mirror of
https://github.com/haproxy/haproxy.git
synced 2026-06-08 16:23:24 -04:00
MEDIUM: connections: Enforce mux protocol requirements
When picking a mux, pay attention to its MX_FL_FRAMED. If it is set, then it means we explicitely want QUIC, so don't use that mux for any protocol that is not QUIC.
This commit is contained in:
Olivier Houchard
Olivier Houchard
parent
d3ad730d5f
commit
1b0dfff552
4 changed files with 15 additions and 8 deletions
|
|
@ -34,6 +34,7 @@
|
|||
#include <haproxy/listener-t.h>
|
||||
#include <haproxy/obj_type.h>
|
||||
#include <haproxy/pool-t.h>
|
||||
#include <haproxy/protocol.h>
|
||||
#include <haproxy/server.h>
|
||||
#include <haproxy/session-t.h>
|
||||
#include <haproxy/task-t.h>
|
||||
|
|
@ -609,13 +610,13 @@ void list_mux_proto(FILE *out);
|
|||
*/
|
||||
static inline const struct mux_proto_list *conn_get_best_mux_entry(
|
||||
const struct ist mux_proto,
|
||||
int proto_side, int proto_mode)
|
||||
int proto_side, int proto_is_quic, int proto_mode)
|
||||
{
|
||||
struct mux_proto_list *item;
|
||||
struct mux_proto_list *fallback = NULL;
|
||||
|
||||
list_for_each_entry(item, &mux_proto_list.list, list) {
|
||||
if (!(item->side & proto_side) || !(item->mode & proto_mode))
|
||||
if (!(item->side & proto_side) || !(item->mode & proto_mode) || (proto_is_quic && !(item->mux->flags & MX_FL_FRAMED)))
|
||||
continue;
|
||||
if (istlen(mux_proto) && isteq(mux_proto, item->token))
|
||||
return item;
|
||||
|
|
@ -640,7 +641,7 @@ static inline const struct mux_ops *conn_get_best_mux(struct connection *conn,
|
|||
{
|
||||
const struct mux_proto_list *item;
|
||||
|
||||
item = conn_get_best_mux_entry(mux_proto, proto_side, proto_mode);
|
||||
item = conn_get_best_mux_entry(mux_proto, proto_side, proto_is_quic(conn->ctrl), proto_mode);
|
||||
|
||||
return item ? item->mux : NULL;
|
||||
}
|
||||
|
|
|
|||
10
src/proxy.c
10
src/proxy.c
|
|
@ -1676,11 +1676,17 @@ int proxy_finalize(struct proxy *px, int *err_code)
|
|||
}
|
||||
|
||||
if (bind_conf->mux_proto) {
|
||||
int is_quic;
|
||||
|
||||
if ((bind_conf->options & (BC_O_USE_SOCK_DGRAM | BC_O_USE_XPRT_STREAM)) == (BC_O_USE_SOCK_DGRAM | BC_O_USE_XPRT_STREAM))
|
||||
is_quic = 1;
|
||||
else
|
||||
is_quic = 0;
|
||||
/* it is possible that an incorrect mux was referenced
|
||||
* due to the proxy's mode not being taken into account
|
||||
* on first pass. Let's adjust it now.
|
||||
*/
|
||||
mux_ent = conn_get_best_mux_entry(bind_conf->mux_proto->token, PROTO_SIDE_FE, mode);
|
||||
mux_ent = conn_get_best_mux_entry(bind_conf->mux_proto->token, PROTO_SIDE_FE, is_quic, mode);
|
||||
|
||||
if (!mux_ent || !isteq(mux_ent->token, bind_conf->mux_proto->token)) {
|
||||
ha_alert("%s '%s' : MUX protocol '%.*s' is not usable for 'bind %s' at [%s:%d].\n",
|
||||
|
|
@ -2879,7 +2885,7 @@ int proxy_finalize(struct proxy *px, int *err_code)
|
|||
* due to the proxy's mode not being taken into account
|
||||
* on first pass. Let's adjust it now.
|
||||
*/
|
||||
mux_ent = conn_get_best_mux_entry(newsrv->mux_proto->token, PROTO_SIDE_BE, mode);
|
||||
mux_ent = conn_get_best_mux_entry(newsrv->mux_proto->token, PROTO_SIDE_BE, srv_is_quic(newsrv), mode);
|
||||
|
||||
if (!mux_ent || !isteq(mux_ent->token, newsrv->mux_proto->token)) {
|
||||
ha_alert("%s '%s' : MUX protocol '%.*s' is not usable for server '%s' at [%s:%d].\n",
|
||||
|
|
|
|||
|
|
@ -6242,7 +6242,7 @@ static int cli_parse_add_server(char **args, char *payload, struct appctx *appct
|
|||
int proto_mode = conn_pr_mode_to_proto_mode(be->mode);
|
||||
const struct mux_proto_list *mux_ent;
|
||||
|
||||
mux_ent = conn_get_best_mux_entry(srv->mux_proto->token, PROTO_SIDE_BE, proto_mode);
|
||||
mux_ent = conn_get_best_mux_entry(srv->mux_proto->token, PROTO_SIDE_BE, srv_is_quic(srv), proto_mode);
|
||||
|
||||
if (!mux_ent || !isteq(mux_ent->token, srv->mux_proto->token)) {
|
||||
ha_alert("MUX protocol is not usable for server.\n");
|
||||
|
|
|
|||
|
|
@ -3289,7 +3289,7 @@ static int check_tcp_switch_stream_mode(struct act_rule *rule, struct proxy *px,
|
|||
px->options |= PR_O_HTTP_UPG;
|
||||
|
||||
if (mux_proto) {
|
||||
mux_ent = conn_get_best_mux_entry(mux_proto->token, PROTO_SIDE_FE, mode);
|
||||
mux_ent = conn_get_best_mux_entry(mux_proto->token, PROTO_SIDE_FE, 0, mode);
|
||||
if (!mux_ent || !isteq(mux_ent->token, mux_proto->token)) {
|
||||
memprintf(err, "MUX protocol '%.*s' is not compatible with the selected mode",
|
||||
(int)mux_proto->token.len, mux_proto->token.ptr);
|
||||
|
|
@ -3297,7 +3297,7 @@ static int check_tcp_switch_stream_mode(struct act_rule *rule, struct proxy *px,
|
|||
}
|
||||
}
|
||||
else {
|
||||
mux_ent = conn_get_best_mux_entry(IST_NULL, PROTO_SIDE_FE, mode);
|
||||
mux_ent = conn_get_best_mux_entry(IST_NULL, PROTO_SIDE_FE, 0, mode);
|
||||
if (!mux_ent) {
|
||||
memprintf(err, "Unable to find compatible MUX protocol with the selected mode");
|
||||
return 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue