si[0], conn);
MEDIUM: stream: also accept appctx as origin in stream_accept_session() It's likely that the code could be simplified a bit though.
2015-04-04 19:33:13 -04:00
else if (appctx)
si_attach_appctx(&s->si[0], appctx);
MAJOR: stream interface: dynamically allocate the outgoing connection The outgoing connection is now allocated dynamically upon the first attempt to touch the connection's source or destination address. If this allocation fails, we fail on SN_ERR_RESOURCE. As we didn't use si->conn anymore, it was removed. The endpoints are released upon session_free(), on the error path, and upon a new transaction. That way we are able to carry the existing server's address across retries. The stream interfaces are not initialized anymore before session_complete(), so we could even think about allocating them dynamically as well, though that would not provide much savings. The session initialization now makes use of conn_new()/conn_free(). This slightly simplifies the code and makes it more logical. The connection initialization code is now shorter by about 120 bytes because it's done at once, allowing the compiler to remove all redundant initializations. The si_attach_applet() function now takes care of first detaching the existing endpoint, and it is called from stream_int_register_handler(), so we can safely remove the calls to si_release_endpoint() in the application code around this call. A call to si_detach() was made upon stream_int_unregister_handler() to ensure we always free the allocated connection if one was allocated in parallel to setting an applet (eg: detect HTTP proxy while proceeding with stats maybe).
2013-10-11 13:34:20 -04:00
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (likely(sess->fe->options2 & PR_O2_INDEPSTR))
MAJOR: stream interface: dynamically allocate the outgoing connection The outgoing connection is now allocated dynamically upon the first attempt to touch the connection's source or destination address. If this allocation fails, we fail on SN_ERR_RESOURCE. As we didn't use si->conn anymore, it was removed. The endpoints are released upon session_free(), on the error path, and upon a new transaction. That way we are able to carry the existing server's address across retries. The stream interfaces are not initialized anymore before session_complete(), so we could even think about allocating them dynamically as well, though that would not provide much savings. The session initialization now makes use of conn_new()/conn_free(). This slightly simplifies the code and makes it more logical. The connection initialization code is now shorter by about 120 bytes because it's done at once, allowing the compiler to remove all redundant initializations. The si_attach_applet() function now takes care of first detaching the existing endpoint, and it is called from stream_int_register_handler(), so we can safely remove the calls to si_release_endpoint() in the application code around this call. A call to si_detach() was made upon stream_int_unregister_handler() to ensure we always free the allocated connection if one was allocated in parallel to setting an applet (eg: detect HTTP proxy while proceeding with stats maybe).
2013-10-11 13:34:20 -04:00
s->si[0].flags |= SI_FL_INDEP_STR;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
/* pre-initialize the other side's stream interface to an INIT state. The
* callbacks will be initialized before attempting to connect.
*/
MEDIUM: stream-int: remove any reference to the owner si->owner is not used anymore now, so let's remove any reference to it.
2014-11-28 06:12:34 -05:00
si_reset(&s->si[1]);
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (likely(sess->fe->options2 & PR_O2_INDEPSTR))
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
s->si[1].flags |= SI_FL_INDEP_STR;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_init_srv_conn(s);
MEDIUM: stream: don't rely on the session's listener anymore in stream_new() When the stream is instanciated from an applet, it doesn't necessarily have a listener. The listener was sparsely used there, just to retrieve the task function, update the listeners' stats, and set the analysers and default target, both of which are often zero from applets. Thus these elements are now initialized with default values that the caller is free to change if desired.
2015-04-05 18:25:48 -04:00
s->target = NULL;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
s->pend_pos = NULL;
/* init store persistence */
s->store_count = 0;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
channel_init(&s->req);
s->req.flags |= CF_READ_ATTACHED; /* the producer is already connected */
MEDIUM: stream: don't rely on the session's listener anymore in stream_new() When the stream is instanciated from an applet, it doesn't necessarily have a listener. The listener was sparsely used there, just to retrieve the task function, update the listeners' stats, and set the analysers and default target, both of which are often zero from applets. Thus these elements are now initialized with default values that the caller is free to change if desired.
2015-04-05 18:25:48 -04:00
s->req.analysers = 0;
channel_auto_connect(&s->req); /* don't wait to establish connection */
channel_auto_close(&s->req); /* let the producer forward close requests */
MEDIUM: frontend: move some remaining stream settings to stream_new() The auto-forwarding mechanism in case no analyser is set is generic to the streams. Also the timeouts on the client side are better preset in the stream initialization as well.
2015-04-05 12:15:59 -04:00
s->req.rto = sess->fe->timeout.client;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.wto = TICK_ETERNITY;
s->req.rex = TICK_ETERNITY;
s->req.wex = TICK_ETERNITY;
s->req.analyse_exp = TICK_ETERNITY;
MINOR: buffer: move buffer initialization after channel initialization It's not clean to initialize the buffer before the channel since it dereferences one pointer in the channel. Also we'll want to let the channel pre-initialize the buffer, so let's ensure that the channel is always initialized prior to the buffers.
2014-11-24 05:36:57 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
channel_init(&s->res);
MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel This flag designates the response channel. This will be used to know what channel we're seeing and finding our way back to the session.
2014-11-28 08:17:09 -05:00
s->res.flags |= CF_ISRESP;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->res.analysers = 0;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (sess->fe->options2 & PR_O2_NODELAY) {
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.flags |= CF_NEVER_WAIT;
s->res.flags |= CF_NEVER_WAIT;
[MEDIUM] http: add support for "http-no-delay" There are some very rare server-to-server applications that abuse the HTTP protocol and expect the payload phase to be highly interactive, with many interleaved data chunks in both directions within a single request. This is absolutely not supported by the HTTP specification and will not work across most proxies or servers. When such applications attempt to do this through haproxy, it works but they will experience high delays due to the network optimizations which favor performance by instructing the system to wait for enough data to be available in order to only send full packets. Typical delays are around 200 ms per round trip. Note that this only happens with abnormal uses. Normal uses such as CONNECT requests nor WebSockets are not affected. When "option http-no-delay" is present in either the frontend or the backend used by a connection, all such optimizations will be disabled in order to make the exchanges as fast as possible. Of course this offers no guarantee on the functionality, as it may break at any other place. But if it works via HAProxy, it will work as fast as possible. This option should never be used by default, and should never be used at all unless such a buggy application is discovered. The impact of using this option is an increase of bandwidth usage and CPU usage, which may significantly lower performance in high latency environments. This change should be backported to 1.4 since the first report of such a misuse was in 1.4. Next patch will also be needed.
2011-05-30 12:10:30 -04:00
}
MEDIUM: frontend: move some remaining stream settings to stream_new() The auto-forwarding mechanism in case no analyser is set is generic to the streams. Also the timeouts on the client side are better preset in the stream initialization as well.
2015-04-05 12:15:59 -04:00
s->res.wto = sess->fe->timeout.client;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->res.rto = TICK_ETERNITY;
s->res.rex = TICK_ETERNITY;
s->res.wex = TICK_ETERNITY;
s->res.analyse_exp = TICK_ETERNITY;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
s->txn = NULL;
MEDIUM: http: add a pointer to the buffer in http_msg ACLs and patterns only rely on a struct http_msg and don't know the pointer to the actual data. struct http_msg will soon only hold relative references so that's not possible. We need http_msg to hold a reference to the struct buffer before having relative pointers everywhere. It is likely that doing so will also result in opportunities to simplify a number of functions arguments. The following functions are already candidate : http_buffer_heavy_realign http_capture_bad_message http_change_connection_header http_forward_trailers http_header_add_tail http_header_add_tail2 http_msg_analyzer http_parse_chunk_size http_parse_connection_header http_remove_header2 http_send_name_header http_skip_chunk_crlf http_upgrade_v09_to_v10
2012-03-09 05:32:30 -05:00
MINOR: lua: remove some #define The #define compilation directives are centralized in the hlua include files. This permits to remove ome #ifdef from the haproxy main code.
2015-03-04 10:48:34 -05:00
HLUA_INIT(&s->hlua);
MINOR: lua: txn: create class TXN associated with the transaction. This class of functions permit to access to all the functions associated with the transaction like http header, HAProxy internal fetches, etc ... This patch puts the skeleton of this class. The class will be enhanced later.
2015-02-16 14:11:43 -05:00
MAJOR: filters/http: Rewrite the HTTP compression as a filter HTTP compression has been rewritten to use the filter API. This is more a PoC than other thing for now. It allocates memory to work. So, if only for that, it should be rewritten. In the mean time, the implementation has been refactored to allow its use with other filters. However, there are limitations that should be respected: - No filter placed after the compression one is allowed to change input data (in 'http_data' callback). - No filter placed before the compression one is allowed to change forwarded data (in 'http_forward_data' callback). For now, these limitations are informal, so you should be careful when you use several filters. About the configuration, 'compression' keywords are still supported and must be used to configure the HTTP compression behavior. In absence of a 'filter' line for the compression filter, it is added in the filter chain when the first compression' line is parsed. This is an easy way to do when you do not use other filters. But another filter exists, an error is reported so that the user must explicitly declare the filter. For example: listen tst ... compression algo gzip compression offload ... filter flt_1 filter compression filter flt_2 ...
2015-11-05 07:35:03 -05:00
if (flt_stream_init(s) < 0 || flt_stream_start(s) < 0)
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
goto out_fail_accept;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
/* finish initialization of the accepted file descriptor */
MEDIUM: stream: isolate connection-specific initialization code In stream_accept_session(), we perform some operations that explicitly want a connection as the origin, but we'll soon have other types of origin (eg: applet). Thus change the test to ensure we only call this code with connections. Additionally, we refrain from calling fe->accept() if the origin is not a connection, because for now the only fe->accept() may only use a connection (frontend_accept).
2015-04-04 19:30:42 -04:00
if (conn)
conn_data_want_recv(conn);
MEDIUM: stream: also accept appctx as origin in stream_accept_session() It's likely that the code could be simplified a bit though.
2015-04-04 19:33:13 -04:00
else if (appctx)
MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put} The applets don't fiddle with SI_FL_WAIT_ROOM anymore, instead they indicate what they want, possibly that they failed (eg: WAIT_ROOM), and it's done() / update() which finally updates the WAIT_* flags according to the channels' and stream interface's states. This solves the issue of the pauses during a "show sess" without creating busy loops.
2015-04-21 13:23:39 -04:00
si_applet_want_get(&s->si[0]);
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
CLEANUP: frontend: remove one useless local variable "p" was a copy of sess->fe which itself is also used. It's used in a few cases, let's remove it and reduce the code as well.
2015-04-05 12:19:23 -04:00
if (sess->fe->accept && sess->fe->accept(s) < 0)
MEDIUM: frontend: make ->accept only return +/-1 This function was specified as being able to return 3 states, which had repercussions to the stream accept function. It was used at the time when the frontend would do the monitoring itself. This is not the case anymore, so let's simplify this.
2015-04-05 05:52:08 -04:00
goto out_fail_accept;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
/* it is important not to call the wakeup function directly but to
* pass through task_wakeup(), because this one knows how to apply
* priorities to tasks.
*/
task_wakeup(t, TASK_WOKEN_INIT);
MEDIUM: stream: return the stream upon accept() The function was called stream_accept_session(), let's rename it stream_new() and make it return the newly allocated pointer. It's more convenient for some callers who need it.
2015-04-05 06:00:52 -04:00
return s;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
/* Error unrolling */
MEDIUM: frontend: make ->accept only return +/-1 This function was specified as being able to return 3 states, which had repercussions to the stream accept function. It was used at the time when the frontend would do the monitoring itself. This is not the case anymore, so let's simplify this.
2015-04-05 05:52:08 -04:00
out_fail_accept:
MAJOR: filters/http: Rewrite the HTTP compression as a filter HTTP compression has been rewritten to use the filter API. This is more a PoC than other thing for now. It allocates memory to work. So, if only for that, it should be rewritten. In the mean time, the implementation has been refactored to allow its use with other filters. However, there are limitations that should be respected: - No filter placed after the compression one is allowed to change input data (in 'http_data' callback). - No filter placed before the compression one is allowed to change forwarded data (in 'http_forward_data' callback). For now, these limitations are informal, so you should be careful when you use several filters. About the configuration, 'compression' keywords are still supported and must be used to configure the HTTP compression behavior. In absence of a 'filter' line for the compression filter, it is added in the filter chain when the first compression' line is parsed. This is an easy way to do when you do not use other filters. But another filter exists, an error is reported so that the user must explicitly declare the filter. For example: listen tst ... compression algo gzip compression offload ... filter flt_1 filter compression filter flt_2 ...
2015-11-05 07:35:03 -05:00
flt_stream_release(s, 0);
BUG/MAJOR: sessions: unlink session from list on out of memory Since embryonic sessions were introduced in 1.5-dev12 with commit 2542b53 ("MAJOR: session: introduce embryonic sessions"), a major bug remained present. If haproxy cannot allocate memory during session_complete() (for example, no more buffers), it will not unlink the new session from the sessions list. This will cause memory corruptions if the memory area from the session is reused for anything else, and may also cause bogus output on "show sess" on the CLI. This fix must be backported to 1.5.
2014-11-25 11:10:33 -05:00
LIST_DEL(&s->list);
MAJOR: stream: don't initialize the stream anymore in stream_accept The function now only initializes a session, calls the tcp req connection rules, and calls stream_complete() to finish initialization. If a handshake is needed, it is done without allocating the stream at all. Temporarily, in order to limit the amount of changes, the task allocated is put into sess->task, and it is used by the connection for the handshake or is offered to the stream. At this point we set the relation between sess/task/conn this way : orig -- sess <-- context | ^ +- task -+ | v | v | conn -- owner task The task must not remain in the session and ultimately it is planned to remove this task pointer from the session because it can be found by having conn->owner = task, and looping back from sess to conn, and to find the session from the connection via the task.
2015-04-04 12:08:21 -04:00
pool_free2(pool2_stream, s);
MEDIUM: stream: return the stream upon accept() The function was called stream_accept_session(), let's rename it stream_new() and make it return the newly allocated pointer. It's more convenient for some callers who need it.
2015-04-05 06:00:52 -04:00
return NULL;
[MAJOR] frontend: split accept() into frontend_accept() and session_accept() A new function session_accept() is now called from the lower layer to instanciate a new session. Once the session is instanciated, the upper layer's frontent_accept() is called. This one can be service-dependant. That way, we have a 3-phase accept() sequence : 1) protocol-specific, session-less accept(), which is pointed to by the listener. It defaults to the generic stream_sock_accept(). 2) session_accept() which relies on a frontend but not necessarily for use in a proxy (eg: stats or any future service). 3) frontend_accept() which performs the accept for the service offerred by the frontend. It defaults to frontend_accept() which is really what is used by a proxy. The TCP/HTTP proxies have been moved to this mode so that we can now rely on frontend_accept() for any type of session initialization relying on a frontend. The next step will be to convert the stats to use the same system for the stats.
2010-06-01 11:45:26 -04:00
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
/*
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* frees the context associated to a stream. It must have been removed first.
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void stream_free(struct stream *s)
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
{
MEDIUM: session: use the pointer to the origin instead of s->si[0].end When s->si[0].end was dereferenced as a connection or anything in order to retrieve information about the originating session, we'll now use sess->origin instead so that when we have to chain multiple streams in HTTP/2, we'll keep accessing the same origin.
2015-04-03 13:19:59 -04:00
struct session *sess = strm_sess(s);
struct proxy *fe = sess->fe;
[MINOR] add back-references to sessions for later use by a dumper. This is the first step in implementing a session dump tool. A session dump will need restart points. It will be necessary for it to get references to sessions which can be moved when the session dies. The principle is not that complex : when a session ends, it looks for any potential back-references. If it finds any, then it moves them to the next session in the list. The dump function will of course have to restart from that new point.
2008-12-07 14:16:23 -05:00
struct bref *bref, *back;
MEDIUM: session: use the pointer to the origin instead of s->si[0].end When s->si[0].end was dereferenced as a connection or anything in order to retrieve information about the originating session, we'll now use sess->origin instead so that when we have to chain multiple streams in HTTP/2, we'll keep accessing the same origin.
2015-04-03 13:19:59 -04:00
struct connection *cli_conn = objt_conn(sess->origin);
[BUG] stick_table: fix possible memory leak in case of connection error If a "stick store-request" rule is present, an entry is preallocated during the request. However, if there is no response due to an error or to a redir mode server, we never release it.
2010-06-06 12:28:49 -04:00
int i;
[MEDIUM] separate the http request from the session (step 1) A struct http_req has been created to collect every information related to an HTTP request being processed. Right now, it is still in the struct session but the frontier is clear now.
2007-01-07 09:46:13 -05:00
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
if (s->pend_pos)
pendconn_free(s->pend_pos);
[BUG] do not dequeue the backend's pending connections on a dead server Kai Krueger found that previous patch was incomplete, because there is an unconditionnal call to process_srv_queue() in session_free() which still causes a dead server to consume pending connections from the backend. This call was made unconditionnal so that we don't leave unserved connections in the server queue, for instance connections coming in with "option persist" which can bypass the server status check. However, the server must not touch the backend's queue if it is down. Another fear was that some connections might remain unserved when the server is using a dynamic maxconn if the number of connections to the backend is too low. Right now, srv_dynamic_maxconn() ensures this cannot happen, so the call can remain conditionnal. The fix consists in allowing a server to process it own queue whatever its state, but not to touch the backend's queue if it is down. Its queue should normally be empty when the server is down because it is redistributed when the server goes down. The only remaining cases are precisely the persistent connections with "option persist" set, coming in after the queue has been redispatched. Those ones must still be processed when a connection terminates. (cherry picked from commit cd485c44807bfcdb4928dd83c1907636b4e1b6f3)
2008-12-04 03:33:58 -05:00
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (objt_server(s->target)) { /* there may be requests left pending in queue */
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (s->flags & SF_CURR_SESS) {
s->flags &= ~SF_CURR_SESS;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
objt_server(s->target)->cur_sess--;
[MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions It is quite hard to track when the current session has already been counted or discounted from the server's total number of established sessions. For this reason, we introduce a new session flag, SN_CURR_SESS, which indicates if the current session is one of those reported by the server or not. It simplifies session accounting and makes it far more robust. It also makes it possible to perform a last-minute cleanup during session_free(). Right now, with this fix and a few more buffer transitions fixes, no session were found to remain after a test.
2008-11-11 14:20:02 -05:00
}
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
[MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions It is quite hard to track when the current session has already been counted or discounted from the server's total number of established sessions. For this reason, we introduce a new session flag, SN_CURR_SESS, which indicates if the current session is one of those reported by the server or not. It simplifies session accounting and makes it far more robust. It also makes it possible to perform a last-minute cleanup during session_free(). Right now, with this fix and a few more buffer transitions fixes, no session were found to remain after a test.
2008-11-11 14:20:02 -05:00
}
[BUG] do not dequeue the backend's pending connections on a dead server Kai Krueger found that previous patch was incomplete, because there is an unconditionnal call to process_srv_queue() in session_free() which still causes a dead server to consume pending connections from the backend. This call was made unconditionnal so that we don't leave unserved connections in the server queue, for instance connections coming in with "option persist" which can bypass the server status check. However, the server must not touch the backend's queue if it is down. Another fear was that some connections might remain unserved when the server is using a dynamic maxconn if the number of connections to the backend is too low. Right now, srv_dynamic_maxconn() ensures this cannot happen, so the call can remain conditionnal. The fix consists in allowing a server to process it own queue whatever its state, but not to touch the backend's queue if it is down. Its queue should normally be empty when the server is down because it is redistributed when the server goes down. The only remaining cases are precisely the persistent connections with "option persist" set, coming in after the queue has been redispatched. Those ones must still be processed when a connection terminates. (cherry picked from commit cd485c44807bfcdb4928dd83c1907636b4e1b6f3)
2008-12-04 03:33:58 -05:00
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
if (unlikely(s->srv_conn)) {
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* the stream still has a reserved slot on a server, but
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
* it should normally be only the same as the one above,
* so this should not happen in fact.
*/
sess_change_server(s, NULL);
}
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (s->req.pipe)
put_pipe(s->req.pipe);
[MINOR] introduce structures required to support Linux kernel splicing When CONFIG_HAP_LINUX_SPLICE is defined, the buffer structure will be slightly enlarged to support information needed for kernel splicing on Linux. A first attempt consisted in putting this information into the stream interface, but in the long term, it appeared really awkward. This version puts the information into the buffer. The platform-dependant part is conditionally added and will only enlarge the buffers when compiled in. One new flag has also been added to the buffers: BF_KERN_SPLICING. It indicates that the application considers it is appropriate to use splicing to forward remaining data.
2009-01-18 15:56:21 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (s->res.pipe)
put_pipe(s->res.pipe);
[MINOR] introduce structures required to support Linux kernel splicing When CONFIG_HAP_LINUX_SPLICE is defined, the buffer structure will be slightly enlarged to support information needed for kernel splicing on Linux. A first attempt consisted in putting this information into the stream interface, but in the long term, it appeared really awkward. This version puts the information into the buffer. The platform-dependant part is conditionally added and will only enlarge the buffers when compiled in. One new flag has also been added to the buffers: BF_KERN_SPLICING. It indicates that the application considers it is appropriate to use splicing to forward remaining data.
2009-01-18 15:56:21 -05:00
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
/* We may still be present in the buffer wait queue */
if (!LIST_ISEMPTY(&s->buffer_wait)) {
LIST_DEL(&s->buffer_wait);
LIST_INIT(&s->buffer_wait);
}
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
b_drop(&s->req.buf);
b_drop(&s->res.buf);
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
if (!LIST_ISEMPTY(&buffer_wq))
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_offer_buffers();
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
MINOR: lua: remove some #define The #define compilation directives are centralized in the hlua include files. This permits to remove ome #ifdef from the haproxy main code.
2015-03-04 10:48:34 -05:00
hlua_ctx_destroy(&s->hlua);
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
if (s->txn)
http_end_txn(s);
[BUG] http: fix for capture memory leak was incorrect That patch was incorrect because under some circumstances, the capture memory could be freed by session_free() and then again by http_end_txn(), causing a double free and an eventual segfault. The pool use count was also reported wrong due to this bug. The cleanup code was removed from session_free() to remain only in http_end_txn().
2010-01-07 16:51:47 -05:00
MEDIUM: connection: add a flag to hold the transport layer When we start logging SSL information, we need the SSL struct to be present even past the conn_xprt_close() call. In order to achieve this, we should use refcounting on the connection and the transport layer. At the moment it's not worth using plain refcounting as only the logs require this, so instead of real refcounting we just use a flag which will be set by the log subsystem when SSL data need to be logged. What happens then is that the xprt->close() call is ignored and the transport layer is closed again during session_free(), after the log line is emitted.
2012-10-12 11:50:05 -04:00
/* ensure the client-side transport layer is destroyed */
MAJOR: connection: add two new flags to indicate readiness of control/transport Currently the control and transport layers of a connection are supposed to be initialized when their respective pointers are not NULL. This will not work anymore when we plan to reuse connections, because there is an asymmetry between the accept() side and the connect() side : - on accept() side, the fd is set first, then the ctrl layer then the transport layer ; upon error, they must be undone in the reverse order, then the FD must be closed. The FD must not be deleted if the control layer was not yet initialized ; - on the connect() side, the fd is set last and there is no reliable way to know if it has been initialized or not. In practice it's initialized to -1 first but this is hackish and supposes that local FDs only will be used forever. Also, there are even less solutions for keeping trace of the transport layer's state. Also it is possible to support delayed close() when something (eg: logs) tracks some information requiring the transport and/or control layers, making it even more difficult to clean them. So the proposed solution is to add two flags to the connection : - CO_FL_CTRL_READY is set when the control layer is initialized (fd_insert) and cleared after it's released (fd_delete). - CO_FL_XPRT_READY is set when the control layer is initialized (xprt->init) and cleared after it's released (xprt->close). The functions have been adapted to rely on this and not on the pointers anymore. conn_xprt_close() was unused and dangerous : it did not close the control layer (eg: the socket itself) but still marks the transport layer as closed, preventing any future call to conn_full_close() from finishing the job. The problem comes from conn_full_close() in fact. It needs to close the xprt and ctrl layers independantly. After that we're still having an issue : we don't know based on ->ctrl alone whether the fd was registered or not. For this we use the two new flags CO_FL_XPRT_READY and CO_FL_CTRL_READY. We now rely on this and not on conn->xprt nor conn->ctrl anymore to decide what remains to be done on the connection. In order not to miss some flag assignments, we introduce conn_ctrl_init() to initialize the control layer, register the fd using fd_insert() and set the flag, and conn_ctrl_close() which unregisters the fd and removes the flag, but only if the transport layer was closed. Similarly, at the transport layer, conn_xprt_init() calls ->init and sets the flag, while conn_xprt_close() checks the flag, calls ->close and clears the flag, regardless xprt_ctx or xprt_st. This also ensures that the ->init and the ->close functions are called only once each and in the correct order. Note that conn_xprt_close() does nothing if the transport layer is still tracked. conn_full_close() now simply calls conn_xprt_close() then conn_full_close() in turn, which do nothing if CO_FL_XPRT_TRACKED is set. In order to handle the error path, we also provide conn_force_close() which ignores CO_FL_XPRT_TRACKED and closes the transport and the control layers in turns. All relevant instances of fd_delete() have been replaced with conn_force_close(). Now we always know what state the connection is in and we can expect to split its initialization.
2013-10-21 10:30:56 -04:00
if (cli_conn)
conn_force_close(cli_conn);
MEDIUM: connection: add a flag to hold the transport layer When we start logging SSL information, we need the SSL struct to be present even past the conn_xprt_close() call. In order to achieve this, we should use refcounting on the connection and the transport layer. At the moment it's not worth using plain refcounting as only the logs require this, so instead of real refcounting we just use a flag which will be set by the log subsystem when SSL data need to be logged. What happens then is that the xprt->close() call is ignored and the transport layer is closed again during session_free(), after the log line is emitted.
2012-10-12 11:50:05 -04:00
[BUG] stick_table: fix possible memory leak in case of connection error If a "stick store-request" rule is present, an entry is preallocated during the request. However, if there is no response due to an error or to a redir mode server, we never release it.
2010-06-06 12:28:49 -04:00
for (i = 0; i < s->store_count; i++) {
if (!s->store[i].ts)
continue;
stksess_free(s->store[i].table, s->store[i].ts);
s->store[i].ts = NULL;
}
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
if (s->txn) {
pool_free2(pool2_hdr_idx, s->txn->hdr_idx.v);
pool_free2(pool2_http_txn, s->txn);
s->txn = NULL;
}
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
flt_stream_stop(s);
MAJOR: filters/http: Rewrite the HTTP compression as a filter HTTP compression has been rewritten to use the filter API. This is more a PoC than other thing for now. It allocates memory to work. So, if only for that, it should be rewritten. In the mean time, the implementation has been refactored to allow its use with other filters. However, there are limitations that should be respected: - No filter placed after the compression one is allowed to change input data (in 'http_data' callback). - No filter placed before the compression one is allowed to change forwarded data (in 'http_forward_data' callback). For now, these limitations are informal, so you should be careful when you use several filters. About the configuration, 'compression' keywords are still supported and must be used to configure the HTTP compression behavior. In absence of a 'filter' line for the compression filter, it is added in the filter chain when the first compression' line is parsed. This is an easy way to do when you do not use other filters. But another filter exists, an error is reported so that the user must explicitly declare the filter. For example: listen tst ... compression algo gzip compression offload ... filter flt_1 filter compression filter flt_2 ...
2015-11-05 07:35:03 -05:00
flt_stream_release(s, 0);
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
[MAJOR] implemented client-side support for PF_UNIX sockets A new file, proto_uxst.c, implements support of PF_UNIX sockets of type SOCK_STREAM. It relies on generic stream_sock_read/write and uses its own accept primitive which also tries to be generic. Right now it only implements an echo service in sight of a general support for start dumping via unix socket. The echo code is more of a proof of concept than useful code.
2007-10-16 11:34:28 -04:00
if (fe) {
MEDIUM: http: move header captures from http_txn to struct stream The header captures are now general purpose captures since tcp rules can use them to capture various contents. That removes a dependency on http_txn that appeared in some sample fetch functions and in the order by which captures and http_txn were allocated. Interestingly the reset of the header captures were done at too many places as http_init_txn() used to do it while it was done previously in every call place.
2015-04-03 16:16:32 -04:00
pool_free2(fe->rsp_cap_pool, s->res_cap);
pool_free2(fe->req_cap_pool, s->req_cap);
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
}
[MINOR] http: move the http transaction init/cleanup code to proto_http This code really belongs to the http part since it's transaction-specific. This will also make it easier to later reinitialize a transaction in order to support keepalive.
2009-12-22 09:03:09 -05:00
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
/* Cleanup all variable contexts. */
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
vars_prune(&s->vars_txn, s->sess, s);
vars_prune(&s->vars_reqres, s->sess, s);
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_store_counters(s);
[MAJOR] session: add track-counters to track counters related to the session This patch adds the ability to set a pointer in the session to an entry in a stick table which holds various counters related to a specific pattern. Right now the syntax matches the target syntax and only the "src" pattern can be specified, to track counters related to the session's IPv4 source address. There is a special function to extract it and convert it to a key. But the goal is to be able to later support as many patterns as for the stick rules, and get rid of the specific function. The "track-counters" directive may only be set in a "tcp-request" statement right now. Only the first one applies. Probably that later we'll support multi-criteria tracking for a single session and that we'll have to name tracking pointers. No counter is updated right now, only the refcount is. Some subsequent patches will have to bring that feature.
2010-06-14 15:04:55 -04:00
[MINOR] add back-references to sessions for later use by a dumper. This is the first step in implementing a session dump tool. A session dump will need restart points. It will be necessary for it to get references to sessions which can be moved when the session dies. The principle is not that complex : when a session ends, it looks for any potential back-references. If it finds any, then it moves them to the next session in the list. The dump function will of course have to restart from that new point.
2008-12-07 14:16:23 -05:00
list_for_each_entry_safe(bref, back, &s->back_refs, users) {
[BUG] fix random memory corruption using "show sess" Commit 8a5c626e73bac905d150185e45110525588d7b4c introduced the sessions dump on the unix socket. This implementation is buggy because it may try to link to the sessions list's head after the last session is removed with a backref. Also, for the LIST_ISEMPTY test to succeed, we have to proceed with LIST_INIT after LIST_DEL.
2009-02-22 09:17:24 -05:00
/* we have to unlink all watchers. We must not relink them if
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* this stream was the last one in the list.
[BUG] fix random memory corruption using "show sess" Commit 8a5c626e73bac905d150185e45110525588d7b4c introduced the sessions dump on the unix socket. This implementation is buggy because it may try to link to the sessions list's head after the last session is removed with a backref. Also, for the LIST_ISEMPTY test to succeed, we have to proceed with LIST_INIT after LIST_DEL.
2009-02-22 09:17:24 -05:00
*/
[MINOR] add back-references to sessions for later use by a dumper. This is the first step in implementing a session dump tool. A session dump will need restart points. It will be necessary for it to get references to sessions which can be moved when the session dies. The principle is not that complex : when a session ends, it looks for any potential back-references. If it finds any, then it moves them to the next session in the list. The dump function will of course have to restart from that new point.
2008-12-07 14:16:23 -05:00
LIST_DEL(&bref->users);
[BUG] fix random memory corruption using "show sess" Commit 8a5c626e73bac905d150185e45110525588d7b4c introduced the sessions dump on the unix socket. This implementation is buggy because it may try to link to the sessions list's head after the last session is removed with a backref. Also, for the LIST_ISEMPTY test to succeed, we have to proceed with LIST_INIT after LIST_DEL.
2009-02-22 09:17:24 -05:00
LIST_INIT(&bref->users);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
if (s->list.n != &streams)
LIST_ADDQ(&LIST_ELEM(s->list.n, struct stream *, list)->back_refs, &bref->users);
[MINOR] add back-references to sessions for later use by a dumper. This is the first step in implementing a session dump tool. A session dump will need restart points. It will be necessary for it to get references to sessions which can be moved when the session dies. The principle is not that complex : when a session ends, it looks for any potential back-references. If it finds any, then it moves them to the next session in the list. The dump function will of course have to restart from that new point.
2008-12-07 14:16:23 -05:00
bref->ref = s->list.n;
}
[MINOR] maintain a global session list in order to ease debugging Now the global variable 'sessions' will be a dual-linked list of all known sessions. The list element is set at the beginning of the session so that it's easier to follow them all with gdb.
2008-11-23 13:53:55 -05:00
LIST_DEL(&s->list);
MAJOR: stream interface: dynamically allocate the outgoing connection The outgoing connection is now allocated dynamically upon the first attempt to touch the connection's source or destination address. If this allocation fails, we fail on SN_ERR_RESOURCE. As we didn't use si->conn anymore, it was removed. The endpoints are released upon session_free(), on the error path, and upon a new transaction. That way we are able to carry the existing server's address across retries. The stream interfaces are not initialized anymore before session_complete(), so we could even think about allocating them dynamically as well, though that would not provide much savings. The session initialization now makes use of conn_new()/conn_free(). This slightly simplifies the code and makes it more logical. The connection initialization code is now shorter by about 120 bytes because it's done at once, allowing the compiler to remove all redundant initializations. The si_attach_applet() function now takes care of first detaching the existing endpoint, and it is called from stream_int_register_handler(), so we can safely remove the calls to si_release_endpoint() in the application code around this call. A call to si_detach() was made upon stream_int_unregister_handler() to ensure we always free the allocated connection if one was allocated in parallel to setting an applet (eg: detect HTTP proxy while proceeding with stats maybe).
2013-10-11 13:34:20 -04:00
si_release_endpoint(&s->si[1]);
si_release_endpoint(&s->si[0]);
MEDIUM: stream: allocate the session when a stream is created This is where we'll put some session-wide information.
2015-04-03 08:10:06 -04:00
/* FIXME: for now we have a 1:1 relation between stream and session so
* the stream must free the session.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
pool_free2(pool2_stream, s);
MINOR: session: implement session_free() and use it everywhere We want to call this one everywhere we have to kill a session so that future parts we move to the session can be released from there.
2015-04-04 09:54:03 -04:00
session_free(sess);
[MEDIUM] fade out memory usage when stopping proxies Now we try to free as many pools as possible when a proxy is stopping. The reason is that we want to ease the process replacement when applying a new configuration, without keeping too many unused memory allocated.
2007-07-11 04:42:35 -04:00
/* We may want to free the maximum amount of pools if the proxy is stopping */
[MAJOR] implemented client-side support for PF_UNIX sockets A new file, proto_uxst.c, implements support of PF_UNIX sockets of type SOCK_STREAM. It relies on generic stream_sock_read/write and uses its own accept primitive which also tries to be generic. Right now it only implements an echo service in sight of a general support for start dumping via unix socket. The echo code is more of a proof of concept than useful code.
2007-10-16 11:34:28 -04:00
if (fe && unlikely(fe->state == PR_STSTOPPED)) {
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
pool_flush2(pool2_buffer);
MINOR: http: create a dedicated pool for http_txn This one will not necessarily be allocated for each stream, and we want to use the fact that it equals null to know it's not present so that we can always deduce its presence from the stream pointer. This commit only creates the new pool.
2015-04-03 16:55:33 -04:00
pool_flush2(pool2_http_txn);
OPTIM/MINOR: move the hdr_idx pools out of the proxy struct It makes no sense to have one pointer to the hdr_idx pool in each proxy struct since these pools do not depend on the proxy. Let's have a common pool instead as it is already the case for other types.
2011-10-24 12:15:04 -04:00
pool_flush2(pool2_hdr_idx);
[MEDIUM] memory: update pool_free2() to support NULL pointers In order to make pool usage more convenient, let pool_free2() support NULL pointers by doing nothing, just like the standard free(3) call does. The various call places have been updated to remove the now useless checks.
2008-08-03 11:41:33 -04:00
pool_flush2(pool2_requri);
pool_flush2(pool2_capture);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
pool_flush2(pool2_stream);
MEDIUM: stream: allocate the session when a stream is created This is where we'll put some session-wide information.
2015-04-03 08:10:06 -04:00
pool_flush2(pool2_session);
MINOR: session: release a few other pools when stopping We currently release all pools when a proxy is stopped, except the connection, pendconn, and pipe pools. Doing so can improve further reduce memory usage of old processes, eventhough the connection struct is quite small, but there are a lot and they can participate to memory fragmentation. The pipe pool is very small and limited, and not exported so it's not done here.
2014-11-13 10:46:28 -05:00
pool_flush2(pool2_connection);
pool_flush2(pool2_pendconn);
[MEDIUM] memory: update pool_free2() to support NULL pointers In order to make pool usage more convenient, let pool_free2() support NULL pointers by doing nothing, just like the standard free(3) call does. The various call places have been updated to remove the now useless checks.
2008-08-03 11:41:33 -04:00
pool_flush2(fe->req_cap_pool);
pool_flush2(fe->rsp_cap_pool);
[MEDIUM] fade out memory usage when stopping proxies Now we try to free as many pools as possible when a proxy is stopping. The reason is that we want to ease the process replacement when applying a new configuration, without keeping too many unused memory allocated.
2007-07-11 04:42:35 -04:00
}
[MAJOR] migrated task, tree64 and session to pool2 task and tree64 are already very close in size and are merged together. Overall performance gained slightly by this simple change.
2007-05-13 13:43:47 -04:00
}
MEDIUM: session: simplify receive buffer allocator to only use the channel Now that we can get the session from the channel, let's simplify the prototype of session_alloc_recv_buffer() to only require the channel. Both the caller and the function are now simplified.
2014-12-28 07:09:02 -05:00
/* Allocates a receive buffer for channel <chn>, but only if it's guaranteed
* that it's not the last available buffer or it's the response buffer. Unless
* the buffer is the response buffer, an extra control is made so that we always
* keep <tune.buffers.reserved> buffers available after this allocation. To be
* called at the beginning of recv() callbacks to ensure that the required
* buffers are properly allocated. Returns 0 in case of failure, non-zero
* otherwise.
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
int stream_alloc_recv_buffer(struct channel *chn)
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
{
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
struct stream *s;
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
struct buffer *b;
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
int margin = 0;
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
MEDIUM: session: simplify receive buffer allocator to only use the channel Now that we can get the session from the channel, let's simplify the prototype of session_alloc_recv_buffer() to only require the channel. Both the caller and the function are now simplified.
2014-12-28 07:09:02 -05:00
if (!(chn->flags & CF_ISRESP))
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
margin = global.tune.reserved_bufs;
MINOR: channel: rename function chn_sess to chn_strm The name of the function chn_sess is no longer appropriate. This patch renames it to chn_strm.
2015-09-25 02:36:11 -04:00
s = chn_strm(chn);
MEDIUM: session: simplify receive buffer allocator to only use the channel Now that we can get the session from the channel, let's simplify the prototype of session_alloc_recv_buffer() to only require the channel. Both the caller and the function are now simplified.
2014-12-28 07:09:02 -05:00
b = b_alloc_margin(&chn->buf, margin);
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
if (b)
return 1;
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
if (LIST_ISEMPTY(&s->buffer_wait))
LIST_ADDQ(&buffer_wq, &s->buffer_wait);
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
return 0;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Allocates a work buffer for stream <s>. It is meant to be called inside
* process_stream(). It will only allocate the side needed for the function
MAJOR: stream: do not allocate request buffers anymore when the left side is an applet We used to allocate a request buffer so that we could process applets from process_stream(), and this was causing some trouble because it was not possible for an analyzer to return an error to an applet, which we'll need for HTTP/2. Now that we don't call applets anymore from process_stream() we can simplify this and ensure that a response is always allocated to process a stream.
2015-04-20 09:52:18 -04:00
* to work fine, which is the response buffer so that an error message may be
* built and returned. Response buffers may be allocated from the reserve, this
* is critical to ensure that a response may always flow and will never block a
* server from releasing a connection. Returns 0 in case of failure, non-zero
* otherwise.
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
int stream_alloc_work_buffer(struct stream *s)
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
{
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
if (!LIST_ISEMPTY(&s->buffer_wait)) {
LIST_DEL(&s->buffer_wait);
LIST_INIT(&s->buffer_wait);
}
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
MAJOR: stream: do not allocate request buffers anymore when the left side is an applet We used to allocate a request buffer so that we could process applets from process_stream(), and this was causing some trouble because it was not possible for an analyzer to return an error to an applet, which we'll need for HTTP/2. Now that we don't call applets anymore from process_stream() we can simplify this and ensure that a response is always allocated to process a stream.
2015-04-20 09:52:18 -04:00
if (b_alloc_margin(&s->res.buf, 0))
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
return 1;
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
LIST_ADDQ(&buffer_wq, &s->buffer_wait);
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
return 0;
}
/* releases unused buffers after processing. Typically used at the end of the
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
* update() functions. It will try to wake up as many tasks as the number of
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* buffers that it releases. In practice, most often streams are blocked on
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
* a single buffer, so it makes sense to try to wake two up when two buffers
* are released at once.
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void stream_release_buffers(struct stream *s)
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
{
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (s->req.buf->size && buffer_empty(s->req.buf))
b_free(&s->req.buf);
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (s->res.buf->size && buffer_empty(s->res.buf))
b_free(&s->res.buf);
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
/* if we're certain to have at least 1 buffer available, and there is
* someone waiting, we can wake up a waiter and offer them.
*/
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
if (!LIST_ISEMPTY(&buffer_wq))
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_offer_buffers();
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Runs across the list of pending streams waiting for a buffer and wakes one
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
* up if buffers are available. Will stop when the run queue reaches <rqlimit>.
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* Should not be called directly, use stream_offer_buffers() instead.
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void __stream_offer_buffers(int rqlimit)
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
{
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
struct stream *sess, *bak;
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
list_for_each_entry_safe(sess, bak, &buffer_wq, buffer_wait) {
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
if (rqlimit <= run_queue)
break;
MAJOR: session: implement a wait-queue for sessions who need a buffer When a session_alloc_buffers() fails to allocate one or two buffers, it subscribes the session to buffer_wq, and waits for another session to release buffers. It's then removed from the queue and woken up with TASK_WAKE_RES, and can attempt its allocation again. We decide to try to wake as many waiters as we release buffers so that if we release 2 and two waiters need only once, they both have their chance. We must never come to the situation where we don't wake enough tasks up. It's common to release buffers after the completion of an I/O callback, which can happen even if the I/O could not be performed due to half a failure on memory allocation. In this situation, we don't want to move out of the wait queue the session that was just added, otherwise it will never get any buffer. Thus, we only force ourselves out of the queue when freeing the session. Note: at the moment, since session_alloc_buffers() is not used, no task is subscribed to the wait queue.
2014-11-25 15:10:35 -05:00
if (sess->task->state & TASK_RUNNING)
continue;
LIST_DEL(&sess->buffer_wait);
LIST_INIT(&sess->buffer_wait);
task_wakeup(sess->task, TASK_WOKEN_RES);
}
MEDIUM: session: implement a basic atomic buffer allocator This patch introduces session_alloc_recv_buffer(), session_alloc_buffers() and session_release_buffers() whose purpose will be to allocate missing buffers and release unneeded ones around the process_session() and during I/O operations. I/O callbacks only need a single buffer for recv operations and none for send. However we still want to ensure that we don't pick the last buffer. That's what session_alloc_recv_buffer() is for. This allocator is atomic in that it always ensures we can get 2 buffers or fails. Here, if any of the buffers is not ready and cannot be allocated, the operation is cancelled. The purpose is to guarantee that we don't enter into the deadlock where all buffers are allocated by the same size of all sessions. A queue will have to be implemented for failed allocations. For now they're just reported as failures.
