8 #include "http_chunk.h"
10 #include "connections.h"
16 #include "inet_ntop_cache.h"
19 #include <sys/types.h>
31 #include "sys-socket.h"
33 #define data_proxy data_fastcgi
34 #define data_proxy_init data_fastcgi_init
36 #define PROXY_RETRY_TIMEOUT 60
40 * the proxy module is based on the fastcgi module
42 * 28.06.2004 Jan Kneschke The first release
43 * 01.07.2004 Evgeny Rodichev Several bugfixes and cleanups
44 * - co-ordinate up- and downstream flows correctly (proxy_demux_response
45 * and proxy_handle_fdevent)
46 * - correctly transfer upstream http_response_status;
47 * - some unused structures removed.
49 * TODO: - delay upstream read if write_queue is too large
50 * (to prevent memory eating, like in apache). Shoud be
52 * - persistent connection with upstream servers
66 proxy_balance_t balance
;
72 buffer
*parse_response
;
75 plugin_config
**config_storage
;
83 PROXY_STATE_PREPARE_WRITE
,
86 } proxy_connection_state_t
;
88 enum { PROXY_STDOUT
, PROXY_END_REQUEST
};
91 proxy_connection_state_t state
;
92 time_t state_timestamp
;
97 buffer
*response_header
;
102 int fd
; /* fd to the proxy process */
103 int fde_ndx
; /* index into the fd-event buffer */
107 connection
*remote_conn
; /* dumb pointer */
108 plugin_data
*plugin_data
; /* dumb pointer */
113 /* ok, we need a prototype */
114 static handler_t
proxy_handle_fdevent(server
*srv
, void *ctx
, int revents
);
116 static handler_ctx
* handler_ctx_init(void) {
120 hctx
= calloc(1, sizeof(*hctx
));
122 hctx
->state
= PROXY_STATE_INIT
;
125 hctx
->response
= buffer_init();
126 hctx
->response_header
= buffer_init();
128 hctx
->wb
= chunkqueue_init();
137 static void handler_ctx_free(handler_ctx
*hctx
) {
138 buffer_free(hctx
->response
);
139 buffer_free(hctx
->response_header
);
140 chunkqueue_free(hctx
->wb
);
145 INIT_FUNC(mod_proxy_init
) {
148 p
= calloc(1, sizeof(*p
));
150 p
->parse_response
= buffer_init();
151 p
->balance_buf
= buffer_init();
157 FREE_FUNC(mod_proxy_free
) {
158 plugin_data
*p
= p_d
;
162 buffer_free(p
->parse_response
);
163 buffer_free(p
->balance_buf
);
165 if (p
->config_storage
) {
167 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
168 plugin_config
*s
= p
->config_storage
[i
];
170 if (NULL
== s
) continue;
172 array_free(s
->extensions
);
176 free(p
->config_storage
);
181 return HANDLER_GO_ON
;
184 SETDEFAULTS_FUNC(mod_proxy_set_defaults
) {
185 plugin_data
*p
= p_d
;
189 config_values_t cv
[] = {
190 { "proxy.server", NULL
, T_CONFIG_LOCAL
, T_CONFIG_SCOPE_CONNECTION
}, /* 0 */
191 { "proxy.debug", NULL
, T_CONFIG_SHORT
, T_CONFIG_SCOPE_CONNECTION
}, /* 1 */
192 { "proxy.balance", NULL
, T_CONFIG_STRING
, T_CONFIG_SCOPE_CONNECTION
}, /* 2 */
193 { NULL
, NULL
, T_CONFIG_UNSET
, T_CONFIG_SCOPE_UNSET
}
196 p
->config_storage
= calloc(1, srv
->config_context
->used
* sizeof(plugin_config
*));
198 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
199 data_config
const* config
= (data_config
const*)srv
->config_context
->data
[i
];
202 s
= malloc(sizeof(plugin_config
));
203 s
->extensions
= array_init();
206 cv
[0].destination
= s
->extensions
;
207 cv
[1].destination
= &(s
->debug
);
208 cv
[2].destination
= p
->balance_buf
;
210 buffer_reset(p
->balance_buf
);
212 p
->config_storage
[i
] = s
;
214 if (0 != config_insert_values_global(srv
, config
->value
, cv
, i
== 0 ? T_CONFIG_SCOPE_SERVER
: T_CONFIG_SCOPE_CONNECTION
)) {
215 return HANDLER_ERROR
;
218 if (buffer_string_is_empty(p
->balance_buf
)) {
219 s
->balance
= PROXY_BALANCE_FAIR
;
220 } else if (buffer_is_equal_string(p
->balance_buf
, CONST_STR_LEN("fair"))) {
221 s
->balance
= PROXY_BALANCE_FAIR
