1 #include "buffer.h"
2 #include "server.h"
3 #include "keyvalue.h"
4 #include "log.h"
5
6 #include "http_chunk.h"
7 #include "fdevent.h"
8 #include "connections.h"
9 #include "response.h"
10 #include "joblist.h"
11
12 #include "plugin.h"
13
14 #include "inet_ntop_cache.h"
15 #include "crc32.h"
16
17 #include <sys/types.h>
18
19 #include <unistd.h>
20 #include <errno.h>
21 #include <fcntl.h>
22 #include <string.h>
23 #include <stdlib.h>
24 #include <ctype.h>
25 #include <assert.h>
26
27 #include <stdio.h>
28
29 #ifdef HAVE_SYS_FILIO_H
30 # include <sys/filio.h>
31 #endif
32
33 #include "sys-socket.h"
34
35 #define data_proxy data_fastcgi
36 #define data_proxy_init data_fastcgi_init
37
38 #define PROXY_RETRY_TIMEOUT 60
39
40 /**
41 *
42 * the proxy module is based on the fastcgi module
43 *
44 * 28.06.2004 Jan Kneschke The first release
45 * 01.07.2004 Evgeny Rodichev Several bugfixes and cleanups
46 * - co-ordinate up- and downstream flows correctly (proxy_demux_response
47 * and proxy_handle_fdevent)
48 * - correctly transfer upstream http_response_status;
49 * - some unused structures removed.
50 *
51 * TODO: - delay upstream read if write_queue is too large
52 * (to prevent memory eating, like in apache). Shoud be
53 * configurable).
54 * - persistent connection with upstream servers
55 * - HTTP/1.1
56 */
57 typedef enum {
58 PROXY_BALANCE_UNSET,
59 PROXY_BALANCE_FAIR,
60 PROXY_BALANCE_HASH,
61 PROXY_BALANCE_RR
62 } proxy_balance_t;
63
64 typedef struct {
65 array *extensions;
66 unsigned short debug;
67
68 proxy_balance_t balance;
69 } plugin_config;
70
71 typedef struct {
72 PLUGIN_DATA;
73
74 buffer *parse_response;
75 buffer *balance_buf;
76
77 plugin_config **config_storage;
78
79 plugin_config conf;
80 } plugin_data;
81
82 typedef enum {
83 PROXY_STATE_INIT,
84 PROXY_STATE_CONNECT,
85 PROXY_STATE_PREPARE_WRITE,
86 PROXY_STATE_WRITE,
87 PROXY_STATE_READ,
88 PROXY_STATE_ERROR
89 } proxy_connection_state_t;
90
91 enum { PROXY_STDOUT, PROXY_END_REQUEST };
92
93 typedef struct {
94 proxy_connection_state_t state;
95 time_t state_timestamp;
96
97 data_proxy *host;
98
99 buffer *response;
100 buffer *response_header;
101
102 chunkqueue *wb;
103
104 int fd; /* fd to the proxy process */
105 int fde_ndx; /* index into the fd-event buffer */
106
107 size_t path_info_offset; /* start of path_info in uri.path */
108
109 connection *remote_conn; /* dump pointer */
110 plugin_data *plugin_data; /* dump pointer */
111 } handler_ctx;
112
113
114 /* ok, we need a prototype */
115 static handler_t proxy_handle_fdevent(server *srv, void *ctx, int revents);
116
handler_ctx_init(void)117 static handler_ctx * handler_ctx_init(void) {
118 handler_ctx * hctx;
119
120
121 hctx = calloc(1, sizeof(*hctx));
122
123 hctx->state = PROXY_STATE_INIT;
124 hctx->host = NULL;
125
126 hctx->response = buffer_init();
127 hctx->response_header = buffer_init();
128
129 hctx->wb = chunkqueue_init();
130
131 hctx->fd = -1;
132 hctx->fde_ndx = -1;
133
134 return hctx;
135 }
136
handler_ctx_free(handler_ctx * hctx)137 static void handler_ctx_free(handler_ctx *hctx) {
138 buffer_free(hctx->response);
139 buffer_free(hctx->response_header);
140 chunkqueue_free(hctx->wb);
141
142 free(hctx);
143 }
144
INIT_FUNC(mod_proxy_init)145 INIT_FUNC(mod_proxy_init) {
146 plugin_data *p;
147
148 p = calloc(1, sizeof(*p));
149
150 p->parse_response = buffer_init();
151 p->balance_buf = buffer_init();
152
153 return p;
154 }
155
156
FREE_FUNC(mod_proxy_free)157 FREE_FUNC(mod_proxy_free) {
158 plugin_data *p = p_d;
159
160 UNUSED(srv);
161
162 buffer_free(p->parse_response);
163 buffer_free(p->balance_buf);
164
165 if (p->config_storage) {
166 size_t i;
167 for (i = 0; i < srv->config_context->used; i++) {
168 plugin_config *s = p->config_storage[i];
169
170 if (s) {
171
172 array_free(s->extensions);
173
174 free(s);
175 }
176 }
177 free(p->config_storage);
178 }
179
180 free(p);
181
182 return HANDLER_GO_ON;
183 }
184
SETDEFAULTS_FUNC(mod_proxy_set_defaults)185 SETDEFAULTS_FUNC(mod_proxy_set_defaults) {
186 plugin_data *p = p_d;
187 data_unset *du;
188 size_t i = 0;
189
190 config_values_t cv[] = {
191 { "proxy.server", NULL, T_CONFIG_LOCAL, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
192 { "proxy.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
193 { "proxy.balance", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
194 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
195 };
196
197 p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
198
199 for (i = 0; i < srv->config_context->used; i++) {
200 plugin_config *s;
201 array *ca;
202
203 s = malloc(sizeof(plugin_config));
204 s->extensions = array_init();
205 s->debug = 0;
206
207 cv[0].destination = s->extensions;
208 cv[1].destination = &(s->debug);
209 cv[2].destination = p->balance_buf;
210