2014-11-25 13:46:36 -05:00
}
[MAJOR] migrated task, tree64 and session to pool2 task and tree64 are already very close in size and are merged together. Overall performance gained slightly by this simple change.
2007-05-13 13:43:47 -04:00
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
int init_stream()
[MAJOR] migrated task, tree64 and session to pool2 task and tree64 are already very close in size and are merged together. Overall performance gained slightly by this simple change.
2007-05-13 13:43:47 -04:00
{
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
LIST_INIT(&streams);
pool2_stream = create_pool("stream", sizeof(struct stream), MEM_F_SHARED);
return pool2_stream != NULL;
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void stream_process_counters(struct stream *s)
[OPTIM] small optimization on session_process_counters() It was possible to slightly reduce the size and the number of operations in session_process_counters(). Two 64 bit comparisons were removed, reducing the code by 98 bytes on x86 due to the lack of registers. The net observed performance gain is almost 2%, which cannot be attributed to those optimizations, but more likely to induced changes in code alignment in other functions.
2007-11-26 14:15:35 -05:00
{
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
struct session *sess = s->sess;
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
unsigned long long bytes;
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
void *ptr1,*ptr2;
CLEANUP: session: use an array for the stick counters The stick counters were in two distinct sets of struct members, causing some code to be duplicated. Now we use an array, which enables some processing to be performed in loops. This allowed the code to be shrunk by 700 bytes.
2012-12-09 09:55:40 -05:00
int i;
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
bytes = s->req.total - s->logs.bytes_in;
s->logs.bytes_in = s->req.total;
if (bytes) {
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.bytes_in += bytes;
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->be->be_counters.bytes_in += bytes;
[MEDIUM] Collect & provide separate statistics for sockets, v2 This patch allows to collect & provide separate statistics for each socket. It can be very useful if you would like to distinguish between traffic generate by local and remote users or between different types of remote clients (peerings, domestic, foreign). Currently no "Session rate" is supported, but adding it should be possible if we found it useful.
2009-10-04 09:43:17 -04:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (objt_server(s->target))
objt_server(s->target)->counters.bytes_in += bytes;
[MEDIUM] session: add data in and out volume counters The new "bytes_in_cnt" and "bytes_out_cnt" session counters have been added. They're automatically updated when session counters are updated. They can be matched with the "src_kbytes_in" and "src_kbytes_out" ACLs which apply to the volume per source address. This can be used to deny access to service abusers.
2010-06-18 12:33:32 -04:00
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
if (sess->listener && sess->listener->counters)
sess->listener->counters->bytes_in += bytes;
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
for (i = 0; i < MAX_SESS_STKCTR; i++) {
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
struct stkctr *stkctr = &s->stkctr[i];
if (!stkctr_entry(stkctr)) {
stkctr = &sess->stkctr[i];
if (!stkctr_entry(stkctr))
continue;
}
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr1 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_IN_CNT);
if (ptr1)
stktable_data_cast(ptr1, bytes_in_cnt) += bytes;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr2 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_IN_RATE);
if (ptr2)
update_freq_ctr_period(&stktable_data_cast(ptr2, bytes_in_rate),
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
stkctr->table->data_arg[STKTABLE_DT_BYTES_IN_RATE].u, bytes);
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
/* If data was modified, we need to touch to re-schedule sync */
if (ptr1 || ptr2)
stktable_touch(stkctr->table, stkctr_entry(stkctr), 1);
[OPTIM] small optimization on session_process_counters() It was possible to slightly reduce the size and the number of operations in session_process_counters(). Two 64 bit comparisons were removed, reducing the code by 98 bytes on x86 due to the lack of registers. The net observed performance gain is almost 2%, which cannot be attributed to those optimizations, but more likely to induced changes in code alignment in other functions.
2007-11-26 14:15:35 -05:00
}
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
}
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
bytes = s->res.total - s->logs.bytes_out;
s->logs.bytes_out = s->res.total;
if (bytes) {
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.bytes_out += bytes;
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->be->be_counters.bytes_out += bytes;
[MEDIUM] Collect & provide separate statistics for sockets, v2 This patch allows to collect & provide separate statistics for each socket. It can be very useful if you would like to distinguish between traffic generate by local and remote users or between different types of remote clients (peerings, domestic, foreign). Currently no "Session rate" is supported, but adding it should be possible if we found it useful.
2009-10-04 09:43:17 -04:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
if (objt_server(s->target))
objt_server(s->target)->counters.bytes_out += bytes;
[MAJOR] session-counters: split FE and BE track counters Having a single tracking pointer for both frontend and backend counters does not work. Instead let's have one for each. The keyword has changed to "track-be-counters" and "track-fe-counters", and the ACL "trk_*" changed to "trkfe_*" and "trkbe_*".
2010-08-03 10:29:52 -04:00
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
if (sess->listener && sess->listener->counters)
sess->listener->counters->bytes_out += bytes;
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
for (i = 0; i < MAX_SESS_STKCTR; i++) {
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
struct stkctr *stkctr = &s->stkctr[i];
if (!stkctr_entry(stkctr)) {
stkctr = &sess->stkctr[i];
if (!stkctr_entry(stkctr))
continue;
}
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr1 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_OUT_CNT);
if (ptr1)
stktable_data_cast(ptr1, bytes_out_cnt) += bytes;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr2 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_OUT_RATE);
if (ptr2)
update_freq_ctr_period(&stktable_data_cast(ptr2, bytes_out_rate),
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
stkctr->table->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u, bytes);
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
/* If data was modified, we need to touch to re-schedule sync */
if (ptr1 || ptr2)
stktable_touch(stkctr->table, stkctr_entry(stkctr), 1);
[OPTIM] small optimization on session_process_counters() It was possible to slightly reduce the size and the number of operations in session_process_counters(). Two 64 bit comparisons were removed, reducing the code by 98 bytes on x86 due to the lack of registers. The net observed performance gain is almost 2%, which cannot be attributed to those optimizations, but more likely to induced changes in code alignment in other functions.
2007-11-26 14:15:35 -05:00
}
[MEDIUM] continous statistics By default, counters used for statistics calculation are incremented only when a session finishes. It works quite well when serving small objects, but with big ones (for example large images or archives) or with A/V streaming, a graph generated from haproxy counters looks like a hedgehog. This patch implements a contstats (continous statistics) option. When set counters get incremented continuously, during a whole session. Recounting touches a hotpath directly so it is not enabled by default, as it has small performance impact (~0.5%).
2007-11-24 16:12:47 -05:00
}
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* This function is called with (si->state == SI_ST_CON) meaning that a
* connection was attempted and that the file descriptor is already allocated.
* We must check for establishment, error and abort. Possible output states
* are SI_ST_EST (established), SI_ST_CER (error), SI_ST_DIS (abort), and
* SI_ST_CON (no change). The function returns 0 if it switches to SI_ST_CER,
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* otherwise 1. This only works with connection-based streams.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int sess_update_st_con_tcp(struct stream *s)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
{
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
struct stream_interface *si = &s->si[1];
struct channel *req = &s->req;
struct channel *rep = &s->res;
BUG/MEDIUM: connection: check the control layer before stopping polling The bug described in commit 568743a ("BUG/MEDIUM: stream-int: completely detach connection on connect error") was not a stream-interface layer bug but a connection layer bug. There was exactly one place in the code where we could change a file descriptor's status without first checking whether it is valid or not, it was in conn_stop_polling(). This one is called when the polling status is changed after an update, and calls fd_stop_both even if we had already closed the file descriptor : 1479388298.484240 ->->->->-> conn_fd_handler > conn_cond_update_polling 1479388298.484240 ->->->->->-> conn_cond_update_polling > conn_stop_polling 1479388298.484241 ->->->->->->-> conn_stop_polling > conn_ctrl_ready 1479388298.484241 conn_stop_polling < conn_ctrl_ready 1479388298.484241 ->->->->->->-> conn_stop_polling > fd_stop_both 1479388298.484242 ->->->->->->->-> fd_stop_both > fd_update_cache 1479388298.484242 ->->->->->->->->-> fd_update_cache > fd_release_cache_entry 1479388298.484242 fd_update_cache < fd_release_cache_entry 1479388298.484243 fd_stop_both < fd_update_cache 1479388298.484243 conn_stop_polling < fd_stop_both 1479388298.484243 conn_cond_update_polling < conn_stop_polling 1479388298.484243 conn_fd_handler < conn_cond_update_polling The problem with the previous fix above is that it break the http_proxy mode and possibly even some Lua parts and peers to a certain extent ; all outgoing connections where the target address is initially copied into the outgoing connection which experience a retry would use a random outgoing address after the retry because closing and detaching the connection causes the target address to be lost. This was attempted to be addressed by commit 0857d7a ("BUG/MAJOR: stream: properly mark the server address as unset on connect retry") but it used to only solve the most visible effect and not the root cause. Prior to this fix, it was possible to cause this config to keep CLOSE_WAIT for as long as it takes to expire a client or server timeout (note the missing client timeout) : listen test mode http bind :8002 server s1 127.0.0.1:8001 $ tcploop 8001 L0 W N20 A R P100 S:"HTTP/1.1 200 OK\r\nContent-length: 0\r\n\r\n" & $ tcploop 8002 N200 C T W S:"GET / HTTP/1.0\r\n\r\n" O P10000 K With this patch, these CLOSE_WAIT properly vanish when both processes leave. This commit reverts the two fixes above and replaces them with the proper fix in connection.h. It must be backported to 1.6 and 1.5. Thanks to Robson Roberto Souza Peixoto for providing very detailed traces showing some obvious inconsistencies leading to finding this bug.
2016-11-17 06:05:13 -05:00
struct connection *srv_conn = __objt_conn(si->end);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* If we got an error, or if nothing happened and the connection timed
* out, we must give up. The CER state handler will take care of retry
* attempts and error reports.
*/
if (unlikely(si->flags & (SI_FL_EXP|SI_FL_ERR))) {
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
if (unlikely(req->flags & CF_WRITE_PARTIAL)) {
BUG/MINOR: session: ensure that we don't retry connection if some data were sent With extra-large buffers, it is possible that a lot of data are sent upon connection establishment before the session is notified. The issue is how to handle a send() error after some data were actually sent. At the moment, only a connection error is reported, causing a new connection attempt and send() to restart after the last data. We absolutely don't want to retry the connect() if at least one byte was sent, because those data are lost. The solution consists in reporting exactly what happens, which is : - a successful connection attempt - a read/write error on the channel That way we go on with sess_establish(), the response analysers are called and report the appropriate connection state for the error (typically a server abort while waiting for a response). This mechanism also guarantees that we won't retry since it's a success. The logs also report the correct connect time. Note that 1.4 is not directly affected because it only attempts one send(), so it cannot detect a send() failure here and distinguish it form a failed connection attempt. So no backport is needed. Also, this is just a safe belt we're taking, since this issue should not happen anymore since previous commit.
2012-10-29 17:41:31 -04:00
/* Some data were sent past the connection establishment,
* so we need to pretend we're established to log correctly
* and let later states handle the failure.
*/
si->state = SI_ST_EST;
si->err_type = SI_ET_DATA_ERR;
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
rep->flags |= CF_READ_ERROR | CF_WRITE_ERROR;
BUG/MINOR: session: ensure that we don't retry connection if some data were sent With extra-large buffers, it is possible that a lot of data are sent upon connection establishment before the session is notified. The issue is how to handle a send() error after some data were actually sent. At the moment, only a connection error is reported, causing a new connection attempt and send() to restart after the last data. We absolutely don't want to retry the connect() if at least one byte was sent, because those data are lost. The solution consists in reporting exactly what happens, which is : - a successful connection attempt - a read/write error on the channel That way we go on with sess_establish(), the response analysers are called and report the appropriate connection state for the error (typically a server abort while waiting for a response). This mechanism also guarantees that we won't retry since it's a success. The logs also report the correct connect time. Note that 1.4 is not directly affected because it only attempts one send(), so it cannot detect a send() failure here and distinguish it form a failed connection attempt. So no backport is needed. Also, this is just a safe belt we're taking, since this issue should not happen anymore since previous commit.
2012-10-29 17:41:31 -04:00
return 1;
}
[BUG] reset the stream_interface connect timeout upon connect or error The stream_interface timeout was not reset upon a connect success or error, leading to busy loops when requeuing tasks in the past. Thanks to Bart Bobrowski for reporting the issue.
2009-03-28 05:47:26 -04:00
si->exp = TICK_ETERNITY;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_CER;
BUG/MEDIUM: connection: check the control layer before stopping polling The bug described in commit 568743a ("BUG/MEDIUM: stream-int: completely detach connection on connect error") was not a stream-interface layer bug but a connection layer bug. There was exactly one place in the code where we could change a file descriptor's status without first checking whether it is valid or not, it was in conn_stop_polling(). This one is called when the polling status is changed after an update, and calls fd_stop_both even if we had already closed the file descriptor : 1479388298.484240 ->->->->-> conn_fd_handler > conn_cond_update_polling 1479388298.484240 ->->->->->-> conn_cond_update_polling > conn_stop_polling 1479388298.484241 ->->->->->->-> conn_stop_polling > conn_ctrl_ready 1479388298.484241 conn_stop_polling < conn_ctrl_ready 1479388298.484241 ->->->->->->-> conn_stop_polling > fd_stop_both 1479388298.484242 ->->->->->->->-> fd_stop_both > fd_update_cache 1479388298.484242 ->->->->->->->->-> fd_update_cache > fd_release_cache_entry 1479388298.484242 fd_update_cache < fd_release_cache_entry 1479388298.484243 fd_stop_both < fd_update_cache 1479388298.484243 conn_stop_polling < fd_stop_both 1479388298.484243 conn_cond_update_polling < conn_stop_polling 1479388298.484243 conn_fd_handler < conn_cond_update_polling The problem with the previous fix above is that it break the http_proxy mode and possibly even some Lua parts and peers to a certain extent ; all outgoing connections where the target address is initially copied into the outgoing connection which experience a retry would use a random outgoing address after the retry because closing and detaching the connection causes the target address to be lost. This was attempted to be addressed by commit 0857d7a ("BUG/MAJOR: stream: properly mark the server address as unset on connect retry") but it used to only solve the most visible effect and not the root cause. Prior to this fix, it was possible to cause this config to keep CLOSE_WAIT for as long as it takes to expire a client or server timeout (note the missing client timeout) : listen test mode http bind :8002 server s1 127.0.0.1:8001 $ tcploop 8001 L0 W N20 A R P100 S:"HTTP/1.1 200 OK\r\nContent-length: 0\r\n\r\n" & $ tcploop 8002 N200 C T W S:"GET / HTTP/1.0\r\n\r\n" O P10000 K With this patch, these CLOSE_WAIT properly vanish when both processes leave. This commit reverts the two fixes above and replaces them with the proper fix in connection.h. It must be backported to 1.6 and 1.5. Thanks to Robson Roberto Souza Peixoto for providing very detailed traces showing some obvious inconsistencies leading to finding this bug.
2016-11-17 06:05:13 -05:00
conn_force_close(srv_conn);
BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled Commit 2b199c9a attempted to fix all places where the transport layer is improperly closed, but it missed one place in session_free(). If SSL ciphers are logged, the close() is delayed post-log and performed in session_free(). However, conn_xprt_close() only closes the transport layer but not the file descriptor, resulting in a slow FD leak which is hardly noticeable until the process cannot accept any new connection. A workaround consisted in disabling %sslv/%sslc in log-format. So use conn_full_close() instead of conn_xprt_close() to fix this there too. A similar pending issue existed in the close during outgoing connection failure, though on this side, the transport layer is never tracked at the moment.
2012-12-08 02:44:02 -05:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (si->err_type)
return 0;
if (si->flags & SI_FL_ERR)
si->err_type = SI_ET_CONN_ERR;
else
si->err_type = SI_ET_CONN_TO;
return 0;
}
/* OK, maybe we want to abort */
BUG/MINOR: http: don't process abortonclose when request was sent option abortonclose may cause a valid connection to be aborted just after the request has been sent. This is because we check for it during the session establishment sequence before checking for write activity. So if the abort and the connect complete at the same time, the abort is still considered. Let's check for an explicity partial write before aborting. This fix should be backported to 1.4 too.
2012-12-29 18:50:35 -05:00
if (!(req->flags & CF_WRITE_PARTIAL) &&
unlikely((rep->flags & CF_SHUTW) ||
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
((req->flags & CF_SHUTW_NOW) && /* FIXME: this should not prevent a connection from establishing */
((!(req->flags & CF_WRITE_ACTIVITY) && channel_is_empty(req)) ||
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->be->options & PR_O_ABRT_CLOSE)))) {
/* give up */
MINOR: stream_interface: introduce a new "struct connection" type We start to move everything needed to manage a connection to a special entity "struct connection". We have the data layer operations and the control operations there. We'll also have more info in the future such as file descriptors and applet contexts, so that in the end it becomes detachable from the stream interface, which will allow connections to be reused between sessions. For now on, we start with minimal changes.
2012-05-21 10:31:45 -04:00
si_shutw(si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->err_type |= SI_ET_CONN_ABRT;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
if (s->srv_error)
s->srv_error(s, si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return 1;
}
/* we need to wait a bit more if there was no activity either */
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
if (!(req->flags & CF_WRITE_ACTIVITY))
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return 1;
/* OK, this means that a connection succeeded. The caller will be
* responsible for handling the transition from CON to EST.
*/
si->state = SI_ST_EST;
si->err_type = SI_ET_NONE;
return 1;
}
/* This function is called with (si->state == SI_ST_CER) meaning that a
* previous connection attempt has failed and that the file descriptor
* has already been released. Possible causes include asynchronous error
* notification and time out. Possible output states are SI_ST_CLO when
* retries are exhausted, SI_ST_TAR when a delay is wanted before a new
* connection attempt, SI_ST_ASS when it's wise to retry on the same server,
* and SI_ST_REQ when an immediate redispatch is wanted. The buffers are
* marked as in error state. It returns 0.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int sess_update_st_cer(struct stream *s)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
{
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
struct stream_interface *si = &s->si[1];
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* we probably have to release last stream from the server */
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (objt_server(s->target)) {
health_adjust(objt_server(s->target), HANA_STATUS_L4_ERR);
[MEDIUM] Decrease server health based on http responses / events, version 3 Implement decreasing health based on observing communication between HAProxy and servers. Changes in this version 2: - documentation - close race between a started check and health analysis event - don't force fastinter if it is not set - better names for options - layer4 support Changes in this version 3: - add stats - port to the current 1.4 tree
2009-12-15 16:31:24 -05:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (s->flags & SF_CURR_SESS) {
s->flags &= ~SF_CURR_SESS;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
objt_server(s->target)->cur_sess--;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
}
/* ensure that we have enough retries left */
[MEDIUM] session: move the conn_retries attribute to the stream interface The conn_retries still lies in the session and its initialization depends on the backend when it may not yet be known. Let's first move it to the stream interface.
2010-06-01 03:51:00 -04:00
si->conn_retries--;
if (si->conn_retries < 0) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (!si->err_type) {
si->err_type = SI_ET_CONN_ERR;
}
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (objt_server(s->target))
objt_server(s->target)->counters.failed_conns++;
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.failed_conns++;
[BUG] session: release slot before processing pending connections When a connection error is encountered on a server and the server's connection pool is full, pending connections are not woken up because the current connection is still accounted for on the server, so it still appears full. This becomes visible on a server which has "maxconn 1" because the pending connections will only be able to expire in the queue. Now we take care of releasing our current connection before trying to offer it to another pending request, so that the server can accept a next connection. This patch should be backported to 1.4.
2010-12-29 08:32:28 -05:00
sess_change_server(s, NULL);
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutw is enough so stop a connecting socket */
MINOR: stream_interface: introduce a new "struct connection" type We start to move everything needed to manage a connection to a special entity "struct connection". We have the data layer operations and the control operations there. We'll also have more info in the future such as file descriptors and applet contexts, so that in the end it becomes detachable from the stream interface, which will allow connections to be reused between sessions. For now on, we start with minimal changes.
2012-05-21 10:31:45 -04:00
si_shutw(si);
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
s->req.flags |= CF_WRITE_ERROR;
s->res.flags |= CF_READ_ERROR;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_CLO;
[MEDIUM] make the http server error function a pointer in the session It was a bit awkward to have session.c call return_srv_error() for HTTP error messages related to servers. The function has been adapted to be passed a pointer to the faulty stream interface, and is now a pointer in the session. It is possible that in the future, it will become a callback in the stream interface itself.
2008-11-30 14:44:17 -05:00
if (s->srv_error)
s->srv_error(s, si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return 0;
}
/* If the "redispatch" option is set on the backend, we are allowed to
MEDIUM: backend: Allow redispatch on retry intervals For backend load balancing it sometimes makes sense to redispatch rather than retrying against the same server. For example, when machines or routers fail you may not want to waste time retrying against a dead server and would instead prefer to immediately redispatch against other servers. This patch allows backend sections to specify that they want to redispatch on a particular interval. If the interval N is positive the redispatch occurs on every Nth retry, and if the interval N is negative then the redispatch occurs on the Nth retry prior to the last retry (-1 is the default and maintains backwards compatibility). In low latency environments tuning this setting can save a few hundred milliseconds when backends fail.
2015-05-12 02:25:34 -04:00
* retry on another server. By default this redispatch occurs on the
* last retry, but if configured we allow redispatches to occur on
* configurable intervals, e.g. on every retry. In order to achieve this,
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* we must mark the stream unassigned, and eventually clear the DIRECT
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
* bit to ignore any persistence cookie. We won't count a retry nor a
* redispatch yet, because this will depend on what server is selected.
MEDIUM: session: redispatch earlier when possible As discussed with Dmitry Sivachenko, is a server farm has more than one active server, uses a guaranteed non-determinist algorithm (round robin), and a connection was initiated from a non-persistent connection, there's no point insisting to reconnect to the same server after a connect failure, better redispatch upon the very first retry instead of insisting on the same server multiple times.
2014-06-13 11:49:40 -04:00
* If the connection is not persistent, the balancing algorithm is not
* determinist (round robin) and there is more than one active server,
* we accept to perform an immediate redispatch without waiting since
* we don't care about this particular server.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
MEDIUM: session: redispatch earlier when possible As discussed with Dmitry Sivachenko, is a server farm has more than one active server, uses a guaranteed non-determinist algorithm (round robin), and a connection was initiated from a non-persistent connection, there's no point insisting to reconnect to the same server after a connect failure, better redispatch upon the very first retry instead of insisting on the same server multiple times.
2014-06-13 11:49:40 -04:00
if (objt_server(s->target) &&
MEDIUM: backend: Allow redispatch on retry intervals For backend load balancing it sometimes makes sense to redispatch rather than retrying against the same server. For example, when machines or routers fail you may not want to waste time retrying against a dead server and would instead prefer to immediately redispatch against other servers. This patch allows backend sections to specify that they want to redispatch on a particular interval. If the interval N is positive the redispatch occurs on every Nth retry, and if the interval N is negative then the redispatch occurs on the Nth retry prior to the last retry (-1 is the default and maintains backwards compatibility). In low latency environments tuning this setting can save a few hundred milliseconds when backends fail.
2015-05-12 02:25:34 -04:00
(s->be->options & PR_O_REDISP) && !(s->flags & SF_FORCE_PRST) &&
BUG/MINOR: stream: don't force retries if the server is DOWN Arkadiy Kulev noticed that if a server is marked down while a connection is being trying to establish, we still insist on performing retries on the same server, which is absurd. Better perform the redispatch if we already know the server is down. Because of this, it's likely that the observe-l4 and sudden-death mechanisms are not optimal an cannot help much the connection which was used to detect the problem. The fix should be backported to 1.6 and 1.5 at least.
2016-01-13 01:58:44 -05:00
((__objt_server(s->target)->state < SRV_ST_RUNNING) ||
(((s->be->redispatch_after > 0) &&
MEDIUM: backend: Allow redispatch on retry intervals For backend load balancing it sometimes makes sense to redispatch rather than retrying against the same server. For example, when machines or routers fail you may not want to waste time retrying against a dead server and would instead prefer to immediately redispatch against other servers. This patch allows backend sections to specify that they want to redispatch on a particular interval. If the interval N is positive the redispatch occurs on every Nth retry, and if the interval N is negative then the redispatch occurs on the Nth retry prior to the last retry (-1 is the default and maintains backwards compatibility). In low latency environments tuning this setting can save a few hundred milliseconds when backends fail.
2015-05-12 02:25:34 -04:00
((s->be->conn_retries - si->conn_retries) %
s->be->redispatch_after == 0)) ||
((s->be->redispatch_after < 0) &&
((s->be->conn_retries - si->conn_retries) %
(s->be->conn_retries + 1 + s->be->redispatch_after) == 0))) ||
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
(!(s->flags & SF_DIRECT) && s->be->srv_act > 1 &&
MEDIUM: backend: Allow redispatch on retry intervals For backend load balancing it sometimes makes sense to redispatch rather than retrying against the same server. For example, when machines or routers fail you may not want to waste time retrying against a dead server and would instead prefer to immediately redispatch against other servers. This patch allows backend sections to specify that they want to redispatch on a particular interval. If the interval N is positive the redispatch occurs on every Nth retry, and if the interval N is negative then the redispatch occurs on the Nth retry prior to the last retry (-1 is the default and maintains backwards compatibility). In low latency environments tuning this setting can save a few hundred milliseconds when backends fail.
2015-05-12 02:25:34 -04:00
((s->be->lbprm.algo & BE_LB_KIND) == BE_LB_KIND_RR)))) {
[BUG] session: release slot before processing pending connections When a connection error is encountered on a server and the server's connection pool is full, pending connections are not woken up because the current connection is still accounted for on the server, so it still appears full. This becomes visible on a server which has "maxconn 1" because the pending connections will only be able to expire in the queue. Now we take care of releasing our current connection before trying to offer it to another pending request, so that the server can accept a next connection. This patch should be backported to 1.4.
2010-12-29 08:32:28 -05:00
sess_change_server(s, NULL);
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (may_dequeue_tasks(objt_server(s->target), s->be))
process_srv_queue(objt_server(s->target));
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags &= ~(SF_DIRECT | SF_ASSIGNED | SF_ADDR_SET);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_REQ;
} else {
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (objt_server(s->target))
objt_server(s->target)->counters.retries++;
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.retries++;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_ASS;
}
if (si->flags & SI_FL_ERR) {
/* The error was an asynchronous connection error, and we will
* likely have to retry connecting to the same server, most
* likely leading to the same result. To avoid this, we wait
MEDIUM: session: allow shorter retry delay if timeout connect is small As discussed with Dmitry Sivachenko, the default 1-second connect retry delay can be large for situations where the connect timeout is much smaller, because it means that an active connection reject will take more time to be retried than a silent drop, and that does not make sense. This patch changes this so that the retry delay is the minimum of 1 second and the connect timeout. That way people running with sub-second connect timeout will benefit from the shorter reconnect.
2014-06-13 11:04:44 -04:00
* MIN(one second, connect timeout) before retrying.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
MEDIUM: session: allow shorter retry delay if timeout connect is small As discussed with Dmitry Sivachenko, the default 1-second connect retry delay can be large for situations where the connect timeout is much smaller, because it means that an active connection reject will take more time to be retried than a silent drop, and that does not make sense. This patch changes this so that the retry delay is the minimum of 1 second and the connect timeout. That way people running with sub-second connect timeout will benefit from the shorter reconnect.
2014-06-13 11:04:44 -04:00
int delay = 1000;
if (s->be->timeout.connect && s->be->timeout.connect < delay)
delay = s->be->timeout.connect;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (!si->err_type)
si->err_type = SI_ET_CONN_ERR;
MEDIUM: session: don't apply the retry delay when redispatching The retry delay is only useful when sticking to a same server. During a redispatch, it's useless and counter-productive if we're sure to switch to another server, which is almost guaranteed when there's more than one server and the balancing algorithm is round robin, so better not pass via the turn-around state in this case. It could be done as well for leastconn, but there's a risk of always killing the delay after the recovery of a server in a farm where it's almost guaranteed to take most incoming traffic. So better only kill the delay when using round robin.
2014-06-13 11:40:15 -04:00
/* only wait when we're retrying on the same server */
if (si->state == SI_ST_ASS ||
(s->be->lbprm.algo & BE_LB_KIND) != BE_LB_KIND_RR ||
(s->be->srv_act <= 1)) {
si->state = SI_ST_TAR;
si->exp = tick_add(now_ms, MS_TO_TICKS(delay));
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return 0;
}
return 0;
}
/*
* This function handles the transition between the SI_ST_CON state and the
[MEDIUM] session: finish session establishment sequence in with I/O handlers Calling sess_establish() upon a successful connect() was essential, but it was not clearly stated whether it was necessary for an access to an I/O handler or not. While it would be desired, having it automatically add the response analyzers is quite a problem, and it breaks HTTP stats. The solution is thus not to call it for now and to perform the few response initializations as needed. For the long term, we need to find a way to specify the analyzers to install during a stream_int_register_handler() if any.
2010-05-31 05:57:51 -04:00
* SI_ST_EST state. It must only be called after switching from SI_ST_CON (or
REORG/MEDIUM: replace stream interface protocol functions by a proto pointer The stream interface now makes use of the socket protocol pointer instead of the direct functions.
2012-05-07 12:12:14 -04:00
* SI_ST_INI) to SI_ST_EST, but only when a ->proto is defined.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void sess_establish(struct stream *s)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
{
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
struct stream_interface *si = &s->si[1];
struct channel *req = &s->req;
struct channel *rep = &s->res;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MINOR: session: factor out the connect time measurement Currently there are 3 places in the code where t_connect is set after switching to state SI_ST_EST, and a fourth one will soon come. Since all these places lead to an immediate call to sess_establish() to complete the session establishment, better move that measurement there.
2013-12-31 17:06:46 -05:00
/* First, centralize the timers information */
s->logs.t_connect = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->exp = TICK_ETERNITY;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
if (objt_server(s->target))
health_adjust(objt_server(s->target), HANA_STATUS_L4_OK);
[MEDIUM] Decrease server health based on http responses / events, version 3 Implement decreasing health based on observing communication between HAProxy and servers. Changes in this version 2: - documentation - close race between a started check and health analysis event - don't force fastinter if it is not set - better names for options - layer4 support Changes in this version 3: - add stats - port to the current 1.4 tree
2009-12-15 16:31:24 -05:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (s->be->mode == PR_MODE_TCP) { /* let's allow immediate data connection in this case */
/* if the user wants to log as soon as possible, without counting
* bytes from the server, then this is the right moment. */
MINOR: stream: provide a few helpers to retrieve frontend, listener and origin Expressions are quite long when using strm_sess(strm)->whatever, so let's provide a few helpers : strm_fe(), strm_li(), strm_orig().
2015-04-03 20:10:38 -04:00
if (!LIST_ISEMPTY(&strm_fe(s)->logformat) && !(s->logs.logwait & LW_BYTES)) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->logs.t_close = s->logs.t_connect; /* to get a valid end date */
[MINOR] call session->do_log() for logging In order to avoid having to call per-protocol logging function directly from session.c, it's better to assign the logging function when the session is created. This also eliminates a test when the function is needed, and opens the way to more complete logging functions.
2008-11-30 13:02:32 -05:00
s->do_log(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
}
else {
OPTIM: session: set the READ_DONTWAIT flag when connecting As soon as we connect to the server, we want to limit the number of recvfrom() on the response path because most of the time a single call will retrieve enough information. At the moment this is only done in the HTTP response parser, after some reads have already failed, which is too late. We need to do that at the earliest possible instant. It was already done for the request side by frontend_accept() for the first request, and by http_reset_txn() for the next requests. Thanks to this change, there are no more failed recvfrom() calls in keep-alive mode.
2013-12-31 16:33:13 -05:00
rep->flags |= CF_READ_DONTWAIT; /* a single read is enough to get response headers */
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
MINOR: stream: provide a few helpers to retrieve frontend, listener and origin Expressions are quite long when using strm_sess(strm)->whatever, so let's provide a few helpers : strm_fe(), strm_li(), strm_orig().
2015-04-03 20:10:38 -04:00
rep->analysers |= strm_fe(s)->fe_rsp_ana | s->be->be_rsp_ana;
MEDIUM: filters: Replace filter_http_headers callback by an analyzer This new analyzer will be called for each HTTP request/response, before the parsing of the body. It is identified by AN_FLT_HTTP_HDRS. Special care was taken about the following condition : * the frontend is a TCP proxy * filters are defined in the frontend section * the selected backend is a HTTP proxy So, this patch explicitly add AN_FLT_HTTP_HDRS analyzer on the request and the response channels when the backend is a HTTP proxy and when there are filters attatched on the stream. This patch simplifies http_request_forward_body and http_response_forward_body functions.
2015-12-02 03:57:32 -05:00
/* Be sure to filter response headers if the backend is an HTTP proxy
* and if there are filters attached to the stream. */
if (s->be->mode == PR_MODE_HTTP && HAS_FILTERS(s))
rep->analysers |= AN_FLT_HTTP_HDRS;
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
rep->flags |= CF_READ_ATTACHED; /* producer is now attached */
BUG/MAJOR: http: connection setup may stall on balance url_param On the mailing list, seri0528@naver.com reported an issue when using balance url_param or balance uri. The request would sometimes stall forever. Cyril Bont managed to reproduce it with the configuration below : listen test :80 mode http balance url_param q hash-type consistent server s demo.1wt.eu:80 and found it appeared with this commit : 80a92c0 ("BUG/MEDIUM: http: don't start to forward request data before the connect"). The bug is subtle but real. The problem is that the HTTP request forwarding analyzer refrains from starting to parse the request body when some LB algorithms might need the body contents, in order to preserve the data pointer and avoid moving things around during analysis in case a redispatch is later needed. And in order to detect that the connection establishes, it watches the response channel's CF_READ_ATTACHED flag. The problem is that a request analyzer is not subscribed to a response channel, so it will only see changes when woken for other (generally correlated) reasons, such as the fact that part of the request could be sent. And since the CF_READ_ATTACHED flag is cleared once leaving process_session(), it is important not to miss it. It simply happens that sometimes the server starts to respond in a sequence that validates the connection in the middle of process_session(), that it is detected after the analysers, and that the newly assigned CF_READ_ATTACHED is not used to detect that the request analysers need to be called again, then the flag is lost. The CF_WAKE_WRITE flag doesn't work either because it's cleared upon entry into process_session(), ie if we spend more than one call not connecting. Thus we need a new flag to tell the connection initiator that we are specifically interested in being notified about connection establishment. This new flag is CF_WAKE_CONNECT. It is set by the requester, and is cleared once the connection succeeds, where CF_WAKE_ONCE is set instead, causing the request analysers to be scanned again. For future versions, some better options will have to be considered : - let all analysers subscribe to both request and response events ; - let analysers subscribe to stream interface events (reduces number of useless calls) - change CF_WAKE_WRITE's semantics to persist across calls to process_session(), but that is different from validating a connection establishment (eg: no data sent, or no data to send) The bug was introduced in 1.5-dev23, no backport is needed.
2014-04-30 12:11:11 -04:00
if (req->flags & CF_WAKE_CONNECT) {
req->flags |= CF_WAKE_ONCE;
req->flags &= ~CF_WAKE_CONNECT;
}
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
if (objt_conn(si->end)) {
[MEDIUM] session: initialize server-side timeouts after connect() It was particularly embarrassing that the server timeout was assigned to buffers during an accept() just to be potentially changed later in case of a use_backend rule. The frontend side has nothing to do with server timeouts. Now we initialize them right after the connect() succeeds. Later this should change for a unique stream-interface timeout setting only.
2010-05-31 06:31:35 -04:00
/* real connections have timeouts */
req->wto = s->be->timeout.server;
rep->rto = s->be->timeout.server;
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
req->wex = TICK_ETERNITY;
}
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
/* Check if the connection request is in such a state that it can be aborted. */
static int check_req_may_abort(struct channel *req, struct stream *s)
{
return ((req->flags & (CF_READ_ERROR)) ||
((req->flags & CF_SHUTW_NOW) && /* empty and client aborted */
(channel_is_empty(req) || s->be->options & PR_O_ABRT_CLOSE)));
}
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
/* Update back stream interface status for input states SI_ST_ASS, SI_ST_QUE,
* SI_ST_TAR. Other input states are simply ignored.
MEDIUM: stream-int: make si_connect() return an established state when possible si_connect() used to only return SI_ST_CON. But it already detect the connection reuse and is the function which avoids calling connect(). So it already knows the connection is valid and reuse. Thus we make it return SI_ST_EST when a connection is reused. This means that connect_server() can return this state and sess_update_stream_int() as well. Thanks to this change, we don't need to leave process_session() in SI_ST_CON state to immediately enter it again to switch to SI_ST_EST. Implementing this removes one call to process_session() per request in keep-alive mode. We're now at 2 calls per request, which is the minimum (one for the request and another one for the response). The number of calls to http_wait_for_response() has also dropped from 2 to one. Tests indicate a performance gain of about 2.6% in request rate in keep-alive mode. There should be no gain in http-server-close() since we don't use this faster path.
2013-12-31 17:32:12 -05:00
* Possible output states are SI_ST_CLO, SI_ST_TAR, SI_ST_ASS, SI_ST_REQ, SI_ST_CON
* and SI_ST_EST. Flags must have previously been updated for timeouts and other
* conditions.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void sess_update_stream_int(struct stream *s)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
{
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
struct server *srv = objt_server(s->target);
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
struct stream_interface *si = &s->si[1];
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
struct channel *req = &s->req;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
MAJOR: buffer: replace buf->l with buf->{o+i} We don't have buf->l anymore. We have buf->i for pending data and the total length is retrieved by adding buf->o. Some computation already become simpler. Despite extreme care, bugs are not excluded. It's worth noting that msg->err_pos as set by HTTP request/response analysers becomes relative to pending data and not to the beginning of the buffer. This has not been completed yet so differences might occur when outgoing data are left in the buffer.
2012-03-01 12:19:58 -05:00
DPRINTF(stderr,"[%u] %s: sess=%p rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
now_ms, __FUNCTION__,
s,
BUILD: Compile clean when debug options defined Here you go!
2015-05-02 16:35:24 -04:00
req, &s->res,
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
req->rex, s->res.wex,
req->flags, s->res.flags,
BUILD: Compile clean when debug options defined Here you go!
2015-05-02 16:35:24 -04:00
req->buf->i, req->buf->o, s->res.buf->i, s->res.buf->o, s->si[0].state, s->si[1].state);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (si->state == SI_ST_ASS) {
/* Server assigned to connection request, we have to try to connect now */
int conn_err;
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
/* Before we try to initiate the connection, see if the
* request may be aborted instead.
*/
if (check_req_may_abort(req, s)) {
si->err_type |= SI_ET_CONN_ABRT;
goto abort_connection;
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
conn_err = connect_server(s);
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
srv = objt_server(s->target);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (conn_err == SF_ERR_NONE) {
MEDIUM: stream-int: make si_connect() return an established state when possible si_connect() used to only return SI_ST_CON. But it already detect the connection reuse and is the function which avoids calling connect(). So it already knows the connection is valid and reuse. Thus we make it return SI_ST_EST when a connection is reused. This means that connect_server() can return this state and sess_update_stream_int() as well. Thanks to this change, we don't need to leave process_session() in SI_ST_CON state to immediately enter it again to switch to SI_ST_EST. Implementing this removes one call to process_session() per request in keep-alive mode. We're now at 2 calls per request, which is the minimum (one for the request and another one for the response). The number of calls to http_wait_for_response() has also dropped from 2 to one. Tests indicate a performance gain of about 2.6% in request rate in keep-alive mode. There should be no gain in http-server-close() since we don't use this faster path.
2013-12-31 17:32:12 -05:00
/* state = SI_ST_CON or SI_ST_EST now */
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv_inc_sess_ctr(srv);
MINOR: stats: Enhancement to stats page to provide information of last session time. Summary: Track and report last session time on the stats page for each server in every backend, as well as the backend. This attempts to address the requirement in the ROADMAP - add a last activity date for each server (req/resp) that will be displayed in the stats. It will be useful with soft stop. The stats page reports this as time elapsed since last session. This change does not adequately address the requirement for long running session (websocket, RDP... etc).
2014-02-03 16:26:46 -05:00
if (srv)
srv_set_sess_last(srv);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return;
}
/* We have received a synchronous error. We might have to
* abort, retry immediately or redispatch.
*/
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (conn_err == SF_ERR_INTERNAL) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (!si->err_type) {
si->err_type = SI_ET_CONN_OTHER;
}
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv_inc_sess_ctr(srv);
MINOR: stats: Enhancement to stats page to provide information of last session time. Summary: Track and report last session time on the stats page for each server in every backend, as well as the backend. This attempts to address the requirement in the ROADMAP - add a last activity date for each server (req/resp) that will be displayed in the stats. It will be useful with soft stop. The stats page reports this as time elapsed since last session. This change does not adequately address the requirement for long running session (websocket, RDP... etc).
2014-02-03 16:26:46 -05:00
if (srv)
srv_set_sess_last(srv);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.failed_conns++;
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.failed_conns++;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* release other streams waiting for this server */
[BUG] session: release slot before processing pending connections When a connection error is encountered on a server and the server's connection pool is full, pending connections are not woken up because the current connection is still accounted for on the server, so it still appears full. This becomes visible on a server which has "maxconn 1" because the pending connections will only be able to expire in the queue. Now we take care of releasing our current connection before trying to offer it to another pending request, so that the server can accept a next connection. This patch should be backported to 1.4.
2010-12-29 08:32:28 -05:00
sess_change_server(s, NULL);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (may_dequeue_tasks(srv, s->be))
process_srv_queue(srv);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* Failed and not retryable. */
MINOR: stream_interface: introduce a new "struct connection" type We start to move everything needed to manage a connection to a special entity "struct connection". We have the data layer operations and the control operations there. We'll also have more info in the future such as file descriptors and applet contexts, so that in the end it becomes detachable from the stream interface, which will allow connections to be reused between sessions. For now on, we start with minimal changes.
2012-05-21 10:31:45 -04:00
si_shutr(si);
si_shutw(si);
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
req->flags |= CF_WRITE_ERROR;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* no stream was ever accounted for this server */
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_CLO;
[MEDIUM] make the http server error function a pointer in the session It was a bit awkward to have session.c call return_srv_error() for HTTP error messages related to servers. The function has been adapted to be passed a pointer to the faulty stream interface, and is now a pointer in the session. It is possible that in the future, it will become a callback in the stream interface itself.
2008-11-30 14:44:17 -05:00
if (s->srv_error)
s->srv_error(s, si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return;
}
/* We are facing a retryable error, but we don't want to run a
* turn-around now, as the problem is likely a source port
* allocation problem, so we want to retry now.
*/
si->state = SI_ST_CER;
si->flags &= ~SI_FL_ERR;
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
sess_update_st_cer(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* now si->state is one of SI_ST_CLO, SI_ST_TAR, SI_ST_ASS, SI_ST_REQ */
return;
}
else if (si->state == SI_ST_QUE) {
/* connection request was queued, check for any update */
if (!s->pend_pos) {
/* The connection is not in the queue anymore. Either
* we have a server connection slot available and we
* go directly to the assigned state, or we need to
* load-balance first and go to the INI state.
*/
si->exp = TICK_ETERNITY;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (unlikely(!(s->flags & SF_ASSIGNED)))
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_REQ;
else {
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->state = SI_ST_ASS;
}
return;
}
/* Connection request still in queue... */
if (si->flags & SI_FL_EXP) {
/* ... and timeout expired */
si->exp = TICK_ETERNITY;
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.failed_conns++;
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.failed_conns++;
MINOR: stream_interface: introduce a new "struct connection" type We start to move everything needed to manage a connection to a special entity "struct connection". We have the data layer operations and the control operations there. We'll also have more info in the future such as file descriptors and applet contexts, so that in the end it becomes detachable from the stream interface, which will allow connections to be reused between sessions. For now on, we start with minimal changes.