;
222 } else if (buffer_is_equal_string(p
->balance_buf
, CONST_STR_LEN("round-robin"))) {
223 s
->balance
= PROXY_BALANCE_RR
;
224 } else if (buffer_is_equal_string(p
->balance_buf
, CONST_STR_LEN("hash"))) {
225 s
->balance
= PROXY_BALANCE_HASH
;
227 log_error_write(srv
, __FILE__
, __LINE__
, "sb",
228 "proxy.balance has to be one of: fair, round-robin, hash, but not:", p
->balance_buf
);
229 return HANDLER_ERROR
;
232 if (NULL
!= (du
= array_get_element(config
->value
, "proxy.server"))) {
234 data_array
*da
= (data_array
*)du
;
236 if (du
->type
!= TYPE_ARRAY
) {
237 log_error_write(srv
, __FILE__
, __LINE__
, "sss",
238 "unexpected type for key: ", "proxy.server", "expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
240 return HANDLER_ERROR
;
244 * proxy.server = ( "<ext>" => ...,
248 for (j
= 0; j
< da
->value
->used
; j
++) {
249 data_array
*da_ext
= (data_array
*)da
->value
->data
[j
];
252 if (da_ext
->type
!= TYPE_ARRAY
) {
253 log_error_write(srv
, __FILE__
, __LINE__
, "sssbs",
254 "unexpected type for key: ", "proxy.server",
255 "[", da
->value
->data
[j
]->key
, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
257 return HANDLER_ERROR
;
261 * proxy.server = ( "<ext>" =>
262 * ( "<host>" => ( ... ),
263 * "<host>" => ( ... )
268 for (n
= 0; n
< da_ext
->value
->used
; n
++) {
269 data_array
*da_host
= (data_array
*)da_ext
->value
->data
[n
];
274 config_values_t pcv
[] = {
275 { "host", NULL
, T_CONFIG_STRING
, T_CONFIG_SCOPE_CONNECTION
}, /* 0 */
276 { "port", NULL
, T_CONFIG_SHORT
, T_CONFIG_SCOPE_CONNECTION
}, /* 1 */
277 { NULL
, NULL
, T_CONFIG_UNSET
, T_CONFIG_SCOPE_UNSET
}
280 if (da_host
->type
!= TYPE_ARRAY
) {
281 log_error_write(srv
, __FILE__
, __LINE__
, "ssSBS",
282 "unexpected type for key:",
284 "[", da_ext
->value
->data
[n
]->key
, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))");
286 return HANDLER_ERROR
;
289 df
= data_proxy_init();
293 buffer_copy_buffer(df
->key
, da_host
->key
);
295 pcv
[0].destination
= df
->host
;
296 pcv
[1].destination
= &(df
->port
);
298 if (0 != config_insert_values_internal(srv
, da_host
->value
, pcv
, T_CONFIG_SCOPE_CONNECTION
)) {
299 df
->free((data_unset
*) df
);
300 return HANDLER_ERROR
;
303 if (buffer_string_is_empty(df
->host
)) {
304 log_error_write(srv
, __FILE__
, __LINE__
, "sbbbs",
305 "missing key (string):",
311 df
->free((data_unset
*) df
);
312 return HANDLER_ERROR
;
315 /* if extension already exists, take it */
317 if (NULL
== (dfa
= (data_array
*)array_get_element(s
->extensions
, da_ext
->key
->ptr
))) {
318 dfa
= data_array_init();
320 buffer_copy_buffer(dfa
->key
, da_ext
->key
);
322 array_insert_unique(dfa
->value
, (data_unset
*)df
);
323 array_insert_unique(s
->extensions
, (data_unset
*)dfa
);
325 array_insert_unique(dfa
->value
, (data_unset
*)df
);
332 return HANDLER_GO_ON
;
336 static void proxy_backend_close(server
*srv
, handler_ctx
*hctx
) {
337 if (hctx
->fd
!= -1) {
338 fdevent_event_del(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
);
339 fdevent_unregister(srv
->ev
, hctx
->fd
);
340 fdevent_sched_close(srv
->ev
, hctx
->fd
, 1);
351 static data_proxy
* mod_proxy_extension_host_get(server
*srv
, connection
*con
, data_array
*extension
, proxy_balance_t balance
, int debug
) {
352 unsigned long last_max
= ULONG_MAX
;
353 int max_usage
= INT_MAX
;
357 if (extension
->value
->used
== 1) {
358 if ( ((data_proxy
*)extension
->value
->data
[0])->is_disabled
) {
363 } else if (extension
->value
->used
!= 0) switch(balance
) {
364 case PROXY_BALANCE_HASH
:
368 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