211 buffer_reset(p->balance_buf);
212
213 p->config_storage[i] = s;
214 ca = ((data_config *)srv->config_context->data[i])->value;
215
216 if (0 != config_insert_values_global(srv, ca, cv)) {
217 return HANDLER_ERROR;
218 }
219
220 if (buffer_is_empty(p->balance_buf)) {
221 s->balance = PROXY_BALANCE_FAIR;
222 } else if (buffer_is_equal_string(p->balance_buf, CONST_STR_LEN("fair"))) {
223 s->balance = PROXY_BALANCE_FAIR;
224 } else if (buffer_is_equal_string(p->balance_buf, CONST_STR_LEN("round-robin"))) {
225 s->balance = PROXY_BALANCE_RR;
226 } else if (buffer_is_equal_string(p->balance_buf, CONST_STR_LEN("hash"))) {
227 s->balance = PROXY_BALANCE_HASH;
228 } else {
229 log_error_write(srv, __FILE__, __LINE__, "sb",
230 "proxy.balance has to be one of: fair, round-robin, hash, but not:", p->balance_buf);
231 return HANDLER_ERROR;
232 }
233
234 if (NULL != (du = array_get_element(ca, "proxy.server"))) {
235 size_t j;
236 data_array *da = (data_array *)du;
237
238 if (du->type != TYPE_ARRAY) {
239 log_error_write(srv, __FILE__, __LINE__, "sss",
240 "unexpected type for key: ", "proxy.server", "array of strings");
241
242 return HANDLER_ERROR;
243 }
244
245 /*
246 * proxy.server = ( "<ext>" => ...,
247 * "<ext>" => ... )
248 */
249
250 for (j = 0; j < da->value->used; j++) {
251 data_array *da_ext = (data_array *)da->value->data[j];
252 size_t n;
253
254 if (da_ext->type != TYPE_ARRAY) {
255 log_error_write(srv, __FILE__, __LINE__, "sssbs",
256 "unexpected type for key: ", "proxy.server",
257 "[", da->value->data[j]->key, "](string)");
258
259 return HANDLER_ERROR;
260 }
261
262 /*
263 * proxy.server = ( "<ext>" =>
264 * ( "<host>" => ( ... ),
265 * "<host>" => ( ... )
266 * ),
267 * "<ext>" => ... )
268 */
269
270 for (n = 0; n < da_ext->value->used; n++) {
271 data_array *da_host = (data_array *)da_ext->value->data[n];
272
273 data_proxy *df;
274 data_array *dfa;
275
276 config_values_t pcv[] = {
277 { "host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
278 { "port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
279 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
280 };
281
282 if (da_host->type != TYPE_ARRAY) {
283 log_error_write(srv, __FILE__, __LINE__, "ssSBS",
284 "unexpected type for key:",
285 "proxy.server",
286 "[", da_ext->value->data[n]->key, "](string)");
287
288 return HANDLER_ERROR;
289 }
290
291 df = data_proxy_init();
292
293 df->port = 80;
294
295 buffer_copy_string_buffer(df->key, da_host->key);
296
297 pcv[0].destination = df->host;
298 pcv[1].destination = &(df->port);
299
300 if (0 != config_insert_values_internal(srv, da_host->value, pcv)) {
301 return HANDLER_ERROR;
302 }
303
304 if (buffer_is_empty(df->host)) {
305 log_error_write(srv, __FILE__, __LINE__, "sbbbs",
306 "missing key (string):",
307 da->key,
308 da_ext->key,
309 da_host->key,
310 "host");
311
312 return HANDLER_ERROR;
313 }
314
315 /* if extension already exists, take it */
316
317 if (NULL == (dfa = (data_array *)array_get_element(s->extensions, da_ext->key->ptr))) {
318 dfa = data_array_init();
319
320 buffer_copy_string_buffer(dfa->key, da_ext->key);
321
322 array_insert_unique(dfa->value, (data_unset *)df);
323 array_insert_unique(s->extensions, (data_unset *)dfa);
324 } else {
325 array_insert_unique(dfa->value, (data_unset *)df);
326 }
327 }
328 }
329 }
330 }
331
332 return HANDLER_GO_ON;
333 }
334
proxy_connection_close(server * srv,handler_ctx * hctx)335 static void proxy_connection_close(server *srv, handler_ctx *hctx) {
336 plugin_data *p;
337 connection *con;
338
339 if (NULL == hctx) return;
340
341 p = hctx->plugin_data;
342 con = hctx->remote_conn;
343
344 if (hctx->fd != -1) {
345 fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
346 fdevent_unregister(srv->ev, hctx->fd);
347
348 close(hctx->fd);
349 srv->cur_fds--;
350 }
351
352 if (hctx->host) {
353 hctx->host->usage--;
354 }
355
356 handler_ctx_free(hctx);
357 con->plugin_ctx[p->id] = NULL;
358 }
359
proxy_establish_connection(server * srv,handler_ctx * hctx)360 static int proxy_establish_connection(server *srv, handler_ctx *hctx) {
361 struct sockaddr *proxy_addr;
362 struct sockaddr_in proxy_addr_in;
363 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
364 struct sockaddr_in6 proxy_addr_in6;
365 #endif
366 socklen_t servlen;
367
368 plugin_data *p = hctx->plugin_data;
369 data_proxy *host= hctx->host;
370 int proxy_fd = hctx->fd;
371
372
373 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
374 if (strstr(host->host->ptr, ":")) {
375 memset(&proxy_addr_in6, 0, sizeof(proxy_addr_in6));
376 proxy_addr_in6.sin6_family = AF_INET6;
377 inet_pton(AF_INET6, host->host->ptr, (char *) &proxy_addr_in6.sin6_addr);
378 proxy_addr_in6.sin6_port = htons(host->port);
379 servlen = sizeof(proxy_addr_in6);
380 proxy_addr = (struct sockaddr *) &proxy_addr_in6;