2012-05-21 10:31:45 -04:00
si_shutr(si);
si_shutw(si);
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
req->flags |= CF_WRITE_TIMEOUT;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (!si->err_type)
si->err_type = SI_ET_QUEUE_TO;
si->state = SI_ST_CLO;
[MEDIUM] make the http server error function a pointer in the session It was a bit awkward to have session.c call return_srv_error() for HTTP error messages related to servers. The function has been adapted to be passed a pointer to the faulty stream interface, and is now a pointer in the session. It is possible that in the future, it will become a callback in the stream interface itself.
2008-11-30 14:44:17 -05:00
if (s->srv_error)
s->srv_error(s, si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return;
}
/* Connection remains in queue, check if we have to abort it */
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
if (check_req_may_abort(req, s)) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->err_type |= SI_ET_QUEUE_ABRT;
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
goto abort_connection;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
/* Nothing changed */
return;
}
else if (si->state == SI_ST_TAR) {
/* Connection request might be aborted */
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
if (check_req_may_abort(req, s)) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->err_type |= SI_ET_CONN_ABRT;
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
goto abort_connection;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
if (!(si->flags & SI_FL_EXP))
return; /* still in turn-around */
si->exp = TICK_ETERNITY;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* we keep trying on the same server as long as the stream is
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
* marked "assigned".
* FIXME: Should we force a redispatch attempt when the server is down ?
*/
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (s->flags & SF_ASSIGNED)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
si->state = SI_ST_ASS;
else
si->state = SI_ST_REQ;
return;
}
OPTIM/MINOR: session: abort if possible before connecting to the backend Depending on the path that led to sess_update_stream_int(), it's possible that we had a read error on the frontend, but that we haven't checked if we may abort the connection. This was seen in particular the following setup: tcp mode, with abortonclose set, frontend using ssl. If the ssl connection had a first successful read, but the second read failed, we would stil try to open a connection to the backend, although we had enough information to close the connection early. sess_update_stream_int() had some logic to handle that case in the SI_ST_QUE and SI_ST_TAR, but that was missing in the SI_ST_ASS case. This patches addresses the issue by verifying the state of the req channel (and the abortonclose option) right before opening the connection to the backend, so we have the opportunity to close the connection there, and factorizes the shared SI_ST_{QUE,TAR,ASS} code.
2016-04-07 12:01:04 -04:00
return;
abort_connection:
/* give up */
si->exp = TICK_ETERNITY;
si_shutr(si);
si_shutw(si);
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Set correct stream termination flags in case no analyser has done it. It
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
* also counts a failed request if the server state has not reached the request
* stage.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void sess_set_term_flags(struct stream *s)
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
{
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_FINST_MASK)) {
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
if (s->si[1].state < SI_ST_REQ) {
MINOR: stream: provide a few helpers to retrieve frontend, listener and origin Expressions are quite long when using strm_sess(strm)->whatever, so let's provide a few helpers : strm_fe(), strm_li(), strm_orig().
2015-04-03 20:10:38 -04:00
strm_fe(s)->fe_counters.failed_req++;
BUG/MEDIUM: stream: do not dereference strm_li(stream) Some streams do not have a listener (eg: Lua's cosockets) so let's check for this. For now this problem cannot happen but it's definitely unsafe.
2015-09-23 06:21:21 -04:00
if (strm_li(s) && strm_li(s)->counters)
MINOR: stream: provide a few helpers to retrieve frontend, listener and origin Expressions are quite long when using strm_sess(strm)->whatever, so let's provide a few helpers : strm_fe(), strm_li(), strm_orig().
2015-04-03 20:10:38 -04:00
strm_li(s)->counters->failed_req++;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FINST_R;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
}
else if (s->si[1].state == SI_ST_QUE)
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FINST_Q;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
else if (s->si[1].state < SI_ST_EST)
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FINST_C;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
else if (s->si[1].state == SI_ST_EST || s->si[1].prev_state == SI_ST_EST)
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FINST_D;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
else
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FINST_L;
[CLEANUP] session.c: Make functions static where possible
2011-06-07 20:19:07 -04:00
}
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* This function initiates a server connection request on a stream interface
MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() Instead of having applets bypass the whole connection process, we now follow the common path through sess_prepare_conn_req(). It is this function which detects an applet an sets the output state so SI_ST_EST instead of initiating a connection to a server. It is made possible because we now have s->target pointing to the applet.
2013-11-30 03:06:53 -05:00
* already in SI_ST_REQ state. Upon success, the state goes to SI_ST_ASS for
* a real connection to a server, indicating that a server has been assigned,
* or SI_ST_EST for a successful connection to an applet. It may also return
* SI_ST_QUE, or SI_ST_CLO upon error.
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void sess_prepare_conn_req(struct stream *s)
MAJOR: buffer: replace buf->l with buf->{o+i} We don't have buf->l anymore. We have buf->i for pending data and the total length is retrieved by adding buf->o. Some computation already become simpler. Despite extreme care, bugs are not excluded. It's worth noting that msg->err_pos as set by HTTP request/response analysers becomes relative to pending data and not to the beginning of the buffer. This has not been completed yet so differences might occur when outgoing data are left in the buffer.
2012-03-01 12:19:58 -05:00
{
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
struct stream_interface *si = &s->si[1];
MAJOR: buffer: replace buf->l with buf->{o+i} We don't have buf->l anymore. We have buf->i for pending data and the total length is retrieved by adding buf->o. Some computation already become simpler. Despite extreme care, bugs are not excluded. It's worth noting that msg->err_pos as set by HTTP request/response analysers becomes relative to pending data and not to the beginning of the buffer. This has not been completed yet so differences might occur when outgoing data are left in the buffer.
2012-03-01 12:19:58 -05:00
DPRINTF(stderr,"[%u] %s: sess=%p rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
now_ms, __FUNCTION__,
s,
BUILD: Compile clean when debug options defined Here you go!
2015-05-02 16:35:24 -04:00
&s->req, &s->res,
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.rex, s->res.wex,
s->req.flags, s->res.flags,
BUILD: Compile clean when debug options defined Here you go!
2015-05-02 16:35:24 -04:00
s->req.buf->i, s->req.buf->o, s->res.buf->i, s->res.buf->o, s->si[0].state, s->si[1].state);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (si->state != SI_ST_REQ)
return;
MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() Instead of having applets bypass the whole connection process, we now follow the common path through sess_prepare_conn_req(). It is this function which detects an applet an sets the output state so SI_ST_EST instead of initiating a connection to a server. It is made possible because we now have s->target pointing to the applet.
2013-11-30 03:06:53 -05:00
if (unlikely(obj_type(s->target) == OBJ_TYPE_APPLET)) {
/* the applet directly goes to the EST state */
MEDIUM: session: automatically register the applet designated by the target Some applet users don't need to initialize their applet, they just want to route the traffic there just as if it were a server. Since applets are now connected to from session.c, let's simply ensure that when connecting, the applet in si->end matches the target, and allocate one there if it's not already done. In case of error, we force the status code to resource and connection so that it's clear that it happens because of a memory shortage.
2013-12-01 06:25:52 -05:00
struct appctx *appctx = objt_appctx(si->end);
if (!appctx || appctx->applet != __objt_applet(s->target))
appctx = stream_int_register_handler(si, objt_applet(s->target));
if (!appctx) {
/* No more memory, let's immediately abort. Force the
* error code to ignore the ERR_LOCAL which is not a
* real error.
*/
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags &= ~(SF_ERR_MASK | SF_FINST_MASK);
MEDIUM: session: automatically register the applet designated by the target Some applet users don't need to initialize their applet, they just want to route the traffic there just as if it were a server. Since applets are now connected to from session.c, let's simply ensure that when connecting, the applet in si->end matches the target, and allocate one there if it's not already done. In case of error, we force the status code to resource and connection so that it's clear that it happens because of a memory shortage.
2013-12-01 06:25:52 -05:00
si_shutr(si);
si_shutw(si);
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
s->req.flags |= CF_WRITE_ERROR;
MINOR: session: report lack of resources using the new stream-interface's error code Let's now use SI_ET_CONN_RES to report lack of resources instead of SO_ET_CONN_OTHER with a handcrafted code.
2013-12-09 11:14:23 -05:00
si->err_type = SI_ET_CONN_RES;
MEDIUM: session: automatically register the applet designated by the target Some applet users don't need to initialize their applet, they just want to route the traffic there just as if it were a server. Since applets are now connected to from session.c, let's simply ensure that when connecting, the applet in si->end matches the target, and allocate one there if it's not already done. In case of error, we force the status code to resource and connection so that it's clear that it happens because of a memory shortage.
2013-12-01 06:25:52 -05:00
si->state = SI_ST_CLO;
if (s->srv_error)
s->srv_error(s, si);
return;
}
MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() Instead of having applets bypass the whole connection process, we now follow the common path through sess_prepare_conn_req(). It is this function which detects an applet an sets the output state so SI_ST_EST instead of initiating a connection to a server. It is made possible because we now have s->target pointing to the applet.
2013-11-30 03:06:53 -05:00
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->state = SI_ST_EST;
si->err_type = SI_ET_NONE;
BUG/MINOR: stats: last session was not always set Cyril Bont reported that the "lastsess" field of a stats-only backend was never updated. In fact the same is true for any applet and anything not a server. Also, lastsess was not updated for a server reusing its connection for a new request. Since the goal of this field is to report recent activity, it's better to ensure that all accesses are reported. The call has been moved to the code validating the session establishment instead, since everything passes there.
2014-04-22 18:35:17 -04:00
be_set_sess_last(s->be);
MAJOR: session: pass applet return traffic through the response analysers Now that applets work like real connections, there is no reason for them to evade the response analysers. The stats applet emits valid HTTP responses, it can flow through the HTTP response analyser just fine. This now allows http-response/rsprep/rspadd rules to be applied on top of stats. Cookie insertion does nothing since applets are not servers and thus do not have a cookie. We can imagine compression to be applied later if the stats output is emitted in chunks and in HTTP/1.1. A minor visible effect of this change is that there is no more "-1" in the timers presented in the logs when viewing the stats, all timers are real.
2013-11-30 03:21:49 -05:00
/* let sess_establish() finish the job */
MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() Instead of having applets bypass the whole connection process, we now follow the common path through sess_prepare_conn_req(). It is this function which detects an applet an sets the output state so SI_ST_EST instead of initiating a connection to a server. It is made possible because we now have s->target pointing to the applet.
2013-11-30 03:06:53 -05:00
return;
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* Try to assign a server */
if (srv_redispatch_connect(s) != 0) {
/* We did not get a server. Either we queued the
* connection request, or we encountered an error.
*/
if (si->state == SI_ST_QUE)
return;
/* we did not get any server, let's check the cause */
MINOR: stream_interface: introduce a new "struct connection" type We start to move everything needed to manage a connection to a special entity "struct connection". We have the data layer operations and the control operations there. We'll also have more info in the future such as file descriptors and applet contexts, so that in the end it becomes detachable from the stream interface, which will allow connections to be reused between sessions. For now on, we start with minimal changes.
2012-05-21 10:31:45 -04:00
si_shutr(si);
si_shutw(si);
CLEANUP: session: don't use si_{ic,oc} when we know the session. During the connection establishment, we needlessly rely on pointer dereferences.
2014-11-28 09:26:12 -05:00
s->req.flags |= CF_WRITE_ERROR;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (!si->err_type)
si->err_type = SI_ET_CONN_OTHER;
si->state = SI_ST_CLO;
[MEDIUM] make the http server error function a pointer in the session It was a bit awkward to have session.c call return_srv_error() for HTTP error messages related to servers. The function has been adapted to be passed a pointer to the faulty stream interface, and is now a pointer in the session. It is possible that in the future, it will become a callback in the stream interface itself.
2008-11-30 14:44:17 -05:00
if (s->srv_error)
s->srv_error(s, si);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
return;
}
/* The server is assigned */
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
si->state = SI_ST_ASS;
BUG/MINOR: stats: last session was not always set Cyril Bont reported that the "lastsess" field of a stats-only backend was never updated. In fact the same is true for any applet and anything not a server. Also, lastsess was not updated for a server reusing its connection for a new request. Since the goal of this field is to report recent activity, it's better to ensure that all accesses are reported. The call has been moved to the code validating the session establishment instead, since everything passes there.
2014-04-22 18:35:17 -04:00
be_set_sess_last(s->be);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
/* This function parses the use-service action ruleset. It executes
* the associated ACL and set an applet as a stream or txn final node.
* it returns ACT_RET_ERR if an error occurs, the proxy left in
* consistent state. It returns ACT_RET_STOP in succes case because
* use-service must be a terminal action. Returns ACT_RET_YIELD
* if the initialisation function require more data.
*/
enum act_return process_use_service(struct act_rule *rule, struct proxy *px,
struct session *sess, struct stream *s, int flags)
{
struct appctx *appctx;
/* Initialises the applet if it is required. */
if (flags & ACT_FLAG_FIRST) {
/* Register applet. this function schedules the applet. */
s->target = &rule->applet.obj_type;
if (unlikely(!stream_int_register_handler(&s->si[1], objt_applet(s->target))))
return ACT_RET_ERR;
/* Initialise the context. */
appctx = si_appctx(&s->si[1]);
memset(&appctx->ctx, 0, sizeof(appctx->ctx));
appctx->rule = rule;
}
else
appctx = si_appctx(&s->si[1]);
/* Stops the applet sheduling, in case of the init function miss
* some data.
*/
appctx_pause(appctx);
si_applet_stop_get(&s->si[1]);
/* Call initialisation. */
if (rule->applet.init)
switch (rule->applet.init(appctx, px, s)) {
case 0: return ACT_RET_ERR;
case 1: break;
default: return ACT_RET_YIELD;
}
/* Now we can schedule the applet. */
si_applet_cant_get(&s->si[1]);
appctx_wakeup(appctx);
if (sess->fe == s->be) /* report it if the request was intercepted by the frontend */
sess->fe->fe_counters.intercepted_req++;
/* The flag SF_ASSIGNED prevent from server assignment. */
s->flags |= SF_ASSIGNED;
return ACT_RET_STOP;
}
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
/* This stream analyser checks the switching rules and changes the backend
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
* if appropriate. The default_backend rule is also considered, then the
* target backend's forced persistence rules are also evaluated last if any.
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
* It returns 1 if the processing can continue on next analysers, or zero if it
* either needs more data or wants to immediately abort the request.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int process_switching_rules(struct stream *s, struct channel *req, int an_bit)
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
{
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
struct persist_rule *prst_rule;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct session *sess = s->sess;
struct proxy *fe = sess->fe;
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
DPRINTF(stderr,"[%u] %s: stream=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
req->buf->i,
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
req->analysers);
/* now check whether we have some switching rules for this request */
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_BE_ASSIGNED)) {
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
struct switching_rule *rule;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
list_for_each_entry(rule, &fe->switching_rules, list) {
MEDIUM: config: relax use_backend check to make the condition optional Since it became possible to use log-format expressions in use_backend, having a mandatory condition becomes annoying because configurations are full of "if TRUE". Let's relax the check to accept no condition like many other keywords (eg: redirect).
2014-04-22 19:21:56 -04:00
int ret = 1;
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
MEDIUM: config: relax use_backend check to make the condition optional Since it became possible to use log-format expressions in use_backend, having a mandatory condition becomes annoying because configurations are full of "if TRUE". Let's relax the check to accept no condition like many other keywords (eg: redirect).
2014-04-22 19:21:56 -04:00
if (rule->cond) {
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
ret = acl_exec_cond(rule->cond, fe, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
MEDIUM: config: relax use_backend check to make the condition optional Since it became possible to use log-format expressions in use_backend, having a mandatory condition becomes annoying because configurations are full of "if TRUE". Let's relax the check to accept no condition like many other keywords (eg: redirect).
2014-04-22 19:21:56 -04:00
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
if (ret) {
MEDIUM: proxy: support use_backend with dynamic names We have a use case where we look up a customer ID in an HTTP header and direct it to the corresponding server. This can easily be done using ACLs and use_backend rules, but the configuration becomes painful to maintain when the number of customers grows to a few tens or even a several hundreds. We realized it would be nice if we could make the use_backend resolve its name at run time instead of config parsing time, and use a similar expression as http-request add-header to decide on the proper backend to use. This permits the use of prefixes or even complex names in backend expressions. If no name matches, then the default backend is used. Doing so allowed us to get rid of all the use_backend rules. Since there are some config checks on the use_backend rules to see if the referenced backend exists, we want to keep them to detect config errors in normal config. So this patch does not modify the default behaviour and proceeds this way : - if the backend name in the use_backend directive parses as a log format rule, it's used as-is and is resolved at run time ; - otherwise it's a static name which must be valid at config time. There was the possibility of doing this with the use-server directive instead of use_backend, but it seems like use_backend is more suited to this task, as it can be used for other purposes. For example, it becomes easy to serve a customer-specific proxy.pac file based on the customer ID by abusing the errorfile primitive : use_backend bk_cust_%[hdr(X-Cust-Id)] if { hdr(X-Cust-Id) -m found } default_backend bk_err_404 backend bk_cust_1 errorfile 200 /etc/haproxy/static/proxy.pac.cust1 Signed-off-by: Bertrand Jacquin <bjacquin@exosec.fr>
2013-11-19 05:43:06 -05:00
/* If the backend name is dynamic, try to resolve the name.
* If we can't resolve the name, or if any error occurs, break
* the loop and fallback to the default backend.
*/
struct proxy *backend;
if (rule->dynamic) {
struct chunk *tmp = get_trash_chunk();
if (!build_logline(s, tmp->str, tmp->size, &rule->be.expr))
break;
CLEANUP: proxy: make the proxy lookup functions more user-friendly First, findproxy() was renamed proxy_find_by_name() so that its explicit that a name is required for the lookup. Second, we give this function the ability to search for tables if needed. Third we now provide inline wrappers to pass the appropriate PR_CAP_* flags and to explicitly look up a frontend, backend or table.
2015-05-26 05:24:42 -04:00
backend = proxy_be_by_name(tmp->str);
MEDIUM: proxy: support use_backend with dynamic names We have a use case where we look up a customer ID in an HTTP header and direct it to the corresponding server. This can easily be done using ACLs and use_backend rules, but the configuration becomes painful to maintain when the number of customers grows to a few tens or even a several hundreds. We realized it would be nice if we could make the use_backend resolve its name at run time instead of config parsing time, and use a similar expression as http-request add-header to decide on the proper backend to use. This permits the use of prefixes or even complex names in backend expressions. If no name matches, then the default backend is used. Doing so allowed us to get rid of all the use_backend rules. Since there are some config checks on the use_backend rules to see if the referenced backend exists, we want to keep them to detect config errors in normal config. So this patch does not modify the default behaviour and proceeds this way : - if the backend name in the use_backend directive parses as a log format rule, it's used as-is and is resolved at run time ; - otherwise it's a static name which must be valid at config time. There was the possibility of doing this with the use-server directive instead of use_backend, but it seems like use_backend is more suited to this task, as it can be used for other purposes. For example, it becomes easy to serve a customer-specific proxy.pac file based on the customer ID by abusing the errorfile primitive : use_backend bk_cust_%[hdr(X-Cust-Id)] if { hdr(X-Cust-Id) -m found } default_backend bk_err_404 backend bk_cust_1 errorfile 200 /etc/haproxy/static/proxy.pac.cust1 Signed-off-by: Bertrand Jacquin <bjacquin@exosec.fr>
2013-11-19 05:43:06 -05:00
if (!backend)
break;
}
else
backend = rule->be.backend;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
if (!stream_set_backend(s, backend))
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
goto sw_failed;
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
break;
}
}
/* To ensure correct connection accounting on the backend, we
* have to assign one if it was not set (eg: a listen). This
* measure also takes care of correctly setting the default
* backend if any.
*/
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_BE_ASSIGNED))
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (!stream_set_backend(s, fe->defbe.be ? fe->defbe.be : s->be))
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
goto sw_failed;
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
}
[MEDIUM] session: support "tcp-request content" rules in backends Sometimes it's necessary to be able to perform some "layer 6" analysis in the backend. TCP request rules were not available till now, although documented in the diagram. Enable them in backend now.
2010-08-03 08:02:05 -04:00
/* we don't want to run the TCP or HTTP filters again if the backend has not changed */
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (fe == s->be) {
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.analysers &= ~AN_REQ_INSPECT_BE;
s->req.analysers &= ~AN_REQ_HTTP_PROCESS_BE;
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
s->req.analysers &= ~AN_FLT_START_BE;
[MEDIUM] session: support "tcp-request content" rules in backends Sometimes it's necessary to be able to perform some "layer 6" analysis in the backend. TCP request rules were not available till now, although documented in the diagram. Enable them in backend now.
2010-08-03 08:02:05 -04:00
}
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
/* as soon as we know the backend, we must check if we have a matching forced or ignored
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* persistence rule, and report that in the stream.
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
*/
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
list_for_each_entry(prst_rule, &s->be->persist_rules, list) {
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
int ret = 1;
if (prst_rule->cond) {
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
ret = acl_exec_cond(prst_rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
ret = acl_pass(ret);
if (prst_rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
/* no rule, or the rule matches */
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
if (prst_rule->type == PERSIST_TYPE_FORCE) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_FORCE_PRST;
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
} else {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_IGNORE_PRST;
[MINOR] add the "ignore-persist" option to conditionally ignore persistence This is used to disable persistence depending on some conditions (for example using an ACL matching static files or a specific User-Agent). You can see it as a complement to "force-persist". In the configuration file, the force-persist/ignore-persist declaration order define the rules priority. Used with the "appsesion" keyword, it can also help reducing memory usage, as the session won't be hashed the persistence is ignored.
2010-04-24 18:00:51 -04:00
}
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
break;
}
}
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
return 1;
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
sw_failed:
/* immediately abort this request in case of allocation failure */
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
channel_abort(&s->req);
channel_abort(&s->res);
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ERR_MASK))
s->flags |= SF_ERR_RESOURCE;
if (!(s->flags & SF_FINST_MASK))
s->flags |= SF_FINST_R;
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
if (s->txn)
s->txn->status = 500;
MAJOR: filters: Add filters support This patch adds the support of filters in HAProxy. The main idea is to have a way to "easely" extend HAProxy by adding some "modules", called filters, that will be able to change HAProxy behavior in a programmatic way. To do so, many entry points has been added in code to let filters to hook up to different steps of the processing. A filter must define a flt_ops sutrctures (see include/types/filters.h for details). This structure contains all available callbacks that a filter can define: struct flt_ops { /* * Callbacks to manage the filter lifecycle */ int (*init) (struct proxy *p); void (*deinit)(struct proxy *p); int (*check) (struct proxy *p); /* * Stream callbacks */ void (*stream_start) (struct stream *s); void (*stream_accept) (struct stream *s); void (*session_establish)(struct stream *s); void (*stream_stop) (struct stream *s); /* * HTTP callbacks */ int (*http_start) (struct stream *s, struct http_msg *msg); int (*http_start_body) (struct stream *s, struct http_msg *msg); int (*http_start_chunk) (struct stream *s, struct http_msg *msg); int (*http_data) (struct stream *s, struct http_msg *msg); int (*http_last_chunk) (struct stream *s, struct http_msg *msg); int (*http_end_chunk) (struct stream *s, struct http_msg *msg); int (*http_chunk_trailers)(struct stream *s, struct http_msg *msg); int (*http_end_body) (struct stream *s, struct http_msg *msg); void (*http_end) (struct stream *s, struct http_msg *msg); void (*http_reset) (struct stream *s, struct http_msg *msg); int (*http_pre_process) (struct stream *s, struct http_msg *msg); int (*http_post_process) (struct stream *s, struct http_msg *msg); void (*http_reply) (struct stream *s, short status, const struct chunk *msg); }; To declare and use a filter, in the configuration, the "filter" keyword must be used in a listener/frontend section: frontend test ... filter <FILTER-NAME> [OPTIONS...] The filter referenced by the <FILTER-NAME> must declare a configuration parser on its own name to fill flt_ops and filter_conf field in the proxy's structure. An exemple will be provided later to make it perfectly clear. For now, filters cannot be used in backend section. But this is only a matter of time. Documentation will also be added later. This is the first commit of a long list about filters. It is possible to have several filters on the same listener/frontend. These filters are stored in an array of at most MAX_FILTERS elements (define in include/types/filters.h). Again, this will be replaced later by a list of filters. The filter API has been highly refactored. Main changes are: * Now, HA supports an infinite number of filters per proxy. To do so, filters are stored in list. * Because filters are stored in list, filters state has been moved from the channel structure to the filter structure. This is cleaner because there is no more info about filters in channel structure. * It is possible to defined filters on backends only. For such filters, stream_start/stream_stop callbacks are not called. Of course, it is possible to mix frontend and backend filters. * Now, TCP streams are also filtered. All callbacks without the 'http_' prefix are called for all kind of streams. In addition, 2 new callbacks were added to filter data exchanged through a TCP stream: - tcp_data: it is called when new data are available or when old unprocessed data are still waiting. - tcp_forward_data: it is called when some data can be consumed. * New callbacks attached to channel were added: - channel_start_analyze: it is called when a filter is ready to process data exchanged through a channel. 2 new analyzers (a frontend and a backend) are attached to channels to call this callback. For a frontend filter, it is called before any other analyzer. For a backend filter, it is called when a backend is attached to a stream. So some processing cannot be filtered in that case. - channel_analyze: it is called before each analyzer attached to a channel, expects analyzers responsible for data sending. - channel_end_analyze: it is called when all other analyzers have finished their processing. A new analyzers is attached to channels to call this callback. For a TCP stream, this is always the last one called. For a HTTP one, the callback is called when a request/response ends, so it is called one time for each request/response. * 'session_established' callback has been removed. Everything that is done in this callback can be handled by 'channel_start_analyze' on the response channel. * 'http_pre_process' and 'http_post_process' callbacks have been replaced by 'channel_analyze'. * 'http_start' callback has been replaced by 'http_headers'. This new one is called just before headers sending and parsing of the body. * 'http_end' callback has been replaced by 'channel_end_analyze'. * It is possible to set a forwarder for TCP channels. It was already possible to do it for HTTP ones. * Forwarders can partially consumed forwardable data. For this reason a new HTTP message state was added before HTTP_MSG_DONE : HTTP_MSG_ENDING. Now all filters can define corresponding callbacks (http_forward_data and tcp_forward_data). Each filter owns 2 offsets relative to buf->p, next and forward, to track, respectively, input data already parsed but not forwarded yet by the filter and parsed data considered as forwarded by the filter. A any time, we have the warranty that a filter cannot parse or forward more input than previous ones. And, of course, it cannot forward more input than it has parsed. 2 macros has been added to retrieve these offets: FLT_NXT and FLT_FWD. In addition, 2 functions has been added to change the 'next size' and the 'forward size' of a filter. When a filter parses input data, it can alter these data, so the size of these data can vary. This action has an effet on all previous filters that must be handled. To do so, the function 'filter_change_next_size' must be called, passing the size variation. In the same spirit, if a filter alter forwarded data, it must call the function 'filter_change_forward_size'. 'filter_change_next_size' can be called in 'http_data' and 'tcp_data' callbacks and only these ones. And 'filter_change_forward_size' can be called in 'http_forward_data' and 'tcp_forward_data' callbacks and only these ones. The data changes are the filter responsability, but with some limitation. It must not change already parsed/forwarded data or data that previous filters have not parsed/forwarded yet. Because filters can be used on backends, when we the backend is set for a stream, we add filters defined for this backend in the filter list of the stream. But we must only do that when the backend and the frontend of the stream are not the same. Else same filters are added a second time leading to undefined behavior. The HTTP compression code had to be moved. So it simplifies http_response_forward_body function. To do so, the way the data are forwarded has changed. Now, a filter (and only one) can forward data. In a commit to come, this limitation will be removed to let all filters take part to data forwarding. There are 2 new functions that filters should use to deal with this feature: * flt_set_http_data_forwarder: This function sets the filter (using its id) that will forward data for the specified HTTP message. It is possible if it was not already set by another filter _AND_ if no data was yet forwarded (msg->msg_state <= HTTP_MSG_BODY). It returns -1 if an error occurs. * flt_http_data_forwarder: This function returns the filter id that will forward data for the specified HTTP message. If there is no forwarder set, it returns -1. When an HTTP data forwarder is set for the response, the HTTP compression is disabled. Of course, this is not definitive.
2015-04-30 05:48:27 -04:00
s->req.analysers &= AN_FLT_END;
REORG/MAJOR: move session's req and resp channels back into the session The channels were pointers to outside structs and this is not needed anymore since the buffers have moved, but this complicates operations. Move them back into the session so that both channels and stream interfaces are always allocated for a session. Some places (some early sample fetch functions) used to validate that a channel was NULL prior to dereferencing it. Now instead we check if chn->buf is NULL and we force it to remain NULL until the channel is initialized.
2014-11-27 14:45:39 -05:00
s->req.analyse_exp = TICK_ETERNITY;
[MINOR] prepare callers of session_set_backend to handle errors session_set_backend will soon have to allocate areas for HTTP headers. We must ensure that the callers can handle an allocation error.
2009-07-12 02:27:39 -04:00
return 0;
[MAJOR] http: complete splitting of the remaining stages The HTTP processing has been splitted into 7 steps, one of which is not anymore HTTP-specific (content-switching). That way, it becomes possible to use "use_backend" rules in TCP mode. A new "use_server" directive should follow soon.
2009-07-07 09:10:31 -04:00
}
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
/* This stream analyser works on a request. It applies all use-server rules on
* it then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int process_server_rules(struct stream *s, struct channel *req, int an_bit)
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
{
struct proxy *px = s->be;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct session *sess = s->sess;
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
struct server_rule *rule;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
DPRINTF(stderr,"[%u] %s: stream=%p b=%p, exp(r,w)=%u,%u bf=%08x bl=%d analysers=%02x\n",
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
req->buf->i + req->buf->o,
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
req->analysers);
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ASSIGNED)) {
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
list_for_each_entry(rule, &px->server_rules, list) {
int ret;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
ret = acl_exec_cond(rule->cond, s->be, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
if (ret) {
struct server *srv = rule->srv.ptr;
MAJOR: server: use states instead of flags to store the server state Servers used to have 3 flags to store a state, now they have 4 states instead. This avoids lots of confusion for the 4 remaining undefined states. The encoding from the previous to the new states can be represented this way : SRV_STF_RUNNING | SRV_STF_GOINGDOWN | | SRV_STF_WARMINGUP | | | 0 x x SRV_ST_STOPPED 1 0 0 SRV_ST_RUNNING 1 0 1 SRV_ST_STARTING 1 1 x SRV_ST_STOPPING Note that the case where all bits were set used to exist and was randomly dealt with. For example, the task was not stopped, the throttle value was still updated and reported in the stats and in the http_server_state header. It was the same if the server was stopped by the agent or for maintenance. It's worth noting that the internal function names are still quite confusing.
2014-05-13 17:41:20 -04:00
if ((srv->state != SRV_ST_STOPPED) ||
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
(px->options & PR_O_PERSIST) ||
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
(s->flags & SF_FORCE_PRST)) {
s->flags |= SF_DIRECT | SF_ASSIGNED;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
s->target = &srv->obj_type;
MEDIUM: session: implement the "use-server" directive Sometimes it is desirable to forward a particular request to a specific server without having to declare a dedicated backend for this server. This can be achieved using the "use-server" rules. These rules are evaluated after the "redirect" rules and before evaluating cookies, and they have precedence on them. There may be as many "use-server" rules as desired. All of these rules are evaluated in their declaration order, and the first one which matches will assign the server.
2012-04-05 15:09:48 -04:00
break;
}
/* if the server is not UP, let's go on with next rules
* just in case another one is suited.
*/
}
}
}
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
return 1;
}
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
/* This stream analyser works on a request. It applies all sticking rules on
* it then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int process_sticking_rules(struct stream *s, struct channel *req, int an_bit)
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
{
struct proxy *px = s->be;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct session *sess = s->sess;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
struct sticking_rule *rule;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
DPRINTF(stderr,"[%u] %s: stream=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
now_ms, __FUNCTION__,
s,
req,
req->rex, req->wex,
req->flags,
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
req->buf->i,
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
req->analysers);
list_for_each_entry(rule, &px->sticking_rules, list) {
int ret = 1 ;
int i;
BUG/MEDIUM: stick-tables: complete the latest fix about store-responses The commit 37e340c (BUG/MEDIUM: stick: completely remove the unused flag from the store entries) was incomplete. We also need to ensure that only the first store-response for a table is applied and that it may coexist with a possible store-request that was already done on this table. This patch with the previous one should be backported to 1.4.
2013-12-09 06:52:13 -05:00
/* Only the first stick store-request of each table is applied
* and other ones are ignored. The purpose is to allow complex
* configurations which look for multiple entries by decreasing
* order of precision and to stop at the first which matches.
* An example could be a store of the IP address from an HTTP
* header first, then from the source if not found.
*/
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
for (i = 0; i < s->store_count; i++) {
if (rule->table.t == s->store[i].table)
break;
}
if (i != s->store_count)
continue;
if (rule->cond) {
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
ret = acl_exec_cond(rule->cond, px, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
struct stktable_key *key;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
key = stktable_fetch_key(rule->table.t, px, sess, s, SMP_OPT_DIR_REQ|SMP_OPT_FINAL, rule->expr, NULL);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
if (!key)
continue;
if (rule->flags & STK_IS_MATCH) {
struct stksess *ts;
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
if ((ts = stktable_lookup_key(rule->table.t, key)) != NULL) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ASSIGNED)) {
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
struct eb32_node *node;
[MEDIUM] stick_table: move the server ID to a generic data type The server ID is now stored just as any other data type. It is only allocated if needed and is manipulated just like the other ones.
2010-06-06 10:40:39 -04:00
void *ptr;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
/* srv found in table */
[MEDIUM] stick_table: move the server ID to a generic data type The server ID is now stored just as any other data type. It is only allocated if needed and is manipulated just like the other ones.
2010-06-06 10:40:39 -04:00
ptr = stktable_data_ptr(rule->table.t, ts, STKTABLE_DT_SERVER_ID);
node = eb32_lookup(&px->conf.used_server_id, stktable_data_cast(ptr, server_id));
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
if (node) {
struct server *srv;
srv = container_of(node, struct server, conf.id);
MAJOR: server: use states instead of flags to store the server state Servers used to have 3 flags to store a state, now they have 4 states instead. This avoids lots of confusion for the 4 remaining undefined states. The encoding from the previous to the new states can be represented this way : SRV_STF_RUNNING | SRV_STF_GOINGDOWN | | SRV_STF_WARMINGUP | | | 0 x x SRV_ST_STOPPED 1 0 0 SRV_ST_RUNNING 1 0 1 SRV_ST_STARTING 1 1 x SRV_ST_STOPPING Note that the case where all bits were set used to exist and was randomly dealt with. For example, the task was not stopped, the throttle value was still updated and reported in the stats and in the http_server_state header. It was the same if the server was stopped by the agent or for maintenance. It's worth noting that the internal function names are still quite confusing.
2014-05-13 17:41:20 -04:00
if ((srv->state != SRV_ST_STOPPED) ||
[MINOR] add the "force-persist" statement to force persistence on down servers This is used to force access to down servers for some requests. This is useful when validating that a change on a server correctly works before enabling the server again.
2010-01-22 13:10:05 -05:00
(px->options & PR_O_PERSIST) ||
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
(s->flags & SF_FORCE_PRST)) {
s->flags |= SF_DIRECT | SF_ASSIGNED;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
s->target = &srv->obj_type;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
}
}
}
[MEDIUM] Create updates tree on stick table to manage sync.
2010-09-23 12:16:52 -04:00
stktable_touch(rule->table.t, ts, 1);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
}
}
if (rule->flags & STK_IS_STORE) {
if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) {
struct stksess *ts;
ts = stksess_new(rule->table.t, key);
if (ts) {
s->store[s->store_count].table = rule->table.t;
s->store[s->store_count++].ts = ts;
}
}
}
}
}
req->analysers &= ~an_bit;
req->analyse_exp = TICK_ETERNITY;
return 1;
}
/* This stream analyser works on a response. It applies all store rules on it
* then returns 1. The data must already be present in the buffer otherwise
* they won't match. It always returns 1.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static int process_store_rules(struct stream *s, struct channel *rep, int an_bit)
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
{
struct proxy *px = s->be;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
struct session *sess = s->sess;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
struct sticking_rule *rule;
int i;
BUG/MEDIUM: stick-tables: complete the latest fix about store-responses The commit 37e340c (BUG/MEDIUM: stick: completely remove the unused flag from the store entries) was incomplete. We also need to ensure that only the first store-response for a table is applied and that it may coexist with a possible store-request that was already done on this table. This patch with the previous one should be backported to 1.4.
2013-12-09 06:52:13 -05:00
int nbreq = s->store_count;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
DPRINTF(stderr,"[%u] %s: stream=%p b=%p, exp(r,w)=%u,%u bf=%08x bh=%d analysers=%02x\n",
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
now_ms, __FUNCTION__,
s,
[BUILD] fix build breakage with DEBUG_FULL Paul Hirose reported a build error when DEBUG_FULL is set.
2010-02-09 14:55:44 -05:00
rep,
rep->rex, rep->wex,
rep->flags,
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
rep->buf->i,
[BUILD] fix build breakage with DEBUG_FULL Paul Hirose reported a build error when DEBUG_FULL is set.
2010-02-09 14:55:44 -05:00
rep->analysers);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
list_for_each_entry(rule, &px->storersp_rules, list) {
int ret = 1 ;
BUG/MEDIUM: stick-tables: complete the latest fix about store-responses The commit 37e340c (BUG/MEDIUM: stick: completely remove the unused flag from the store entries) was incomplete. We also need to ensure that only the first store-response for a table is applied and that it may coexist with a possible store-request that was already done on this table. This patch with the previous one should be backported to 1.4.
2013-12-09 06:52:13 -05:00
/* Only the first stick store-response of each table is applied
* and other ones are ignored. The purpose is to allow complex
* configurations which look for multiple entries by decreasing
* order of precision and to stop at the first which matches.
* An example could be a store of a set-cookie value, with a
* fallback to a parameter found in a 302 redirect.
*
* The store-response rules are not allowed to override the
* store-request rules for the same table, but they may coexist.
* Thus we can have up to one store-request entry and one store-
* response entry for the same table at any time.
*/
for (i = nbreq; i < s->store_count; i++) {
if (rule->table.t == s->store[i].table)
break;
}
/* skip existing entries for this table */
if (i < s->store_count)
continue;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
if (rule->cond) {
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
ret = acl_exec_cond(rule->cond, px, sess, s, SMP_OPT_DIR_RES|SMP_OPT_FINAL);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
ret = acl_pass(ret);
if (rule->cond->pol == ACL_COND_UNLESS)
ret = !ret;
}
if (ret) {
struct stktable_key *key;
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
key = stktable_fetch_key(rule->table.t, px, sess, s, SMP_OPT_DIR_RES|SMP_OPT_FINAL, rule->expr, NULL);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
if (!key)
continue;
BUG/MEDIUM: stick: completely remove the unused flag from the store entries The store[] array in the session holds a flag which probably aimed to differenciate store entries learned from the request from those learned from the response, and allowing responses to overwrite only the request ones (eg: have a server set a response cookie which overwrites the request one). But this flag is set when a response data is stored, and is never cleared. So in practice, haproxy always runs with this flag set, meaning that responses prevent themselves from overriding the request data. It is desirable anyway to keep the ability not to override data, because the override is performed only based on the table and not on the key, so that would mean that it would be impossible to retrieve two different keys to store into a same table. For example, if a client sets a cookie and a server another one, both need to be updated in the table in the proper order. This is especially true when multiple keys may be tracked on each side into the same table (eg: list of IP addresses in a header). So the correct fix which also maintains the current behaviour consists in simply removing this flag and never try to optimize for the overwrite case. This fix also has the benefit of significantly reducing the session size, by 64 bytes due to alignment issues caused by this flag! The bug has been there forever (since 1.4-dev7), so a backport to 1.4 would be appropriate.
2013-12-06 17:05:21 -05:00
if (s->store_count < (sizeof(s->store) / sizeof(s->store[0]))) {
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
struct stksess *ts;
ts = stksess_new(rule->table.t, key);
if (ts) {
s->store[s->store_count].table = rule->table.t;
s->store[s->store_count++].ts = ts;
}
}
}
}
/* process store request and store response */
for (i = 0; i < s->store_count; i++) {
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
struct stksess *ts;
[MEDIUM] stick_table: move the server ID to a generic data type The server ID is now stored just as any other data type. It is only allocated if needed and is manipulated just like the other ones.
2010-06-06 10:40:39 -04:00
void *ptr;
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
REORG/MEDIUM: server: split server state and flags in two different variables Till now, the server's state and flags were all saved as a single bit field. It causes some difficulties because we'd like to have an enum for the state and separate flags. This commit starts by splitting them in two distinct fields. The first one is srv->state (with its counter-part srv->prev_state) which are now enums, but which still contain bits (SRV_STF_*). The flags now lie in their own field (srv->flags). The function srv_is_usable() was updated to use the enum as input, since it already used to deal only with the state. Note that currently, the maintenance mode is still in the state for simplicity, but it must move as well.
2014-05-13 09:54:22 -04:00
if (objt_server(s->target) && objt_server(s->target)->flags & SRV_F_NON_STICK) {
[MINOR] Add non-stick server option Never add connections allocated to this sever to a stick-table. This may be used in conjunction with backup to ensure that stick-table persistence is disabled for backup servers.
2011-06-24 20:39:49 -04:00
stksess_free(s->store[i].table, s->store[i].ts);
s->store[i].ts = NULL;
continue;
}
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
ts = stktable_lookup(s->store[i].table, s->store[i].ts);
if (ts) {
/* the entry already existed, we can free ours */
[MEDIUM] Create updates tree on stick table to manage sync.
2010-09-23 12:16:52 -04:00
stktable_touch(s->store[i].table, ts, 1);
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
stksess_free(s->store[i].table, s->store[i].ts);
}
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
else
[MEDIUM] Create updates tree on stick table to manage sync.
2010-09-23 12:16:52 -04:00
ts = stktable_store(s->store[i].table, s->store[i].ts, 1);
[MEDIUM] stick_table: don't overwrite data when storing an entry Till now sticky sessions only held server IDs. Now there are other data types so it is not acceptable anymore to overwrite the server ID when writing something. The server ID must then only be written from the caller when appropriate. Doing this has also led to separate lookup and storage.
2010-06-06 09:38:59 -04:00
s->store[i].ts = NULL;
[MEDIUM] stick_table: move the server ID to a generic data type The server ID is now stored just as any other data type. It is only allocated if needed and is manipulated just like the other ones.
2010-06-06 10:40:39 -04:00
ptr = stktable_data_ptr(s->store[i].table, ts, STKTABLE_DT_SERVER_ID);
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
stktable_data_cast(ptr, server_id) = objt_server(s->target)->puid;
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
}
[BUG] stick_table: the fix for the memory leak caused a regression (cherry picked from commit 61ba936e6858dfcf9964d25870726621d8188fb9) [ note: the bug was finally not present in 1.5-dev but at least we have to reset store_count to be compatible with 1.4 ] Commit d6e9e3b5e320b957e6c491bd92d91afad30ba638 caused recently created entries to be removed as soon as they were created, breaking stickiness. It is not clear whether a use-after-free was possible or not in this case. This bug was reported by Ben Congleton and narrowed down by Herv Commowick, both of whom also tested the fix. Thanks to them !