369 "proxy - used hash balancing, hosts:", extension
->value
->used
);
372 for (k
= 0, ndx
= -1, last_max
= ULONG_MAX
; k
< extension
->value
->used
; k
++) {
373 data_proxy
*host
= (data_proxy
*)extension
->value
->data
[k
];
374 unsigned long cur_max
;
376 if (host
->is_disabled
) continue;
378 cur_max
= generate_crc32c(CONST_BUF_LEN(con
->uri
.path
)) +
379 generate_crc32c(CONST_BUF_LEN(host
->host
)) + /* we can cache this */
380 generate_crc32c(CONST_BUF_LEN(con
->uri
.authority
));
383 log_error_write(srv
, __FILE__
, __LINE__
, "sbbbd",
391 if ((last_max
== ULONG_MAX
) || /* first round */
392 (cur_max
> last_max
)) {
400 case PROXY_BALANCE_FAIR
:
403 log_error_write(srv
, __FILE__
, __LINE__
, "s",
404 "proxy - used fair balancing");
407 for (k
= 0, ndx
= -1, max_usage
= INT_MAX
; k
< extension
->value
->used
; k
++) {
408 data_proxy
*host
= (data_proxy
*)extension
->value
->data
[k
];
410 if (host
->is_disabled
) continue;
412 if (host
->usage
< max_usage
) {
413 max_usage
= host
->usage
;
420 case PROXY_BALANCE_RR
: {
425 log_error_write(srv
, __FILE__
, __LINE__
, "s",
426 "proxy - used round-robin balancing");
429 /* just to be sure */
430 force_assert(extension
->value
->used
< INT_MAX
);
432 host
= (data_proxy
*)extension
->value
->data
[0];
434 /* Use last_used_ndx from first host in list */
435 k
= host
->last_used_ndx
;
436 ndx
= k
+ 1; /* use next host after the last one */
437 if (ndx
< 0) ndx
= 0;
439 /* Search first active host after last_used_ndx */
440 while ( ndx
< (int) extension
->value
->used
441 && (host
= (data_proxy
*)extension
->value
->data
[ndx
])->is_disabled
) ndx
++;
443 if (ndx
>= (int) extension
->value
->used
) {
444 /* didn't found a higher id, wrap to the start */
445 for (ndx
= 0; ndx
<= (int) k
; ndx
++) {
446 host
= (data_proxy
*)extension
->value
->data
[ndx
];
447 if (!host
->is_disabled
) break;
450 /* No active host found */
451 if (host
->is_disabled
) ndx
= -1;
454 /* Save new index for next round */
455 ((data_proxy
*)extension
->value
->data
[0])->last_used_ndx
= ndx
;
465 data_proxy
*host
= (data_proxy
*)extension
->value
->data
[ndx
];
468 log_error_write(srv
, __FILE__
, __LINE__
, "sbd",
469 "proxy - found a host",
470 host
->host
, host
->port
);
476 /* no handler found */
477 con
->http_status
= 503; /* Service Unavailable */
480 log_error_write(srv
, __FILE__
, __LINE__
, "sb",
481 "no proxy-handler found for:",
488 static void proxy_connection_close(server
*srv
, handler_ctx
*hctx
) {
492 p
= hctx
->plugin_data
;
493 con
= hctx
->remote_conn
;
495 proxy_backend_close(srv
, hctx
);
496 handler_ctx_free(hctx
);
497 con
->plugin_ctx
[p
->id
] = NULL
;
499 /* finish response (if not already con->file_started, con->file_finished) */
500 if (con
->mode
== p
->id
) {
501 http_response_backend_done(srv
, con
);
505 static handler_t
proxy_reconnect(server
*srv
, handler_ctx
*hctx
) {
506 proxy_backend_close(srv
, hctx
);
508 hctx
->host
= mod_proxy_extension_host_get(srv
, hctx
->remote_conn
, hctx
->ext
, hctx
->conf
.balance
, (int)hctx
->conf
.debug
);
509 if (NULL
== hctx
->host
) return HANDLER_FINISHED
;
511 hctx
->state
= PROXY_STATE_INIT
;
512 return HANDLER_COMEBACK
;
515 static int proxy_establish_connection(server
*srv
, handler_ctx
*hctx
) {
516 struct sockaddr
*proxy_addr
;
517 struct sockaddr_in proxy_addr_in
;
518 #if defined(HAVE_SYS_UN_H)
519 struct sockaddr_un proxy_addr_un
;
521 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
522 struct sockaddr_in6 proxy_addr_in6
;
526 data_proxy
*host
= hctx
->host
;
527 int proxy_fd
= hctx
->fd
;
530 #if defined(HAVE_SYS_UN_H)
531 if (strstr(host
->host
->ptr
, "/")) {