381 } else
382 #endif
383 {
384 memset(&proxy_addr_in, 0, sizeof(proxy_addr_in));
385 proxy_addr_in.sin_family = AF_INET;
386 proxy_addr_in.sin_addr.s_addr = inet_addr(host->host->ptr);
387 proxy_addr_in.sin_port = htons(host->port);
388 servlen = sizeof(proxy_addr_in);
389 proxy_addr = (struct sockaddr *) &proxy_addr_in;
390 }
391
392
393 if (-1 == connect(proxy_fd, proxy_addr, servlen)) {
394 if (errno == EINPROGRESS || errno == EALREADY) {
395 if (p->conf.debug) {
396 log_error_write(srv, __FILE__, __LINE__, "sd",
397 "connect delayed:", proxy_fd);
398 }
399
400 return 1;
401 } else {
402
403 log_error_write(srv, __FILE__, __LINE__, "sdsd",
404 "connect failed:", proxy_fd, strerror(errno), errno);
405
406 return -1;
407 }
408 }
409 if (p->conf.debug) {
410 log_error_write(srv, __FILE__, __LINE__, "sd",
411 "connect succeeded: ", proxy_fd);
412 }
413
414 return 0;
415 }
416
proxy_set_header(connection * con,const char * key,const char * value)417 static void proxy_set_header(connection *con, const char *key, const char *value) {
418 data_string *ds_dst;
419
420 if (NULL == (ds_dst = (data_string *)array_get_unused_element(con->request.headers, TYPE_STRING))) {
421 ds_dst = data_string_init();
422 }
423
424 buffer_copy_string(ds_dst->key, key);
425 buffer_copy_string(ds_dst->value, value);
426 array_insert_unique(con->request.headers, (data_unset *)ds_dst);
427 }
428
proxy_append_header(connection * con,const char * key,const char * value)429 static void proxy_append_header(connection *con, const char *key, const char *value) {
430 data_string *ds_dst;
431
432 if (NULL == (ds_dst = (data_string *)array_get_unused_element(con->request.headers, TYPE_STRING))) {
433 ds_dst = data_string_init();
434 }
435
436 buffer_copy_string(ds_dst->key, key);
437 buffer_append_string(ds_dst->value, value);
438 array_insert_unique(con->request.headers, (data_unset *)ds_dst);
439 }
440
441
proxy_create_env(server * srv,handler_ctx * hctx)442 static int proxy_create_env(server *srv, handler_ctx *hctx) {
443 size_t i;
444
445 connection *con = hctx->remote_conn;
446 buffer *b;
447
448 /* build header */
449
450 b = chunkqueue_get_append_buffer(hctx->wb);
451
452 /* request line */
453 buffer_copy_string(b, get_http_method_name(con->request.http_method));
454 buffer_append_string_len(b, CONST_STR_LEN(" "));
455
456 buffer_append_string_buffer(b, con->request.uri);
457 buffer_append_string_len(b, CONST_STR_LEN(" HTTP/1.0\r\n"));
458
459 proxy_append_header(con, "X-Forwarded-For", (char *)inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
460 /* http_host is NOT is just a pointer to a buffer
461 * which is NULL if it is not set */
462 if (con->request.http_host &&
463 !buffer_is_empty(con->request.http_host)) {
464 proxy_set_header(con, "X-Host", con->request.http_host->ptr);
465 }
466 proxy_set_header(con, "X-Forwarded-Proto", con->conf.is_ssl ? "https" : "http");
467
468 /* request header */
469 for (i = 0; i < con->request.headers->used; i++) {
470 data_string *ds;
471
472 ds = (data_string *)con->request.headers->data[i];
473
474 if (ds->value->used && ds->key->used) {
475 if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Connection"))) continue;
476 if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Proxy-Connection"))) continue;
477
478 buffer_append_string_buffer(b, ds->key);
479 buffer_append_string_len(b, CONST_STR_LEN(": "));
480 buffer_append_string_buffer(b, ds->value);
481 buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
482 }
483 }
484
485 buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
486
487 hctx->wb->bytes_in += b->used - 1;
488 /* body */
489
490 if (con->request.content_length) {
491 chunkqueue *req_cq = con->request_content_queue;
492 chunk *req_c;
493 off_t offset;
494
495 /* something to send ? */
496 for (offset = 0, req_c = req_cq->first; offset != req_cq->bytes_in; req_c = req_c->next) {
497 off_t weWant = req_cq->bytes_in - offset;
498 off_t weHave = 0;
499
500 /* we announce toWrite octects
501 * now take all the request_content chunk that we need to fill this request
502 * */
503
504 switch (req_c->type) {
505 case FILE_CHUNK:
506 weHave = req_c->file.length - req_c->offset;
507
508 if (weHave > weWant) weHave = weWant;
509
510 chunkqueue_append_file(hctx->wb, req_c->file.name, req_c->offset, weHave);
511
512 req_c->offset += weHave;
513 req_cq->bytes_out += weHave;
514
515 hctx->wb->bytes_in += weHave;
516
517 break;
518 case MEM_CHUNK:
519 /* append to the buffer */
520 weHave = req_c->mem->used - 1 - req_c->offset;
521
522 if (weHave > weWant) weHave = weWant;
523
524 b = chunkqueue_get_append_buffer(hctx->wb);
525 buffer_append_memory(b, req_c->mem->ptr + req_c->offset, weHave);
526 b->used++; /* add virtual \0 */
527
528 req_c->offset += weHave;