2010-06-18 03:57:45 -04:00
s->store_count = 0; /* everything is stored */
[MEDIUM] Add stick and store rules analysers.
2010-01-04 09:47:17 -05:00
rep->analysers &= ~an_bit;
rep->analyse_exp = TICK_ETERNITY;
return 1;
}
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
/* This macro is very specific to the function below. See the comments in
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* process_stream() below to understand the logic and the tests.
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
*/
#define UPDATE_ANALYSERS(real, list, back, flag) { \
list = (((list) & ~(flag)) | ~(back)) & (real); \
back = real; \
if (!(list)) \
break; \
if (((list) ^ ((list) & ((list) - 1))) < (flag)) \
continue; \
}
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
/* These 2 following macros call an analayzer for the specified channel if the
* right flag is set. The first one is used for "filterable" analyzers. If a
MEDIUM: filters: Add pre and post analyzer callbacks 'channel_analyze' callback has been removed. Now, there are 2 callbacks to surround calls to analyzers: * channel_pre_analyze: Called BEFORE all filterable analyzers. it can be called many times for the same analyzer, once at each loop until the analyzer finishes its processing. This callback is resumable, it returns a negative value if an error occurs, 0 if it needs to wait, any other value otherwise. * channel_post_analyze: Called AFTER all filterable analyzers. Here, AFTER means when an analyzer finishes its processing. This callback is NOT resumable, it returns a negative value if an error occurs, any other value otherwise. Pre and post analyzer callbacks are not automatically called. 'pre_analyzers' and 'post_analyzers' bit fields in the filter structure must be set to the right value using AN_* flags (see include/types/channel.h). The flag AN_RES_ALL has been added (AN_REQ_ALL already exists) to ease the life of filter developers. AN_REQ_ALL and AN_RES_ALL include all filterable analyzers.
2016-05-11 11:13:39 -04:00
* stream has some registered filters, pre and post analyaze callbacks are
* called. The second are used for other analyzers (AN_FLT_* and
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
* AN_REQ/RES_HTTP_XFER_BODY) */
#define FLT_ANALYZE(strm, chn, fun, list, back, flag, ...) \
{ \
if ((list) & (flag)) { \
if (HAS_FILTERS(strm)) { \
MEDIUM: filters: Add pre and post analyzer callbacks 'channel_analyze' callback has been removed. Now, there are 2 callbacks to surround calls to analyzers: * channel_pre_analyze: Called BEFORE all filterable analyzers. it can be called many times for the same analyzer, once at each loop until the analyzer finishes its processing. This callback is resumable, it returns a negative value if an error occurs, 0 if it needs to wait, any other value otherwise. * channel_post_analyze: Called AFTER all filterable analyzers. Here, AFTER means when an analyzer finishes its processing. This callback is NOT resumable, it returns a negative value if an error occurs, any other value otherwise. Pre and post analyzer callbacks are not automatically called. 'pre_analyzers' and 'post_analyzers' bit fields in the filter structure must be set to the right value using AN_* flags (see include/types/channel.h). The flag AN_RES_ALL has been added (AN_REQ_ALL already exists) to ease the life of filter developers. AN_REQ_ALL and AN_RES_ALL include all filterable analyzers.
2016-05-11 11:13:39 -04:00
if (!flt_pre_analyze((strm), (chn), (flag))) \
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
break; \
if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \
break; \
MEDIUM: filters: Add pre and post analyzer callbacks 'channel_analyze' callback has been removed. Now, there are 2 callbacks to surround calls to analyzers: * channel_pre_analyze: Called BEFORE all filterable analyzers. it can be called many times for the same analyzer, once at each loop until the analyzer finishes its processing. This callback is resumable, it returns a negative value if an error occurs, 0 if it needs to wait, any other value otherwise. * channel_post_analyze: Called AFTER all filterable analyzers. Here, AFTER means when an analyzer finishes its processing. This callback is NOT resumable, it returns a negative value if an error occurs, any other value otherwise. Pre and post analyzer callbacks are not automatically called. 'pre_analyzers' and 'post_analyzers' bit fields in the filter structure must be set to the right value using AN_* flags (see include/types/channel.h). The flag AN_RES_ALL has been added (AN_REQ_ALL already exists) to ease the life of filter developers. AN_REQ_ALL and AN_RES_ALL include all filterable analyzers.
2016-05-11 11:13:39 -04:00
if (!flt_post_analyze((strm), (chn), (flag))) \
break; \
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
} \
else { \
if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \
break; \
} \
UPDATE_ANALYSERS((chn)->analysers, (list), \
(back), (flag)); \
} \
}
#define ANALYZE(strm, chn, fun, list, back, flag, ...) \
{ \
if ((list) & (flag)) { \
if (!fun((strm), (chn), (flag), ##__VA_ARGS__)) \
break; \
UPDATE_ANALYSERS((chn)->analysers, (list), \
(back), (flag)); \
} \
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Processes the client, server, request and response jobs of a stream task,
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
* then puts it back to the wait queue in a clean state, or cleans up its
* resources if it must be deleted. Returns in <next> the date the task wants
* to be woken up, or TICK_ETERNITY. In order not to call all functions for
* nothing too many times, the request and response buffers flags are monitored
* and each function is called only if at least another function has changed at
* least one flag it is interested in.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
struct task *process_stream(struct task *t)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
{
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
struct server *srv;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
struct stream *s = t->context;
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
struct session *sess = s->sess;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
unsigned int rqf_last, rpf_last;
[BUG] session: analysers must be checked when SI state changes Since the BF_READ_ATTACHED bug was fixed, a new issue surfaced. When a connection closes on the return path in tunnel mode while the request input is already closed, the request analyser which is waiting for a state change never gets woken up so it never closes the request output. This causes stuck sessions to remain indefinitely. One way to reliably reproduce the issue is the following (note that the client expects a keep-alive but not the server) : server: printf "HTTP/1.0 303\r\n\r\n" | nc -lp8080 client: printf "GET / HTTP/1.1\r\n\r\n" | nc 127.1 2500 The reason for the issue is that we don't wake the analysers up on stream interface state changes. So the least intrusive and most reliable thing to do is to consider stream interface state changes to call the analysers. We just need to remember what state each series of analysers have seen and check for the differences. In practice, that works. A later improvement later could consist in being able to let analysers state what they're interested to monitor : - left SI's state - right SI's state - request buffer flags - response buffer flags That could help having only one set of analysers and call them once status changes.
2010-07-27 11:15:12 -04:00
unsigned int rq_prod_last, rq_cons_last;
unsigned int rp_cons_last, rp_prod_last;
[MEDIUM] session: also consider request analysers added during response A request analyser may very well be added while processing a response (eg: end of an HTTP keep-alive response). It's very dangerous to only rely on flags that ought to change in order to loop back, so let's correctly detect a possible new analyser addition instead of guessing.
2010-01-06 18:09:04 -05:00
unsigned int req_ana_back;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
struct channel *req, *res;
struct stream_interface *si_f, *si_b;
req = &s->req;
res = &s->res;
si_f = &s->si[0];
si_b = &s->si[1];
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
//DPRINTF(stderr, "%s:%d: cs=%d ss=%d(%d) rqf=0x%08x rpf=0x%08x\n", __FUNCTION__, __LINE__,
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
// si_f->state, si_b->state, si_b->err_type, req->flags, res->flags);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
[MINOR] acl: add http_auth and http_auth_group Add two acls to match http auth data: acl <name> http_auth(userlist) acl <name> http_auth_hroup(userlist) group1 group2 (...)
2010-01-29 13:26:18 -05:00
/* this data may be no longer valid, clear it */
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
if (s->txn)
memset(&s->txn->auth, 0, sizeof(s->txn->auth));
[MINOR] acl: add http_auth and http_auth_group Add two acls to match http auth data: acl <name> http_auth(userlist) acl <name> http_auth_hroup(userlist) group1 group2 (...)
2010-01-29 13:26:18 -05:00
BUG/MAJOR: session: revert all the crappy client-side timeout changes This is the 3rd regression caused by the changes below. The latest to date was reported by Finn Arne Gangstad. If a server responds with no content-length and the client's FIN is never received, either we leak the client-side FD or we spin at 100% CPU if timeout client-fin is set. Enough is enough. The amount of tricks needed to cover these side-effects starts to look like used toilet paper stacked over a chocolate cake. I don't want to eat that cake anymore! All this to avoid reporting a server-side timeout when a client stops uploading data and haproxy expires faster than the server... A lot of "ifs" resulting in a technically valid log that doesn't always please users, and whose alternative causes that many issues for all others users. So let's revert this crap merged since 1.5-dev25 : Revert "CLEANUP: http: don't clear CF_READ_NOEXP twice" This reverts commit 1592d1e72a4a2d25a554c299ae95a3e6cad80bf1. Revert "BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction" This reverts commit 77d29029af1c44216b190dd7442964b9d8f45257. Revert "BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called" This reverts commit 0943757a2144761c60e416b5ed07baa76934f5a4. Revert "BUG/MEDIUM: http: disable server-side expiration until client has sent the body" This reverts commit 3bed5e9337fd6eeab0f0006ebefcbe98ee5c4f9f. Revert "BUG/MEDIUM: http: correctly report request body timeouts" This reverts commit b9edf8fbecc9d1b5c82794735adcc367a80a4ae2. Revert "BUG/MEDIUM: http/session: disable client-side expiration only after body" This reverts commit b1982e27aaff2a92a389a9f1bc847e3bb8fdb4f2. If a cleaner AND SAFER way to do something equivalent in 1.6-dev, we *might* consider backporting it to 1.5, but given the vicious bugs that have surfaced since, I doubt it will happen any time soon. Fortunately, that crap never made it into 1.4 so no backport is needed.
2014-06-23 09:22:31 -04:00
/* This flag must explicitly be set every time */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req->flags &= ~(CF_READ_NOEXP|CF_WAKE_WRITE);
res->flags &= ~(CF_READ_NOEXP|CF_WAKE_WRITE);
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
/* Keep a copy of req/rep flags so that we can detect shutdowns */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rqf_last = req->flags & ~CF_MASK_ANALYSER;
rpf_last = res->flags & ~CF_MASK_ANALYSER;
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
[MINOR] stream_interface: add SI_FL_DONT_WAKE flag We had to add a new stream_interface flag : SI_FL_DONT_WAKE. This flag is used to indicate that a stream interface is being updated and that no wake up should be sent to its owner. This will be required for tasks embedded into stream interfaces. Otherwise, we could have the owner task send wakeups to itself during status updates, thus preventing the state from converging. As long as a stream_interface's status is being monitored and adjusted, there is no reason to wake it up again, as we know its changes will be seen and considered.
2009-09-05 14:57:35 -04:00
/* we don't want the stream interface functions to recursively wake us up */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_f->flags |= SI_FL_DONT_WAKE;
si_b->flags |= SI_FL_DONT_WAKE;
[MINOR] stream_interface: add SI_FL_DONT_WAKE flag We had to add a new stream_interface flag : SI_FL_DONT_WAKE. This flag is used to indicate that a stream interface is being updated and that no wake up should be sent to its owner. This will be required for tasks embedded into stream interfaces. Otherwise, we could have the owner task send wakeups to itself during status updates, thus preventing the state from converging. As long as a stream_interface's status is being monitored and adjusted, there is no reason to wake it up again, as we know its changes will be seen and considered.
2009-09-05 14:57:35 -04:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* 1a: Check for low level timeouts if needed. We just set a flag on
* stream interfaces when their timeouts have expired.
*/
if (unlikely(t->state & TASK_WOKEN_TIMER)) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
stream_int_check_timeouts(si_f);
stream_int_check_timeouts(si_b);
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
CLEANUP: channel: use "channel" instead of "buffer" in function names This is a massive rename of most functions which should make use of the word "channel" instead of the word "buffer" in their names. In concerns the following ones (new names) : unsigned long long channel_forward(struct channel *buf, unsigned long long bytes); static inline void channel_init(struct channel *buf) static inline int channel_input_closed(struct channel *buf) static inline int channel_output_closed(struct channel *buf) static inline void channel_check_timeouts(struct channel *b) static inline void channel_erase(struct channel *buf) static inline void channel_shutr_now(struct channel *buf) static inline void channel_shutw_now(struct channel *buf) static inline void channel_abort(struct channel *buf) static inline void channel_stop_hijacker(struct channel *buf) static inline void channel_auto_connect(struct channel *buf) static inline void channel_dont_connect(struct channel *buf) static inline void channel_auto_close(struct channel *buf) static inline void channel_dont_close(struct channel *buf) static inline void channel_auto_read(struct channel *buf) static inline void channel_dont_read(struct channel *buf) unsigned long long channel_forward(struct channel *buf, unsigned long long bytes) Some functions provided by channel.[ch] have kept their "buffer" name because they are really designed to act on the buffer according to some information gathered from the channel. They have been moved together to the same place in the file for better readability but they were not changed at all. The "buffer" memory pool was also renamed "channel".
2012-08-27 18:06:31 -04:00
/* check channel timeouts, and close the corresponding stream interfaces
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
* for future reads or writes. Note: this will also concern upper layers
* but we do not touch any other flag. We must be careful and correctly
* detect state changes when calling them.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_check_timeouts(req);
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) {
si_b->flags |= SI_FL_NOLINGER;
si_shutw(si_b);
[MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts Doing this helps us flush the system buffers from all unread data. This avoids having orphans when clients suddenly get off the net without reading their entire response.
2009-12-29 08:49:56 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) {
if (si_f->flags & SI_FL_NOHALF)
si_f->flags |= SI_FL_NOLINGER;
si_shutr(si_f);
OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag This flag indicates that we're not interested in keeping half-open connections on a stream interface. It has the benefit of allowing the socket layer to cause an immediate write close when detecting an incoming read close. This releases resources much faster and saves one syscall (either a shutdown or setsockopt). This flag is only set by HTTP on the interface going to the server since we don't want to continue pushing data there when it has closed. Another benefit is that it responds with a FIN to a server's FIN instead of responding with an RST as it used to, which is much cleaner. Performance gains of 7.5% have been measured on HTTP connection rate on empty objects.
2012-05-13 08:48:59 -04:00
}
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_check_timeouts(res);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTW|CF_WRITE_TIMEOUT)) == CF_WRITE_TIMEOUT)) {
si_f->flags |= SI_FL_NOLINGER;
si_shutw(si_f);
[MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts Doing this helps us flush the system buffers from all unread data. This avoids having orphans when clients suddenly get off the net without reading their entire response.
2009-12-29 08:49:56 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTR|CF_READ_TIMEOUT)) == CF_READ_TIMEOUT)) {
if (si_b->flags & SI_FL_NOHALF)
si_b->flags |= SI_FL_NOLINGER;
si_shutr(si_b);
OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag This flag indicates that we're not interested in keeping half-open connections on a stream interface. It has the benefit of allowing the socket layer to cause an immediate write close when detecting an incoming read close. This releases resources much faster and saves one syscall (either a shutdown or setsockopt). This flag is only set by HTTP on the interface going to the server since we don't want to continue pushing data there when it has closed. Another benefit is that it responds with a FIN to a server's FIN instead of responding with an RST as it used to, which is much cleaner. Performance gains of 7.5% have been measured on HTTP connection rate on empty objects.
2012-05-13 08:48:59 -04:00
}
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
MINOR: filters: Add check_timeouts callback to handle timers expiration on streams A filter can now be notified when a stream is woken up because of an expired timer. The documentation and the TRACE filter have been updated.
2016-11-10 08:58:05 -05:00
if (HAS_FILTERS(s))
flt_stream_check_timeouts(s);
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
/* Once in a while we're woken up because the task expires. But
* this does not necessarily mean that a timeout has been reached.
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* So let's not run a whole stream processing if only an expiration
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
* timeout needs to be refreshed.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!((req->flags | res->flags) &
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
(CF_SHUTR|CF_READ_ACTIVITY|CF_READ_TIMEOUT|CF_SHUTW|
CF_WRITE_ACTIVITY|CF_WRITE_TIMEOUT|CF_ANA_TIMEOUT)) &&
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
!((si_f->flags | si_b->flags) & (SI_FL_EXP|SI_FL_ERR)) &&
BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared The previous buffer space bug has revealed an issue causing some stalled connections to remain orphaned forever, preventing an old process from dying. The issue is that once in a while a task may be woken up because a disabled expiration timer has been reached despite no timeout being reached. In this case we exit very early but the SI_FL_DONT_WAKE flag wasn't cleared, resulting in new events not waking the task up. It may be one of the reasons why a few people have already observed some peers connections stuck in CLOSE_WAIT state. This bug was introduced in 1.5-dev13 by commit 798f432 ("OPTIM: session: don't process the whole session when only timers need a refresh"), so the fix must be backported to 1.6 and 1.5.
2016-05-04 04:18:37 -04:00
((t->state & TASK_WOKEN_ANY) == TASK_WOKEN_TIMER)) {
si_f->flags &= ~SI_FL_DONT_WAKE;
si_b->flags &= ~SI_FL_DONT_WAKE;
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
goto update_exp_and_leave;
BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared The previous buffer space bug has revealed an issue causing some stalled connections to remain orphaned forever, preventing an old process from dying. The issue is that once in a while a task may be woken up because a disabled expiration timer has been reached despite no timeout being reached. In this case we exit very early but the SI_FL_DONT_WAKE flag wasn't cleared, resulting in new events not waking the task up. It may be one of the reasons why a few people have already observed some peers connections stuck in CLOSE_WAIT state. This bug was introduced in 1.5-dev13 by commit 798f432 ("OPTIM: session: don't process the whole session when only timers need a refresh"), so the fix must be backported to 1.6 and 1.5.
2016-05-04 04:18:37 -04:00
}
[MAJOR] session: only check for timeouts when they have just occurred. It's useless to check for buffer timeouts every time we call process_session() because we already control when we set the flag. So let's check them at the precise moment where the flag is set.
2009-06-21 16:03:51 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MAJOR: session: only allocate buffers when needed A session doesn't need buffers all the time, especially when they're empty. With this patch, we don't allocate buffers anymore when the session is initialized, we only allocate them in two cases : - during process_session() - during I/O operations During process_session(), we try hard to allocate both buffers at once so that we know for sure that a started operation can complete. Indeed, a previous version of this patch used to allocate one buffer at a time, but it can result in a deadlock when all buffers are allocated for requests for example, and there's no buffer left to emit error responses. Here, if any of the buffers cannot be allocated, the whole operation is cancelled and the session is added at the tail of the buffer wait queue. At the end of process_session(), a call to session_release_buffers() is done so that we can offer unused buffers to other sessions waiting for them. For I/O operations, we only need to allocate a buffer on the Rx path. For this, we only allocate a single buffer but ensure that at least two are available to avoid the deadlock situation. In case buffers are not available, SI_FL_WAIT_ROOM is set on the stream interface and the session is queued. Unused buffers resulting either from a successful send() or from an unused read buffer are offered to pending sessions during the ->wake() callback.
2014-11-25 13:46:36 -05:00
/* below we may emit error messages so we have to ensure that we have
* our buffers properly allocated.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
if (!stream_alloc_work_buffer(s)) {
MAJOR: session: only allocate buffers when needed A session doesn't need buffers all the time, especially when they're empty. With this patch, we don't allocate buffers anymore when the session is initialized, we only allocate them in two cases : - during process_session() - during I/O operations During process_session(), we try hard to allocate both buffers at once so that we know for sure that a started operation can complete. Indeed, a previous version of this patch used to allocate one buffer at a time, but it can result in a deadlock when all buffers are allocated for requests for example, and there's no buffer left to emit error responses. Here, if any of the buffers cannot be allocated, the whole operation is cancelled and the session is added at the tail of the buffer wait queue. At the end of process_session(), a call to session_release_buffers() is done so that we can offer unused buffers to other sessions waiting for them. For I/O operations, we only need to allocate a buffer on the Rx path. For this, we only allocate a single buffer but ensure that at least two are available to avoid the deadlock situation. In case buffers are not available, SI_FL_WAIT_ROOM is set on the stream interface and the session is queued. Unused buffers resulting either from a successful send() or from an unused read buffer are offered to pending sessions during the ->wake() callback.
2014-11-25 13:46:36 -05:00
/* No buffer available, we've been subscribed to the list of
* buffer waiters, let's wait for our turn.
*/
BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared The previous buffer space bug has revealed an issue causing some stalled connections to remain orphaned forever, preventing an old process from dying. The issue is that once in a while a task may be woken up because a disabled expiration timer has been reached despite no timeout being reached. In this case we exit very early but the SI_FL_DONT_WAKE flag wasn't cleared, resulting in new events not waking the task up. It may be one of the reasons why a few people have already observed some peers connections stuck in CLOSE_WAIT state. This bug was introduced in 1.5-dev13 by commit 798f432 ("OPTIM: session: don't process the whole session when only timers need a refresh"), so the fix must be backported to 1.6 and 1.5.
2016-05-04 04:18:37 -04:00
si_f->flags &= ~SI_FL_DONT_WAKE;
si_b->flags &= ~SI_FL_DONT_WAKE;
MAJOR: session: only allocate buffers when needed A session doesn't need buffers all the time, especially when they're empty. With this patch, we don't allocate buffers anymore when the session is initialized, we only allocate them in two cases : - during process_session() - during I/O operations During process_session(), we try hard to allocate both buffers at once so that we know for sure that a started operation can complete. Indeed, a previous version of this patch used to allocate one buffer at a time, but it can result in a deadlock when all buffers are allocated for requests for example, and there's no buffer left to emit error responses. Here, if any of the buffers cannot be allocated, the whole operation is cancelled and the session is added at the tail of the buffer wait queue. At the end of process_session(), a call to session_release_buffers() is done so that we can offer unused buffers to other sessions waiting for them. For I/O operations, we only need to allocate a buffer on the Rx path. For this, we only allocate a single buffer but ensure that at least two are available to avoid the deadlock situation. In case buffers are not available, SI_FL_WAIT_ROOM is set on the stream interface and the session is queued. Unused buffers resulting either from a successful send() or from an unused read buffer are offered to pending sessions during the ->wake() callback.
2014-11-25 13:46:36 -05:00
goto update_exp_and_leave;
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* 1b: check for low-level errors reported at the stream interface.
* First we check if it's a retryable error (in which case we don't
* want to tell the buffer). Otherwise we report the error one level
* upper by setting flags into the buffers. Note that the side towards
* the client cannot have connect (hence retryable) errors. Also, the
* connection setup code must be able to deal with any type of abort.
*/
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
srv = objt_server(s->target);
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(si_f->flags & SI_FL_ERR)) {
if (si_f->state == SI_ST_EST || si_f->state == SI_ST_DIS) {
si_shutr(si_f);
si_shutw(si_f);
stream_int_report_error(si_f);
if (!(req->analysers) && !(res->analysers)) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.cli_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.cli_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.cli_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ERR_MASK))
s->flags |= SF_ERR_CLICL;
if (!(s->flags & SF_FINST_MASK))
s->flags |= SF_FINST_D;
[MINOR] transfer errors were not reported anymore in data phase
2008-12-14 05:44:04 -05:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(si_b->flags & SI_FL_ERR)) {
if (si_b->state == SI_ST_EST || si_b->state == SI_ST_DIS) {
si_shutr(si_b);
si_shutw(si_b);
stream_int_report_error(si_b);
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.failed_resp++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.failed_resp++;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!(req->analysers) && !(res->analysers)) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.srv_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.srv_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.srv_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ERR_MASK))
s->flags |= SF_ERR_SRVCL;
if (!(s->flags & SF_FINST_MASK))
s->flags |= SF_FINST_D;
[MINOR] transfer errors were not reported anymore in data phase
2008-12-14 05:44:04 -05:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
/* note: maybe we should process connection errors here ? */
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state == SI_ST_CON) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* we were trying to establish a connection on the server side,
* maybe it succeeded, maybe it failed, maybe we timed out, ...
*/
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
if (unlikely(!sess_update_st_con_tcp(s)))
sess_update_st_cer(s);
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (si_b->state == SI_ST_EST)
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
sess_establish(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* state is now one of SI_ST_CON (still in progress), SI_ST_EST
* (established), SI_ST_DIS (abort), SI_ST_CLO (last error),
* SI_ST_ASS/SI_ST_TAR/SI_ST_REQ for retryable errors.
*/
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rq_prod_last = si_f->state;
rq_cons_last = si_b->state;
rp_cons_last = si_f->state;
rp_prod_last = si_b->state;
[BUG] session: analysers must be checked when SI state changes Since the BF_READ_ATTACHED bug was fixed, a new issue surfaced. When a connection closes on the return path in tunnel mode while the request input is already closed, the request analyser which is waiting for a state change never gets woken up so it never closes the request output. This causes stuck sessions to remain indefinitely. One way to reliably reproduce the issue is the following (note that the client expects a keep-alive but not the server) : server: printf "HTTP/1.0 303\r\n\r\n" | nc -lp8080 client: printf "GET / HTTP/1.1\r\n\r\n" | nc 127.1 2500 The reason for the issue is that we don't wake the analysers up on stream interface state changes. So the least intrusive and most reliable thing to do is to consider stream interface state changes to call the analysers. We just need to remember what state each series of analysers have seen and check for the differences. In practice, that works. A later improvement later could consist in being able to let analysers state what they're interested to monitor : - left SI's state - right SI's state - request buffer flags - response buffer flags That could help having only one set of analysers and call them once status changes.
2010-07-27 11:15:12 -04:00
resync_stream_interface:
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* Check for connection closure */
DPRINTF(stderr,
MAJOR: buffer: replace buf->l with buf->{o+i} We don't have buf->l anymore. We have buf->i for pending data and the total length is retrieved by adding buf->o. Some computation already become simpler. Despite extreme care, bugs are not excluded. It's worth noting that msg->err_pos as set by HTTP request/response analysers becomes relative to pending data and not to the beginning of the buffer. This has not been completed yet so differences might occur when outgoing data are left in the buffer.
2012-03-01 12:19:58 -05:00
"[%u] %s:%d: task=%p s=%p, sfl=0x%08x, rq=%p, rp=%p, exp(r,w)=%u,%u rqf=%08x rpf=%08x rqh=%d rqt=%d rph=%d rpt=%d cs=%d ss=%d, cet=0x%x set=0x%x retr=%d\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
now_ms, __FUNCTION__, __LINE__,
t,
s, s->flags,
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req, res,
req->rex, res->wex,
req->flags, res->flags,
req->buf->i, req->buf->o, res->buf->i, res->buf->o, si_f->state, si_b->state,
si_f->err_type, si_b->err_type,
si_b->conn_retries);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* nothing special to be done on client side */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(si_f->state == SI_ST_DIS))
si_f->state = SI_ST_CLO;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* When a server-side connection is released, we have to count it and
* check for pending connections on this server.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(si_b->state == SI_ST_DIS)) {
si_b->state = SI_ST_CLO;
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
srv = objt_server(s->target);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (s->flags & SF_CURR_SESS) {
s->flags &= ~SF_CURR_SESS;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
srv->cur_sess--;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
sess_change_server(s, NULL);
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (may_dequeue_tasks(srv, s->be))
process_srv_queue(srv);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
}
/*
* Note: of the transient states (REQ, CER, DIS), only REQ may remain
* at this point.
*/
[OPTIM] do not re-check req buffer when only response has changed In process_session(), we used to re-run through all the evaluation loop when only the response had changed. Now we carefully check in this order : - changes to the stream interfaces (only SI_ST_DIS) - changes to the request buffer flags - changes to the response buffer flags And we branch to the appropriate section. This saves significant CPU cycles, which is important since process_session() is one of the major CPU eaters. The same changes have been applied to uxst_process_session().
2009-03-08 14:20:25 -04:00
resync_request:
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* Analyse request */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (((req->flags & ~rqf_last) & CF_MASK_ANALYSER) ||
((req->flags ^ rqf_last) & CF_MASK_STATIC) ||
si_f->state != rq_prod_last ||
si_b->state != rq_cons_last ||
MEDIUM: task: call session analyzers if the task is woken by a message. When a task used to receive a message from another one, its analysers were not called if there was no I/O activity.
2014-11-24 08:49:56 -05:00
s->task->state & TASK_WOKEN_MSG) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
unsigned int flags = req->flags;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_f->state >= SI_ST_EST) {
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
int max_loops = global.tune.maxpollevents;
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
unsigned int ana_list;
unsigned int ana_back;
[MEDIUM] session: rework buffer analysis to permit permanent analysers It will soon be necessary to support permanent analysers (eg: HTTP in keep-alive mode). We first have to slightly rework the call to the request analysers so that we don't force ->analysers to be 0 before forwarding data.
2009-06-28 13:37:53 -04:00
[MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags Several HTTP analysers used to set those flags to values that were useful but without considering the possibility that they were not called again to clean what they did. First, replace direct flag manipulation with more explicit macros. Second, enforce a rule stating that any buffer which changes one of these flags from the default must restore it after completion, so that other analysers see correct flags. With both this fix and the previous one about analyser bits, we should not see any more stuck sessions.
2010-01-06 18:20:41 -05:00
/* it's up to the analysers to stop new connections,
* disable reading or closing. Note: if an analyser
* disables any of these bits, it is responsible for
* enabling them again when it disables itself, so
* that other analysers are called in similar conditions.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_auto_read(req);
channel_auto_connect(req);
channel_auto_close(req);
[MEDIUM] extract TCP request processing from HTTP The TCP analyser has moved to proto_tcp.c. Breaking the function has required finer use of the return value and adding some tests to process_session().
2008-11-30 17:15:34 -05:00
/* We will call all analysers for which a bit is set in
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
* req->analysers, following the bit order from LSB
[MEDIUM] extract TCP request processing from HTTP The TCP analyser has moved to proto_tcp.c. Breaking the function has required finer use of the return value and adding some tests to process_session().
2008-11-30 17:15:34 -05:00
* to MSB. The analysers must remove themselves from
[MEDIUM] session: rework buffer analysis to permit permanent analysers It will soon be necessary to support permanent analysers (eg: HTTP in keep-alive mode). We first have to slightly rework the call to the request analysers so that we don't force ->analysers to be 0 before forwarding data.
2009-06-28 13:37:53 -04:00
* the list when not needed. Any analyser may return 0
* to break out of the loop, either because of missing
* data to take a decision, or because it decides to
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* kill the stream. We loop at least once through each
[MEDIUM] session: rework buffer analysis to permit permanent analysers It will soon be necessary to support permanent analysers (eg: HTTP in keep-alive mode). We first have to slightly rework the call to the request analysers so that we don't force ->analysers to be 0 before forwarding data.
2009-06-28 13:37:53 -04:00
* analyser, and we may loop again if other analysers
* are added in the middle.
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
*
* We build a list of analysers to run. We evaluate all
* of these analysers in the order of the lower bit to
* the higher bit. This ordering is very important.
* An analyser will often add/remove other analysers,
* including itself. Any changes to itself have no effect
* on the loop. If it removes any other analysers, we
* want those analysers not to be called anymore during
* this loop. If it adds an analyser that is located
* after itself, we want it to be scheduled for being
* processed during the loop. If it adds an analyser
* which is located before it, we want it to switch to
* it immediately, even if it has already been called
* once but removed since.
*
* In order to achieve this, we compare the analyser
* list after the call with a copy of it before the
* call. The work list is fed with analyser bits that
* appeared during the call. Then we compare previous
* work list with the new one, and check the bits that
* appeared. If the lowest of these bits is lower than
* the current bit, it means we have enabled a previous
* analyser and must immediately loop again.
[MEDIUM] extract TCP request processing from HTTP The TCP analyser has moved to proto_tcp.c. Breaking the function has required finer use of the return value and adding some tests to process_session().
2008-11-30 17:15:34 -05:00
*/
[MEDIUM] session: rework buffer analysis to permit permanent analysers It will soon be necessary to support permanent analysers (eg: HTTP in keep-alive mode). We first have to slightly rework the call to the request analysers so that we don't force ->analysers to be 0 before forwarding data.
2009-06-28 13:37:53 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
ana_list = ana_back = req->analysers;
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
while (ana_list && max_loops--) {
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
/* Warning! ensure that analysers are always placed in ascending order! */
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
ANALYZE (s, req, flt_start_analyze, ana_list, ana_back, AN_FLT_START_FE);
FLT_ANALYZE(s, req, tcp_inspect_request, ana_list, ana_back, AN_REQ_INSPECT_FE);
FLT_ANALYZE(s, req, http_wait_for_request, ana_list, ana_back, AN_REQ_WAIT_HTTP);
FLT_ANALYZE(s, req, http_wait_for_request_body, ana_list, ana_back, AN_REQ_HTTP_BODY);
FLT_ANALYZE(s, req, http_process_req_common, ana_list, ana_back, AN_REQ_HTTP_PROCESS_FE, sess->fe);
FLT_ANALYZE(s, req, process_switching_rules, ana_list, ana_back, AN_REQ_SWITCHING_RULES);
ANALYZE (s, req, flt_start_analyze, ana_list, ana_back, AN_FLT_START_BE);
FLT_ANALYZE(s, req, tcp_inspect_request, ana_list, ana_back, AN_REQ_INSPECT_BE);
FLT_ANALYZE(s, req, http_process_req_common, ana_list, ana_back, AN_REQ_HTTP_PROCESS_BE, s->be);
FLT_ANALYZE(s, req, http_process_tarpit, ana_list, ana_back, AN_REQ_HTTP_TARPIT);
FLT_ANALYZE(s, req, process_server_rules, ana_list, ana_back, AN_REQ_SRV_RULES);
FLT_ANALYZE(s, req, http_process_request, ana_list, ana_back, AN_REQ_HTTP_INNER);
FLT_ANALYZE(s, req, tcp_persist_rdp_cookie, ana_list, ana_back, AN_REQ_PRST_RDP_COOKIE);
FLT_ANALYZE(s, req, process_sticking_rules, ana_list, ana_back, AN_REQ_STICKING_RULES);
ANALYZE (s, req, flt_analyze_http_headers, ana_list, ana_back, AN_FLT_HTTP_HDRS);
ANALYZE (s, req, flt_xfer_data, ana_list, ana_back, AN_FLT_XFER_DATA);
ANALYZE (s, req, http_request_forward_body, ana_list, ana_back, AN_REQ_HTTP_XFER_BODY);
ANALYZE (s, req, flt_end_analyze, ana_list, ana_back, AN_FLT_END);
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
break;
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rq_prod_last = si_f->state;
rq_cons_last = si_b->state;
req->flags &= ~CF_WAKE_ONCE;
rqf_last = req->flags;
[BUG] session: analysers must be checked when SI state changes Since the BF_READ_ATTACHED bug was fixed, a new issue surfaced. When a connection closes on the return path in tunnel mode while the request input is already closed, the request analyser which is waiting for a state change never gets woken up so it never closes the request output. This causes stuck sessions to remain indefinitely. One way to reliably reproduce the issue is the following (note that the client expects a keep-alive but not the server) : server: printf "HTTP/1.0 303\r\n\r\n" | nc -lp8080 client: printf "GET / HTTP/1.1\r\n\r\n" | nc 127.1 2500 The reason for the issue is that we don't wake the analysers up on stream interface state changes. So the least intrusive and most reliable thing to do is to consider stream interface state changes to call the analysers. We just need to remember what state each series of analysers have seen and check for the differences. In practice, that works. A later improvement later could consist in being able to let analysers state what they're interested to monitor : - left SI's state - right SI's state - request buffer flags - response buffer flags That could help having only one set of analysers and call them once status changes.
2010-07-27 11:15:12 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((req->flags ^ flags) & CF_MASK_STATIC)
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
goto resync_request;
}
[MEDIUM] session: also consider request analysers added during response A request analyser may very well be added while processing a response (eg: end of an HTTP keep-alive response). It's very dangerous to only rely on flags that ought to change in order to loop back, so let's correctly detect a possible new analyser addition instead of guessing.
2010-01-06 18:09:04 -05:00
/* we'll monitor the request analysers while parsing the response,
* because some response analysers may indirectly enable new request
* analysers (eg: HTTP keep-alive).
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req_ana_back = req->analysers;
[MEDIUM] session: also consider request analysers added during response A request analyser may very well be added while processing a response (eg: end of an HTTP keep-alive response). It's very dangerous to only rely on flags that ought to change in order to loop back, so let's correctly detect a possible new analyser addition instead of guessing.
2010-01-06 18:09:04 -05:00
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
resync_response:
/* Analyse response */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (((res->flags & ~rpf_last) & CF_MASK_ANALYSER) ||
(res->flags ^ rpf_last) & CF_MASK_STATIC ||
si_f->state != rp_cons_last ||
si_b->state != rp_prod_last ||
MEDIUM: task: call session analyzers if the task is woken by a message. When a task used to receive a message from another one, its analysers were not called if there was no I/O activity.
2014-11-24 08:49:56 -05:00
s->task->state & TASK_WOKEN_MSG) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
unsigned int flags = res->flags;
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((res->flags & CF_MASK_ANALYSER) &&
(res->analysers & AN_REQ_ALL)) {
[BUG] http: analyser optimizations broke pipelining HTTP pipelining currently needs to monitor the response buffer to wait for some free space to be able to send a response. It was not possible for the HTTP analyser to be called based on response buffer activity. Now we introduce a new buffer flag BF_WAKE_ONCE which is set when the HTTP request analyser is set on the response buffer and some activity is detected. This is not clean at all but once of the only ways to fix the issue before we make it possible to register events for analysers. Also it appeared that one realign condition did not cover all cases.
2010-12-17 01:13:42 -05:00
/* Due to HTTP pipelining, the HTTP request analyser might be waiting
* for some free space in the response buffer, so we might need to call
* it when something changes in the response buffer, but still we pass
* it the request buffer. Note that the SI state might very well still
* be zero due to us returning a flow of redirects!
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
res->analysers &= ~AN_REQ_ALL;
req->flags |= CF_WAKE_ONCE;
[BUG] http: analyser optimizations broke pipelining HTTP pipelining currently needs to monitor the response buffer to wait for some free space to be able to send a response. It was not possible for the HTTP analyser to be called based on response buffer activity. Now we introduce a new buffer flag BF_WAKE_ONCE which is set when the HTTP request analyser is set on the response buffer and some activity is detected. This is not clean at all but once of the only ways to fix the issue before we make it possible to register events for analysers. Also it appeared that one realign condition did not cover all cases.
2010-12-17 01:13:42 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state >= SI_ST_EST) {
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
int max_loops = global.tune.maxpollevents;
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
unsigned int ana_list;
unsigned int ana_back;
[MAJOR] http: create the analyser which waits for a response The code part which waits for an HTTP response has been extracted from the old function. We now have two analysers and the second one may re-enable the first one when an 1xx response is encountered. This has been tested and works. The calls to stream_int_return() that were remaining in the wait analyser have been converted to stream_int_retnclose().
2009-10-18 16:53:08 -04:00
[MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags Several HTTP analysers used to set those flags to values that were useful but without considering the possibility that they were not called again to clean what they did. First, replace direct flag manipulation with more explicit macros. Second, enforce a rule stating that any buffer which changes one of these flags from the default must restore it after completion, so that other analysers see correct flags. With both this fix and the previous one about analyser bits, we should not see any more stuck sessions.
2010-01-06 18:20:41 -05:00
/* it's up to the analysers to stop disable reading or
* closing. Note: if an analyser disables any of these
* bits, it is responsible for enabling them again when
* it disables itself, so that other analysers are called
* in similar conditions.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_auto_read(res);
channel_auto_close(res);
[MAJOR] http: create the analyser which waits for a response The code part which waits for an HTTP response has been extracted from the old function. We now have two analysers and the second one may re-enable the first one when an 1xx response is encountered. This has been tested and works. The calls to stream_int_return() that were remaining in the wait analyser have been converted to stream_int_retnclose().
2009-10-18 16:53:08 -04:00
/* We will call all analysers for which a bit is set in
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
* res->analysers, following the bit order from LSB
[MAJOR] http: create the analyser which waits for a response The code part which waits for an HTTP response has been extracted from the old function. We now have two analysers and the second one may re-enable the first one when an 1xx response is encountered. This has been tested and works. The calls to stream_int_return() that were remaining in the wait analyser have been converted to stream_int_retnclose().
2009-10-18 16:53:08 -04:00
* to MSB. The analysers must remove themselves from
* the list when not needed. Any analyser may return 0
* to break out of the loop, either because of missing
* data to take a decision, or because it decides to
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* kill the stream. We loop at least once through each
[MAJOR] http: create the analyser which waits for a response The code part which waits for an HTTP response has been extracted from the old function. We now have two analysers and the second one may re-enable the first one when an 1xx response is encountered. This has been tested and works. The calls to stream_int_return() that were remaining in the wait analyser have been converted to stream_int_retnclose().
2009-10-18 16:53:08 -04:00
* analyser, and we may loop again if other analysers
* are added in the middle.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
ana_list = ana_back = res->analysers;
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
while (ana_list && max_loops--) {
[MAJOR] session: fix the order by which the analysers are run With the introduction of keep-alive, we have created situations where an analyser can add other analysers to the current list, which are behind it, which have already been processed once, and which are needed immediately because without them there will be no more I/O activity. This is typically the case for enabling reading of a new request after preparing for a new request. Instead of creating specific cases for some analysers (there was already one such before), we now use a little bit of algorithmics to create an ordered bit chain supporting priorities and fast operations. Another advantage of this new construction is that it's not a real loop anymore, so if an analyser is unknown, it will not loop but just ignore it. Note that it is easy to skip multiple analysers at once now in order to speed up the checking a bit. Some test code has shown a minor gain though. This change has been carefully re-read and has no direct reason of causing a regression. However it has been tagged "major" because the fact that it runs the analysers correctly might trigger an old sleeping bug somewhere in one of the analysers.
2010-01-06 17:53:24 -05:00
/* Warning! ensure that analysers are always placed in ascending order! */
MINOR: filters: Simplify calls to analyzers using 2 new macros Now, to call an analyzer in 'process_stream' function, we should use FLT_ANALAYZE or ANALYZE macros, depending if this is a filterable analyzer or not.
2016-05-11 11:06:28 -04:00
ANALYZE (s, res, flt_start_analyze, ana_list, ana_back, AN_FLT_START_FE);
ANALYZE (s, res, flt_start_analyze, ana_list, ana_back, AN_FLT_START_BE);
FLT_ANALYZE(s, res, tcp_inspect_response, ana_list, ana_back, AN_RES_INSPECT);
FLT_ANALYZE(s, res, http_wait_for_response, ana_list, ana_back, AN_RES_WAIT_HTTP);
FLT_ANALYZE(s, res, process_store_rules, ana_list, ana_back, AN_RES_STORE_RULES);
FLT_ANALYZE(s, res, http_process_res_common, ana_list, ana_back, AN_RES_HTTP_PROCESS_BE, s->be);
ANALYZE (s, res, flt_analyze_http_headers, ana_list, ana_back, AN_FLT_HTTP_HDRS);
ANALYZE (s, res, flt_xfer_data, ana_list, ana_back, AN_FLT_XFER_DATA);
ANALYZE (s, res, http_response_forward_body, ana_list, ana_back, AN_RES_HTTP_XFER_BODY);
ANALYZE (s, res, flt_end_analyze, ana_list, ana_back, AN_FLT_END);
[MEDIUM] session: limit the number of analyser loops The initial code's intention was to loop on the analysers as long as an analyser is added by another one. [This code was wrong due to the while(0) which breaks even on a continue statement, but the initial intention must be changed too]. In fact we should limit the number of times we loop on analysers in order to limit latency. Using maxpollevents as a limit makes sense since this tunable is used for the exact same purposes. We may add another tunable later if that ever makes sense, so it's very unlikely.