529 req_cq->bytes_out += weHave;
530
531 hctx->wb->bytes_in += weHave;
532
533 break;
534 default:
535 break;
536 }
537
538 offset += weHave;
539 }
540
541 }
542
543 return 0;
544 }
545
proxy_set_state(server * srv,handler_ctx * hctx,proxy_connection_state_t state)546 static int proxy_set_state(server *srv, handler_ctx *hctx, proxy_connection_state_t state) {
547 hctx->state = state;
548 hctx->state_timestamp = srv->cur_ts;
549
550 return 0;
551 }
552
553
proxy_response_parse(server * srv,connection * con,plugin_data * p,buffer * in)554 static int proxy_response_parse(server *srv, connection *con, plugin_data *p, buffer *in) {
555 char *s, *ns;
556 int http_response_status = -1;
557
558 UNUSED(srv);
559
560 /* \r\n -> \0\0 */
561
562 buffer_copy_string_buffer(p->parse_response, in);
563
564 for (s = p->parse_response->ptr; NULL != (ns = strstr(s, "\r\n")); s = ns + 2) {
565 char *key, *value;
566 int key_len;
567 data_string *ds;
568 int copy_header;
569
570 ns[0] = '\0';
571 ns[1] = '\0';
572
573 if (-1 == http_response_status) {
574 /* The first line of a Response message is the Status-Line */
575
576 for (key=s; *key && *key != ' '; key++);
577
578 if (*key) {
579 http_response_status = (int) strtol(key, NULL, 10);
580 if (http_response_status <= 0) http_response_status = 502;
581 } else {
582 http_response_status = 502;
583 }
584
585 con->http_status = http_response_status;
586 con->parsed_response |= HTTP_STATUS;
587 continue;
588 }
589
590 if (NULL == (value = strchr(s, ':'))) {
591 /* now we expect: "<key>: <value>\n" */
592
593 continue;
594 }
595
596 key = s;
597 key_len = value - key;
598
599 value++;
600 /* strip WS */
601 while (*value == ' ' || *value == '\t') value++;
602
603 copy_header = 1;
604
605 switch(key_len) {
606 case 4:
607 if (0 == strncasecmp(key, "Date", key_len)) {
608 con->parsed_response |= HTTP_DATE;
609 }
610 break;
611 case 8:
612 if (0 == strncasecmp(key, "Location", key_len)) {
613 con->parsed_response |= HTTP_LOCATION;
614 }
615 break;
616 case 10:
617 if (0 == strncasecmp(key, "Connection", key_len)) {
618 copy_header = 0;
619 }
620 break;
621 case 14:
622 if (0 == strncasecmp(key, "Content-Length", key_len)) {
623 con->response.content_length = strtol(value, NULL, 10);
624 con->parsed_response |= HTTP_CONTENT_LENGTH;
625 }
626 break;
627 default:
628 break;
629 }
630
631 if (copy_header) {
632 if (NULL == (ds = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) {
633 ds = data_response_init();
634 }
635 buffer_copy_string_len(ds->key, key, key_len);
636 buffer_copy_string(ds->value, value);
637
638 array_insert_unique(con->response.headers, (data_unset *)ds);
639 }
640 }
641
642 return 0;
643 }
644
645
proxy_demux_response(server * srv,handler_ctx * hctx)646 static int proxy_demux_response(server *srv, handler_ctx *hctx) {
647 int fin = 0;
648 int b;
649 ssize_t r;
650
651 plugin_data *p = hctx->plugin_data;
652 connection *con = hctx->remote_conn;
653 int proxy_fd = hctx->fd;
654
655 /* check how much we have to read */
656 if (ioctl(hctx->fd, FIONREAD, &b)) {
657 log_error_write(srv, __FILE__, __LINE__, "sd",
658 "ioctl failed: ",
659 proxy_fd);
660 return -1;
661 }
662
663
664 if (p->conf.debug) {
665 log_error_write(srv, __FILE__, __LINE__, "sd",
666 "proxy - have to read:", b);
667 }
668
669 if (b > 0) {
670 if (hctx->response->used == 0) {
671 /* avoid too small buffer */
672 buffer_prepare_append(hctx->response, b + 1);
673 hctx->response->used = 1;
674 } else {
675 buffer_prepare_append(hctx->response, b);
676 }
677
678 if (-1 == (r = read(hctx->fd, hctx->response->ptr + hctx->response->used - 1, b))) {
679 if (errno == EAGAIN) return 0;
680 log_error_write(srv, __FILE__, __LINE__, "sds",
681 "unexpected end-of-file (perhaps the proxy process died):",
682 proxy_fd, strerror(errno));
683 return -1;
684 }
685
686 /* this should be catched by the b > 0 above */
687 assert(r);
688
689 hctx->response->used += r;
690 hctx->response->ptr[hctx->response->used - 1] = '\0';
691
692 #if 0
693 log_error_write(srv, __FILE__, __LINE__, "sdsbs",
694 "demux: Response buffer len", hctx->response->used, ":", hctx->response, ":");
695 #endif
696
697 if (0 == con->got_response) {
698 con->got_response = 1;
699 buffer_prepare_copy(hctx->response_header, 128);
700 }
701
702 if (0 == con->file_started) {
703 char *c;
704
705 /* search for the \r\n\r\n in the string */
706 if (NULL != (c = buffer_search_string_len(hctx->response, "\r\n\r\n", 4))) {
707 size_t hlen = c - hctx->response->ptr + 4;
708 size_t blen = hctx->response->used - hlen - 1;
709 /* found */
710
711 buffer_append_string_len(hctx->response_header, hctx->response->ptr, c - hctx->response->ptr + 4);
712 #if 0
713 log_error_write(srv, __FILE__, __LINE__, "sb", "Header:", hctx->response_header);
714 #endif
715 /* parse the response header */
716 proxy_response_parse(srv, con, p, hctx->response_header);
717
718 /* enable chunked-transfer-encoding */
719 if (con->request.http_version == HTTP_VERSION_1_1 &&
720 !(con->parsed_response & HTTP_CONTENT_LENGTH)) {
721 con->response.transfer_encoding = HTTP_TRANSFER_ENCODING_CHUNKED;
722 }
723
724 con->file_started = 1;
725 if (blen) {
726 http_chunk_append_mem(srv, con, c + 4, blen + 1);
727 }
728 hctx->response->used = 0;
729 joblist_append(srv, con);
730 }
731 } else {
732 http_chunk_append_mem(srv, con, hctx->response->ptr, hctx->response->used);
733 joblist_append(srv, con);
734 hctx->response->used = 0;
735 }
736
737 } else {
738 /* reading from upstream done */
739 con->file_finished = 1;
740
741 http_chunk_append_mem(srv, con, NULL, 0);
742 joblist_append(srv, con);
743
744 fin = 1;
745 }
746
747 return fin;
748 }
749
750
proxy_write_request(server * srv,handler_ctx * hctx)751 static handler_t proxy_write_request(server *srv, handler_ctx *hctx) {
752 data_proxy *host= hctx->host;
753 connection *con = hctx->remote_conn;
754
755 int ret;
756
757 if (!host ||
758 (!host->host->used || !host->port)) return -1;
759
760 switch(hctx->state) {
761 case PROXY_STATE_CONNECT:
762 /* wait for the connect() to finish */
763
764 /* connect failed ? */
765 if (-1 == hctx->fde_ndx) return HANDLER_ERROR;
766
767 /* wait */
768 return HANDLER_WAIT_FOR_EVENT;
769
770 break;
771
772 case PROXY_STATE_INIT:
773 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
774 if (strstr(host->host->ptr,":")) {
775 if (-1 == (hctx->fd = socket(AF_INET6, SOCK_STREAM, 0))) {
776 log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
777 return HANDLER_ERROR;
778 }
779 } else
780 #endif
781 {
782 if (-1 == (hctx->fd = socket(AF_INET, SOCK_STREAM, 0))) {
783 log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
784 return HANDLER_ERROR;
785 }
786 }
787 hctx->fde_ndx = -1;
788
789 srv->cur_fds++;
790
791 fdevent_register(srv->ev, hctx->fd, proxy_handle_fdevent, hctx);
792
793 if (-1 == fdevent_fcntl_set(srv->ev, hctx->fd)) {
794 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno));
795
796 return HANDLER_ERROR;
797 }
798
799 switch (proxy_establish_connection(srv, hctx)) {
800 case 1:
801 proxy_set_state(srv, hctx, PROXY_STATE_CONNECT);
802
803 /* connection is in progress, wait for an event and call getsockopt() below */
804
805 fdevent_event_set(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
806
807 return HANDLER_WAIT_FOR_EVENT;
808 case -1:
809 /* if ECONNREFUSED choose another connection -> FIXME */
810 hctx->fde_ndx = -1;
811
812 return HANDLER_ERROR;
813 default:
814 /* everything is ok, go on */
815 proxy_set_state(srv, hctx, PROXY_STATE_PREPARE_WRITE);
816 break;
817 }
818
819 /* fall through */
820
821 case PROXY_STATE_PREPARE_WRITE:
822 proxy_create_env(srv, hctx);
823
824 proxy_set_state(srv, hctx, PROXY_STATE_WRITE);
825
826 /* fall through */
827 case PROXY_STATE_WRITE:;
828 ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
829
830 chunkqueue_remove_finished_chunks(hctx->wb);
831
832 if (-1 == ret) { /* error on our side */
833 log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed:", strerror(errno), errno);
834
835 return HANDLER_ERROR;
836 } else if (-2 == ret) { /* remote close */
837 log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed, remote connection close:", strerror(errno), errno);
838
839 return HANDLER_ERROR;
840 }
841
842 if (hctx->wb->bytes_out == hctx->wb->bytes_in) {
843 proxy_set_state(srv, hctx, PROXY_STATE_READ);
844
845 fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
846 fdevent_event_set(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
847 } else {
848 fdevent_event_set(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
849
850 return HANDLER_WAIT_FOR_EVENT;
851 }
852
853 return HANDLER_WAIT_FOR_EVENT;
854 case PROXY_STATE_READ:
855 /* waiting for a response */
856 return HANDLER_WAIT_FOR_EVENT;
857 default:
858 log_error_write(srv, __FILE__, __LINE__, "s", "(debug) unknown state");
859 return HANDLER_ERROR;
860 }
861
862 return HANDLER_GO_ON;
863 }
864
865 #define PATCH(x) \
866 p->conf.x = s->x;
mod_proxy_patch_connection(server * srv,connection * con,plugin_data * p)867 static int mod_proxy_patch_connection(server *srv, connection *con, plugin_data *p) {
868 size_t i, j;
869 plugin_config *s = p->config_storage[0];
870
871 PATCH(extensions);
872 PATCH(debug);
873 PATCH(balance);
874
875 /* skip the first, the global context */
876 for (i = 1; i < srv->config_context->used; i++) {
877 data_config *dc = (data_config *)srv->config_context->data[i];
878 s = p->config_storage[i];
879
880 /* condition didn't match */
881 if (!config_check_cond(srv, con, dc)) continue;
882
883 /* merge config */
884 for (j = 0; j < dc->value->used; j++) {
885 data_unset *du = dc->value->data[j];