2010-01-07 18:32:27 -05:00
break;
}
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rp_cons_last = si_f->state;
rp_prod_last = si_b->state;
rpf_last = res->flags;
[BUG] session: analysers must be checked when SI state changes Since the BF_READ_ATTACHED bug was fixed, a new issue surfaced. When a connection closes on the return path in tunnel mode while the request input is already closed, the request analyser which is waiting for a state change never gets woken up so it never closes the request output. This causes stuck sessions to remain indefinitely. One way to reliably reproduce the issue is the following (note that the client expects a keep-alive but not the server) : server: printf "HTTP/1.0 303\r\n\r\n" | nc -lp8080 client: printf "GET / HTTP/1.1\r\n\r\n" | nc 127.1 2500 The reason for the issue is that we don't wake the analysers up on stream interface state changes. So the least intrusive and most reliable thing to do is to consider stream interface state changes to call the analysers. We just need to remember what state each series of analysers have seen and check for the differences. In practice, that works. A later improvement later could consist in being able to let analysers state what they're interested to monitor : - left SI's state - right SI's state - request buffer flags - response buffer flags That could help having only one set of analysers and call them once status changes.
2010-07-27 11:15:12 -04:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((res->flags ^ flags) & CF_MASK_STATIC)
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
goto resync_response;
}
[MEDIUM] session: also consider request analysers added during response A request analyser may very well be added while processing a response (eg: end of an HTTP keep-alive response). It's very dangerous to only rely on flags that ought to change in order to loop back, so let's correctly detect a possible new analyser addition instead of guessing.
2010-01-06 18:09:04 -05:00
/* maybe someone has added some request analysers, so we must check and loop */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (req->analysers & ~req_ana_back)
[MEDIUM] session: also consider request analysers added during response A request analyser may very well be added while processing a response (eg: end of an HTTP keep-alive response). It's very dangerous to only rely on flags that ought to change in order to loop back, so let's correctly detect a possible new analyser addition instead of guessing.
2010-01-06 18:09:04 -05:00
goto resync_request;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((req->flags & ~rqf_last) & CF_MASK_ANALYSER)
[BUG] http: analyser optimizations broke pipelining HTTP pipelining currently needs to monitor the response buffer to wait for some free space to be able to send a response. It was not possible for the HTTP analyser to be called based on response buffer activity. Now we introduce a new buffer flag BF_WAKE_ONCE which is set when the HTTP request analyser is set on the response buffer and some activity is detected. This is not clean at all but once of the only ways to fix the issue before we make it possible to register events for analysers. Also it appeared that one realign condition did not cover all cases.
2010-12-17 01:13:42 -05:00
goto resync_request;
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/* FIXME: here we should call protocol handlers which rely on
* both buffers.
*/
/*
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* Now we propagate unhandled errors to the stream. Normally
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
* we're just in a data phase here since it means we have not
* seen any analyser who could set an error status.
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
*/
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
srv = objt_server(s->target);
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (unlikely(!(s->flags & SF_ERR_MASK))) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (req->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) {
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/* Report it if the client got an error or a read timeout expired */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req->analysers = 0;
if (req->flags & CF_READ_ERROR) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.cli_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.cli_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.cli_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_CLICL;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (req->flags & CF_READ_TIMEOUT) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.cli_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.cli_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.cli_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_CLITO;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (req->flags & CF_WRITE_ERROR) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.srv_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.srv_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.srv_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_SRVCL;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
else {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.srv_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.srv_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.srv_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_SRVTO;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
sess_set_term_flags(s);
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (res->flags & (CF_READ_ERROR|CF_READ_TIMEOUT|CF_WRITE_ERROR|CF_WRITE_TIMEOUT)) {
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/* Report it if the server got an error or a read timeout expired */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
res->analysers = 0;
if (res->flags & CF_READ_ERROR) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.srv_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.srv_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.srv_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_SRVCL;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (res->flags & CF_READ_TIMEOUT) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.srv_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.srv_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.srv_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_SRVTO;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
else if (res->flags & CF_WRITE_ERROR) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.cli_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.cli_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.cli_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_CLICL;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
else {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.cli_aborts++;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->fe_counters.cli_aborts++;
[MAJOR] session: remove the ->srv pointer from struct session This one has been removed and is now totally superseded by ->target. To get the server, one must use target_srv(&s->target) instead of s->srv now. The function ensures that non-server targets still return NULL.
2011-03-10 10:55:02 -05:00
if (srv)
srv->counters.cli_aborts++;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
s->flags |= SF_ERR_CLITO;
[STATS] count transfer aborts caused by client and by server Often we need to understand why some transfers were aborted or what constitutes server response errors. With those two counters, it is now possible to detect an unexpected transfer abort during a data phase (eg: too short HTTP response), and to know what part of the server response errors may in fact be assigned to aborted transfers.
2010-03-04 14:34:23 -05:00
}
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
sess_set_term_flags(s);
}
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/*
* Here we take care of forwarding unhandled data. This also includes
* connection establishments and shutdown requests.
*/
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
/* If noone is interested in analysing data, it's time to forward
[MEDIUM] add support for infinite forwarding In TCP, we don't want to forward chunks of data, we want to forward indefinitely. This patch introduces a special value for the amount of data to be forwarded. When buffer_forward() is called with BUF_INFINITE_FORWARD, it configures the buffer to never stop forwarding until the end.
2009-09-20 06:07:52 -04:00
* everything. We configure the buffer to forward indefinitely.
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
* Note that we're checking CF_SHUTR_NOW as an indication of a possible
CLEANUP: channel: use "channel" instead of "buffer" in function names This is a massive rename of most functions which should make use of the word "channel" instead of the word "buffer" in their names. In concerns the following ones (new names) : unsigned long long channel_forward(struct channel *buf, unsigned long long bytes); static inline void channel_init(struct channel *buf) static inline int channel_input_closed(struct channel *buf) static inline int channel_output_closed(struct channel *buf) static inline void channel_check_timeouts(struct channel *b) static inline void channel_erase(struct channel *buf) static inline void channel_shutr_now(struct channel *buf) static inline void channel_shutw_now(struct channel *buf) static inline void channel_abort(struct channel *buf) static inline void channel_stop_hijacker(struct channel *buf) static inline void channel_auto_connect(struct channel *buf) static inline void channel_dont_connect(struct channel *buf) static inline void channel_auto_close(struct channel *buf) static inline void channel_dont_close(struct channel *buf) static inline void channel_auto_read(struct channel *buf) static inline void channel_dont_read(struct channel *buf) unsigned long long channel_forward(struct channel *buf, unsigned long long bytes) Some functions provided by channel.[ch] have kept their "buffer" name because they are really designed to act on the buffer according to some information gathered from the channel. They have been moved together to the same place in the file for better readability but they were not changed at all. The "buffer" memory pool was also renamed "channel".
2012-08-27 18:06:31 -04:00
* recent call to channel_abort().
[MAJOR] implement autonomous inter-socket forwarding If an analyser sets buf->to_forward to a given value, that many data will be forwarded between the two stream interfaces attached to a buffer without waking the task up. The same applies once all analysers have been released. This saves a large amount of calls to process_session() and a number of task_dequeue/queue.
2008-12-14 11:31:54 -05:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(!req->analysers &&
!(req->flags & (CF_SHUTW|CF_SHUTR_NOW)) &&
(si_f->state >= SI_ST_EST) &&
(req->to_forward != CHN_INFINITE_FORWARD))) {
CLEANUP: channel: remove any reference of the hijackers Hijackers were functions designed to inject data into channels in the distant past. They became unused around 1.3.16, and since there has not been any user of this mechanism to date, it's uncertain whether the mechanism still works (and it's not really useful anymore). So better remove it as well as the pointer it uses in the channel struct.
2012-11-11 17:05:39 -05:00
/* This buffer is freewheeling, there's no analyser
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
* attached to it. If any data are left in, we'll permit them to
* move.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_auto_read(req);
channel_auto_connect(req);
channel_auto_close(req);
buffer_flush(req->buf);
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
[BUG] session: don't stop forwarding of data upon last packet If a read shutdown is encountered on the first packet of a connection right after the data and the last analyser is unplugged at the same time, then that last data chunk may never be forwarded. In practice, right now it cannot happen on requests due to the way they're scheduled, nor can it happen on responses due to the way their analysers work. But this behaviour has been observed with new response analysers being developped. The reason is that when the read shutdown is encountered and an analyser is present, data cannot be forwarded but the BF_SHUTW_NOW flag is set. After that, the analyser gets called and unplugs itself, hoping that process_session() will automatically forward the data. This does not happen due to BF_SHUTW_NOW. Simply removing the test on this flag is not enough because then aborted requests still get forwarded, due to the forwarding code undoing the abort. The solution here consists in checking BF_SHUTR_NOW instead of BF_SHUTW_NOW. BF_SHUTR_NOW is only set on aborts and remains set until ->shutr() is called. This is enough to catch recent aborts but not prevent forwarding in other cases. Maybe a new special buffer flag "BF_ABORT" might be desirable in the future. This patch does not need to be backported because older versions don't have the analyser which make the problem appear.
2010-11-07 14:26:56 -05:00
/* We'll let data flow between the producer (if still connected)
* to the consumer (which might possibly not be connected yet).
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!(req->flags & (CF_SHUTR|CF_SHUTW_NOW)))
BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers In 1.4-dev3, commit 31971e5 ("[MEDIUM] add support for infinite forwarding") made it possible to configure the lower layer to forward data indefinitely by setting the forward size to CHN_INFINITE_FORWARD (4GB-1). By then larger chunk sizes were not supported so there was no confusion in the usage of the function. Since 1.5 we support 64-bit content-lengths and chunk sizes and the function has grown to support 64-bit arguments, though it still limits a single pass to 32-bit quantities (what fit in the channel's to_forward field). The issue now becomes that a 4GB-1 content-length can be confused with infinite forwarding (in fact it's 4GB-1+what was already in the buffer). It causes a visible effect when transferring this exact size because the transfer rate is lower than with other sizes due in part to the disabling of the Nagle algorithm on the sendto() call. In theory with keep-alive it should prevent a second request from being processed after such a transfer, but since the analysers are still present, the forwarding analyser properly counts down the remaining size to transfer and ultimately the transaction gets correctly reset so there is no visible effect. Since the root cause of the issue is an API problem (lack of distinction between a real valid length and a magic value), this patch modifies the API to have a new dedicated function called channel_forward_forever() to program a permanent forwarding. The existing function __channel_forward() was modified to properly take care of the requested sizes and ensure it 1) never overflows and 2) never reaches CHN_INFINITE_FORWARD by accident. It is worth noting that the function used to have a bug causing a 2GB forward to be scheduled if it was called with less data than what is present in buf->i. Fortunately this bug couldn't be triggered with existing code. This fix should be backported to 1.6 and 1.5. While it also theorically affects 1.4, it's better not to backport it there, as the risk of breaking large object transfers due to significant API differences is high, compared to the fact that the largest supported objects (4GB-1) are just slower to transfer.
2016-05-04 08:05:58 -04:00
channel_forward_forever(req);
MINOR: stream: maintain consistence between channel_forward and HTTP forward When the HTTP forwarder is used, it resets msg->sov so that we know that the parsing pointer has advanced by exactly (msg->eoh + msg->eol - msg->sov) bytes which may have to be rewound in case we want to perform an HTTP fetch after forwarding has started (eg: upon connect). But when the backend is in TCP mode, there may be no HTTP forwarding analyser installed, still we may want to perform these HTTP fetches in case we have already ensured at the TCP layer that we have a properly parsed HTTP transaction. In order to solve this, we reset msg->sov before doing a channel_forward() so that we can still compute http_rewind() on the pending data. That ensures the buffer is always rewindable even in mixed TCP+HTTP mode.
2015-07-09 12:38:57 -04:00
/* Just in order to support fetching HTTP contents after start
* of forwarding when the HTTP forwarding analyser is not used,
* we simply reset msg->sov so that HTTP rewinding points to the
* headers.
*/
if (s->txn)
s->txn->req.sov = s->txn->req.eoh + s->txn->req.eol - req->buf->o;
[MAJOR] implement autonomous inter-socket forwarding If an analyser sets buf->to_forward to a given value, that many data will be forwarded between the two stream interfaces attached to a buffer without waking the task up. The same applies once all analysers have been released. This saves a large amount of calls to process_session() and a number of task_dequeue/queue.
2008-12-14 11:31:54 -05:00
}
[MEDIUM] add a send limit to a buffer For keep-alive, line-mode protocols and splicing, we will need to limit the sender to process a certain amount of bytes. The limit is automatically set to the buffer size when analysers are detached from the buffer.
2008-12-13 15:12:26 -05:00
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
/* check if it is wise to enable kernel splicing to forward request data */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!(req->flags & (CF_KERN_SPLICING|CF_SHUTR)) &&
req->to_forward &&
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
(global.tune.options & GTUNE_USE_SPLICE) &&
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
(objt_conn(si_f->end) && __objt_conn(si_f->end)->xprt && __objt_conn(si_f->end)->xprt->rcv_pipe) &&
(objt_conn(si_b->end) && __objt_conn(si_b->end)->xprt && __objt_conn(si_b->end)->xprt->snd_pipe) &&
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
(pipes_used < global.maxpipes) &&
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
(((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_REQ) ||
(((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) &&
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
(req->flags & CF_STREAMER_FAST)))) {
req->flags |= CF_KERN_SPLICING;
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* reflect what the L7 analysers have seen last */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rqf_last = req->flags;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/*
* Now forward all shutdown requests between both sides of the buffer
*/
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
/* first, let's check if the request buffer needs to shutdown(write), which may
* happen either because the input is closed or because we want to force a close
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
* once the server has begun to respond. If a half-closed timeout is set, we adjust
* the other side's timeout as well.
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
(CF_AUTO_CLOSE|CF_SHUTR))) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_shutw_now(req);
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(write) pending */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW &&
channel_is_empty(req))) {
if (req->flags & CF_READ_ERROR)
si_b->flags |= SI_FL_NOLINGER;
si_shutw(si_b);
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
if (tick_isset(s->be->timeout.serverfin)) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
res->rto = s->be->timeout.serverfin;
res->rex = tick_add(now_ms, res->rto);
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
}
MEDIUM: session: disable lingering on the server when the client aborts When abortonclose is used and an error is detected on the client side, better force an RST to the server. That way we propagate to the server the same vision we got from the client, and we ensure that we won't keep TIME_WAITs.
2013-06-21 02:20:19 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(write) done on server side, we must stop the client too */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW &&
!req->analysers))
channel_shutr_now(req);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(read) pending */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((req->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) {
if (si_f->flags & SI_FL_NOHALF)
si_f->flags |= SI_FL_NOLINGER;
si_shutr(si_f);
OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag This flag indicates that we're not interested in keeping half-open connections on a stream interface. It has the benefit of allowing the socket layer to cause an immediate write close when detecting an incoming read close. This releases resources much faster and saves one syscall (either a shutdown or setsockopt). This flag is only set by HTTP on the interface going to the server since we don't want to continue pushing data there when it has closed. Another benefit is that it responds with a FIN to a server's FIN instead of responding with an RST as it used to, which is much cleaner. Performance gains of 7.5% have been measured on HTTP connection rate on empty objects.
2012-05-13 08:48:59 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
/* it's possible that an upper layer has requested a connection setup or abort.
* There are 2 situations where we decide to establish a new connection :
* - there are data scheduled for emission in the buffer
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
* - the CF_AUTO_CONNECT flag is set (active connection)
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state == SI_ST_INI) {
if (!(req->flags & CF_SHUTW)) {
if ((req->flags & CF_AUTO_CONNECT) || !channel_is_empty(req)) {
MEDIUM: stream-int: make ->end point to the connection or the appctx The long-term goal is to have a context for applets as an alternative to the connection and not as a complement. At the moment, the context is still stored into the stream interface, and we only put a pointer to the applet's context in si->end, initialize the context with object type OBJ_TYPE_APPCTX, and this allows us not to allocate an entry when deciding to switch to an applet. A special care is taken to never dereference si->conn anymore when dealing with an applet. That's why it's important that si->end is always set to the proper type : si->end == NULL => not connected to anything *si->end == OBJ_TYPE_APPCTX => connected to an applet *si->end == OBJ_TYPE_CONN => real connection (server, proxy, ...) The session management code used to check the applet from the connection's target. Now it uses the stream interface's end point and does not touch the connection at all. Similarly, we stop checking the connection's addresses and file descriptors when reporting the applet's status in the stats dump.
2013-09-29 11:19:56 -04:00
/* If we have an appctx, there is no connect method, so we
* immediately switch to the connected state, otherwise we
* perform a connection request.
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_b->state = SI_ST_REQ; /* new connection requested */
si_b->conn_retries = s->be->conn_retries;
[MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE The BF_WRITE_ENA buffer flag became very complex to deal with, because it was used to : - enable automatic connection - enable close forwarding - enable data forwarding The last point was not very true anymore since we introduced ->send_max, but still the test remained everywhere. This was causing issues such as impossibility to connect without forwarding data, impossibility to prevent closing when data was forwarded, etc... This patch clarifies the situation by getting rid of this multi-purpose flag and replacing it with : - data forwarding based only on ->send_max || ->pipe ; - a new BF_AUTO_CONNECT flag to allow automatic connection and only that ; - ability to perform an automatic connection when ->send_max or ->pipe indicate that data is waiting to leave the buffer ; - a new BF_AUTO_CLOSE flag to let the producer automatically set the BF_SHUTW_NOW flag when it gets a BF_SHUTR. During this cleanup, it was discovered that some tests were performed twice, or that the BF_HIJACK flag was still tested, which is not needed anymore since ->send_max replcaed it. These places have been fixed too. These cleanups have also revealed a few areas where the other flags such as BF_EMPTY are not cleanly used. This will be an opportunity for a second patch.
2009-09-19 15:04:57 -04:00
}
[MINOR] session: switch to established state if no connect function When a stream interface has no connect() function, it means it is immediately connected, so we don't need any connection request. This will be used with unix sockets.
2009-08-16 12:27:24 -04:00
}
[BUG] stream_interface: SI_ST_CLO must have buffers SHUT An abort during a connect would go to the SI_ST_CLO state without the buffers shut. This was causing some sessions to never end if they would abort before the connect request was initiated. This bug has been introduced after 1.4-dev2. The doc has been extended to reflect that too.
2009-09-20 02:19:25 -04:00
else {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_b->state = SI_ST_CLO; /* shutw+ini = abort */
channel_shutw_now(req); /* fix buffer flags upon abort */
channel_shutr_now(res);
[BUG] stream_interface: SI_ST_CLO must have buffers SHUT An abort during a connect would go to the SI_ST_CLO state without the buffers shut. This was causing some sessions to never end if they would abort before the connect request was initiated. This bug has been introduced after 1.4-dev2. The doc has been extended to reflect that too.
2009-09-20 02:19:25 -04:00
}
[BUG] switch server-side stream interface to close in case of abort In pure TCP mode, there is no response analyser to switch the server-side stream interface from INI to CLO when the output has been closed after an abort. This caused sessions to remain indefinitely active when they were aborted by the client during a TCP content analysis. The proper action is to switch the stream interface to the CLO state from INI when we have write enable and shutdown write.
2009-03-06 06:51:23 -05:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* we may have a pending connection request, or a connection waiting
* for completion.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state >= SI_ST_REQ && si_b->state < SI_ST_CON) {
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
/* prune the request variables and swap to the response variables. */
if (s->vars_reqres.scope != SCOPE_RES) {
BUG/MAJOR: vars: always retrieve the stream and session from the sample This is the continuation of previous patch called "BUG/MAJOR: samples: check smp->strm before using it". It happens that variables may have a session-wide scope, and that their session is retrieved by dereferencing the stream. But nothing prevents them from being used from a streamless context such as tcp-request connection, thus crashing the process. Example : tcp-request connection accept if { src,set-var(sess.foo) -m found } In order to fix this, we have to always ensure that variable manipulation only happens via the sample, which contains the correct owner and context, and that we never use one from a different source. This results in quite a large change since a lot of functions are inderctly involved in the call chain, but the change is easy to follow. This fix must be backported to 1.6, and requires the last two patches.
2016-03-10 10:33:04 -05:00
vars_prune(&s->vars_reqres, s->sess, s);
MEDIUM: vars: adds support of variables This patch adds support of variables during the processing of each stream. The variables scope can be set as 'session', 'transaction', 'request' or 'response'. The variable type is the type returned by the assignment expression. The type can change while the processing. The allocated memory can be controlled for each scope and each request, and for the global process.
2015-06-06 13:29:07 -04:00
vars_init(&s->vars_reqres, SCOPE_RES);
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
do {
/* nb: step 1 might switch from QUE to ASS, but we first want
* to give a chance to step 2 to perform a redirect if needed.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state != SI_ST_REQ)
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
sess_update_stream_int(s);
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state == SI_ST_REQ)
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
sess_prepare_conn_req(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MEDIUM: stream-int: make si_connect() return an established state when possible si_connect() used to only return SI_ST_CON. But it already detect the connection reuse and is the function which avoids calling connect(). So it already knows the connection is valid and reuse. Thus we make it return SI_ST_EST when a connection is reused. This means that connect_server() can return this state and sess_update_stream_int() as well. Thanks to this change, we don't need to leave process_session() in SI_ST_CON state to immediately enter it again to switch to SI_ST_EST. Implementing this removes one call to process_session() per request in keep-alive mode. We're now at 2 calls per request, which is the minimum (one for the request and another one for the response). The number of calls to http_wait_for_response() has also dropped from 2 to one. Tests indicate a performance gain of about 2.6% in request rate in keep-alive mode. There should be no gain in http-server-close() since we don't use this faster path.
2013-12-31 17:32:12 -05:00
/* applets directly go to the ESTABLISHED state. Similarly,
* servers experience the same fate when their connection
* is reused.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(si_b->state == SI_ST_EST))
CLEANUP: session: don't needlessly pass a pointer to the stream-int All functions dealing with connection establishment currently use a pointer to the stream interface. Now we know it cannot change and is always s->si[1].
2014-11-28 09:15:44 -05:00
sess_establish(s);
MEDIUM: session: prepare to support earlier transitions to the established state At the moment it is possible in sess_prepare_conn_req() to switch to the established state when the target is an applet. But sess_update_stream_int() will soon also have the ability to set the established state via connect_server() when a connection is reused, leading to a synchronous connect. So prepare the code to handle this SI_ST_ASS -> SI_ST_EST transition, which really matches what's done in the lower layers.
2013-12-31 17:16:50 -05:00
/* Now we can add the server name to a header (if requested) */
/* check for HTTP mode and proxy server_name_hdr_name != NULL */
BUG/MAJOR: http: don't call http_send_name_header() after an error A crash was reported when using the "famous" http-send-name-header directive. This time it's a bit tricky, it requires a certain number of conditions to be met including maxconn on a server, queuing, timeout in the queue and cookie-based persistence. The problem is that in stream.c, before calling http_send_name_header(), we check a number of conditions to know if we have to replace the header name. But prior to reaching this place, it's possible for sess_update_stream_int() to fail and change the stream-int's state to SI_ST_CLO, send an error 503 to the client, and flush all buffers. But http_send_name_header() can only be called with valid buffer contents matching the http_msg's description. So when it rewinds the stream to modify the header, buf->o becomes negative by the size of the incoming request and is used as the argument to memmove() which basically displaces 4GB of memory off a few bytes to write the new name, resulting in a core and a core file that's really not fun to play with. The solution obviously consists in refraining from calling this nasty function when the stream interface is already closed. This bug also affects 1.5 and possibly 1.4, so the fix must be backported there.
2015-09-07 13:32:33 -04:00
if ((si_b->state >= SI_ST_CON) && (si_b->state < SI_ST_CLO) &&
MEDIUM: session: prepare to support earlier transitions to the established state At the moment it is possible in sess_prepare_conn_req() to switch to the established state when the target is an applet. But sess_update_stream_int() will soon also have the ability to set the established state via connect_server() when a connection is reused, leading to a synchronous connect. So prepare the code to handle this SI_ST_ASS -> SI_ST_EST transition, which really matches what's done in the lower layers.
2013-12-31 17:16:50 -05:00
(s->be->server_id_hdr_name != NULL) &&
(s->be->mode == PR_MODE_HTTP) &&
objt_server(s->target)) {
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
http_send_name_header(s->txn, s->be, objt_server(s->target)->id);
MINOR: session: only call http_send_name_header() when changing the server Till now we used to call the function until the connection established, which means that the header rewriting was performed for nothing upon each even (eg: uploaded contents) until the server responded or timed out. Now we only call the function when we assign the server.
2013-04-07 12:19:16 -04:00
}
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
srv = objt_server(s->target);
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (si_b->state == SI_ST_ASS && srv && srv->rdr_len && (s->flags & SF_REDIRECTABLE))
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
http_perform_server_redirect(s, si_b);
} while (si_b->state == SI_ST_ASS);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/* Benchmarks have shown that it's optimal to do a full resync now */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_f->state == SI_ST_DIS || si_b->state == SI_ST_DIS)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
goto resync_stream_interface;
[BUG] session: analysers must be checked when SI state changes Since the BF_READ_ATTACHED bug was fixed, a new issue surfaced. When a connection closes on the return path in tunnel mode while the request input is already closed, the request analyser which is waiting for a state change never gets woken up so it never closes the request output. This causes stuck sessions to remain indefinitely. One way to reliably reproduce the issue is the following (note that the client expects a keep-alive but not the server) : server: printf "HTTP/1.0 303\r\n\r\n" | nc -lp8080 client: printf "GET / HTTP/1.1\r\n\r\n" | nc 127.1 2500 The reason for the issue is that we don't wake the analysers up on stream interface state changes. So the least intrusive and most reliable thing to do is to consider stream interface state changes to call the analysers. We just need to remember what state each series of analysers have seen and check for the differences. In practice, that works. A later improvement later could consist in being able to let analysers state what they're interested to monitor : - left SI's state - right SI's state - request buffer flags - response buffer flags That could help having only one set of analysers and call them once status changes.
2010-07-27 11:15:12 -04:00
/* otherwise we want to check if we need to resync the req buffer or not */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((req->flags ^ rqf_last) & CF_MASK_STATIC)
[OPTIM] do not re-check req buffer when only response has changed In process_session(), we used to re-run through all the evaluation loop when only the response had changed. Now we carefully check in this order : - changes to the stream interfaces (only SI_ST_DIS) - changes to the request buffer flags - changes to the response buffer flags And we branch to the appropriate section. This saves significant CPU cycles, which is important since process_session() is one of the major CPU eaters. The same changes have been applied to uxst_process_session().
2009-03-08 14:20:25 -04:00
goto resync_request;
[MAJOR] session: simplify buffer error handling Buffer errors (timeouts and I/O errors) were handled at two places, just after the analysers and after again. Now that the timeout detection has moved, it has become easier to handle those errors. This has also made it possible for the request and response analysers to be processed together as a down-up event, and all the up-down I/O updates to be processed afterwards, which is exactly what we're looking for. Interestingly this has reduced the number of iterations of (stream_int, req_resp) from (5,6,5) to (5,5,4). Several tests have been run without any issue found.
2009-06-21 16:43:05 -04:00
/* perform output updates to the response buffer */
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
/* If noone is interested in analysing data, it's time to forward
[MEDIUM] add support for infinite forwarding In TCP, we don't want to forward chunks of data, we want to forward indefinitely. This patch introduces a special value for the amount of data to be forwarded. When buffer_forward() is called with BUF_INFINITE_FORWARD, it configures the buffer to never stop forwarding until the end.
2009-09-20 06:07:52 -04:00
* everything. We configure the buffer to forward indefinitely.
CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ Get rid of these confusing BF_* flags. Now channel naming should clearly be used everywhere appropriate. No code was changed, only a renaming was performed. The comments about channel operations was updated.
2012-08-27 17:14:58 -04:00
* Note that we're checking CF_SHUTR_NOW as an indication of a possible
CLEANUP: channel: use "channel" instead of "buffer" in function names This is a massive rename of most functions which should make use of the word "channel" instead of the word "buffer" in their names. In concerns the following ones (new names) : unsigned long long channel_forward(struct channel *buf, unsigned long long bytes); static inline void channel_init(struct channel *buf) static inline int channel_input_closed(struct channel *buf) static inline int channel_output_closed(struct channel *buf) static inline void channel_check_timeouts(struct channel *b) static inline void channel_erase(struct channel *buf) static inline void channel_shutr_now(struct channel *buf) static inline void channel_shutw_now(struct channel *buf) static inline void channel_abort(struct channel *buf) static inline void channel_stop_hijacker(struct channel *buf) static inline void channel_auto_connect(struct channel *buf) static inline void channel_dont_connect(struct channel *buf) static inline void channel_auto_close(struct channel *buf) static inline void channel_dont_close(struct channel *buf) static inline void channel_auto_read(struct channel *buf) static inline void channel_dont_read(struct channel *buf) unsigned long long channel_forward(struct channel *buf, unsigned long long bytes) Some functions provided by channel.[ch] have kept their "buffer" name because they are really designed to act on the buffer according to some information gathered from the channel. They have been moved together to the same place in the file for better readability but they were not changed at all. The "buffer" memory pool was also renamed "channel".
2012-08-27 18:06:31 -04:00
* recent call to channel_abort().
[MAJOR] implement autonomous inter-socket forwarding If an analyser sets buf->to_forward to a given value, that many data will be forwarded between the two stream interfaces attached to a buffer without waking the task up. The same applies once all analysers have been released. This saves a large amount of calls to process_session() and a number of task_dequeue/queue.
2008-12-14 11:31:54 -05:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely(!res->analysers &&
!(res->flags & (CF_SHUTW|CF_SHUTR_NOW)) &&
(si_b->state >= SI_ST_EST) &&
(res->to_forward != CHN_INFINITE_FORWARD))) {
CLEANUP: channel: remove any reference of the hijackers Hijackers were functions designed to inject data into channels in the distant past. They became unused around 1.3.16, and since there has not been any user of this mechanism to date, it's uncertain whether the mechanism still works (and it's not really useful anymore). So better remove it as well as the pointer it uses in the channel struct.
2012-11-11 17:05:39 -05:00
/* This buffer is freewheeling, there's no analyser
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
* attached to it. If any data are left in, we'll permit them to
* move.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_auto_read(res);
channel_auto_close(res);
buffer_flush(res->buf);
[BUG] session: don't stop forwarding of data upon last packet If a read shutdown is encountered on the first packet of a connection right after the data and the last analyser is unplugged at the same time, then that last data chunk may never be forwarded. In practice, right now it cannot happen on requests due to the way they're scheduled, nor can it happen on responses due to the way their analysers work. But this behaviour has been observed with new response analysers being developped. The reason is that when the read shutdown is encountered and an analyser is present, data cannot be forwarded but the BF_SHUTW_NOW flag is set. After that, the analyser gets called and unplugs itself, hoping that process_session() will automatically forward the data. This does not happen due to BF_SHUTW_NOW. Simply removing the test on this flag is not enough because then aborted requests still get forwarded, due to the forwarding code undoing the abort. The solution here consists in checking BF_SHUTR_NOW instead of BF_SHUTW_NOW. BF_SHUTR_NOW is only set on aborts and remains set until ->shutr() is called. This is enough to catch recent aborts but not prevent forwarding in other cases. Maybe a new special buffer flag "BF_ABORT" might be desirable in the future. This patch does not need to be backported because older versions don't have the analyser which make the problem appear.
2010-11-07 14:26:56 -05:00
/* We'll let data flow between the producer (if still connected)
* to the consumer.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!(res->flags & (CF_SHUTR|CF_SHUTW_NOW)))
BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers In 1.4-dev3, commit 31971e5 ("[MEDIUM] add support for infinite forwarding") made it possible to configure the lower layer to forward data indefinitely by setting the forward size to CHN_INFINITE_FORWARD (4GB-1). By then larger chunk sizes were not supported so there was no confusion in the usage of the function. Since 1.5 we support 64-bit content-lengths and chunk sizes and the function has grown to support 64-bit arguments, though it still limits a single pass to 32-bit quantities (what fit in the channel's to_forward field). The issue now becomes that a 4GB-1 content-length can be confused with infinite forwarding (in fact it's 4GB-1+what was already in the buffer). It causes a visible effect when transferring this exact size because the transfer rate is lower than with other sizes due in part to the disabling of the Nagle algorithm on the sendto() call. In theory with keep-alive it should prevent a second request from being processed after such a transfer, but since the analysers are still present, the forwarding analyser properly counts down the remaining size to transfer and ultimately the transaction gets correctly reset so there is no visible effect. Since the root cause of the issue is an API problem (lack of distinction between a real valid length and a magic value), this patch modifies the API to have a new dedicated function called channel_forward_forever() to program a permanent forwarding. The existing function __channel_forward() was modified to properly take care of the requested sizes and ensure it 1) never overflows and 2) never reaches CHN_INFINITE_FORWARD by accident. It is worth noting that the function used to have a bug causing a 2GB forward to be scheduled if it was called with less data than what is present in buf->i. Fortunately this bug couldn't be triggered with existing code. This fix should be backported to 1.6 and 1.5. While it also theorically affects 1.4, it's better not to backport it there, as the risk of breaking large object transfers due to significant API differences is high, compared to the fact that the largest supported objects (4GB-1) are just slower to transfer.
2016-05-04 08:05:58 -04:00
channel_forward_forever(res);
MEDIUM: session: add support for tunnel timeouts Tunnel timeouts are used when TCP connections are forwarded, or when forwarding upgraded HTTP connections (WebSocket) as well as CONNECT requests to proxies. This timeout allows long-lived sessions to be supported without having to set large timeouts to normal requests.
2012-05-12 06:50:00 -04:00
MINOR: stream: maintain consistence between channel_forward and HTTP forward When the HTTP forwarder is used, it resets msg->sov so that we know that the parsing pointer has advanced by exactly (msg->eoh + msg->eol - msg->sov) bytes which may have to be rewound in case we want to perform an HTTP fetch after forwarding has started (eg: upon connect). But when the backend is in TCP mode, there may be no HTTP forwarding analyser installed, still we may want to perform these HTTP fetches in case we have already ensured at the TCP layer that we have a properly parsed HTTP transaction. In order to solve this, we reset msg->sov before doing a channel_forward() so that we can still compute http_rewind() on the pending data. That ensures the buffer is always rewindable even in mixed TCP+HTTP mode.
2015-07-09 12:38:57 -04:00
/* Just in order to support fetching HTTP contents after start
* of forwarding when the HTTP forwarding analyser is not used,
* we simply reset msg->sov so that HTTP rewinding points to the
* headers.
*/
if (s->txn)
s->txn->rsp.sov = s->txn->rsp.eoh + s->txn->rsp.eol - res->buf->o;
MEDIUM: session: add support for tunnel timeouts Tunnel timeouts are used when TCP connections are forwarded, or when forwarding upgraded HTTP connections (WebSocket) as well as CONNECT requests to proxies. This timeout allows long-lived sessions to be supported without having to set large timeouts to normal requests.
2012-05-12 06:50:00 -04:00
/* if we have no analyser anymore in any direction and have a
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
* tunnel timeout set, use it now. Note that we must respect
* the half-closed timeouts as well.
MEDIUM: session: add support for tunnel timeouts Tunnel timeouts are used when TCP connections are forwarded, or when forwarding upgraded HTTP connections (WebSocket) as well as CONNECT requests to proxies. This timeout allows long-lived sessions to be supported without having to set large timeouts to normal requests.
2012-05-12 06:50:00 -04:00
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!req->analysers && s->be->timeout.tunnel) {
req->rto = req->wto = res->rto = res->wto =
MEDIUM: session: add support for tunnel timeouts Tunnel timeouts are used when TCP connections are forwarded, or when forwarding upgraded HTTP connections (WebSocket) as well as CONNECT requests to proxies. This timeout allows long-lived sessions to be supported without having to set large timeouts to normal requests.
2012-05-12 06:50:00 -04:00
s->be->timeout.tunnel;
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if ((req->flags & CF_SHUTR) && tick_isset(sess->fe->timeout.clientfin))
res->wto = sess->fe->timeout.clientfin;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((req->flags & CF_SHUTW) && tick_isset(s->be->timeout.serverfin))
res->rto = s->be->timeout.serverfin;
if ((res->flags & CF_SHUTR) && tick_isset(s->be->timeout.serverfin))
req->wto = s->be->timeout.serverfin;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if ((res->flags & CF_SHUTW) && tick_isset(sess->fe->timeout.clientfin))
req->rto = sess->fe->timeout.clientfin;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req->rex = tick_add(now_ms, req->rto);
req->wex = tick_add(now_ms, req->wto);
res->rex = tick_add(now_ms, res->rto);
res->wex = tick_add(now_ms, res->wto);
MEDIUM: session: add support for tunnel timeouts Tunnel timeouts are used when TCP connections are forwarded, or when forwarding upgraded HTTP connections (WebSocket) as well as CONNECT requests to proxies. This timeout allows long-lived sessions to be supported without having to set large timeouts to normal requests.
2012-05-12 06:50:00 -04:00
}
[MAJOR] implement autonomous inter-socket forwarding If an analyser sets buf->to_forward to a given value, that many data will be forwarded between the two stream interfaces attached to a buffer without waking the task up. The same applies once all analysers have been released. This saves a large amount of calls to process_session() and a number of task_dequeue/queue.
2008-12-14 11:31:54 -05:00
}
[MEDIUM] add a send limit to a buffer For keep-alive, line-mode protocols and splicing, we will need to limit the sender to process a certain amount of bytes. The limit is automatically set to the buffer size when analysers are detached from the buffer.
2008-12-13 15:12:26 -05:00
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
/* check if it is wise to enable kernel splicing to forward response data */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (!(res->flags & (CF_KERN_SPLICING|CF_SHUTR)) &&
res->to_forward &&
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
(global.tune.options & GTUNE_USE_SPLICE) &&
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
(objt_conn(si_f->end) && __objt_conn(si_f->end)->xprt && __objt_conn(si_f->end)->xprt->snd_pipe) &&
(objt_conn(si_b->end) && __objt_conn(si_b->end)->xprt && __objt_conn(si_b->end)->xprt->rcv_pipe) &&
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
(pipes_used < global.maxpipes) &&
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
(((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_RTR) ||
(((sess->fe->options2|s->be->options2) & PR_O2_SPLIC_AUT) &&
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
(res->flags & CF_STREAMER_FAST)))) {
res->flags |= CF_KERN_SPLICING;
[MEDIUM] rearrange forwarding condition to enable splice during analysis The forwarding condition was not very clear. We would only enable forwarding when send_max is zero, and we would only splice when no analyser is installed. In fact we want to enable forward when there is no analyser and we want to splice at soon as there is data to forward, regardless of the analysers.
2009-03-08 16:38:23 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* reflect what the L7 analysers have seen last */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
rpf_last = res->flags;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/*
* Now forward all shutdown requests between both sides of the buffer
*/
/*
* FIXME: this is probably where we should produce error responses.
*/
[MAJOR] implement autonomous inter-socket forwarding If an analyser sets buf->to_forward to a given value, that many data will be forwarded between the two stream interfaces attached to a buffer without waking the task up. The same applies once all analysers have been released. This saves a large amount of calls to process_session() and a number of task_dequeue/queue.
2008-12-14 11:31:54 -05:00
/* first, let's check if the response buffer needs to shutdown(write) */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTW|CF_SHUTW_NOW|CF_AUTO_CLOSE|CF_SHUTR)) ==
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
(CF_AUTO_CLOSE|CF_SHUTR))) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
channel_shutw_now(res);
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(write) pending */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTW|CF_SHUTW_NOW)) == CF_SHUTW_NOW &&
channel_is_empty(res))) {
si_shutw(si_f);
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (tick_isset(sess->fe->timeout.clientfin)) {
req->rto = sess->fe->timeout.clientfin;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req->rex = tick_add(now_ms, req->rto);
MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) Long-lived sessions are often subject to half-closed sessions resulting in a lot of sessions appearing in FIN_WAIT state in the system tables, and no way for haproxy to get rid of them. This typically happens because clients suddenly disconnect without sending any packet (eg: FIN or RST was lost in the path), and while the server detects this using an applicative heart beat, haproxy does not close the connection. This patch adds two new timeouts : "timeout client-fin" and "timeout server-fin". The former allows one to override the client-facing timeout when a FIN has been received or sent. The latter does the same for server-facing connections, which is less useful.
2014-05-10 08:30:07 -04:00
}
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(write) done on the client side, we must stop the server too */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTW|CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTW) &&
!res->analysers)
channel_shutr_now(res);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* shutdown(read) pending */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (unlikely((res->flags & (CF_SHUTR|CF_SHUTR_NOW)) == CF_SHUTR_NOW)) {
if (si_b->flags & SI_FL_NOHALF)
si_b->flags |= SI_FL_NOLINGER;
si_shutr(si_b);
OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag This flag indicates that we're not interested in keeping half-open connections on a stream interface. It has the benefit of allowing the socket layer to cause an immediate write close when detecting an incoming read close. This releases resources much faster and saves one syscall (either a shutdown or setsockopt). This flag is only set by HTTP on the interface going to the server since we don't want to continue pushing data there when it has closed. Another benefit is that it responds with a FIN to a server's FIN instead of responding with an RST as it used to, which is much cleaner. Performance gains of 7.5% have been measured on HTTP connection rate on empty objects.
2012-05-13 08:48:59 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_f->state == SI_ST_DIS || si_b->state == SI_ST_DIS)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
goto resync_stream_interface;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (req->flags != rqf_last)
[OPTIM] do not re-check req buffer when only response has changed In process_session(), we used to re-run through all the evaluation loop when only the response had changed. Now we carefully check in this order : - changes to the stream interfaces (only SI_ST_DIS) - changes to the request buffer flags - changes to the response buffer flags And we branch to the appropriate section. This saves significant CPU cycles, which is important since process_session() is one of the major CPU eaters. The same changes have been applied to uxst_process_session().
2009-03-08 14:20:25 -04:00
goto resync_request;
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((res->flags ^ rpf_last) & CF_MASK_STATIC)
[OPTIM] do not re-check req buffer when only response has changed In process_session(), we used to re-run through all the evaluation loop when only the response had changed. Now we carefully check in this order : - changes to the stream interfaces (only SI_ST_DIS) - changes to the request buffer flags - changes to the response buffer flags And we branch to the appropriate section. This saves significant CPU cycles, which is important since process_session() is one of the major CPU eaters. The same changes have been applied to uxst_process_session().
2009-03-08 14:20:25 -04:00
goto resync_response;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
[MINOR] stream_interface: add SI_FL_DONT_WAKE flag We had to add a new stream_interface flag : SI_FL_DONT_WAKE. This flag is used to indicate that a stream interface is being updated and that no wake up should be sent to its owner. This will be required for tasks embedded into stream interfaces. Otherwise, we could have the owner task send wakeups to itself during status updates, thus preventing the state from converging. As long as a stream_interface's status is being monitored and adjusted, there is no reason to wake it up again, as we know its changes will be seen and considered.
2009-09-05 14:57:35 -04:00
/* we're interested in getting wakeups again */
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_f->flags &= ~SI_FL_DONT_WAKE;
si_b->flags &= ~SI_FL_DONT_WAKE;
[MINOR] stream_interface: add SI_FL_DONT_WAKE flag We had to add a new stream_interface flag : SI_FL_DONT_WAKE. This flag is used to indicate that a stream interface is being updated and that no wake up should be sent to its owner. This will be required for tasks embedded into stream interfaces. Otherwise, we could have the owner task send wakeups to itself during status updates, thus preventing the state from converging. As long as a stream_interface's status is being monitored and adjusted, there is no reason to wake it up again, as we know its changes will be seen and considered.