886
887 if (buffer_is_equal_string(du->key, CONST_STR_LEN("proxy.server"))) {
888 PATCH(extensions);
889 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("proxy.debug"))) {
890 PATCH(debug);
891 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("proxy.balance"))) {
892 PATCH(balance);
893 }
894 }
895 }
896
897 return 0;
898 }
899 #undef PATCH
900
SUBREQUEST_FUNC(mod_proxy_handle_subrequest)901 SUBREQUEST_FUNC(mod_proxy_handle_subrequest) {
902 plugin_data *p = p_d;
903
904 handler_ctx *hctx = con->plugin_ctx[p->id];
905 data_proxy *host;
906
907 if (NULL == hctx) return HANDLER_GO_ON;
908
909 mod_proxy_patch_connection(srv, con, p);
910
911 host = hctx->host;
912
913 /* not my job */
914 if (con->mode != p->id) return HANDLER_GO_ON;
915
916 /* ok, create the request */
917 switch(proxy_write_request(srv, hctx)) {
918 case HANDLER_ERROR:
919 log_error_write(srv, __FILE__, __LINE__, "sbdd", "proxy-server disabled:",
920 host->host,
921 host->port,
922 hctx->fd);
923
924 /* disable this server */
925 host->is_disabled = 1;
926 host->disable_ts = srv->cur_ts;
927
928 proxy_connection_close(srv, hctx);
929
930 /* reset the enviroment and restart the sub-request */
931 buffer_reset(con->physical.path);
932 con->mode = DIRECT;
933
934 joblist_append(srv, con);
935
936 /* mis-using HANDLER_WAIT_FOR_FD to break out of the loop
937 * and hope that the childs will be restarted
938 *
939 */
940
941 return HANDLER_WAIT_FOR_FD;
942 case HANDLER_WAIT_FOR_EVENT:
943 break;
944 case HANDLER_WAIT_FOR_FD:
945 return HANDLER_WAIT_FOR_FD;
946 default:
947 break;
948 }
949
950 if (con->file_started == 1) {
951 return HANDLER_FINISHED;
952 } else {
953 return HANDLER_WAIT_FOR_EVENT;
954 }
955 }
956
proxy_handle_fdevent(server * srv,void * ctx,int revents)957 static handler_t proxy_handle_fdevent(server *srv, void *ctx, int revents) {
958 handler_ctx *hctx = ctx;
959 connection *con = hctx->remote_conn;
960 plugin_data *p = hctx->plugin_data;
961
962
963 if ((revents & FDEVENT_IN) &&
964 hctx->state == PROXY_STATE_READ) {
965
966 if (p->conf.debug) {
967 log_error_write(srv, __FILE__, __LINE__, "sd",
968 "proxy: fdevent-in", hctx->state);
969 }
970
971 switch (proxy_demux_response(srv, hctx)) {
972 case 0:
973 break;
974 case 1:
975 /* we are done */
976 proxy_connection_close(srv, hctx);
977
978 joblist_append(srv, con);
979 return HANDLER_FINISHED;
980 case -1:
981 if (con->file_started == 0) {
982 /* nothing has been send out yet, send a 500 */
983 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
984 con->http_status = 500;
985 con->mode = DIRECT;
986 } else {
987 /* response might have been already started, kill the connection */
988 connection_set_state(srv, con, CON_STATE_ERROR);
989 }
990
991 joblist_append(srv, con);
992 return HANDLER_FINISHED;
993 }
994 }
995
996 if (revents & FDEVENT_OUT) {
997 if (p->conf.debug) {
998 log_error_write(srv, __FILE__, __LINE__, "sd",
999 "proxy: fdevent-out", hctx->state);
1000 }
1001
1002 if (hctx->state == PROXY_STATE_CONNECT) {
1003 int socket_error;
1004 socklen_t socket_error_len = sizeof(socket_error);
1005
1006 /* we don't need it anymore */
1007 fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
1008 hctx->fde_ndx = -1;
1009
1010 /* try to finish the connect() */
1011 if (0 != getsockopt(hctx->fd, SOL_SOCKET, SO_ERROR, &socket_error, &socket_error_len)) {
1012 log_error_write(srv, __FILE__, __LINE__, "ss",
1013 "getsockopt failed:", strerror(errno));
1014
1015 joblist_append(srv, con);
1016 return HANDLER_FINISHED;
1017 }
1018 if (socket_error != 0) {
1019 log_error_write(srv, __FILE__, __LINE__, "ss",
1020 "establishing connection failed:", strerror(socket_error),
1021 "port:", hctx->host->port);
1022
1023 joblist_append(srv, con);
1024 return HANDLER_FINISHED;
1025 }
1026 if (p->conf.debug) {
1027 log_error_write(srv, __FILE__, __LINE__, "s", "proxy - connect - delayed success");
1028 }
1029
1030 proxy_set_state(srv, hctx, PROXY_STATE_PREPARE_WRITE);
1031 }
1032
1033 if (hctx->state == PROXY_STATE_PREPARE_WRITE ||
1034 hctx->state == PROXY_STATE_WRITE) {
1035 /* we are allowed to send something out
1036 *
1037 * 1. after a just finished connect() call
1038 * 2. in a unfinished write() call (long POST request)
1039 */
1040 return mod_proxy_handle_subrequest(srv, con, p);
1041 } else {
1042 log_error_write(srv, __FILE__, __LINE__, "sd",
1043 "proxy: out", hctx->state);
1044 }
1045 }
1046
1047 /* perhaps this issue is already handled */
1048 if (revents & FDEVENT_HUP) {
1049 if (p->conf.debug) {
1050 log_error_write(srv, __FILE__, __LINE__, "sd",
1051 "proxy: fdevent-hup", hctx->state);
1052 }
1053
1054 if (hctx->state == PROXY_STATE_CONNECT) {
1055 /* connect() -> EINPROGRESS -> HUP */
1056
1057 /**
1058 * what is proxy is doing if it can't reach the next hop ?