2009-09-05 14:57:35 -04:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* This is needed only when debugging is enabled, to indicate
* client-side or server-side close. Please note that in the unlikely
* event where both sides would close at once, the sequence is reported
* on the server side first.
*/
if (unlikely((global.mode & MODE_DEBUG) &&
(!(global.mode & MODE_QUIET) ||
(global.mode & MODE_VERBOSE)))) {
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->state == SI_ST_CLO &&
si_b->prev_state == SI_ST_EST) {
MEDIUM: make the trash be a chunk instead of a char * The trash is used everywhere to store the results of temporary strings built out of s(n)printf, or as a storage for a chunk when chunks are needed. Using global.tune.bufsize is not the most convenient thing either. So let's replace trash with a chunk and directly use it as such. We can then use trash.size as the natural way to get its size, and get rid of many intermediary chunks that were previously used. The patch is huge because it touches many areas but it makes the code a lot more clear and even outlines places where trash was used without being that obvious.
2012-10-29 11:51:55 -04:00
chunk_printf(&trash, "%08x:%s.srvcls[%04x:%04x]\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->uniq_id, s->be->id,
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
objt_conn(si_f->end) ? (unsigned short)objt_conn(si_f->end)->t.sock.fd : -1,
objt_conn(si_b->end) ? (unsigned short)objt_conn(si_b->end)->t.sock.fd : -1);
BUILD: definitely silence some stupid GCC warnings It's becoming increasingly difficult to ignore unwanted function returns in debug code with gcc. Now even when you try to work around it, it suggests a way to write your code differently. For example : src/frontend.c:187:65: warning: if statement has empty body [-Wempty-body] if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */; ^ src/frontend.c:187:65: note: put the semicolon on a separate line to silence this warning 1 warning generated. This is totally unacceptable, this code already had to be written this way to shut it up in earlier versions. And now it comments the form ? What's the purpose of the C language if you can't write anymore the code that does what you want ? Emeric proposed to just keep a global variable to drain such useless results so that gcc stops complaining all the time it believes people who write code are monkeys. The solution is acceptable because the useless assignment is done only in debug code so it will not impact performance. This patch implements this, until gcc becomes even "smarter" to detect that we tried to cheat.
2013-12-13 09:14:55 -05:00
shut_your_big_mouth_gcc(write(1, trash.str, trash.len));
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_f->state == SI_ST_CLO &&
si_f->prev_state == SI_ST_EST) {
MEDIUM: make the trash be a chunk instead of a char * The trash is used everywhere to store the results of temporary strings built out of s(n)printf, or as a storage for a chunk when chunks are needed. Using global.tune.bufsize is not the most convenient thing either. So let's replace trash with a chunk and directly use it as such. We can then use trash.size as the natural way to get its size, and get rid of many intermediary chunks that were previously used. The patch is huge because it touches many areas but it makes the code a lot more clear and even outlines places where trash was used without being that obvious.
2012-10-29 11:51:55 -04:00
chunk_printf(&trash, "%08x:%s.clicls[%04x:%04x]\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->uniq_id, s->be->id,
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
objt_conn(si_f->end) ? (unsigned short)objt_conn(si_f->end)->t.sock.fd : -1,
objt_conn(si_b->end) ? (unsigned short)objt_conn(si_b->end)->t.sock.fd : -1);
BUILD: definitely silence some stupid GCC warnings It's becoming increasingly difficult to ignore unwanted function returns in debug code with gcc. Now even when you try to work around it, it suggests a way to write your code differently. For example : src/frontend.c:187:65: warning: if statement has empty body [-Wempty-body] if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */; ^ src/frontend.c:187:65: note: put the semicolon on a separate line to silence this warning 1 warning generated. This is totally unacceptable, this code already had to be written this way to shut it up in earlier versions. And now it comments the form ? What's the purpose of the C language if you can't write anymore the code that does what you want ? Emeric proposed to just keep a global variable to drain such useless results so that gcc stops complaining all the time it believes people who write code are monkeys. The solution is acceptable because the useless assignment is done only in debug code so it will not impact performance. This patch implements this, until gcc becomes even "smarter" to detect that we tried to cheat.
2013-12-13 09:14:55 -05:00
shut_your_big_mouth_gcc(write(1, trash.str, trash.len));
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
}
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (likely((si_f->state != SI_ST_CLO) ||
(si_b->state > SI_ST_INI && si_b->state < SI_ST_CLO))) {
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if ((sess->fe->options & PR_O_CONTSTATS) && (s->flags & SF_BE_ASSIGNED))
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_process_counters(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MAJOR: stream: use a regular ->update for all stream interfaces Now si->update() is used to update any type of stream interface, whether it's an applet, a connection or even nothing. We don't call si_applet_call() anymore at the end of the resync and we don't have the risk that the stream's task is reinserted into the run queue, which makes the code a bit simpler. The stream_int_update_applet() function was simplified to ensure that it remained compatible with this standardized calling convention. It was almost copy-pasted from the update code dedicated to connections. Just like for si_applet_done(), it seems that it should be possible to merge the two functions except that it would require some slow operations, except maybe if the type of end point is tested inside the update function itself.
2015-04-19 12:13:56 -04:00
if (si_f->state == SI_ST_EST)
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_update(si_f);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MAJOR: stream: use a regular ->update for all stream interfaces Now si->update() is used to update any type of stream interface, whether it's an applet, a connection or even nothing. We don't call si_applet_call() anymore at the end of the resync and we don't have the risk that the stream's task is reinserted into the run queue, which makes the code a bit simpler. The stream_int_update_applet() function was simplified to ensure that it remained compatible with this standardized calling convention. It was almost copy-pasted from the update code dedicated to connections. Just like for si_applet_done(), it seems that it should be possible to merge the two functions except that it would require some slow operations, except maybe if the type of end point is tested inside the update function itself.
2015-04-19 12:13:56 -04:00
if (si_b->state == SI_ST_EST)
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
si_update(si_b);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
req->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_WRITE_NULL|CF_WRITE_PARTIAL|CF_READ_ATTACHED);
res->flags &= ~(CF_READ_NULL|CF_READ_PARTIAL|CF_WRITE_NULL|CF_WRITE_PARTIAL|CF_READ_ATTACHED);
si_f->prev_state = si_f->state;
si_b->prev_state = si_b->state;
si_f->flags &= ~(SI_FL_ERR|SI_FL_EXP);
si_b->flags &= ~(SI_FL_ERR|SI_FL_EXP);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
BUG/MAJOR: session: revert all the crappy client-side timeout changes This is the 3rd regression caused by the changes below. The latest to date was reported by Finn Arne Gangstad. If a server responds with no content-length and the client's FIN is never received, either we leak the client-side FD or we spin at 100% CPU if timeout client-fin is set. Enough is enough. The amount of tricks needed to cover these side-effects starts to look like used toilet paper stacked over a chocolate cake. I don't want to eat that cake anymore! All this to avoid reporting a server-side timeout when a client stops uploading data and haproxy expires faster than the server... A lot of "ifs" resulting in a technically valid log that doesn't always please users, and whose alternative causes that many issues for all others users. So let's revert this crap merged since 1.5-dev25 : Revert "CLEANUP: http: don't clear CF_READ_NOEXP twice" This reverts commit 1592d1e72a4a2d25a554c299ae95a3e6cad80bf1. Revert "BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction" This reverts commit 77d29029af1c44216b190dd7442964b9d8f45257. Revert "BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called" This reverts commit 0943757a2144761c60e416b5ed07baa76934f5a4. Revert "BUG/MEDIUM: http: disable server-side expiration until client has sent the body" This reverts commit 3bed5e9337fd6eeab0f0006ebefcbe98ee5c4f9f. Revert "BUG/MEDIUM: http: correctly report request body timeouts" This reverts commit b9edf8fbecc9d1b5c82794735adcc367a80a4ae2. Revert "BUG/MEDIUM: http/session: disable client-side expiration only after body" This reverts commit b1982e27aaff2a92a389a9f1bc847e3bb8fdb4f2. If a cleaner AND SAFER way to do something equivalent in 1.6-dev, we *might* consider backporting it to 1.5, but given the vicious bugs that have surfaced since, I doubt it will happen any time soon. Fortunately, that crap never made it into 1.4 so no backport is needed.
2014-06-23 09:22:31 -04:00
/* Trick: if a request is being waiting for the server to respond,
* and if we know the server can timeout, we don't want the timeout
* to expire on the client side first, but we're still interested
* in passing data from the client to the server (eg: POST). Thus,
* we can cancel the client's request timeout if the server's
* request timeout is set and the server has not yet sent a response.
*/
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if ((res->flags & (CF_AUTO_CLOSE|CF_SHUTR)) == 0 &&
(tick_isset(req->wex) || tick_isset(res->rex))) {
req->flags |= CF_READ_NOEXP;
req->rex = TICK_ETERNITY;
BUG/MAJOR: session: revert all the crappy client-side timeout changes This is the 3rd regression caused by the changes below. The latest to date was reported by Finn Arne Gangstad. If a server responds with no content-length and the client's FIN is never received, either we leak the client-side FD or we spin at 100% CPU if timeout client-fin is set. Enough is enough. The amount of tricks needed to cover these side-effects starts to look like used toilet paper stacked over a chocolate cake. I don't want to eat that cake anymore! All this to avoid reporting a server-side timeout when a client stops uploading data and haproxy expires faster than the server... A lot of "ifs" resulting in a technically valid log that doesn't always please users, and whose alternative causes that many issues for all others users. So let's revert this crap merged since 1.5-dev25 : Revert "CLEANUP: http: don't clear CF_READ_NOEXP twice" This reverts commit 1592d1e72a4a2d25a554c299ae95a3e6cad80bf1. Revert "BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction" This reverts commit 77d29029af1c44216b190dd7442964b9d8f45257. Revert "BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called" This reverts commit 0943757a2144761c60e416b5ed07baa76934f5a4. Revert "BUG/MEDIUM: http: disable server-side expiration until client has sent the body" This reverts commit 3bed5e9337fd6eeab0f0006ebefcbe98ee5c4f9f. Revert "BUG/MEDIUM: http: correctly report request body timeouts" This reverts commit b9edf8fbecc9d1b5c82794735adcc367a80a4ae2. Revert "BUG/MEDIUM: http/session: disable client-side expiration only after body" This reverts commit b1982e27aaff2a92a389a9f1bc847e3bb8fdb4f2. If a cleaner AND SAFER way to do something equivalent in 1.6-dev, we *might* consider backporting it to 1.5, but given the vicious bugs that have surfaced since, I doubt it will happen any time soon. Fortunately, that crap never made it into 1.4 so no backport is needed.
2014-06-23 09:22:31 -04:00
}
OPTIM: session: don't process the whole session when only timers need a refresh Having a global expiration timer for a task means that the tasks are regularly woken up (at least after each expiration timer). It's totally useless and counter productive to process the whole session upon each such wakeup, and it's fairly easy to detect such wakeups, so let's just update the task's timer and return to sleep when this happens. For 100k concurrent connections with 10s of timeouts, this can save 10k wakeups per second, which is not bad.
2012-11-08 08:49:17 -05:00
update_exp_and_leave:
BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared The previous buffer space bug has revealed an issue causing some stalled connections to remain orphaned forever, preventing an old process from dying. The issue is that once in a while a task may be woken up because a disabled expiration timer has been reached despite no timeout being reached. In this case we exit very early but the SI_FL_DONT_WAKE flag wasn't cleared, resulting in new events not waking the task up. It may be one of the reasons why a few people have already observed some peers connections stuck in CLOSE_WAIT state. This bug was introduced in 1.5-dev13 by commit 798f432 ("OPTIM: session: don't process the whole session when only timers need a refresh"), so the fix must be backported to 1.6 and 1.5.
2016-05-04 04:18:37 -04:00
/* Note: please ensure that if you branch here you disable SI_FL_DONT_WAKE */
MINOR: filters: Add check_timeouts callback to handle timers expiration on streams A filter can now be notified when a stream is woken up because of an expired timer. The documentation and the TRACE filter have been updated.
2016-11-10 08:58:05 -05:00
t->expire = tick_first((tick_is_expired(t->expire, now_ms) ? 0 : t->expire),
tick_first(tick_first(req->rex, req->wex),
tick_first(res->rex, res->wex)));
MINOR: stream: make option contstats usable again Quite a lot of people have been complaining about option contstats not working correctly anymore since about 1.4. The reason was that one reason for the significant performance boost between 1.3 and 1.4 was the ability to forward data between a server and a client without waking up the stream manager. And we couldn't afford to force sessions to constantly wake it up given that most of the people interested in contstats are also those interested in high performance transmission. An idea was experimented with in the past, consisting in limiting the amount of transmissible data before waking it up, but it was not usable on slow connections (eg: FTP over modem lines, RDP, SSH) as stats would be updated too rarely if at all, so that idea was dropped. During a discussion today another idea came up : ensure that stats are updated once in a while, since it's the only thing that matters. It happens that we have the request channel's analyse_exp timeout that is used to wake the stream up after a configured delay, and that by definition this timeout is not used when there's no more analyser (otherwise the stream would wake up and the stats would be updated). Thus here the idea is to reuse this timeout when there's no analyser and set it to now+5 seconds so that a stream wakes up at least once every 5 seconds to update its stats. It should be short enough to provide smooth traffic graphs and to allow to debug outputs of "show sess" more easily without inflicting too much load even for very large number of concurrent connections. This patch is simple enough and safe enough to be backportable to 1.6 if there is some demand.
2016-11-08 16:03:00 -05:00
if (!req->analysers)
req->analyse_exp = TICK_ETERNITY;
if ((sess->fe->options & PR_O_CONTSTATS) && (s->flags & SF_BE_ASSIGNED) &&
(!tick_isset(req->analyse_exp) || tick_is_expired(req->analyse_exp, now_ms)))
req->analyse_exp = tick_add(now_ms, 5000);
t->expire = tick_first(t->expire, req->analyse_exp);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_f->exp)
t->expire = tick_first(t->expire, si_f->exp);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
if (si_b->exp)
t->expire = tick_first(t->expire, si_b->exp);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#ifdef DEBUG_FULL
[BUG] reset the stream_interface connect timeout upon connect or error The stream_interface timeout was not reset upon a connect success or error, leading to busy loops when requeuing tasks in the past. Thanks to Bart Bobrowski for reporting the issue.
2009-03-28 05:47:26 -04:00
fprintf(stderr,
"[%u] queuing with exp=%u req->rex=%u req->wex=%u req->ana_exp=%u"
" rep->rex=%u rep->wex=%u, si[0].exp=%u, si[1].exp=%u, cs=%d, ss=%d\n",
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
now_ms, t->expire, req->rex, req->wex, req->analyse_exp,
res->rex, res->wex, si_f->exp, si_b->exp, si_f->state, si_b->state);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
#endif
#ifdef DEBUG_DEV
/* this may only happen when no timeout is set or in case of an FSM bug */
[CLEANUP] task: distinguish between clock ticks and timers Timers are unsigned and used as tree positions. Ticks are signed and used as absolute date within current time frame. While the two are normally equal (except zero), it's important not to confuse them in the code as they are not interchangeable. We add two inline functions to turn each one into the other. The comments have also been moved to the proper location, as it was not easy to understand what was a tick and what was a timer unit.
2009-03-08 10:53:06 -04:00
if (!tick_isset(t->expire))
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
ABORT_NOW();
#endif
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_release_buffers(s);
[MEDIUM] minor update to the task api: let the scheduler queue itself All the tasks callbacks had to requeue the task themselves, and update a global timeout. This was not convenient at all. Now the API has been simplified. The tasks callbacks only have to update their expire timer, and return either a pointer to the task or NULL if the task has been deleted. The scheduler will take care of requeuing the task at the proper place in the wait queue.
2009-03-08 04:38:41 -04:00
return t; /* nothing more to do */
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
sess->fe->feconn--;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (s->flags & SF_BE_ASSIGNED)
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->be->beconn--;
[MINOR] support a global jobs counter This counter is incremented for each incoming connection and each active listener, and is used to prevent haproxy from stopping upon SIGUSR1. It will thus be possible for some tasks in increment this counter in order to prevent haproxy from dying until they have completed their job.
2010-08-31 09:39:26 -04:00
jobs--;
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
if (sess->listener) {
if (!(sess->listener->options & LI_O_UNLIMITED))
MINOR: session: don't always assume there's a listener For outgoing connections initiated from an applet, there might not be any listener. It's the case with peers, which resort to a hack consisting in making the session's listener point to the peer. This listener is only used for statistics now so it's much easier to check for its presence now.
2014-03-20 10:42:53 -04:00
actconn--;
MEDIUM: stream: move the listener's pointer to the session The listener is session-specific, move it there.
2015-04-03 08:46:27 -04:00
sess->listener->nbconn--;
if (sess->listener->state == LI_FULL)
resume_listener(sess->listener);
MINOR: session: don't always assume there's a listener For outgoing connections initiated from an applet, there might not be any listener. It's the case with peers, which resort to a hack consisting in making the session's listener point to the peer. This listener is only used for statistics now so it's much easier to check for its presence now.
2014-03-20 10:42:53 -04:00
/* Dequeues all of the listeners waiting for a resource */
if (!LIST_ISEMPTY(&global_listener_queue))
dequeue_all_listeners(&global_listener_queue);
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (!LIST_ISEMPTY(&sess->fe->listener_queue) &&
(!sess->fe->fe_sps_lim || freq_ctr_remain(&sess->fe->fe_sess_per_sec, sess->fe->fe_sps_lim, 0) > 0))
dequeue_all_listeners(&sess->fe->listener_queue);
MINOR: session: don't always assume there's a listener For outgoing connections initiated from an applet, there might not be any listener. It's the case with peers, which resort to a hack consisting in making the session's listener point to the peer. This listener is only used for statistics now so it's much easier to check for its presence now.
2014-03-20 10:42:53 -04:00
}
[MEDIUM] listeners: queue proxy-bound listeners at the proxy's All listeners that are limited by a proxy-specific resource are now queued at the proxy's and not globally. This allows finer-grained wakeups when releasing resource.
2011-07-24 17:55:06 -04:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
if (unlikely((global.mode & MODE_DEBUG) &&
(!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)))) {
MEDIUM: make the trash be a chunk instead of a char * The trash is used everywhere to store the results of temporary strings built out of s(n)printf, or as a storage for a chunk when chunks are needed. Using global.tune.bufsize is not the most convenient thing either. So let's replace trash with a chunk and directly use it as such. We can then use trash.size as the natural way to get its size, and get rid of many intermediary chunks that were previously used. The patch is huge because it touches many areas but it makes the code a lot more clear and even outlines places where trash was used without being that obvious.
2012-10-29 11:51:55 -04:00
chunk_printf(&trash, "%08x:%s.closed[%04x:%04x]\n",
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
s->uniq_id, s->be->id,
CLEANUP: session: use local variables to access channels / stream ints In process_session, we had around 300 accesses to channels and stream-ints from the session. Not only this inflates the code due to the large offsets from the original pointer, but readability can be improved. Let's have 4 local variables for the channels and stream-ints.
2014-11-28 09:07:47 -05:00
objt_conn(si_f->end) ? (unsigned short)objt_conn(si_f->end)->t.sock.fd : -1,
objt_conn(si_b->end) ? (unsigned short)objt_conn(si_b->end)->t.sock.fd : -1);
BUILD: definitely silence some stupid GCC warnings It's becoming increasingly difficult to ignore unwanted function returns in debug code with gcc. Now even when you try to work around it, it suggests a way to write your code differently. For example : src/frontend.c:187:65: warning: if statement has empty body [-Wempty-body] if (write(1, trash.str, trash.len) < 0) /* shut gcc warning */; ^ src/frontend.c:187:65: note: put the semicolon on a separate line to silence this warning 1 warning generated. This is totally unacceptable, this code already had to be written this way to shut it up in earlier versions. And now it comments the form ? What's the purpose of the C language if you can't write anymore the code that does what you want ? Emeric proposed to just keep a global variable to drain such useless results so that gcc stops complaining all the time it believes people who write code are monkeys. The solution is acceptable because the useless assignment is done only in debug code so it will not impact performance. This patch implements this, until gcc becomes even "smarter" to detect that we tried to cheat.
2013-12-13 09:14:55 -05:00
shut_your_big_mouth_gcc(write(1, trash.str, trash.len));
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
s->logs.t_close = tv_ms_elapsed(&s->logs.tv_accept, &now);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_process_counters(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
if (s->txn && s->txn->status) {
[MINOR] Collect & provide http response codes for frontends, fix backends This patch extends and corrects the functionality introduced by "Collect & provide http response codes received from servers": - responses are now also accounted for frontends - backend's and frontend's counters are incremented based on responses sent to client, not received from servers
2009-10-24 09:36:15 -04:00
int n;
MAJOR: http: move http_txn out of struct stream Now this one is dynamically allocated. It means that 280 bytes of memory are saved per TCP stream, but more importantly that it will become possible to remove the l7 pointer from fetches and converters since it will be deduced from the stream and will support being null. A lot of care was taken because it's easy to forget a test somewhere, and the previous code used to always trust s->txn for being valid, but all places seem to have been visited. All HTTP fetch functions check the txn first so we shouldn't have any issue there even when called from TCP. When branching from a TCP frontend to an HTTP backend, the txn is properly allocated at the same time as the hdr_idx.
2015-04-03 17:46:31 -04:00
n = s->txn->status / 100;
[MINOR] Collect & provide http response codes for frontends, fix backends This patch extends and corrects the functionality introduced by "Collect & provide http response codes received from servers": - responses are now also accounted for frontends - backend's and frontend's counters are incremented based on responses sent to client, not received from servers
2009-10-24 09:36:15 -04:00
if (n < 1 || n > 5)
n = 0;
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (sess->fe->mode == PR_MODE_HTTP) {
sess->fe->fe_counters.p.http.rsp[n]++;
MINOR: stats: report the total number of compressed responses per front/back Depending on the content-types and accept-encoding fields, some responses might or might not be compressed. Let's have a counter of the number of compressed responses and report it in the stats to help improve compression usage. Some cosmetic issues were fixed in the CSV output too (missing commas at the end).
2012-11-24 08:54:13 -05:00
}
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if ((s->flags & SF_BE_ASSIGNED) &&
MINOR: stats: report the total number of compressed responses per front/back Depending on the content-types and accept-encoding fields, some responses might or might not be compressed. Let's have a counter of the number of compressed responses and report it in the stats to help improve compression usage. Some cosmetic issues were fixed in the CSV output too (missing commas at the end).
2012-11-24 08:54:13 -05:00
(s->be->mode == PR_MODE_HTTP)) {
[MEDIUM] stats: split frontend and backend stats It's very annoying that frontend and backend stats are merged because we don't know what we're observing. For instance, if a "listen" instance makes use of a distinct backend, it's impossible to know what the bytes_out means. Some points take care of not updating counters twice if the backend points to the frontend, indicating a "listen" instance. The thing becomes more complex when we try to add support for server side keep-alive, because we have to maintain a pointer to the backend used for last request, and to update its stats. But we can't perform such comparisons anymore because the counters will not match anymore. So in order to get rid of this situation, let's have both frontend AND backend stats in the "struct proxy". We simply update the relevant ones during activity. Some of them are only accounted for in the backend, while others are just for frontend. Maybe we can improve a bit on that later, but the essential part is that those counters now reflect what they really mean.
2011-03-10 17:25:56 -05:00
s->be->be_counters.p.http.rsp[n]++;
MINOR: stats: report the total number of compressed responses per front/back Depending on the content-types and accept-encoding fields, some responses might or might not be compressed. Let's have a counter of the number of compressed responses and report it in the stats to help improve compression usage. Some cosmetic issues were fixed in the CSV output too (missing commas at the end).
2012-11-24 08:54:13 -05:00
s->be->be_counters.p.http.cum_req++;
}
[MINOR] Collect & provide http response codes for frontends, fix backends This patch extends and corrects the functionality introduced by "Collect & provide http response codes received from servers": - responses are now also accounted for frontends - backend's and frontend's counters are incremented based on responses sent to client, not received from servers
2009-10-24 09:36:15 -04:00
}
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* let's do a final log if we need it */
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
if (!LIST_ISEMPTY(&sess->fe->logformat) && s->logs.logwait &&
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
!(s->flags & SF_MONITOR) &&
MEDIUM: stream: move the frontend's pointer to the session Just like for the listener, the frontend is session-wide so let's move it to the session. There are a lot of places which were changed but the changes are minimal in fact.
2015-04-03 09:40:56 -04:00
(!(sess->fe->options & PR_O_NULLNOLOG) || req->total)) {
[MINOR] call session->do_log() for logging In order to avoid having to call per-protocol logging function directly from session.c, it's better to assign the logging function when the session is created. This also eliminates a test when the function is needed, and opens the way to more complete logging functions.
2008-11-30 13:02:32 -05:00
s->do_log(s);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* update time stats for this stream */
stream_update_time_stats(s);
MEDIUM: session: maintain per-backend and per-server time statistics Using the last rate counters, we now compute the queue, connect, response and total times per server and per backend with a 95% accuracy over the last 1024 samples. The operation is cheap so we don't need to condition it.
2014-06-17 06:19:18 -04:00
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
/* the task MUST not be in the run queue anymore */
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_free(s);
[MEDIUM] minor update to the task api: let the scheduler queue itself All the tasks callbacks had to requeue the task themselves, and update a global timeout. This was not convenient at all. Now the API has been simplified. The tasks callbacks only have to update their expire timer, and return either a pointer to the task or NULL if the task has been deleted. The scheduler will take care of requeuing the task at the proper place in the wait queue.
2009-03-08 04:38:41 -04:00
task_delete(t);
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
task_free(t);
[MEDIUM] minor update to the task api: let the scheduler queue itself All the tasks callbacks had to requeue the task themselves, and update a global timeout. This was not convenient at all. Now the API has been simplified. The tasks callbacks only have to update their expire timer, and return either a pointer to the task or NULL if the task has been deleted. The scheduler will take care of requeuing the task at the proper place in the wait queue.
2009-03-08 04:38:41 -04:00
return NULL;
[CLEANUP] move the session-related functions to session.c proto_http.c was not suitable for session-related processing, it was just convenient for the tranformation. Some more splitting must occur: process_request/response in proto_http.c must be split again per protocol, and the caller must run a list. Some functions should be directly attached to the session or the buffer (eg: perform_http_redirect, return_srv_error, http_sess_log).
2008-11-30 12:47:21 -05:00
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Update the stream's backend and server time stats */
void stream_update_time_stats(struct stream *s)
MEDIUM: session: maintain per-backend and per-server time statistics Using the last rate counters, we now compute the queue, connect, response and total times per server and per backend with a 95% accuracy over the last 1024 samples. The operation is cheap so we don't need to condition it.
2014-06-17 06:19:18 -04:00
{
int t_request;
int t_queue;
int t_connect;
int t_data;
int t_close;
struct server *srv;
t_request = 0;
t_queue = s->logs.t_queue;
t_connect = s->logs.t_connect;
t_close = s->logs.t_close;
t_data = s->logs.t_data;
if (s->be->mode != PR_MODE_HTTP)
t_data = t_connect;
if (t_connect < 0 || t_data < 0)
return;
if (tv_isge(&s->logs.tv_request, &s->logs.tv_accept))
t_request = tv_ms_elapsed(&s->logs.tv_accept, &s->logs.tv_request);
t_data -= t_connect;
t_connect -= t_queue;
t_queue -= t_request;
srv = objt_server(s->target);
if (srv) {
swrate_add(&srv->counters.q_time, TIME_STATS_SAMPLES, t_queue);
swrate_add(&srv->counters.c_time, TIME_STATS_SAMPLES, t_connect);
swrate_add(&srv->counters.d_time, TIME_STATS_SAMPLES, t_data);
swrate_add(&srv->counters.t_time, TIME_STATS_SAMPLES, t_close);
}
swrate_add(&s->be->be_counters.q_time, TIME_STATS_SAMPLES, t_queue);
swrate_add(&s->be->be_counters.c_time, TIME_STATS_SAMPLES, t_connect);
swrate_add(&s->be->be_counters.d_time, TIME_STATS_SAMPLES, t_data);
swrate_add(&s->be->be_counters.t_time, TIME_STATS_SAMPLES, t_close);
}
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
/*
* This function adjusts sess->srv_conn and maintains the previous and new
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* server's served stream counts. Setting newsrv to NULL is enough to release
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
* current connection slot. This function also notifies any LB algo which might
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* expect to be informed about any change in the number of active streams on a
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
* server.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void sess_change_server(struct stream *sess, struct server *newsrv)
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
{
if (sess->srv_conn == newsrv)
return;
if (sess->srv_conn) {
sess->srv_conn->served--;
MINOR: proxy: add 'served' field to proxy, equal to total of all servers' This will allow lb_chash to determine the total active sessions for a proxy without any computation. Signed-off-by: Andrew Rodland <andrewr@vimeo.com>
2016-10-25 12:48:17 -04:00
sess->srv_conn->proxy->served--;
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
if (sess->srv_conn->proxy->lbprm.server_drop_conn)
sess->srv_conn->proxy->lbprm.server_drop_conn(sess->srv_conn);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_del_srv_conn(sess);
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
}
if (newsrv) {
newsrv->served++;
MINOR: proxy: add 'served' field to proxy, equal to total of all servers' This will allow lb_chash to determine the total active sessions for a proxy without any computation. Signed-off-by: Andrew Rodland <andrewr@vimeo.com>
2016-10-25 12:48:17 -04:00
newsrv->proxy->served++;
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
if (newsrv->proxy->lbprm.server_take_conn)
newsrv->proxy->lbprm.server_take_conn(newsrv);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream_add_srv_conn(sess, newsrv);
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
}
}
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
/* Handle server-side errors for default protocols. It is called whenever a a
* connection setup is aborted or a request is aborted in queue. It sets the
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* stream termination flags so that the caller does not have to worry about
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
* them. It's installed as ->srv_error for the server-side stream_interface.
*/
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void default_srv_error(struct stream *s, struct stream_interface *si)
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
{
int err_type = si->err_type;
int err = 0, fin = 0;
if (err_type & SI_ET_QUEUE_ABRT) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_CLICL;
fin = SF_FINST_Q;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
else if (err_type & SI_ET_CONN_ABRT) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_CLICL;
fin = SF_FINST_C;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
else if (err_type & SI_ET_QUEUE_TO) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_SRVTO;
fin = SF_FINST_Q;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
else if (err_type & SI_ET_QUEUE_ERR) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_SRVCL;
fin = SF_FINST_Q;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
else if (err_type & SI_ET_CONN_TO) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_SRVTO;
fin = SF_FINST_C;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
else if (err_type & SI_ET_CONN_ERR) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_SRVCL;
fin = SF_FINST_C;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
MINOR: stream_interface: add reporting of ressouce allocation errors SSL and keep-alive will need to be able to fail on allocation errors, and the stream interface did not allow to report such a cause. The flag will then be "RC" as already documented.
2012-05-14 06:11:47 -04:00
else if (err_type & SI_ET_CONN_RES) {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_RESOURCE;
fin = SF_FINST_C;
MINOR: stream_interface: add reporting of ressouce allocation errors SSL and keep-alive will need to be able to fail on allocation errors, and the stream interface did not allow to report such a cause. The flag will then be "RC" as already documented.
2012-05-14 06:11:47 -04:00
}
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
else /* SI_ET_CONN_OTHER and others */ {
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
err = SF_ERR_INTERNAL;
fin = SF_FINST_C;
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
}
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_ERR_MASK))
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
s->flags |= err;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(s->flags & SF_FINST_MASK))
[BUG] session: errors were not reported in termination flags in TCP mode In order to get termination flags properly updated, the session was relying a bit too much on http_return_srv_error() which is http-centric. A generic srv_error function was implemented in the session in order to catch all connection abort situations. It was then noticed that a request abort during a connection attempt was not reported, which is now fixed. Read and write errors/timeouts were not logged either. It was necessary to add those tests at 4 new locations. Now it looks like everything is correctly logged. Most likely some error checking code could now be removed from some analysers.
2009-03-15 17:34:05 -04:00
s->flags |= fin;
}
[BUG] fix the dequeuing logic to ensure that all requests get served The dequeuing logic was completely wrong. First, a task was assigned to all servers to process the queue, but this task was never scheduled and was only woken up on session free. Second, there was no reservation of server entries when a task was assigned a server. This means that as long as the task was not connected to the server, its presence was not accounted for. This was causing trouble when detecting whether or not a server had reached maxconn. Third, during a redispatch, a session could lose its place at the server's and get blocked because another session at the same moment would have stolen the entry. Fourth, the redispatch option did not work when maxqueue was reached for a server, and it was not possible to do so without indefinitely hanging a session. The root cause of all those problems was the lack of pre-reservation of connections at the server's, and the lack of tracking of servers during a redispatch. Everything relied on combinations of flags which could appear similarly in quite distinct situations. This patch is a major rework but there was no other solution, as the internal logic was deeply flawed. The resulting code is cleaner, more understandable, uses less magics and is overall more robust. As an added bonus, "option redispatch" now works when maxqueue has been reached on a server.
2008-06-20 09:04:11 -04:00
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
/* kill a stream and set the termination flags to <why> (one of SF_ERR_*) */
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
void stream_shutdown(struct stream *stream, int why)
[MEDIUM] session: make session_shutdown() an independant function We already had the ability to kill a connection, but it was only for the checks. Now we can do this for any session, and for this we add a specific flag "K" to the logs.
2011-09-07 17:01:56 -04:00
{
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
if (stream->req.flags & (CF_SHUTW|CF_SHUTW_NOW))
[MEDIUM] session: make session_shutdown() an independant function We already had the ability to kill a connection, but it was only for the checks. Now we can do this for any session, and for this we add a specific flag "K" to the logs.
2011-09-07 17:01:56 -04:00
return;
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
channel_shutw_now(&stream->req);
channel_shutr_now(&stream->res);
stream->task->nice = 1024;
REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* This is in order to keep things consistent.
2015-04-02 19:14:29 -04:00
if (!(stream->flags & SF_ERR_MASK))
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
stream->flags |= why;
task_wakeup(stream->task, TASK_WOKEN_OTHER);
[MEDIUM] session: make session_shutdown() an independant function We already had the ability to kill a connection, but it was only for the checks. Now we can do this for any session, and for this we add a specific flag "K" to the logs.
2011-09-07 17:01:56 -04:00
}
[MAJOR] session: add track-counters to track counters related to the session This patch adds the ability to set a pointer in the session to an entry in a stick table which holds various counters related to a specific pattern. Right now the syntax matches the target syntax and only the "src" pattern can be specified, to track counters related to the session's IPv4 source address. There is a special function to extract it and convert it to a key. But the goal is to be able to later support as many patterns as for the stick rules, and get rid of the specific function. The "track-counters" directive may only be set in a "tcp-request" statement right now. Only the first one applies. Probably that later we'll support multi-criteria tracking for a single session and that we'll have to name tracking pointers. No counter is updated right now, only the refcount is. Some subsequent patches will have to bring that feature.
2010-06-14 15:04:55 -04:00
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
/************************************************************************/
/* All supported ACL keywords must be declared here. */
/************************************************************************/
MEDIUM: counters: support passing the counter number as a fetch argument One very annoying issue when trying to extend the sticky counters beyond the current 3 counters is that it requires a massive copy-paste of fetch functions (we don't have to copy-paste code anymore), just so that the fetch names exist. So let's have an alternate form like "sc_*(num)" to allow passing the counter number as an argument without having to redefine new fetch names. The MAX_SESS_STKCTR macro defines the number of usable sticky counters, which defaults to 3.
2013-07-23 13:33:46 -04:00
/* Returns a pointer to a stkctr depending on the fetch keyword name.
* It is designed to be called as sc[0-9]_* sc_* or src_* exclusively.
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
* sc[0-9]_* will return a pointer to the respective field in the
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* stream <l4>. sc_* requires an UINT argument specifying the stick
MEDIUM: counters: support passing the counter number as a fetch argument One very annoying issue when trying to extend the sticky counters beyond the current 3 counters is that it requires a massive copy-paste of fetch functions (we don't have to copy-paste code anymore), just so that the fetch names exist. So let's have an alternate form like "sc_*(num)" to allow passing the counter number as an argument without having to redefine new fetch names. The MAX_SESS_STKCTR macro defines the number of usable sticky counters, which defaults to 3.
2013-07-23 13:33:46 -04:00
* counter number. src_* will fill a locally allocated structure with
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
* the table and entry corresponding to what is specified with src_*.
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
* NULL may be returned if the designated stkctr is not tracked. For
* the sc_* and sc[0-9]_* forms, an optional table argument may be
* passed. When present, the currently tracked key is then looked up
* in the specified table instead of the current table. The purpose is
* to be able to convery multiple values per key (eg: have gpc0 from
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
* multiple tables). <strm> is allowed to be NULL, in which case only
* the session will be consulted.
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
*/
MINOR: session: export the function 'smp_fetch_sc_stkctr' This one is sometimes useful outside of this file.
2014-07-15 13:06:18 -04:00
struct stkctr *
MAJOR: sample: pass a pointer to the session to each sample fetch function Many such function need a session, and till now they used to dereference the stream. Once we remove the stream from the embryonic session, this will not be possible anymore. So as of now, sample fetch functions will be called with this : - sess = NULL, strm = NULL : never - sess = valid, strm = NULL : tcp-req connection - sess = valid, strm = valid, strm->txn = NULL : tcp-req content - sess = valid, strm = valid, strm->txn = valid : http-req / http-res
2015-04-03 19:47:55 -04:00
smp_fetch_sc_stkctr(struct session *sess, struct stream *strm, const struct arg *args, const char *kw)
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
{
static struct stkctr stkctr;
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
struct stkctr *stkptr;
BUG/MAJOR: counters: check for null-deref when looking up an alternate table Constructions such as sc0_get_gpc0(foo) allow to look up the same key as the current key but in an alternate table. A check was missing to ensure we already have a key, resulting in a crash if this lookup is performed before the associated track-sc rule. This bug was reported on the mailing list by Neil@iamafreeman and narrowed down further by Lukas Tribus and Thierry Fournier. This bug was introduced in 1.5-dev20 by commit "0f791d4 MEDIUM: counters: support looking up a key in an alternate table".
2014-04-09 07:25:42 -04:00
struct stksess *stksess;
MEDIUM: counters: support passing the counter number as a fetch argument One very annoying issue when trying to extend the sticky counters beyond the current 3 counters is that it requires a massive copy-paste of fetch functions (we don't have to copy-paste code anymore), just so that the fetch names exist. So let's have an alternate form like "sc_*(num)" to allow passing the counter number as an argument without having to redefine new fetch names. The MAX_SESS_STKCTR macro defines the number of usable sticky counters, which defaults to 3.
2013-07-23 13:33:46 -04:00
unsigned int num = kw[2] - '0';
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
int arg = 0;
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
if (num == '_' - '0') {
/* sc_* variant, args[0] = ctr# (mandatory) */
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
num = args[arg++].data.sint;
MEDIUM: counters: support passing the counter number as a fetch argument One very annoying issue when trying to extend the sticky counters beyond the current 3 counters is that it requires a massive copy-paste of fetch functions (we don't have to copy-paste code anymore), just so that the fetch names exist. So let's have an alternate form like "sc_*(num)" to allow passing the counter number as an argument without having to redefine new fetch names. The MAX_SESS_STKCTR macro defines the number of usable sticky counters, which defaults to 3.
2013-07-23 13:33:46 -04:00
if (num >= MAX_SESS_STKCTR)
return NULL;
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
}
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
else if (num > 9) { /* src_* variant, args[0] = table */
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
struct stktable_key *key;
MEDIUM: session: use the pointer to the origin instead of s->si[0].end When s->si[0].end was dereferenced as a connection or anything in order to retrieve information about the originating session, we'll now use sess->origin instead so that when we have to chain multiple streams in HTTP/2, we'll keep accessing the same origin.
2015-04-03 13:19:59 -04:00
struct connection *conn = objt_conn(sess->origin);
MAJOR: stick-tables: remove key storage from the key struct Now, the key struct only points to the storage provided by the sample as input.
2015-07-24 13:31:59 -04:00
struct sample smp;
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
if (!conn)
return NULL;
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
MAJOR: stick-tables: remove key storage from the key struct Now, the key struct only points to the storage provided by the sample as input.
2015-07-24 13:31:59 -04:00
/* Fetch source adress in a sample. */
smp.px = NULL;
smp.sess = sess;
smp.strm = strm;
if (!smp_fetch_src(NULL, &smp, NULL, NULL))
return NULL;
/* Converts into key. */
key = smp_to_stkey(&smp, &args->data.prx->table);
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
if (!key)
return NULL;
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
stkctr.table = &args->data.prx->table;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
stkctr_set_entry(&stkctr, stktable_lookup_key(stkctr.table, key));
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
return &stkctr;
}
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
/* Here, <num> contains the counter number from 0 to 9 for
* the sc[0-9]_ form, or even higher using sc_(num) if needed.
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
* args[arg] is the first optional argument. We first lookup the
* ctr form the stream, then from the session if it was not there.
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
*/
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state. The sc_* sample fetch can work without the struct strm, because the tracked counters are also stored in the session. So, this patchs removes the check for the strm existance. This bug is recent and was introduced in 1.7-dev2 by commit 6204cd9 ("BUG/MAJOR: vars: always retrieve the stream and session from the sample") This bugfix must be backported in 1.6.
2016-03-29 15:27:36 -04:00
if (strm)
stkptr = &strm->stkctr[num];
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
if (!strm || !stkctr_entry(stkptr)) {
stkptr = &sess->stkctr[num];
if (!stkctr_entry(stkptr))
return NULL;
}
stksess = stkctr_entry(stkptr);
BUG/MAJOR: counters: check for null-deref when looking up an alternate table Constructions such as sc0_get_gpc0(foo) allow to look up the same key as the current key but in an alternate table. A check was missing to ensure we already have a key, resulting in a crash if this lookup is performed before the associated track-sc rule. This bug was reported on the mailing list by Neil@iamafreeman and narrowed down further by Lukas Tribus and Thierry Fournier. This bug was introduced in 1.5-dev20 by commit "0f791d4 MEDIUM: counters: support looking up a key in an alternate table".
2014-04-09 07:25:42 -04:00
if (!stksess)
return NULL;
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
if (unlikely(args[arg].type == ARGT_TAB)) {
/* an alternate table was specified, let's look up the same key there */
stkctr.table = &args[arg].data.prx->table;
BUG/MAJOR: counters: check for null-deref when looking up an alternate table Constructions such as sc0_get_gpc0(foo) allow to look up the same key as the current key but in an alternate table. A check was missing to ensure we already have a key, resulting in a crash if this lookup is performed before the associated track-sc rule. This bug was reported on the mailing list by Neil@iamafreeman and narrowed down further by Lukas Tribus and Thierry Fournier. This bug was introduced in 1.5-dev20 by commit "0f791d4 MEDIUM: counters: support looking up a key in an alternate table".
2014-04-09 07:25:42 -04:00
stkctr_set_entry(&stkctr, stktable_lookup(stkctr.table, stksess));
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
return &stkctr;
}
MEDIUM: streams: support looking up stkctr in the session In order to support sessions tracking counters, we first ensure that there is no overlap between streams' stkctr and sessions', and we allow an automatic lookup into the session's counters when the stream doesn't have a counter or when the stream doesn't exist during an access via a sample fetch. The functions used to update the stream counters only update them and not the session counters however.
2015-04-04 10:29:12 -04:00
return stkptr;
MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. This function aims at simplifying the prefetching of the table and entry when using any of the session counters fetches. The principle is that the src_* variant produces a stkctr that is used instead of the one from the session. That way we can call the same function from all session counter fetch functions and always have a single function to support sc[0-9]_/src_.
2013-07-22 16:40:11 -04:00
}
BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry During 1.5-dev20 there was some code refactoring to make the src_* fetch function use the same code as sc_*. Unfortunately this introduced a regression where src_* doesn't create an entry anymore if it does not exist in the table. The reason is that smp_fetch_sc_stkctr() only calls stktable_lookup_key() while src_inc_*/src_clr_* used to make use of stktable_update_key() which additionally create the entry if it does not exist. There's no point modifying the common function for these two exceptions, so instead we now have a function dedicated to the creation of this entry for src_* only. It is called when the entry didn't exist, so that requires minimal modifications to existing code. Thanks to Thierry Fournier for helping diagnose the issue. This fix must be backported to 1.5.
2015-08-18 11:15:20 -04:00
/* same as smp_fetch_sc_stkctr() but dedicated to src_* and can create
* the entry if it doesn't exist yet. This is needed for a few fetch
* functions which need to create an entry, such as src_inc_gpc* and
* src_clr_gpc*.
*/
struct stkctr *
smp_create_src_stkctr(struct session *sess, struct stream *strm, const struct arg *args, const char *kw)
{
static struct stkctr stkctr;
struct stktable_key *key;
struct connection *conn = objt_conn(sess->origin);
MAJOR: stick-tables: remove key storage from the key struct Now, the key struct only points to the storage provided by the sample as input.
2015-07-24 13:31:59 -04:00
struct sample smp;
BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry During 1.5-dev20 there was some code refactoring to make the src_* fetch function use the same code as sc_*. Unfortunately this introduced a regression where src_* doesn't create an entry anymore if it does not exist in the table. The reason is that smp_fetch_sc_stkctr() only calls stktable_lookup_key() while src_inc_*/src_clr_* used to make use of stktable_update_key() which additionally create the entry if it does not exist. There's no point modifying the common function for these two exceptions, so instead we now have a function dedicated to the creation of this entry for src_* only. It is called when the entry didn't exist, so that requires minimal modifications to existing code. Thanks to Thierry Fournier for helping diagnose the issue. This fix must be backported to 1.5.
2015-08-18 11:15:20 -04:00
if (strncmp(kw, "src_", 4) != 0)
return NULL;
if (!conn)
return NULL;
MAJOR: stick-tables: remove key storage from the key struct Now, the key struct only points to the storage provided by the sample as input.
2015-07-24 13:31:59 -04:00
/* Fetch source adress in a sample. */
smp.px = NULL;
smp.sess = sess;
smp.strm = strm;
if (!smp_fetch_src(NULL, &smp, NULL, NULL))
return NULL;
/* Converts into key. */
key = smp_to_stkey(&smp, &args->data.prx->table);
BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry During 1.5-dev20 there was some code refactoring to make the src_* fetch function use the same code as sc_*. Unfortunately this introduced a regression where src_* doesn't create an entry anymore if it does not exist in the table. The reason is that smp_fetch_sc_stkctr() only calls stktable_lookup_key() while src_inc_*/src_clr_* used to make use of stktable_update_key() which additionally create the entry if it does not exist. There's no point modifying the common function for these two exceptions, so instead we now have a function dedicated to the creation of this entry for src_* only. It is called when the entry didn't exist, so that requires minimal modifications to existing code. Thanks to Thierry Fournier for helping diagnose the issue. This fix must be backported to 1.5.
2015-08-18 11:15:20 -04:00
if (!key)
return NULL;
stkctr.table = &args->data.prx->table;
stkctr_set_entry(&stkctr, stktable_update_key(stkctr.table, key));
return &stkctr;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set return a boolean indicating if the requested stream counter is
MINOR: counters: factor out smp_fetch_sc*_tracked The new function makes use of the sc# in the keyword to get the counter ID.
2013-07-22 12:29:29 -04:00
* currently being tracked or not.
* Supports being called as "sc[0-9]_tracked" only.
*/
MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked Sometimes we'd like to know if a counter is being tracked before adding a header to an outgoing request. These ones do that.
2013-06-03 09:15:22 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_tracked(const struct arg *args, struct sample *smp, const char *kw, void *private)
MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked Sometimes we'd like to know if a counter is being tracked before adding a header to an outgoing request. These ones do that.
2013-06-03 09:15:22 -04:00
{
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_BOOL;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = !!smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked Sometimes we'd like to know if a counter is being tracked before adding a header to an outgoing request. These ones do that.
2013-06-03 09:15:22 -04:00
return 1;
}
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
/* set <smp> to the General Purpose Flag 0 value from the stream's tracked
* frontend counters or from the src.
* Supports being called as "sc[0-9]_get_gpc0" or "src_get_gpt0" only. Value
* zero is returned if the key is new.
*/
static int
smp_fetch_sc_get_gpt0(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
if (!stkctr)
return 0;
smp->flags = SMP_F_VOL_TEST;
smp->data.type = SMP_T_SINT;
smp->data.u.sint = 0;
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPT0);
if (!ptr)
return 0; /* parameter not stored */
smp->data.u.sint = stktable_data_cast(ptr, gpt0);
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the General Purpose Counter 0 value from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 smp_fetch_sc0_get_gpc0, smp_fetch_sc1_get_gpc0, smp_fetch_sc2_get_gpc0, smp_fetch_src_get_gpc0 and smp_fetch_get_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 13:46:52 -04:00
* frontend counters or from the src.
* Supports being called as "sc[0-9]_get_gpc0" or "src_get_gpc0" only. Value
* zero is returned if the key is new.
*/
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_get_gpc0(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 smp_fetch_sc0_get_gpc0, smp_fetch_sc1_get_gpc0, smp_fetch_sc2_get_gpc0, smp_fetch_src_get_gpc0 and smp_fetch_get_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 13:46:52 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 smp_fetch_sc0_get_gpc0, smp_fetch_sc1_get_gpc0, smp_fetch_sc2_get_gpc0, smp_fetch_src_get_gpc0 and smp_fetch_get_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 13:46:52 -04:00
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPC0);
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, gpc0);
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the General Purpose Counter 0's event rate from the stream's
MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate smp_fetch_sc0_gpc0, smp_fetch_sc1_gpc0, smp_fetch_sc2_gpc0, smp_fetch_src_gpc0 and smp_fetch_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 17:47:07 -04:00
* tracked frontend counters or from the src.
* Supports being called as "sc[0-9]_gpc0_rate" or "src_gpc0_rate" only.
* Value zero is returned if the key is new.
*/
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_gpc0_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate smp_fetch_sc0_gpc0, smp_fetch_sc1_gpc0, smp_fetch_sc2_gpc0, smp_fetch_src_gpc0 and smp_fetch_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 17:47:07 -04:00
if (!stkctr)
return 0;
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPC0_RATE);
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, gpc0_rate),
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
stkctr->table->data_arg[STKTABLE_DT_GPC0_RATE].u);
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Increment the General Purpose Counter 0 value from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 smp_fetch_sc0_inc_gpc0, smp_fetch_sc1_inc_gpc0, smp_fetch_sc2_inc_gpc0, smp_fetch_src_inc_gpc0 and smp_fetch_inc_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:07:04 -04:00
* frontend counters and return it into temp integer.
* Supports being called as "sc[0-9]_inc_gpc0" or "src_inc_gpc0" only.
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_inc_gpc0(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 smp_fetch_sc0_inc_gpc0, smp_fetch_sc1_inc_gpc0, smp_fetch_sc2_inc_gpc0, smp_fetch_src_inc_gpc0 and smp_fetch_inc_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:07:04 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry During 1.5-dev20 there was some code refactoring to make the src_* fetch function use the same code as sc_*. Unfortunately this introduced a regression where src_* doesn't create an entry anymore if it does not exist in the table. The reason is that smp_fetch_sc_stkctr() only calls stktable_lookup_key() while src_inc_*/src_clr_* used to make use of stktable_update_key() which additionally create the entry if it does not exist. There's no point modifying the common function for these two exceptions, so instead we now have a function dedicated to the creation of this entry for src_* only. It is called when the entry didn't exist, so that requires minimal modifications to existing code. Thanks to Thierry Fournier for helping diagnose the issue. This fix must be backported to 1.5.
2015-08-18 11:15:20 -04:00
if (stkctr_entry(stkctr) == NULL)
stkctr = smp_create_src_stkctr(smp->sess, smp->strm, args, kw);
BUG/MEDIUM: sticktables: segfault in some configuration error cases When a stick table is tracked, and another one is used later on the configuration, a segfault occurs. The function "smp_create_src_stkctr" can return a NULL value, and its value is not tested, so one other function try to dereference a NULL pointer. This patch just add a verification of the NULL pointer. The problem is reproduced with this configuration: listen www mode http bind :12345 tcp-request content track-sc0 src table IPv4 http-request allow if { sc0_inc_gpc0(IPv6) gt 0 } server dummy 127.0.0.1:80 backend IPv4 stick-table type ip size 10 expire 60s store gpc0 backend IPv6 stick-table type ipv6 size 10 expire 60s store gpc0 Thank to kabefuna@gmail.com for the bug report. This patch must be backported in the 1.6 and 1.5 version.
2016-06-06 12:28:05 -04:00
if (stkctr && stkctr_entry(stkctr)) {
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
void *ptr1,*ptr2;
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
/* First, update gpc0_rate if it's tracked. Second, update its
* gpc0 if tracked. Returns gpc0's value otherwise the curr_ctr.
*/
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr1 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPC0_RATE);
if (ptr1) {
update_freq_ctr_period(&stktable_data_cast(ptr1, gpc0_rate),
MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 smp_fetch_sc0_inc_gpc0, smp_fetch_sc1_inc_gpc0, smp_fetch_sc2_inc_gpc0, smp_fetch_src_inc_gpc0 and smp_fetch_inc_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:07:04 -04:00
stkctr->table->data_arg[STKTABLE_DT_GPC0_RATE].u, 1);
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = (&stktable_data_cast(ptr1, gpc0_rate))->curr_ctr;
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
}
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
ptr2 = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPC0);
if (ptr2)
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ++stktable_data_cast(ptr2, gpc0);
MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables This counter is special in that instead of reporting the gpc0 cumulative count, it returns its increase rate over the configured period.
2013-05-29 09:54:14 -04:00
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
/* If data was modified, we need to touch to re-schedule sync */
if (ptr1 || ptr2)
stktable_touch(stkctr->table, stkctr_entry(stkctr), 1);
[MINOR] session-counters: add a general purpose counter (gpc0) This counter may be used to track anything. Two sets of ACLs are available to manage it, one gets its value, and the other one increments its value and returns it. In the second case, the entry is created if it did not exist. Thus it is possible for example to mark a source as being an abuser and to keep it marked as long as it does not wait for the entry to expire : # The rules below use gpc0 to track abusers, and reject them if # a source has been marked as such. The track-counters statement # automatically refreshes the entry which will not expire until a # 1-minute silence is respected from the source. The second rule # evaluates the second part if the first one is true, so GPC0 will # be increased once the conn_rate is above 100/5s. stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request track-counters src tcp-request reject if { trk_get_gpc0 gt 0 } tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} Alternatively, it is possible to let the entry expire even in presence of traffic by swapping the check for gpc0 and the track-counters statement : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 100 } { trk_inc_gpc0 gt 0} It is also possible not to track counters at all, but entry lookups will then be performed more often : stick-table type ip size 200k expire 1m store conn_rate(5s),gpc0 tcp-request reject if { src_get_gpc0 gt 0 } tcp-request reject if { src_conn_rate gt 100 } { src_inc_gpc0 gt 0} The '0' at the end of the counter name is there because if we find that more counters may be useful, other ones will be added.
2010-06-20 06:47:25 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* Clear the General Purpose Counter 0 value from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 smp_fetch_sc0_clr_gpc0, smp_fetch_sc1_clr_gpc0, smp_fetch_sc2_clr_gpc0, smp_fetch_src_clr_gpc0 and smp_fetch_clr_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:10:35 -04:00
* frontend counters and return its previous value into temp integer.
* Supports being called as "sc[0-9]_clr_gpc0" or "src_clr_gpc0" only.
[MINOR] session-counters: add the ability to clear the counters Sometimes it can be useful to reset a counter : one condition increments it and another one resets it. It can be used to better detect abuses.
2011-08-12 19:45:16 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_clr_gpc0(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session-counters: add the ability to clear the counters Sometimes it can be useful to reset a counter : one condition increments it and another one resets it. It can be used to better detect abuses.
2011-08-12 19:45:16 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 smp_fetch_sc0_clr_gpc0, smp_fetch_sc1_clr_gpc0, smp_fetch_sc2_clr_gpc0, smp_fetch_src_clr_gpc0 and smp_fetch_clr_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:10:35 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 smp_fetch_sc0_clr_gpc0, smp_fetch_sc1_clr_gpc0, smp_fetch_sc2_clr_gpc0, smp_fetch_src_clr_gpc0 and smp_fetch_clr_gpc0 were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:10:35 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry During 1.5-dev20 there was some code refactoring to make the src_* fetch function use the same code as sc_*. Unfortunately this introduced a regression where src_* doesn't create an entry anymore if it does not exist in the table. The reason is that smp_fetch_sc_stkctr() only calls stktable_lookup_key() while src_inc_*/src_clr_* used to make use of stktable_update_key() which additionally create the entry if it does not exist. There's no point modifying the common function for these two exceptions, so instead we now have a function dedicated to the creation of this entry for src_* only. It is called when the entry didn't exist, so that requires minimal modifications to existing code. Thanks to Thierry Fournier for helping diagnose the issue. This fix must be backported to 1.5.
2015-08-18 11:15:20 -04:00
if (stkctr_entry(stkctr) == NULL)
stkctr = smp_create_src_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_GPC0);
[MINOR] session-counters: add the ability to clear the counters Sometimes it can be useful to reset a counter : one condition increments it and another one resets it. It can be used to better detect abuses.
2011-08-12 19:45:16 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, gpc0);
[MINOR] session-counters: add the ability to clear the counters Sometimes it can be useful to reset a counter : one condition increments it and another one resets it. It can be used to better detect abuses.
2011-08-12 19:45:16 -04:00
stktable_data_cast(ptr, gpc0) = 0;
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
/* If data was modified, we need to touch to re-schedule sync */
stktable_touch(stkctr->table, stkctr_entry(stkctr), 1);
[MINOR] session-counters: add the ability to clear the counters Sometimes it can be useful to reset a counter : one condition increments it and another one resets it. It can be used to better detect abuses.
2011-08-12 19:45:16 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the cumulated number of connections from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt smp_fetch_sc0_conn_cnt, smp_fetch_sc1_conn_cnt, smp_fetch_sc2_conn_cnt, smp_fetch_src_conn_cnt and smp_fetch_conn_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:22:50 -04:00
* frontend counters. Supports being called as "sc[0-9]_conn_cnt" or
* "src_conn_cnt" only.
*/
[MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts Most of the time we'll want to check the connection count of the criterion we're currently tracking. So instead of duplicating the src* tests, let's add trk_conn_cnt to report the total number of connections from the stick table entry currently being tracked. A nice part of the code was factored, and we should do the same for the other criteria.
2010-06-18 13:53:25 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_conn_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts Most of the time we'll want to check the connection count of the criterion we're currently tracking. So instead of duplicating the src* tests, let's add trk_conn_cnt to report the total number of connections from the stick table entry currently being tracked. A nice part of the code was factored, and we should do the same for the other criteria.
2010-06-18 13:53:25 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt smp_fetch_sc0_conn_cnt, smp_fetch_sc1_conn_cnt, smp_fetch_sc2_conn_cnt, smp_fetch_src_conn_cnt and smp_fetch_conn_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:22:50 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt smp_fetch_sc0_conn_cnt, smp_fetch_sc1_conn_cnt, smp_fetch_sc2_conn_cnt, smp_fetch_src_conn_cnt and smp_fetch_conn_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-22 18:22:50 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_CONN_CNT);
[MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts Most of the time we'll want to check the connection count of the criterion we're currently tracking. So instead of duplicating the src* tests, let's add trk_conn_cnt to report the total number of connections from the stick table entry currently being tracked. A nice part of the code was factored, and we should do the same for the other criteria.
2010-06-18 13:53:25 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, conn_cnt);
[MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts Most of the time we'll want to check the connection count of the criterion we're currently tracking. So instead of duplicating the src* tests, let's add trk_conn_cnt to report the total number of connections from the stick table entry currently being tracked. A nice part of the code was factored, and we should do the same for the other criteria.
2010-06-18 13:53:25 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the connection rate from the stream's tracked frontend
MEDIUM: counters: factor out smp_fetch_sc*_conn_rate smp_fetch_sc0_conn_rate, smp_fetch_sc1_conn_rate, smp_fetch_sc2_conn_rate, smp_fetch_src_conn_rate and smp_fetch_conn_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:09:35 -04:00
* counters. Supports being called as "sc[0-9]_conn_rate" or "src_conn_rate"
* only.
*/
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_conn_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_conn_rate smp_fetch_sc0_conn_rate, smp_fetch_sc1_conn_rate, smp_fetch_sc2_conn_rate, smp_fetch_src_conn_rate and smp_fetch_conn_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:09:35 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_CONN_RATE);
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, conn_rate),
MEDIUM: counters: factor out smp_fetch_sc*_conn_rate smp_fetch_sc0_conn_rate, smp_fetch_sc1_conn_rate, smp_fetch_sc2_conn_rate, smp_fetch_src_conn_rate and smp_fetch_conn_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:09:35 -04:00
stkctr->table->data_arg[STKTABLE_DT_CONN_RATE].u);
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set temp integer to the number of connections from the stream's source address
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
* in the table pointed to by expr, after updating it.
MEDIUM: acl: remove unused tests for missing args when args are mandatory A number of ACL fetch methods use mandatory arguments (eg: proxy names) so it's pointless to test for the presence of this argument now.
2012-04-20 05:37:56 -04:00
* Accepts exactly 1 argument of type table.
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_src_updt_conn_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
{
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
struct connection *conn = objt_conn(smp->sess->origin);
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
struct stksess *ts;
struct stktable_key *key;
void *ptr;
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
struct proxy *px;
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
MAJOR: stream-int: stop using si->conn and use si->end instead The connection will only remain there as a pre-allocated entity whose goal is to be placed in ->end when establishing an outgoing connection. All connection initialization can be made on this connection, but all information retrieved should be applied to the end point only. This change is huge because there were many users of si->conn. Now the only users are those who initialize the new connection. The difficulty appears in a few places such as backend.c, proto_http.c, peers.c where si->conn is used to hold the connection's target address before assigning the connection to the stream interface. This is why we have to keep si->conn for now. A future improvement might consist in dynamically allocating the connection when it is needed.
2013-10-01 04:45:07 -04:00
if (!conn)
return 0;
MAJOR: stick-tables: remove key storage from the key struct Now, the key struct only points to the storage provided by the sample as input.
2015-07-24 13:31:59 -04:00
/* Fetch source adress in a sample. */
if (!smp_fetch_src(NULL, smp, NULL, NULL))
return 0;
/* Converts into key. */
key = smp_to_stkey(smp, &args->data.prx->table);
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
if (!key)
[MEDIUM] IPv6 support for stick-tables Since IPv6 is a different type than IPv4, the pattern fetch functions src6 and dst6 were added. IPv6 stick-tables can also fetch IPv4 addresses with src and dst. In this case, the IPv4 addresses are mapped to their IPv6 counterpart, according to RFC 4291.
2011-03-24 06:09:31 -04:00
return 0;
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
MEDIUM: acl: replace acl_expr with args in acl fetch_* functions Having the args everywhere will make it easier to share fetch functions between patterns and ACLs. The only place where we could have needed the expr was in the http_prefetch function which can do well without.
2012-04-23 17:55:44 -04:00
px = args->data.prx;
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
[MINOR] stktable: add a stktable_update_key() function This function looks up a key, updates its expiration date, or creates it if it was not found. acl_fetch_src_updt_conn_cnt() was updated to make use of it.
2010-06-20 06:27:21 -04:00
if ((ts = stktable_update_key(&px->table, key)) == NULL)
/* entry does not exist and could not be created */
return 0;
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
ptr = stktable_data_ptr(&px->table, ts, STKTABLE_DT_CONN_CNT);
if (!ptr)
return 0; /* parameter not stored in this table */
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = ++stktable_data_cast(ptr, conn_cnt);
MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. This was correctly done for data of type 'serverid' but it is now necessary for all stick-tables data-types if we want to perform their sync.
2015-06-15 12:29:57 -04:00
/* Touch was previously performed by stktable_update_key */
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the number of concurrent connections from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_conn_cur smp_fetch_sc0_conn_cur, smp_fetch_sc1_conn_cur, smp_fetch_sc2_conn_cur, smp_fetch_src_conn_cur and smp_fetch_conn_cur were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:17:53 -04:00
* frontend counters. Supports being called as "sc[0-9]_conn_cur" or
* "src_conn_cur" only.
*/
[MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection This one applies to the entry being tracked by current session.
2010-06-18 15:14:36 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_conn_cur(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection This one applies to the entry being tracked by current session.
2010-06-18 15:14:36 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_conn_cur smp_fetch_sc0_conn_cur, smp_fetch_sc1_conn_cur, smp_fetch_sc2_conn_cur, smp_fetch_src_conn_cur and smp_fetch_conn_cur were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:17:53 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_CONN_CUR);
[MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection This one applies to the entry being tracked by current session.
2010-06-18 15:14:36 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, conn_cur);
[MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection This one applies to the entry being tracked by current session.
2010-06-18 15:14:36 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the cumulated number of streams from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt smp_fetch_sc0_sess_cnt, smp_fetch_sc1_sess_cnt, smp_fetch_sc2_sess_cnt, smp_fetch_src_sess_cnt and smp_fetch_sess_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:35:33 -04:00
* frontend counters. Supports being called as "sc[0-9]_sess_cnt" or
* "src_sess_cnt" only.
*/
[MEDIUM] session: add a counter on the cumulated number of sessions Sessions are like connections but they have been accepted by L4 rules and really became sessions.
2010-06-18 16:10:12 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_sess_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session: add a counter on the cumulated number of sessions Sessions are like connections but they have been accepted by L4 rules and really became sessions.
2010-06-18 16:10:12 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt smp_fetch_sc0_sess_cnt, smp_fetch_sc1_sess_cnt, smp_fetch_sc2_sess_cnt, smp_fetch_src_sess_cnt and smp_fetch_sess_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:35:33 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_SESS_CNT);
[MEDIUM] session: add a counter on the cumulated number of sessions Sessions are like connections but they have been accepted by L4 rules and really became sessions.
2010-06-18 16:10:12 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, sess_cnt);
[MEDIUM] session: add a counter on the cumulated number of sessions Sessions are like connections but they have been accepted by L4 rules and really became sessions.
2010-06-18 16:10:12 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the stream rate from the stream's tracked frontend counters.
MEDIUM: counters: factor out smp_fetch_sc*_sess_rate smp_fetch_sc0_sess_rate, smp_fetch_sc1_sess_rate, smp_fetch_sc2_sess_rate, smp_fetch_src_sess_rate and smp_fetch_sess_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:48:01 -04:00
* Supports being called as "sc[0-9]_sess_rate" or "src_sess_rate" only.
*/
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_sess_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_sess_rate smp_fetch_sc0_sess_rate, smp_fetch_sc1_sess_rate, smp_fetch_sc2_sess_rate, smp_fetch_src_sess_rate and smp_fetch_sess_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:48:01 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_sess_rate smp_fetch_sc0_sess_rate, smp_fetch_sc1_sess_rate, smp_fetch_sc2_sess_rate, smp_fetch_src_sess_rate and smp_fetch_sess_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:48:01 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_SESS_RATE);
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, sess_rate),
MEDIUM: counters: factor out smp_fetch_sc*_sess_rate smp_fetch_sc0_sess_rate, smp_fetch_sc1_sess_rate, smp_fetch_sc2_sess_rate, smp_fetch_src_sess_rate and smp_fetch_sess_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:48:01 -04:00
stkctr->table->data_arg[STKTABLE_DT_SESS_RATE].u);
[MEDIUM] session counters: add conn_rate and sess_rate counters These counters maintain incoming connection rates and session rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain accept rate per source address for instance, and block if the rate is passed over. Example : # block if more than 50 requests per 5 seconds from a source. stick-table type ip size 200k expire 1m store conn_rate(5s),sess_rate(5s) tcp-request track-counters src tcp-request reject if { trk_conn_rate gt 50 } # cause a 3 seconds pause to requests from sources in excess of 20 requests/5s tcp-request inspect-delay 3s tcp-request content accept if { trk_sess_rate gt 20 } WAIT_END
2010-06-20 05:19:22 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the cumulated number of HTTP requests from the stream's tracked
MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt smp_fetch_sc0_http_req_cnt, smp_fetch_sc1_http_req_cnt, smp_fetch_sc2_http_req_cnt, smp_fetch_src_http_req_cnt and smp_fetch_http_req_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:55:19 -04:00
* frontend counters. Supports being called as "sc[0-9]_http_req_cnt" or
* "src_http_req_cnt" only.
*/
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_http_req_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt smp_fetch_sc0_http_req_cnt, smp_fetch_sc1_http_req_cnt, smp_fetch_sc2_http_req_cnt, smp_fetch_src_http_req_cnt and smp_fetch_http_req_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:55:19 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt smp_fetch_sc0_http_req_cnt, smp_fetch_sc1_http_req_cnt, smp_fetch_sc2_http_req_cnt, smp_fetch_src_http_req_cnt and smp_fetch_http_req_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 09:55:19 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_HTTP_REQ_CNT);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, http_req_cnt);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the HTTP request rate from the stream's tracked frontend
MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate smp_fetch_sc0_http_req_rate, smp_fetch_sc1_http_req_rate, smp_fetch_sc2_http_req_rate, smp_fetch_src_http_req_rate and smp_fetch_http_req_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:04:37 -04:00
* counters. Supports being called as "sc[0-9]_http_req_rate" or
* "src_http_req_rate" only.
*/
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_http_req_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate smp_fetch_sc0_http_req_rate, smp_fetch_sc1_http_req_rate, smp_fetch_sc2_http_req_rate, smp_fetch_src_http_req_rate and smp_fetch_http_req_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:04:37 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_HTTP_REQ_RATE);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, http_req_rate),
MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate smp_fetch_sc0_http_req_rate, smp_fetch_sc1_http_req_rate, smp_fetch_sc2_http_req_rate, smp_fetch_src_http_req_rate and smp_fetch_http_req_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:04:37 -04:00
stkctr->table->data_arg[STKTABLE_DT_HTTP_REQ_RATE].u);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the cumulated number of HTTP requests errors from the stream's
MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt smp_fetch_sc0_http_err_cnt, smp_fetch_sc1_http_err_cnt, smp_fetch_sc2_http_err_cnt, smp_fetch_src_http_err_cnt and smp_fetch_http_err_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:45:38 -04:00
* tracked frontend counters. Supports being called as "sc[0-9]_http_err_cnt" or
* "src_http_err_cnt" only.
*/
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_http_err_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt smp_fetch_sc0_http_err_cnt, smp_fetch_sc1_http_err_cnt, smp_fetch_sc2_http_err_cnt, smp_fetch_src_http_err_cnt and smp_fetch_http_err_cnt were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:45:38 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_HTTP_ERR_CNT);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, http_err_cnt);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the HTTP request error rate from the stream's tracked frontend
MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate smp_fetch_sc0_http_err_rate, smp_fetch_sc1_http_err_rate, smp_fetch_sc2_http_err_rate, smp_fetch_src_http_err_rate and smp_fetch_http_err_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:48:54 -04:00
* counters. Supports being called as "sc[0-9]_http_err_rate" or
* "src_http_err_rate" only.
*/
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_http_err_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate smp_fetch_sc0_http_err_rate, smp_fetch_sc1_http_err_rate, smp_fetch_sc2_http_err_rate, smp_fetch_src_http_err_rate and smp_fetch_http_err_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:48:54 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_HTTP_ERR_RATE);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, http_err_rate),
MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate smp_fetch_sc0_http_err_rate, smp_fetch_sc1_http_err_rate, smp_fetch_sc2_http_err_rate, smp_fetch_src_http_err_rate and smp_fetch_http_err_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 10:48:54 -04:00
stkctr->table->data_arg[STKTABLE_DT_HTTP_ERR_RATE].u);
[MEDIUM] session-counters: add HTTP req/err tracking This patch adds support for the following session counters : - http_req_cnt : HTTP request count - http_req_rate: HTTP request rate - http_err_cnt : HTTP request error count - http_err_rate: HTTP request error rate The equivalent ACLs have been added to check the tracked counters for the current session or the counters of the current source.
2010-06-23 05:44:09 -04:00
}
return 1;
}
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in smp_fetch_sc0_kbytes_in, smp_fetch_sc1_kbytes_in, smp_fetch_sc2_kbytes_in, smp_fetch_src_kbytes_in and smp_fetch_kbytes_in were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:17:10 -04:00
/* set <smp> to the number of kbytes received from clients, as found in the
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* stream's tracked frontend counters. Supports being called as
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in smp_fetch_sc0_kbytes_in, smp_fetch_sc1_kbytes_in, smp_fetch_sc2_kbytes_in, smp_fetch_src_kbytes_in and smp_fetch_kbytes_in were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:17:10 -04:00
* "sc[0-9]_kbytes_in" or "src_kbytes_in" only.
*/
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_kbytes_in(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in smp_fetch_sc0_kbytes_in, smp_fetch_sc1_kbytes_in, smp_fetch_sc2_kbytes_in, smp_fetch_src_kbytes_in and smp_fetch_kbytes_in were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:17:10 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in smp_fetch_sc0_kbytes_in, smp_fetch_sc1_kbytes_in, smp_fetch_sc2_kbytes_in, smp_fetch_src_kbytes_in and smp_fetch_kbytes_in were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:17:10 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_IN_CNT);
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, bytes_in_cnt) >> 10;
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
}
return 1;
}
MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate smp_fetch_sc0_bytes_in_rate, smp_fetch_sc1_bytes_in_rate, smp_fetch_sc2_bytes_in_rate, smp_fetch_src_bytes_in_rate and smp_fetch_bytes_in_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:19 -04:00
/* set <smp> to the data rate received from clients in bytes/s, as found
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* in the stream's tracked frontend counters. Supports being called as
MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate smp_fetch_sc0_bytes_in_rate, smp_fetch_sc1_bytes_in_rate, smp_fetch_sc2_bytes_in_rate, smp_fetch_src_bytes_in_rate and smp_fetch_bytes_in_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:19 -04:00
* "sc[0-9]_bytes_in_rate" or "src_bytes_in_rate" only.
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_bytes_in_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate smp_fetch_sc0_bytes_in_rate, smp_fetch_sc1_bytes_in_rate, smp_fetch_sc2_bytes_in_rate, smp_fetch_src_bytes_in_rate and smp_fetch_bytes_in_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:19 -04:00
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate smp_fetch_sc0_bytes_in_rate, smp_fetch_sc1_bytes_in_rate, smp_fetch_sc2_bytes_in_rate, smp_fetch_src_bytes_in_rate and smp_fetch_bytes_in_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:19 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_IN_RATE);
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, bytes_in_rate),
MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate smp_fetch_sc0_bytes_in_rate, smp_fetch_sc1_bytes_in_rate, smp_fetch_sc2_bytes_in_rate, smp_fetch_src_bytes_in_rate and smp_fetch_bytes_in_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:19 -04:00
stkctr->table->data_arg[STKTABLE_DT_BYTES_IN_RATE].u);
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
}
return 1;
}
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out smp_fetch_sc0_kbytes_out, smp_fetch_sc1_kbytes_out, smp_fetch_sc2_kbytes_out, smp_fetch_src_kbytes_out and smp_fetch_kbytes_out were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:02 -04:00
/* set <smp> to the number of kbytes sent to clients, as found in the
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* stream's tracked frontend counters. Supports being called as
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out smp_fetch_sc0_kbytes_out, smp_fetch_sc1_kbytes_out, smp_fetch_sc2_kbytes_out, smp_fetch_src_kbytes_out and smp_fetch_kbytes_out were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:02 -04:00
* "sc[0-9]_kbytes_out" or "src_kbytes_out" only.
*/
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_kbytes_out(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] session: add trk_kbytes_* ACL keywords to track data size These one apply to the entry being tracked by current session.
2010-06-18 15:52:52 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out smp_fetch_sc0_kbytes_out, smp_fetch_sc1_kbytes_out, smp_fetch_sc2_kbytes_out, smp_fetch_src_kbytes_out and smp_fetch_kbytes_out were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 11:39:02 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_OUT_CNT);
[MEDIUM] session: add data in and out volume counters The new "bytes_in_cnt" and "bytes_out_cnt" session counters have been added. They're automatically updated when session counters are updated. They can be matched with the "src_kbytes_in" and "src_kbytes_out" ACLs which apply to the volume per source address. This can be used to deny access to service abusers.
2010-06-18 12:33:32 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = stktable_data_cast(ptr, bytes_out_cnt) >> 10;
[MEDIUM] session: add data in and out volume counters The new "bytes_in_cnt" and "bytes_out_cnt" session counters have been added. They're automatically updated when session counters are updated. They can be matched with the "src_kbytes_in" and "src_kbytes_out" ACLs which apply to the volume per source address. This can be used to deny access to service abusers.
2010-06-18 12:33:32 -04:00
}
return 1;
}
MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate smp_fetch_sc0_bytes_out_rate, smp_fetch_sc1_bytes_out_rate, smp_fetch_sc2_bytes_out_rate, smp_fetch_src_bytes_out_rate and smp_fetch_bytes_out_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 12:26:32 -04:00
/* set <smp> to the data rate sent to clients in bytes/s, as found in the
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* stream's tracked frontend counters. Supports being called as
MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate smp_fetch_sc0_bytes_out_rate, smp_fetch_sc1_bytes_out_rate, smp_fetch_sc2_bytes_out_rate, smp_fetch_src_bytes_out_rate and smp_fetch_bytes_out_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 12:26:32 -04:00
* "sc[0-9]_bytes_out_rate" or "src_bytes_out_rate" only.
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
*/
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_bytes_out_rate(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate smp_fetch_sc0_bytes_out_rate, smp_fetch_sc1_bytes_out_rate, smp_fetch_sc2_bytes_out_rate, smp_fetch_src_bytes_out_rate and smp_fetch_bytes_out_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 12:26:32 -04:00
if (!stkctr)
return 0;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = 0;
MEDIUM: counters: stop relying on session flags at all Till now, we had one flag per stick counter to indicate if it was tracked in a backend or in a frontend. We just had to add another flag per stick-counter to indicate if it relies on contents or just connection. These flags are quite painful to maintain and tend to easily conflict with other flags if their number is changed. The correct solution consists in moving the flags to the stkctr struct itself, but currently this struct is made of 2 pointers, so adding a new entry there to store only two bits will cause at least 16 more bytes to be eaten per counter due to alignment issues, and we definitely don't want to waste tens to hundreds of bytes per session just for things that most users don't use. Since we only need to store two bits per counter, an intermediate solution consists in replacing the entry pointer with a composite value made of the original entry pointer and the two flags in the 2 unused lower bits. If later a need for other flags arises, we'll have to store them in the struct. A few inline functions have been added to abstract the retrieval and assignment of the pointers and flags, resulting in very few changes. That way there is no more dependence on the number of stick-counters and their position in the session flags.
2014-01-28 17:18:23 -05:00
if (stkctr_entry(stkctr) != NULL) {
void *ptr = stktable_data_ptr(stkctr->table, stkctr_entry(stkctr), STKTABLE_DT_BYTES_OUT_RATE);
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
if (!ptr)
return 0; /* parameter not stored */
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = read_freq_ctr_period(&stktable_data_cast(ptr, bytes_out_rate),
MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate smp_fetch_sc0_bytes_out_rate, smp_fetch_sc1_bytes_out_rate, smp_fetch_sc2_bytes_out_rate, smp_fetch_src_bytes_out_rate and smp_fetch_bytes_out_rate were merged into a single function which relies on the fetch name to decide what to return.
2013-07-23 12:26:32 -04:00
stkctr->table->data_arg[STKTABLE_DT_BYTES_OUT_RATE].u);
[MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters These counters maintain incoming and outgoing byte rates in a stick-table, over a period which is defined in the configuration (2 ms to 24 days). They can be used to detect service abuse and enforce a certain bandwidth limits per source address for instance, and block if the rate is passed over. Since 32-bit counters are used to compute the rates, it is important not to use too long periods so that we don't have to deal with rates above 4 GB per period. Example : # block if more than 5 Megs retrieved in 30 seconds from a source. stick-table type ip size 200k expire 1m store bytes_out_rate(30s) tcp-request track-counters src tcp-request reject if { trk_bytes_out_rate gt 5000000 } # cause a 15 seconds pause to requests from sources in excess of 2 megs/30s tcp-request inspect-delay 15s tcp-request content accept if { trk_bytes_out_rate gt 2000000 } WAIT_END
2010-06-20 05:56:30 -04:00
}
return 1;
}
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
/* set <smp> to the number of active trackers on the SC entry in the stream's
MEDIUM: counters: factor out smp_fetch_sc*_trackers smp_fetch_sc0_trackers, smp_fetch_sc1_trackers and smp_fetch_sc2_trackers were merged into a single function which relies on the fetch name to decide what to return. This is also a bug fix for this feature which has never worked till its bogus introduction by commit "2406db4 MEDIUM: counters: add sc1_trackers/sc2_trackers" (1.5-dev10). Instead of returning the value in the sample, it was returned as the fetch result! There is no need to backport this fix anyway since it's 1.5-specific and nobody uses the feature.
2013-07-23 12:32:02 -04:00
* tracked frontend counters. Supports being called as "sc[0-9]_trackers" only.
*/
MEDIUM: counters: add sc1_trackers/sc2_trackers Returns the current amount of concurrent connections tracking the same tracked counters. This number is automatically incremented when tracking begins and decremented when tracking stops. It differs from sc1_conn_cur in that it does not rely on any stored information but on the table's reference count (the "use" value which is returned by "show table" on the CLI). This may sometimes be more suited for layer7 tracking.
2012-12-09 06:16:43 -05:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_sc_trackers(const struct arg *args, struct sample *smp, const char *kw, void *private)
MEDIUM: counters: add sc1_trackers/sc2_trackers Returns the current amount of concurrent connections tracking the same tracked counters. This number is automatically incremented when tracking begins and decremented when tracking stops. It differs from sc1_conn_cur in that it does not rely on any stored information but on the table's reference count (the "use" value which is returned by "show table" on the CLI). This may sometimes be more suited for layer7 tracking.
2012-12-09 06:16:43 -05:00
{
BUG/MAJOR: samples: check smp->strm before using it Since commit 6879ad3 ("MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers") merged in 1.6-dev2, the sample contains the pointer to the stream and sample fetch functions as well as converters use it heavily. The problem is that earlier commit 87b0966 ("REORG/MAJOR: session: rename the "session" entity to "stream"") had split the session and stream resulting in the possibility for smp->strm to be NULL before the stream was initialized. This is what happens in tcp-request connection rulesets, as discovered by Baptiste. The sample fetch functions must now check that smp->strm is valid before using it. An alternative could consist in using a dummy stream with nothing in it to avoid some checks but it would only result in deferring them to the next step anyway, and making it harder to detect that a stream is valid or the dummy one. There is still an issue with variables which requires a complete independant fix. They use strm->sess to find the session with strm possibly NULL and passed as an argument. All call places indirectly use smp->strm to build strm. So the problem is there but the API needs to be changed to remove this duplicate argument that makes it much harder to know what pointer to use. This fix must be backported to 1.6, as well as the next one fixing variables.
2016-03-10 05:47:01 -05:00
struct stkctr *stkctr;
stkctr = smp_fetch_sc_stkctr(smp->sess, smp->strm, args, kw);
MEDIUM: counters: factor out smp_fetch_sc*_trackers smp_fetch_sc0_trackers, smp_fetch_sc1_trackers and smp_fetch_sc2_trackers were merged into a single function which relies on the fetch name to decide what to return. This is also a bug fix for this feature which has never worked till its bogus introduction by commit "2406db4 MEDIUM: counters: add sc1_trackers/sc2_trackers" (1.5-dev10). Instead of returning the value in the sample, it was returned as the fetch result! There is no need to backport this fix anyway since it's 1.5-specific and nobody uses the feature.
2013-07-23 12:32:02 -04:00
if (!stkctr)
MEDIUM: counters: add support for tracking a third counter We're often missin a third counter to track base, src and base+src at the same time. Here we introduce track_sc3 to have this third counter. It would be wise not to add much more counters because that slightly increases the session size and processing time though the real issue is more the declaration of the keywords in the code and in the doc.
2013-05-28 12:32:20 -04:00
return 0;
MEDIUM: counters: factor out smp_fetch_sc*_trackers smp_fetch_sc0_trackers, smp_fetch_sc1_trackers and smp_fetch_sc2_trackers were merged into a single function which relies on the fetch name to decide what to return. This is also a bug fix for this feature which has never worked till its bogus introduction by commit "2406db4 MEDIUM: counters: add sc1_trackers/sc2_trackers" (1.5-dev10). Instead of returning the value in the sample, it was returned as the fetch result! There is no need to backport this fix anyway since it's 1.5-specific and nobody uses the feature.
2013-07-23 12:32:02 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table Bryan Talbot reported a very interesting bug. The sc_trackers() sample fetch seems to have escaped the sanitization that was performed during 1.5 to ensure all dereferences of stkctr_entry() were safe. Here if a tacker is set on a backend and is then checked against a different backend where the entry doesn't exist, stkctr_entry() returns NULL and this is dereferenced to retrieve the ref count. Thanks to Bryan for his detailed bug report featuring a working config and reproducer. This fix must be backported to 1.6 and 1.5.
2016-08-14 06:02:55 -04:00
smp->data.u.sint = stkctr_entry(stkctr) ? stkctr_entry(stkctr)->ref_cnt : 0;
MEDIUM: counters: factor out smp_fetch_sc*_trackers smp_fetch_sc0_trackers, smp_fetch_sc1_trackers and smp_fetch_sc2_trackers were merged into a single function which relies on the fetch name to decide what to return. This is also a bug fix for this feature which has never worked till its bogus introduction by commit "2406db4 MEDIUM: counters: add sc1_trackers/sc2_trackers" (1.5-dev10). Instead of returning the value in the sample, it was returned as the fetch result! There is no need to backport this fix anyway since it's 1.5-specific and nobody uses the feature.
2013-07-23 12:32:02 -04:00
return 1;
MEDIUM: counters: add support for tracking a third counter We're often missin a third counter to track base, src and base+src at the same time. Here we introduce track_sc3 to have this third counter. It would be wise not to add much more counters because that slightly increases the session size and processing time though the real issue is more the declaration of the keywords in the code and in the doc.
2013-05-28 12:32:20 -04:00
}
MAJOR: acl: make use of the new argument parsing framework The ACL parser now uses the argument parser to build a typed argument list. Right now arguments are all strings and only one argument is supported since this is what ACLs currently support.
2012-04-19 11:16:54 -04:00
/* set temp integer to the number of used entries in the table pointed to by expr.
MEDIUM: acl: remove unused tests for missing args when args are mandatory A number of ACL fetch methods use mandatory arguments (eg: proxy names) so it's pointless to test for the presence of this argument now.
2012-04-20 05:37:56 -04:00
* Accepts exactly 1 argument of type table.
MAJOR: acl: make use of the new argument parsing framework The ACL parser now uses the argument parser to build a typed argument list. Right now arguments are all strings and only one argument is supported since this is what ACLs currently support.