1059 *
1060 */
1061
1062 if (hctx->host) {
1063 hctx->host->is_disabled = 1;
1064 hctx->host->disable_ts = srv->cur_ts;
1065 log_error_write(srv, __FILE__, __LINE__, "sbdd", "proxy-server disabled:",
1066 hctx->host->host,
1067 hctx->host->port,
1068 hctx->fd);
1069
1070 /* disable this server */
1071 hctx->host->is_disabled = 1;
1072 hctx->host->disable_ts = srv->cur_ts;
1073
1074 proxy_connection_close(srv, hctx);
1075
1076 /* reset the enviroment and restart the sub-request */
1077 buffer_reset(con->physical.path);
1078 con->mode = DIRECT;
1079
1080 joblist_append(srv, con);
1081 } else {
1082 proxy_connection_close(srv, hctx);
1083 joblist_append(srv, con);
1084
1085 con->mode = DIRECT;
1086 con->http_status = 503;
1087 }
1088
1089 return HANDLER_FINISHED;
1090 }
1091
1092 if (!con->file_finished) {
1093 http_chunk_append_mem(srv, con, NULL, 0);
1094 }
1095
1096 con->file_finished = 1;
1097 proxy_connection_close(srv, hctx);
1098 joblist_append(srv, con);
1099 } else if (revents & FDEVENT_ERR) {
1100 /* kill all connections to the proxy process */
1101
1102 log_error_write(srv, __FILE__, __LINE__, "sd", "proxy-FDEVENT_ERR, but no HUP", revents);
1103
1104 con->file_finished = 1;
1105 joblist_append(srv, con);
1106 proxy_connection_close(srv, hctx);
1107 }
1108
1109 return HANDLER_FINISHED;
1110 }
1111
mod_proxy_check_extension(server * srv,connection * con,void * p_d)1112 static handler_t mod_proxy_check_extension(server *srv, connection *con, void *p_d) {
1113 plugin_data *p = p_d;
1114 size_t s_len;
1115 unsigned long last_max = ULONG_MAX;
1116 int max_usage = INT_MAX;
1117 int ndx = -1;
1118 size_t k;
1119 buffer *fn;
1120 data_array *extension = NULL;
1121 size_t path_info_offset;
1122
1123 if (con->mode != DIRECT) return HANDLER_GO_ON;
1124
1125 /* Possibly, we processed already this request */
1126 if (con->file_started == 1) return HANDLER_GO_ON;
1127
1128 mod_proxy_patch_connection(srv, con, p);
1129
1130 fn = con->uri.path;
1131
1132 if (fn->used == 0) {
1133 return HANDLER_ERROR;
1134 }
1135
1136 s_len = fn->used - 1;
1137
1138
1139 path_info_offset = 0;
1140
1141 if (p->conf.debug) {
1142 log_error_write(srv, __FILE__, __LINE__, "s", "proxy - start");
1143 }
1144
1145 /* check if extension matches */
1146 for (k = 0; k < p->conf.extensions->used; k++) {
1147 data_array *ext = NULL;
1148 size_t ct_len;
1149
1150 ext = (data_array *)p->conf.extensions->data[k];
1151
1152 if (ext->key->used == 0) continue;
1153
1154 ct_len = ext->key->used - 1;
1155
1156 if (s_len < ct_len) continue;
1157
1158 /* check extension in the form "/proxy_pattern" */
1159 if (*(ext->key->ptr) == '/') {
1160 if (strncmp(fn->ptr, ext->key->ptr, ct_len) == 0) {
1161 if (s_len > ct_len + 1) {
1162 char *pi_offset;
1163
1164 if (NULL != (pi_offset = strchr(fn->ptr + ct_len + 1, '/'))) {
1165 path_info_offset = pi_offset - fn->ptr;
1166 }
1167 }
1168 extension = ext;
1169 break;
1170 }
1171 } else if (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len)) {
1172 /* check extension in the form ".fcg" */
1173 extension = ext;
1174 break;
1175 }
1176 }
1177
1178 if (NULL == extension) {
1179 return HANDLER_GO_ON;
1180 }
1181
1182 if (p->conf.debug) {
1183 log_error_write(srv, __FILE__, __LINE__, "s", "proxy - ext found");
1184 }
1185
1186 if (extension->value->used == 1) {
1187 if ( ((data_proxy *)extension->value->data[0])->is_disabled ) {
1188 ndx = -1;
1189 } else {
1190 ndx = 0;
1191 }
1192 } else if (extension->value->used != 0) switch(p->conf.balance) {
1193 case PROXY_BALANCE_HASH:
1194 /* hash balancing */
1195
1196 if (p->conf.debug) {
1197 log_error_write(srv, __FILE__, __LINE__, "sd",
1198 "proxy - used hash balancing, hosts:", extension->value->used);
1199 }
1200
1201 for (k = 0, ndx = -1, last_max = ULONG_MAX; k < extension->value->used; k++) {
1202 data_proxy *host = (data_proxy *)extension->value->data[k];
1203 unsigned long cur_max;
1204
1205 if (host->is_disabled) continue;
1206
1207 cur_max = generate_crc32c(CONST_BUF_LEN(con->uri.path)) +
1208 generate_crc32c(CONST_BUF_LEN(host->host)) + /* we can cache this */
1209 generate_crc32c(CONST_BUF_LEN(con->uri.authority));
1210
1211 if (p->conf.debug) {
1212 log_error_write(srv, __FILE__, __LINE__, "sbbbd",
1213 "proxy - election:",
1214 con->uri.path,
1215 host->host,
1216 con->uri.authority,
1217 cur_max);
1218 }
1219
1220 if ((last_max == ULONG_MAX) || /* first round */
1221 (cur_max > last_max)) {
1222 last_max = cur_max;
1223
1224 ndx = k;
1225 }
1226 }
1227
1228 break;
1229 case PROXY_BALANCE_FAIR:
1230 /* fair balancing */
1231 if (p->conf.debug) {
1232 log_error_write(srv, __FILE__, __LINE__, "s",