2012-04-19 11:16:54 -04:00
*/
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_table_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
{
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = args->data.prx->table.current;
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
return 1;
}
MAJOR: acl: make use of the new argument parsing framework The ACL parser now uses the argument parser to build a typed argument list. Right now arguments are all strings and only one argument is supported since this is what ACLs currently support.
2012-04-19 11:16:54 -04:00
/* set temp integer to the number of free entries in the table pointed to by expr.
MEDIUM: acl: remove unused tests for missing args when args are mandatory A number of ACL fetch methods use mandatory arguments (eg: proxy names) so it's pointless to test for the presence of this argument now.
2012-04-20 05:37:56 -04:00
* Accepts exactly 1 argument of type table.
MAJOR: acl: make use of the new argument parsing framework The ACL parser now uses the argument parser to build a typed argument list. Right now arguments are all strings and only one argument is supported since this is what ACLs currently support.
2012-04-19 11:16:54 -04:00
*/
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
static int
MEDIUM: sample: change the prototype of sample-fetches functions This patch removes the "opt" entry from the prototype of the sample-fetches fucntions. This permits to remove some weight in the prototype call.
2015-05-11 09:42:45 -04:00
smp_fetch_table_avl(const struct arg *args, struct sample *smp, const char *kw, void *private)
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
{
MEDIUM: sample change the prototype of sample-fetches and converters functions This patch removes the structs "session", "stream" and "proxy" from the sample-fetches and converters function prototypes. This permits to remove some weight in the prototype call.
2015-05-11 09:20:49 -04:00
struct proxy *px;
MEDIUM: acl: replace acl_expr with args in acl fetch_* functions Having the args everywhere will make it easier to share fetch functions between patterns and ACLs. The only place where we could have needed the expr was in the http_prefetch function which can do well without.
2012-04-23 17:55:44 -04:00
px = args->data.prx;
MAJOR: acl: make use of the new sample struct and get rid of acl_test This change is invasive in lines of code but not much in terms of functionalities as it's mainly a replacement of struct acl_test with struct sample.
2012-04-23 10:16:37 -04:00
smp->flags = SMP_F_VOL_TEST;
MEDIUM: samples: Use the "struct sample_data" in the "struct sample" This patch remove the struct information stored both in the struct sample_data and in the striuct sample. Now, only thestruct sample_data contains data, and the struct sample use the struct sample_data for storing his own data.
2015-08-19 03:00:18 -04:00
smp->data.type = SMP_T_SINT;
MINOR: samples: rename union from "data" to "u" The union name "data" is a little bit heavy while we read the source code because we can read "data.data.sint". The rename from "data" to "u" makes the read easiest like "data.u.sint".
2015-08-19 03:07:19 -04:00
smp->data.u.sint = px->table.size - px->table.current;
[MINOR] acl: add support for table_cnt and table_avl matches Those trivial matches respectively return the number of entries used in a stick-table and the number of entries still available in a table.
2011-03-28 18:57:02 -04:00
return 1;
}
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
/* 0=OK, <0=Alert, >0=Warning */
static enum act_parse_ret stream_parse_use_service(const char **args, int *cur_arg,
struct proxy *px, struct act_rule *rule,
char **err)
{
struct action_kw *kw;
/* Check if the service name exists. */
if (*(args[*cur_arg]) == 0) {
memprintf(err, "'%s' expects a service name.", args[0]);
BUG/MINOR: stream: bad return code In error case, we expect the enum ACT_RET_PRS_ERR, but the function "stream_parse_use_service()" returns "-1" This patch must be backported in 1.6
2015-11-26 13:48:04 -05:00
return ACT_RET_PRS_ERR;
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
}
/* lookup for keyword corresponding to a service. */
kw = action_lookup(&service_keywords, args[*cur_arg]);
if (!kw) {
memprintf(err, "'%s' unknown service name.", args[1]);
return ACT_RET_PRS_ERR;
}
(*cur_arg)++;
/* executes specific rule parser. */
rule->kw = kw;
if (kw->parse((const char **)args, cur_arg, px, rule, err) == ACT_RET_PRS_ERR)
return ACT_RET_PRS_ERR;
/* Register processing function. */
rule->action_ptr = process_use_service;
rule->action = ACT_CUSTOM;
return ACT_RET_PRS_OK;
}
void service_keywords_register(struct action_kw_list *kw_list)
{
LIST_ADDQ(&service_keywords, &kw_list->list);
}
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
/* This function dumps a complete stream state onto the stream interface's
* read buffer. The stream has to be set in strm. It returns 0 if the output
* buffer is full and it needs to be called again, otherwise non-zero. It is
* designed to be called from stats_dump_strm_to_buffer() below.
*/
static int stats_dump_full_strm_to_buffer(struct stream_interface *si, struct stream *strm)
{
struct appctx *appctx = __objt_appctx(si->end);
struct tm tm;
extern const char *monthname[12];
char pn[INET6_ADDRSTRLEN];
struct connection *conn;
struct appctx *tmpctx;
chunk_reset(&trash);
if (appctx->ctx.sess.section > 0 && appctx->ctx.sess.uid != strm->uniq_id) {
/* stream changed, no need to go any further */
chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
if (bi_putchk(si_ic(si), &trash) == -1) {
si_applet_cant_put(si);
return 0;
}
appctx->ctx.sess.uid = 0;
appctx->ctx.sess.section = 0;
return 1;
}
switch (appctx->ctx.sess.section) {
case 0: /* main status of the stream */
appctx->ctx.sess.uid = strm->uniq_id;
appctx->ctx.sess.section = 1;
/* fall through */
case 1:
get_localtime(strm->logs.accept_date.tv_sec, &tm);
chunk_appendf(&trash,
"%p: [%02d/%s/%04d:%02d:%02d:%02d.%06d] id=%u proto=%s",
strm,
tm.tm_mday, monthname[tm.tm_mon], tm.tm_year+1900,
tm.tm_hour, tm.tm_min, tm.tm_sec, (int)(strm->logs.accept_date.tv_usec),
strm->uniq_id,
strm_li(strm) ? strm_li(strm)->proto->name : "?");
conn = objt_conn(strm_orig(strm));
switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
case AF_INET:
case AF_INET6:
chunk_appendf(&trash, " source=%s:%d\n",
pn, get_host_port(&conn->addr.from));
break;
case AF_UNIX:
chunk_appendf(&trash, " source=unix:%d\n", strm_li(strm)->luid);
break;
default:
/* no more information to print right now */
chunk_appendf(&trash, "\n");
break;
}
chunk_appendf(&trash,
" flags=0x%x, conn_retries=%d, srv_conn=%p, pend_pos=%p\n",
strm->flags, strm->si[1].conn_retries, strm->srv_conn, strm->pend_pos);
chunk_appendf(&trash,
" frontend=%s (id=%u mode=%s), listener=%s (id=%u)",
strm_fe(strm)->id, strm_fe(strm)->uuid, strm_fe(strm)->mode ? "http" : "tcp",
strm_li(strm) ? strm_li(strm)->name ? strm_li(strm)->name : "?" : "?",
strm_li(strm) ? strm_li(strm)->luid : 0);
if (conn)
conn_get_to_addr(conn);
switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
case AF_INET:
case AF_INET6:
chunk_appendf(&trash, " addr=%s:%d\n",
pn, get_host_port(&conn->addr.to));
break;
case AF_UNIX:
chunk_appendf(&trash, " addr=unix:%d\n", strm_li(strm)->luid);
break;
default:
/* no more information to print right now */
chunk_appendf(&trash, "\n");
break;
}
if (strm->be->cap & PR_CAP_BE)
chunk_appendf(&trash,
" backend=%s (id=%u mode=%s)",
strm->be->id,
strm->be->uuid, strm->be->mode ? "http" : "tcp");
else
chunk_appendf(&trash, " backend=<NONE> (id=-1 mode=-)");
conn = objt_conn(strm->si[1].end);
if (conn)
conn_get_from_addr(conn);
switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
case AF_INET:
case AF_INET6:
chunk_appendf(&trash, " addr=%s:%d\n",
pn, get_host_port(&conn->addr.from));
break;
case AF_UNIX:
chunk_appendf(&trash, " addr=unix\n");
break;
default:
/* no more information to print right now */
chunk_appendf(&trash, "\n");
break;
}
if (strm->be->cap & PR_CAP_BE)
chunk_appendf(&trash,
" server=%s (id=%u)",
objt_server(strm->target) ? objt_server(strm->target)->id : "<none>",
objt_server(strm->target) ? objt_server(strm->target)->puid : 0);
else
chunk_appendf(&trash, " server=<NONE> (id=-1)");
if (conn)
conn_get_to_addr(conn);
switch (conn ? addr_to_str(&conn->addr.to, pn, sizeof(pn)) : AF_UNSPEC) {
case AF_INET:
case AF_INET6:
chunk_appendf(&trash, " addr=%s:%d\n",
pn, get_host_port(&conn->addr.to));
break;
case AF_UNIX:
chunk_appendf(&trash, " addr=unix\n");
break;
default:
/* no more information to print right now */
chunk_appendf(&trash, "\n");
break;
}
chunk_appendf(&trash,
" task=%p (state=0x%02x nice=%d calls=%d exp=%s%s",
strm->task,
strm->task->state,
strm->task->nice, strm->task->calls,
strm->task->expire ?
tick_is_expired(strm->task->expire, now_ms) ? "<PAST>" :
human_time(TICKS_TO_MS(strm->task->expire - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>",
task_in_rq(strm->task) ? ", running" : "");
chunk_appendf(&trash,
" age=%s)\n",
human_time(now.tv_sec - strm->logs.accept_date.tv_sec, 1));
if (strm->txn)
chunk_appendf(&trash,
" txn=%p flags=0x%x meth=%d status=%d req.st=%s rsp.st=%s waiting=%d\n",
strm->txn, strm->txn->flags, strm->txn->meth, strm->txn->status,
http_msg_state_str(strm->txn->req.msg_state), http_msg_state_str(strm->txn->rsp.msg_state), !LIST_ISEMPTY(&strm->buffer_wait));
chunk_appendf(&trash,
" si[0]=%p (state=%s flags=0x%02x endp0=%s:%p exp=%s, et=0x%03x)\n",
&strm->si[0],
si_state_str(strm->si[0].state),
strm->si[0].flags,
obj_type_name(strm->si[0].end),
obj_base_ptr(strm->si[0].end),
strm->si[0].exp ?
tick_is_expired(strm->si[0].exp, now_ms) ? "<PAST>" :
human_time(TICKS_TO_MS(strm->si[0].exp - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>",
strm->si[0].err_type);
chunk_appendf(&trash,
" si[1]=%p (state=%s flags=0x%02x endp1=%s:%p exp=%s, et=0x%03x)\n",
&strm->si[1],
si_state_str(strm->si[1].state),
strm->si[1].flags,
obj_type_name(strm->si[1].end),
obj_base_ptr(strm->si[1].end),
strm->si[1].exp ?
tick_is_expired(strm->si[1].exp, now_ms) ? "<PAST>" :
human_time(TICKS_TO_MS(strm->si[1].exp - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>",
strm->si[1].err_type);
if ((conn = objt_conn(strm->si[0].end)) != NULL) {
chunk_appendf(&trash,
" co0=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
conn,
conn_get_ctrl_name(conn),
conn_get_xprt_name(conn),
conn_get_data_name(conn),
obj_type_name(conn->target),
obj_base_ptr(conn->target));
chunk_appendf(&trash,
" flags=0x%08x fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
conn->flags,
conn->t.sock.fd,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].state : 0,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].cache : 0,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].updated : 0);
}
else if ((tmpctx = objt_appctx(strm->si[0].end)) != NULL) {
chunk_appendf(&trash,
" app0=%p st0=%d st1=%d st2=%d applet=%s\n",
tmpctx,
tmpctx->st0,
tmpctx->st1,
tmpctx->st2,
tmpctx->applet->name);
}
if ((conn = objt_conn(strm->si[1].end)) != NULL) {
chunk_appendf(&trash,
" co1=%p ctrl=%s xprt=%s data=%s target=%s:%p\n",
conn,
conn_get_ctrl_name(conn),
conn_get_xprt_name(conn),
conn_get_data_name(conn),
obj_type_name(conn->target),
obj_base_ptr(conn->target));
chunk_appendf(&trash,
" flags=0x%08x fd=%d fd.state=%02x fd.cache=%d updt=%d\n",
conn->flags,
conn->t.sock.fd,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].state : 0,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].cache : 0,
conn->t.sock.fd >= 0 ? fdtab[conn->t.sock.fd].updated : 0);
}
else if ((tmpctx = objt_appctx(strm->si[1].end)) != NULL) {
chunk_appendf(&trash,
" app1=%p st0=%d st1=%d st2=%d applet=%s\n",
tmpctx,
tmpctx->st0,
tmpctx->st1,
tmpctx->st2,
tmpctx->applet->name);
}
chunk_appendf(&trash,
" req=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
" an_exp=%s",
&strm->req,
strm->req.flags, strm->req.analysers,
strm->req.pipe ? strm->req.pipe->data : 0,
strm->req.to_forward, strm->req.total,
strm->req.analyse_exp ?
human_time(TICKS_TO_MS(strm->req.analyse_exp - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>");
chunk_appendf(&trash,
" rex=%s",
strm->req.rex ?
human_time(TICKS_TO_MS(strm->req.rex - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>");
chunk_appendf(&trash,
" wex=%s\n"
" buf=%p data=%p o=%d p=%d req.next=%d i=%d size=%d\n",
strm->req.wex ?
human_time(TICKS_TO_MS(strm->req.wex - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>",
strm->req.buf,
strm->req.buf->data, strm->req.buf->o,
(int)(strm->req.buf->p - strm->req.buf->data),
strm->txn ? strm->txn->req.next : 0, strm->req.buf->i,
strm->req.buf->size);
chunk_appendf(&trash,
" res=%p (f=0x%06x an=0x%x pipe=%d tofwd=%d total=%lld)\n"
" an_exp=%s",
&strm->res,
strm->res.flags, strm->res.analysers,
strm->res.pipe ? strm->res.pipe->data : 0,
strm->res.to_forward, strm->res.total,
strm->res.analyse_exp ?
human_time(TICKS_TO_MS(strm->res.analyse_exp - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>");
chunk_appendf(&trash,
" rex=%s",
strm->res.rex ?
human_time(TICKS_TO_MS(strm->res.rex - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>");
chunk_appendf(&trash,
" wex=%s\n"
" buf=%p data=%p o=%d p=%d rsp.next=%d i=%d size=%d\n",
strm->res.wex ?
human_time(TICKS_TO_MS(strm->res.wex - now_ms),
TICKS_TO_MS(1000)) : "<NEVER>",
strm->res.buf,
strm->res.buf->data, strm->res.buf->o,
(int)(strm->res.buf->p - strm->res.buf->data),
strm->txn ? strm->txn->rsp.next : 0, strm->res.buf->i,
strm->res.buf->size);
if (bi_putchk(si_ic(si), &trash) == -1) {
si_applet_cant_put(si);
return 0;
}
/* use other states to dump the contents */
}
/* end of dump */
appctx->ctx.sess.uid = 0;
appctx->ctx.sess.section = 0;
return 1;
}
static int cli_parse_show_sess(char **args, struct appctx *appctx, void *private)
{
appctx->st2 = STAT_ST_INIT;
if (!cli_has_level(appctx, ACCESS_LVL_OPER))
return 1;
if (*args[2] && strcmp(args[2], "all") == 0)
appctx->ctx.sess.target = (void *)-1;
else if (*args[2])
appctx->ctx.sess.target = (void *)strtoul(args[2], NULL, 0);
else
appctx->ctx.sess.target = NULL;
appctx->ctx.sess.section = 0; /* start with stream status */
appctx->ctx.sess.pos = 0;
return 0;
}
/* This function dumps all streams' states onto the stream interface's
* read buffer. It returns 0 if the output buffer is full and it needs
* to be called again, otherwise non-zero. It is designed to be called
* from stats_dump_sess_to_buffer() below.
*/
static int cli_io_handler_dump_sess(struct appctx *appctx)
{
struct stream_interface *si = appctx->owner;
struct connection *conn;
if (unlikely(si_ic(si)->flags & (CF_WRITE_ERROR|CF_SHUTW))) {
/* If we're forced to shut down, we might have to remove our
* reference to the last stream being dumped.
*/
if (appctx->st2 == STAT_ST_LIST) {
if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
LIST_DEL(&appctx->ctx.sess.bref.users);
LIST_INIT(&appctx->ctx.sess.bref.users);
}
}
return 1;
}
chunk_reset(&trash);
switch (appctx->st2) {
case STAT_ST_INIT:
/* the function had not been called yet, let's prepare the
* buffer for a response. We initialize the current stream
* pointer to the first in the global list. When a target
* stream is being destroyed, it is responsible for updating
* this pointer. We know we have reached the end when this
* pointer points back to the head of the streams list.
*/
LIST_INIT(&appctx->ctx.sess.bref.users);
appctx->ctx.sess.bref.ref = streams.n;
appctx->st2 = STAT_ST_LIST;
/* fall through */
case STAT_ST_LIST:
/* first, let's detach the back-ref from a possible previous stream */
if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users)) {
LIST_DEL(&appctx->ctx.sess.bref.users);
LIST_INIT(&appctx->ctx.sess.bref.users);
}
/* and start from where we stopped */
while (appctx->ctx.sess.bref.ref != &streams) {
char pn[INET6_ADDRSTRLEN];
struct stream *curr_strm;
curr_strm = LIST_ELEM(appctx->ctx.sess.bref.ref, struct stream *, list);
if (appctx->ctx.sess.target) {
if (appctx->ctx.sess.target != (void *)-1 && appctx->ctx.sess.target != curr_strm)
goto next_sess;
LIST_ADDQ(&curr_strm->back_refs, &appctx->ctx.sess.bref.users);
/* call the proper dump() function and return if we're missing space */
if (!stats_dump_full_strm_to_buffer(si, curr_strm))
return 0;
/* stream dump complete */
LIST_DEL(&appctx->ctx.sess.bref.users);
LIST_INIT(&appctx->ctx.sess.bref.users);
if (appctx->ctx.sess.target != (void *)-1) {
appctx->ctx.sess.target = NULL;
break;
}
else
goto next_sess;
}
chunk_appendf(&trash,
"%p: proto=%s",
curr_strm,
strm_li(curr_strm) ? strm_li(curr_strm)->proto->name : "?");
conn = objt_conn(strm_orig(curr_strm));
switch (conn ? addr_to_str(&conn->addr.from, pn, sizeof(pn)) : AF_UNSPEC) {
case AF_INET:
case AF_INET6:
chunk_appendf(&trash,
" src=%s:%d fe=%s be=%s srv=%s",
pn,
get_host_port(&conn->addr.from),
strm_fe(curr_strm)->id,
(curr_strm->be->cap & PR_CAP_BE) ? curr_strm->be->id : "<NONE>",
objt_server(curr_strm->target) ? objt_server(curr_strm->target)->id : "<none>"
);
break;
case AF_UNIX:
chunk_appendf(&trash,
" src=unix:%d fe=%s be=%s srv=%s",
strm_li(curr_strm)->luid,
strm_fe(curr_strm)->id,
(curr_strm->be->cap & PR_CAP_BE) ? curr_strm->be->id : "<NONE>",
objt_server(curr_strm->target) ? objt_server(curr_strm->target)->id : "<none>"
);
break;
}
chunk_appendf(&trash,
" ts=%02x age=%s calls=%d",
curr_strm->task->state,
human_time(now.tv_sec - curr_strm->logs.tv_accept.tv_sec, 1),
curr_strm->task->calls);
chunk_appendf(&trash,
" rq[f=%06xh,i=%d,an=%02xh,rx=%s",
curr_strm->req.flags,
curr_strm->req.buf->i,
curr_strm->req.analysers,
curr_strm->req.rex ?
human_time(TICKS_TO_MS(curr_strm->req.rex - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
",wx=%s",
curr_strm->req.wex ?
human_time(TICKS_TO_MS(curr_strm->req.wex - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
",ax=%s]",
curr_strm->req.analyse_exp ?
human_time(TICKS_TO_MS(curr_strm->req.analyse_exp - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
" rp[f=%06xh,i=%d,an=%02xh,rx=%s",
curr_strm->res.flags,
curr_strm->res.buf->i,
curr_strm->res.analysers,
curr_strm->res.rex ?
human_time(TICKS_TO_MS(curr_strm->res.rex - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
",wx=%s",
curr_strm->res.wex ?
human_time(TICKS_TO_MS(curr_strm->res.wex - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
",ax=%s]",
curr_strm->res.analyse_exp ?
human_time(TICKS_TO_MS(curr_strm->res.analyse_exp - now_ms),
TICKS_TO_MS(1000)) : "");
conn = objt_conn(curr_strm->si[0].end);
chunk_appendf(&trash,
" s0=[%d,%1xh,fd=%d,ex=%s]",
curr_strm->si[0].state,
curr_strm->si[0].flags,
conn ? conn->t.sock.fd : -1,
curr_strm->si[0].exp ?
human_time(TICKS_TO_MS(curr_strm->si[0].exp - now_ms),
TICKS_TO_MS(1000)) : "");
conn = objt_conn(curr_strm->si[1].end);
chunk_appendf(&trash,
" s1=[%d,%1xh,fd=%d,ex=%s]",
curr_strm->si[1].state,
curr_strm->si[1].flags,
conn ? conn->t.sock.fd : -1,
curr_strm->si[1].exp ?
human_time(TICKS_TO_MS(curr_strm->si[1].exp - now_ms),
TICKS_TO_MS(1000)) : "");
chunk_appendf(&trash,
" exp=%s",
curr_strm->task->expire ?
human_time(TICKS_TO_MS(curr_strm->task->expire - now_ms),
TICKS_TO_MS(1000)) : "");
if (task_in_rq(curr_strm->task))
chunk_appendf(&trash, " run(nice=%d)", curr_strm->task->nice);
chunk_appendf(&trash, "\n");
if (bi_putchk(si_ic(si), &trash) == -1) {
/* let's try again later from this stream. We add ourselves into
* this stream's users so that it can remove us upon termination.
*/
si_applet_cant_put(si);
LIST_ADDQ(&curr_strm->back_refs, &appctx->ctx.sess.bref.users);
return 0;
}
next_sess:
appctx->ctx.sess.bref.ref = curr_strm->list.n;
}
if (appctx->ctx.sess.target && appctx->ctx.sess.target != (void *)-1) {
/* specified stream not found */
if (appctx->ctx.sess.section > 0)
chunk_appendf(&trash, " *** session terminated while we were watching it ***\n");
else
chunk_appendf(&trash, "Session not found.\n");
if (bi_putchk(si_ic(si), &trash) == -1) {
si_applet_cant_put(si);
return 0;
}
appctx->ctx.sess.target = NULL;
appctx->ctx.sess.uid = 0;
return 1;
}
appctx->st2 = STAT_ST_FIN;
/* fall through */
default:
appctx->st2 = STAT_ST_FIN;
return 1;
}
}
static void cli_release_show_sess(struct appctx *appctx)
{
if (appctx->st2 == STAT_ST_LIST) {
if (!LIST_ISEMPTY(&appctx->ctx.sess.bref.users))
LIST_DEL(&appctx->ctx.sess.bref.users);
}
}
REORG: cli: move "shutdown session" to stream.c It really kills streams in fact, but we can't change the name now.
2016-11-24 05:09:25 -05:00
/* Parses the "shutdown session" directive, it always returns 1 */
static int cli_parse_shutdown_session(char **args, struct appctx *appctx, void *private)
{
struct stream *strm, *ptr;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
if (!*args[2]) {
appctx->ctx.cli.msg = "Session pointer expected (use 'show sess').\n";
appctx->st0 = STAT_CLI_PRINT;
return 1;
}
ptr = (void *)strtoul(args[2], NULL, 0);
/* first, look for the requested stream in the stream table */
list_for_each_entry(strm, &streams, list) {
if (strm == ptr)
break;
}
/* do we have the stream ? */
if (strm != ptr) {
appctx->ctx.cli.msg = "No such session (use 'show sess').\n";
appctx->st0 = STAT_CLI_PRINT;
return 1;
}
stream_shutdown(strm, SF_ERR_KILLED);
return 1;
}
REORG: cli: move "shutdown sessions server" to stream.c It could be argued that it's between server, stream and session but at least due to the fact that it operates on streams, its best place is in stream.c.
2016-11-23 10:50:48 -05:00
/* Parses the "shutdown session server" directive, it always returns 1 */
static int cli_parse_shutdown_sessions_server(char **args, struct appctx *appctx, void *private)
{
struct server *sv;
struct stream *strm, *strm_bck;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
sv = cli_find_server(appctx, args[3]);
if (!sv)
return 1;
/* kill all the stream that are on this server */
list_for_each_entry_safe(strm, strm_bck, &sv->actconns, by_srv)
if (strm->srv_conn == sv)
stream_shutdown(strm, SF_ERR_KILLED);
return 1;
}
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
/* register cli keywords */
static struct cli_kw_list cli_kws = {{ },{
{ { "show", "sess", NULL }, "show sess [id] : report the list of current sessions or dump this session", cli_parse_show_sess, cli_io_handler_dump_sess, cli_release_show_sess },
REORG: cli: move "shutdown session" to stream.c It really kills streams in fact, but we can't change the name now.
2016-11-24 05:09:25 -05:00
{ { "shutdown", "session", NULL }, "shutdown session : kill a specific session", cli_parse_shutdown_session, NULL, NULL },
REORG: cli: move "shutdown sessions server" to stream.c It could be argued that it's between server, stream and session but at least due to the fact that it operates on streams, its best place is in stream.c.
2016-11-23 10:50:48 -05:00
{ { "shutdown", "sessions", "server" }, "shutdown sessions server : kill sessions on a server", cli_parse_shutdown_sessions_server, NULL, NULL },
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
{{},}
}};
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
/* main configuration keyword registration. */
static struct action_kw_list stream_tcp_keywords = { ILH, {
{ "use-service", stream_parse_use_service },
{ /* END */ }
}};
static struct action_kw_list stream_http_keywords = { ILH, {
{ "use-service", stream_parse_use_service },
{ /* END */ }
}};
MAJOR: acl: store the ACL argument types in the ACL keyword declaration The types and minimal number of ACL keyword arguments are now stored in their declaration. This will allow many more fantasies if some ACL use several arguments or types. Doing so required to rework all ACL keyword declarations to add two parameters. So this was a good opportunity for a general cleanup and to sort all entries in alphabetical order. We still have two pending issues : - parse_acl_expr() checks for errors but has no way to report them to the user ; - the types of some arguments are still not resolved and kept as strings (eg: ARGT_FE/BE/TAB) for compatibility reasons, which must be resolved in acl_find_targets()
2012-04-19 12:42:05 -04:00
/* Note: must not be declared <const> as its list will be overwritten.
* Please take care of keeping this list alphabetically sorted.
*/
BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS Benoit Dolez reported a failure to start haproxy 1.5-dev19. The process would immediately report an internal error with missing fetches from some crap instead of ACL names. The cause is that some versions of gcc seem to trim static structs containing a variable array when moving them to BSS, and only keep the fixed size, which is just a list head for all ACL and sample fetch keywords. This was confirmed at least with gcc 3.4.6. And we can't move these structs to const because they contain a list element which is needed to link all of them together during the parsing. The bug indeed appeared with 1.5-dev19 because it's the first one to have some empty ACL keyword lists. One solution is to impose -fno-zero-initialized-in-bss to everyone but this is not really nice. Another solution consists in ensuring the struct is never empty so that it does not move there. The easy solution consists in having a non-null list head since it's not yet initialized. A new "ILH" list head type was thus created for this purpose : create an Initialized List Head so that gcc cannot move the struct to BSS. This fixes the issue for this version of gcc and does not create any burden for the declarations.
2013-06-21 17:16:39 -04:00
static struct acl_kw_list acl_kws = {ILH, {
MINOR: session: rename sample fetch functions and declare the sample keywords The following sample fetch functions were only usable by ACLs but are now usable by sample fetches too : sc1_bytes_in_rate, sc1_bytes_out_rate, sc1_clr_gpc0, sc1_conn_cnt, sc1_conn_cur, sc1_conn_rate, sc1_get_gpc0, sc1_http_err_cnt, sc1_http_err_rate, sc1_http_req_cnt, sc1_http_req_rate, sc1_inc_gpc0, sc1_kbytes_in, sc1_kbytes_out, sc1_sess_cnt, sc1_sess_rate, sc1_trackers, sc2_bytes_in_rate, sc2_bytes_out_rate, sc2_clr_gpc0, sc2_conn_cnt, sc2_conn_cur, sc2_conn_rate, sc2_get_gpc0, sc2_http_err_cnt, sc2_http_err_rate, sc2_http_req_cnt, sc2_http_req_rate, sc2_inc_gpc0, sc2_kbytes_in, sc2_kbytes_out, sc2_sess_cnt, sc2_sess_rate, sc2_trackers, src_bytes_in_rate, src_bytes_out_rate, src_clr_gpc0, src_conn_cnt, src_conn_cur, src_conn_rate, src_get_gpc0, src_http_err_cnt, src_http_err_rate, src_http_req_cnt, src_http_req_rate, src_inc_gpc0, src_kbytes_in, src_kbytes_out, src_sess_cnt, src_sess_rate, src_updt_conn_cnt, table_avl, table_cnt, The fetch functions have been renamed "smp_fetch_*".
2013-01-07 19:23:27 -05:00
{ /* END */ },
}};
/* Note: must not be declared <const> as its list will be overwritten.
* Please take care of keeping this list alphabetically sorted.
*/
BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS Benoit Dolez reported a failure to start haproxy 1.5-dev19. The process would immediately report an internal error with missing fetches from some crap instead of ACL names. The cause is that some versions of gcc seem to trim static structs containing a variable array when moving them to BSS, and only keep the fixed size, which is just a list head for all ACL and sample fetch keywords. This was confirmed at least with gcc 3.4.6. And we can't move these structs to const because they contain a list element which is needed to link all of them together during the parsing. The bug indeed appeared with 1.5-dev19 because it's the first one to have some empty ACL keyword lists. One solution is to impose -fno-zero-initialized-in-bss to everyone but this is not really nice. Another solution consists in ensuring the struct is never empty so that it does not move there. The easy solution consists in having a non-null list head since it's not yet initialized. A new "ILH" list head type was thus created for this purpose : create an Initialized List Head so that gcc cannot move the struct to BSS. This fixes the issue for this version of gcc and does not create any burden for the declarations.
2013-06-21 17:16:39 -04:00
static struct sample_fetch_kw_list smp_fetch_keywords = {ILH, {
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "sc_bytes_in_rate", smp_fetch_sc_bytes_in_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_bytes_out_rate", smp_fetch_sc_bytes_out_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_clr_gpc0", smp_fetch_sc_clr_gpc0, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_conn_cnt", smp_fetch_sc_conn_cnt, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_conn_cur", smp_fetch_sc_conn_cur, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_conn_rate", smp_fetch_sc_conn_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
{ "sc_get_gpt0", smp_fetch_sc_get_gpt0, ARG2(1,SINT,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: arg: converts uint and sint in sint This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed.
2015-07-20 11:45:02 -04:00
{ "sc_get_gpc0", smp_fetch_sc_get_gpc0, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_gpc0_rate", smp_fetch_sc_gpc0_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_http_err_cnt", smp_fetch_sc_http_err_cnt, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_http_err_rate", smp_fetch_sc_http_err_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_http_req_cnt", smp_fetch_sc_http_req_cnt, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_http_req_rate", smp_fetch_sc_http_req_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_inc_gpc0", smp_fetch_sc_inc_gpc0, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_kbytes_in", smp_fetch_sc_kbytes_in, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc_kbytes_out", smp_fetch_sc_kbytes_out, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc_sess_cnt", smp_fetch_sc_sess_cnt, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_sess_rate", smp_fetch_sc_sess_rate, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc_tracked", smp_fetch_sc_tracked, ARG2(1,SINT,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
{ "sc_trackers", smp_fetch_sc_trackers, ARG2(1,SINT,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc0_bytes_in_rate", smp_fetch_sc_bytes_in_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_bytes_out_rate", smp_fetch_sc_bytes_out_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_clr_gpc0", smp_fetch_sc_clr_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_conn_cnt", smp_fetch_sc_conn_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_conn_cur", smp_fetch_sc_conn_cur, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_conn_rate", smp_fetch_sc_conn_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
{ "sc0_get_gpt0", smp_fetch_sc_get_gpt0, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc0_get_gpc0", smp_fetch_sc_get_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_gpc0_rate", smp_fetch_sc_gpc0_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_http_err_cnt", smp_fetch_sc_http_err_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_http_err_rate", smp_fetch_sc_http_err_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_http_req_cnt", smp_fetch_sc_http_req_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_http_req_rate", smp_fetch_sc_http_req_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_inc_gpc0", smp_fetch_sc_inc_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_kbytes_in", smp_fetch_sc_kbytes_in, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc0_kbytes_out", smp_fetch_sc_kbytes_out, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc0_sess_cnt", smp_fetch_sc_sess_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc0_sess_rate", smp_fetch_sc_sess_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
{ "sc0_tracked", smp_fetch_sc_tracked, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc0_trackers", smp_fetch_sc_trackers, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_bytes_in_rate", smp_fetch_sc_bytes_in_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_bytes_out_rate", smp_fetch_sc_bytes_out_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_clr_gpc0", smp_fetch_sc_clr_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_conn_cnt", smp_fetch_sc_conn_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_conn_cur", smp_fetch_sc_conn_cur, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_conn_rate", smp_fetch_sc_conn_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
{ "sc1_get_gpt0", smp_fetch_sc_get_gpt0, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc1_get_gpc0", smp_fetch_sc_get_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_gpc0_rate", smp_fetch_sc_gpc0_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_http_err_cnt", smp_fetch_sc_http_err_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_http_err_rate", smp_fetch_sc_http_err_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_http_req_cnt", smp_fetch_sc_http_req_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_http_req_rate", smp_fetch_sc_http_req_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_inc_gpc0", smp_fetch_sc_inc_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_kbytes_in", smp_fetch_sc_kbytes_in, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc1_kbytes_out", smp_fetch_sc_kbytes_out, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc1_sess_cnt", smp_fetch_sc_sess_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc1_sess_rate", smp_fetch_sc_sess_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
{ "sc1_tracked", smp_fetch_sc_tracked, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc1_trackers", smp_fetch_sc_trackers, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_bytes_in_rate", smp_fetch_sc_bytes_in_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_bytes_out_rate", smp_fetch_sc_bytes_out_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_clr_gpc0", smp_fetch_sc_clr_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_conn_cnt", smp_fetch_sc_conn_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_conn_cur", smp_fetch_sc_conn_cur, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_conn_rate", smp_fetch_sc_conn_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
{ "sc2_get_gpt0", smp_fetch_sc_get_gpt0, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc2_get_gpc0", smp_fetch_sc_get_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_gpc0_rate", smp_fetch_sc_gpc0_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_http_err_cnt", smp_fetch_sc_http_err_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_http_err_rate", smp_fetch_sc_http_err_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_http_req_cnt", smp_fetch_sc_http_req_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_http_req_rate", smp_fetch_sc_http_req_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_inc_gpc0", smp_fetch_sc_inc_gpc0, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_kbytes_in", smp_fetch_sc_kbytes_in, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc2_kbytes_out", smp_fetch_sc_kbytes_out, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "sc2_sess_cnt", smp_fetch_sc_sess_cnt, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "sc2_sess_rate", smp_fetch_sc_sess_rate, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MEDIUM: counters: support looking up a key in an alternate table sc_* sample fetches now take an optional parameter which allows to look the key in an alternate table. This is convenient to pass multiple information for the same key at once (eg: have multiple gpc0 for the same key, or support being fed complementary information from the CLI). Example : listen front bind :8000 tcp-request content track-sc0 src table local-ip http-response set-header src-id %[sc0_get_gpc0]+%[sc0_get_gpc0(global-ip)] server dummy 127.0.0.1:8001 backend local-ip stick-table size 1k type ip store gpc0 backend global-ip stick-table size 1k type ip store gpc0
2013-07-23 13:56:43 -04:00
{ "sc2_tracked", smp_fetch_sc_tracked, ARG1(0,TAB), NULL, SMP_T_BOOL, SMP_USE_INTRN, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "sc2_trackers", smp_fetch_sc_trackers, ARG1(0,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "src_bytes_in_rate", smp_fetch_sc_bytes_in_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_bytes_out_rate", smp_fetch_sc_bytes_out_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_clr_gpc0", smp_fetch_sc_clr_gpc0, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_conn_cnt", smp_fetch_sc_conn_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_conn_cur", smp_fetch_sc_conn_cur, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_conn_rate", smp_fetch_sc_conn_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
MINOR: stick-tables: Add GPT0 access This patch adds acces to GPT0. The access can be done with http and tcp actions, and through a converter.
2015-08-19 02:25:14 -04:00
{ "src_get_gpt0", smp_fetch_sc_get_gpt0, ARG1(1,TAB), NULL, SMP_T_BOOL, SMP_USE_L4CLI, },
MAJOR: sample: converts uint and sint in 64 bits signed integer This patch removes the 32 bits unsigned integer and the 32 bit signed integer. It replaces these types by a unique type 64 bit signed. This makes easy the usage of integer and clarify signed and unsigned use. With the previous version, signed and unsigned are used ones in place of others, and sometimes the converter loose the sign. For example, divisions are processed with "unsigned", if one entry is negative, the result is wrong. Note that the integer pattern matching and dotted version pattern matching are already working with signed 64 bits integer values. There is one user-visible change : the "uint()" and "sint()" sample fetch functions which used to return a constant integer have been replaced with a new more natural, unified "int()" function. These functions were only introduced in the latest 1.6-dev2 so there's no impact on regular deployments.
2015-07-06 17:43:03 -04:00
{ "src_get_gpc0", smp_fetch_sc_get_gpc0, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_gpc0_rate", smp_fetch_sc_gpc0_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_http_err_cnt", smp_fetch_sc_http_err_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_http_err_rate", smp_fetch_sc_http_err_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_http_req_cnt", smp_fetch_sc_http_req_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_http_req_rate", smp_fetch_sc_http_req_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_inc_gpc0", smp_fetch_sc_inc_gpc0, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_kbytes_in", smp_fetch_sc_kbytes_in, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_kbytes_out", smp_fetch_sc_kbytes_out, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_sess_cnt", smp_fetch_sc_sess_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_sess_rate", smp_fetch_sc_sess_rate, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "src_updt_conn_cnt", smp_fetch_src_updt_conn_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_L4CLI, },
{ "table_avl", smp_fetch_table_avl, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
{ "table_cnt", smp_fetch_table_cnt, ARG1(1,TAB), NULL, SMP_T_SINT, SMP_USE_INTRN, },
MINOR: session: rename sample fetch functions and declare the sample keywords The following sample fetch functions were only usable by ACLs but are now usable by sample fetches too : sc1_bytes_in_rate, sc1_bytes_out_rate, sc1_clr_gpc0, sc1_conn_cnt, sc1_conn_cur, sc1_conn_rate, sc1_get_gpc0, sc1_http_err_cnt, sc1_http_err_rate, sc1_http_req_cnt, sc1_http_req_rate, sc1_inc_gpc0, sc1_kbytes_in, sc1_kbytes_out, sc1_sess_cnt, sc1_sess_rate, sc1_trackers, sc2_bytes_in_rate, sc2_bytes_out_rate, sc2_clr_gpc0, sc2_conn_cnt, sc2_conn_cur, sc2_conn_rate, sc2_get_gpc0, sc2_http_err_cnt, sc2_http_err_rate, sc2_http_req_cnt, sc2_http_req_rate, sc2_inc_gpc0, sc2_kbytes_in, sc2_kbytes_out, sc2_sess_cnt, sc2_sess_rate, sc2_trackers, src_bytes_in_rate, src_bytes_out_rate, src_clr_gpc0, src_conn_cnt, src_conn_cur, src_conn_rate, src_get_gpc0, src_http_err_cnt, src_http_err_rate, src_http_req_cnt, src_http_req_rate, src_inc_gpc0, src_kbytes_in, src_kbytes_out, src_sess_cnt, src_sess_rate, src_updt_conn_cnt, table_avl, table_cnt, The fetch functions have been renamed "smp_fetch_*".
2013-01-07 19:23:27 -05:00
{ /* END */ },
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
}};
__attribute__((constructor))
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
static void __stream_init(void)
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
{
MINOR: session: rename sample fetch functions and declare the sample keywords The following sample fetch functions were only usable by ACLs but are now usable by sample fetches too : sc1_bytes_in_rate, sc1_bytes_out_rate, sc1_clr_gpc0, sc1_conn_cnt, sc1_conn_cur, sc1_conn_rate, sc1_get_gpc0, sc1_http_err_cnt, sc1_http_err_rate, sc1_http_req_cnt, sc1_http_req_rate, sc1_inc_gpc0, sc1_kbytes_in, sc1_kbytes_out, sc1_sess_cnt, sc1_sess_rate, sc1_trackers, sc2_bytes_in_rate, sc2_bytes_out_rate, sc2_clr_gpc0, sc2_conn_cnt, sc2_conn_cur, sc2_conn_rate, sc2_get_gpc0, sc2_http_err_cnt, sc2_http_err_rate, sc2_http_req_cnt, sc2_http_req_rate, sc2_inc_gpc0, sc2_kbytes_in, sc2_kbytes_out, sc2_sess_cnt, sc2_sess_rate, sc2_trackers, src_bytes_in_rate, src_bytes_out_rate, src_clr_gpc0, src_conn_cnt, src_conn_cur, src_conn_rate, src_get_gpc0, src_http_err_cnt, src_http_err_rate, src_http_req_cnt, src_http_req_rate, src_inc_gpc0, src_kbytes_in, src_kbytes_out, src_sess_cnt, src_sess_rate, src_updt_conn_cnt, table_avl, table_cnt, The fetch functions have been renamed "smp_fetch_*".
2013-01-07 19:23:27 -05:00
sample_register_fetches(&smp_fetch_keywords);
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
acl_register_keywords(&acl_kws);
MINOR: stream/applet: add use-service action This new target can be called from the frontend or the backend. It is evaluated just before the backend choice and just before the server choice. So, the input stream or HTTP request can be forwarded to a server or to an internal service.
2015-09-27 13:29:33 -04:00
tcp_req_cont_keywords_register(&stream_tcp_keywords);
http_req_keywords_register(&stream_http_keywords);
REORG: cli: move 'show sess' to stream.c Move 'show sess' CLI functions to stream.c and use the cli keyword API to register it on the CLI. [wt: the choice of stream vs session makes sense because since 1.6 these really are streams that we're dumping and not sessions anymore]
2016-11-21 02:51:11 -05:00
cli_register_kw(&cli_kws);
[MEDIUM] session: move counter ACL fetches from proto_tcp It was not normal to have counter fetches in proto_tcp.c. The only reason was that the key based on the source address was fetched there, but now we have split the key extraction and data processing, we must move that to a more appropriate place. Session seems OK since the counters are all manipulated from here. Also, since we're precisely counting number of connections with these ACLs, we rename them src_conn_cnt and src_updt_conn_cnt. This is not a problem right now since no version was emitted with these keywords.
2010-06-18 11:46:06 -04:00
}
[BIGMOVE] exploded the monolithic haproxy.c file into multiple files. The files are now stored under : - include/haproxy for the generic includes - include/types.h for the structures needed within prototypes - include/proto.h for function prototypes and inline functions - src/*.c for the C files Most include files are now covered by LGPL. A last move still needs to be done to put inline functions under GPL and not LGPL. Version has been set to 1.3.0 in the code but some control still needs to be done before releasing.
2006-06-25 20:48:02 -04:00
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in a new issue Copy permalink