1233 "proxy - used fair balancing");
1234 }
1235
1236 for (k = 0, ndx = -1, max_usage = INT_MAX; k < extension->value->used; k++) {
1237 data_proxy *host = (data_proxy *)extension->value->data[k];
1238
1239 if (host->is_disabled) continue;
1240
1241 if (host->usage < max_usage) {
1242 max_usage = host->usage;
1243
1244 ndx = k;
1245 }
1246 }
1247
1248 break;
1249 case PROXY_BALANCE_RR: {
1250 data_proxy *host;
1251
1252 /* round robin */
1253 if (p->conf.debug) {
1254 log_error_write(srv, __FILE__, __LINE__, "s",
1255 "proxy - used round-robin balancing");
1256 }
1257
1258 /* just to be sure */
1259 assert(extension->value->used < INT_MAX);
1260
1261 host = (data_proxy *)extension->value->data[0];
1262
1263 /* Use last_used_ndx from first host in list */
1264 k = host->last_used_ndx;
1265 ndx = k + 1; /* use next host after the last one */
1266 if (ndx < 0) ndx = 0;
1267
1268 /* Search first active host after last_used_ndx */
1269 while ( ndx < (int) extension->value->used
1270 && (host = (data_proxy *)extension->value->data[ndx])->is_disabled ) ndx++;
1271
1272 if (ndx >= (int) extension->value->used) {
1273 /* didn't found a higher id, wrap to the start */
1274 for (ndx = 0; ndx <= (int) k; ndx++) {
1275 host = (data_proxy *)extension->value->data[ndx];
1276 if (!host->is_disabled) break;
1277 }
1278
1279 /* No active host found */
1280 if (host->is_disabled) ndx = -1;
1281 }
1282
1283 /* Save new index for next round */
1284 ((data_proxy *)extension->value->data[0])->last_used_ndx = ndx;
1285
1286 break;
1287 }
1288 default:
1289 break;
1290 }
1291
1292 /* found a server */
1293 if (ndx != -1) {
1294 data_proxy *host = (data_proxy *)extension->value->data[ndx];
1295
1296 /*
1297 * if check-local is disabled, use the uri.path handler
1298 *
1299 */
1300
1301 /* init handler-context */
1302 handler_ctx *hctx;
1303 hctx = handler_ctx_init();
1304
1305 hctx->path_info_offset = path_info_offset;
1306 hctx->remote_conn = con;
1307 hctx->plugin_data = p;
1308 hctx->host = host;
1309
1310 con->plugin_ctx[p->id] = hctx;
1311
1312 host->usage++;
1313
1314 con->mode = p->id;
1315
1316 if (p->conf.debug) {
1317 log_error_write(srv, __FILE__, __LINE__, "sbd",
1318 "proxy - found a host",
1319 host->host, host->port);
1320 }
1321
1322 return HANDLER_GO_ON;
1323 } else {
1324 /* no handler found */
1325 con->http_status = 500;
1326
1327 log_error_write(srv, __FILE__, __LINE__, "sb",
1328 "no proxy-handler found for:",
1329 fn);
1330
1331 return HANDLER_FINISHED;
1332 }
1333 return HANDLER_GO_ON;
1334 }
1335
mod_proxy_connection_close_callback(server * srv,connection * con,void * p_d)1336 static handler_t mod_proxy_connection_close_callback(server *srv, connection *con, void *p_d) {
1337 plugin_data *p = p_d;
1338
1339 proxy_connection_close(srv, con->plugin_ctx[p->id]);
1340
1341 return HANDLER_GO_ON;
1342 }
1343
1344 /**
1345 *
1346 * the trigger re-enables the disabled connections after the timeout is over
1347 *
1348 * */
1349
TRIGGER_FUNC(mod_proxy_trigger)1350 TRIGGER_FUNC(mod_proxy_trigger) {
1351 plugin_data *p = p_d;
1352
1353 if (p->config_storage) {
1354 size_t i, n, k;
1355 for (i = 0; i < srv->config_context->used; i++) {
1356 plugin_config *s = p->config_storage[i];
1357
1358 if (!s) continue;
1359
1360 /* get the extensions for all configs */
1361
1362 for (k = 0; k < s->extensions->used; k++) {
1363 data_array *extension = (data_array *)s->extensions->data[k];
1364
1365 /* get all hosts */
1366 for (n = 0; n < extension->value->used; n++) {
1367 data_proxy *host = (data_proxy *)extension->value->data[n];
1368
1369 if (!host->is_disabled ||
1370 srv->cur_ts - host->disable_ts < 5) continue;
1371
1372 log_error_write(srv, __FILE__, __LINE__, "sbd",
1373 "proxy - re-enabled:",
1374 host->host, host->port);
1375
1376 host->is_disabled = 0;
1377 }
1378 }
1379 }
1380 }
1381
1382 return HANDLER_GO_ON;
1383 }
1384
1385
1386 int mod_proxy_plugin_init(plugin *p);
mod_proxy_plugin_init(plugin * p)1387 int mod_proxy_plugin_init(plugin *p) {
1388 p->version = LIGHTTPD_VERSION_ID;
1389 p->name = buffer_init_string("proxy");
1390
1391 p->init = mod_proxy_init;
1392 p->cleanup = mod_proxy_free;
1393 p->set_defaults = mod_proxy_set_defaults;
1394 p->connection_reset = mod_proxy_connection_close_callback; /* end of req-resp cycle */
1395 p->handle_connection_close = mod_proxy_connection_close_callback; /* end of client connection */
1396 p->handle_uri_clean = mod_proxy_check_extension;
1397 p->handle_subrequest = mod_proxy_handle_subrequest;
1398 p->handle_trigger = mod_proxy_trigger;
1399
1400 p->data = NULL;
1401
1402 return 0;
1403 }
1404