532 if (buffer_string_length(host
->host
) + 1 > sizeof(proxy_addr_un
.sun_path
)) {
533 log_error_write(srv
, __FILE__
, __LINE__
, "sB",
534 "ERROR: Unix Domain socket filename too long:",
539 memset(&proxy_addr_un
, 0, sizeof(proxy_addr_un
));
540 proxy_addr_un
.sun_family
= AF_UNIX
;
541 memcpy(proxy_addr_un
.sun_path
, host
->host
->ptr
, buffer_string_length(host
->host
) + 1);
542 servlen
= sizeof(proxy_addr_un
);
543 proxy_addr
= (struct sockaddr
*) &proxy_addr_un
;
546 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
547 if (strstr(host
->host
->ptr
, ":")) {
548 memset(&proxy_addr_in6
, 0, sizeof(proxy_addr_in6
));
549 proxy_addr_in6
.sin6_family
= AF_INET6
;
550 inet_pton(AF_INET6
, host
->host
->ptr
, (char *) &proxy_addr_in6
.sin6_addr
);
551 proxy_addr_in6
.sin6_port
= htons(host
->port
);
552 servlen
= sizeof(proxy_addr_in6
);
553 proxy_addr
= (struct sockaddr
*) &proxy_addr_in6
;
557 memset(&proxy_addr_in
, 0, sizeof(proxy_addr_in
));
558 proxy_addr_in
.sin_family
= AF_INET
;
559 proxy_addr_in
.sin_addr
.s_addr
= inet_addr(host
->host
->ptr
);
560 proxy_addr_in
.sin_port
= htons(host
->port
);
561 servlen
= sizeof(proxy_addr_in
);
562 proxy_addr
= (struct sockaddr
*) &proxy_addr_in
;
566 if (-1 == connect(proxy_fd
, proxy_addr
, servlen
)) {
567 if (errno
== EINPROGRESS
|| errno
== EALREADY
) {
568 if (hctx
->conf
.debug
) {
569 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
570 "connect delayed:", proxy_fd
);
576 log_error_write(srv
, __FILE__
, __LINE__
, "sdsd",
577 "connect failed:", proxy_fd
, strerror(errno
), errno
);
582 if (hctx
->conf
.debug
) {
583 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
584 "connect succeeded: ", proxy_fd
);
590 static void proxy_set_header(connection
*con
, const char *key
, const char *value
) {
593 if (NULL
== (ds_dst
= (data_string
*)array_get_unused_element(con
->request
.headers
, TYPE_STRING
))) {
594 ds_dst
= data_string_init();
597 buffer_copy_string(ds_dst
->key
, key
);
598 buffer_copy_string(ds_dst
->value
, value
);
599 array_insert_unique(con
->request
.headers
, (data_unset
*)ds_dst
);
602 static void proxy_append_header(connection
*con
, const char *key
, const char *value
) {
605 if (NULL
== (ds_dst
= (data_string
*)array_get_unused_element(con
->request
.headers
, TYPE_STRING
))) {
606 ds_dst
= data_string_init();
609 buffer_copy_string(ds_dst
->key
, key
);
610 buffer_append_string(ds_dst
->value
, value
);
611 array_insert_unique(con
->request
.headers
, (data_unset
*)ds_dst
);
615 static int proxy_create_env(server
*srv
, handler_ctx
*hctx
) {
618 connection
*con
= hctx
->remote_conn
;
626 buffer_copy_string(b
, get_http_method_name(con
->request
.http_method
));
627 buffer_append_string_len(b
, CONST_STR_LEN(" "));
629 buffer_append_string_buffer(b
, con
->request
.uri
);
630 buffer_append_string_len(b
, CONST_STR_LEN(" HTTP/1.0\r\n"));
632 proxy_append_header(con
, "X-Forwarded-For", (char *)inet_ntop_cache_get_ip(srv
, &(con
->dst_addr
)));
633 /* http_host is NOT is just a pointer to a buffer
634 * which is NULL if it is not set */
635 if (!buffer_string_is_empty(con
->request
.http_host
)) {
636 proxy_set_header(con
, "X-Host", con
->request
.http_host
->ptr
);
638 proxy_set_header(con
, "X-Forwarded-Proto", con
->uri
.scheme
->ptr
);
641 for (i
= 0; i
< con
->request
.headers
->used
; i
++) {
644 ds
= (data_string
*)con
->request
.headers
->data
[i
];
646 if (!buffer_is_empty(ds
->value
) && !buffer_is_empty(ds
->key
)) {
647 if (buffer_is_equal_caseless_string(ds
->key
, CONST_STR_LEN("Connection"))) continue;
648 if (buffer_is_equal_caseless_string(ds
->key
, CONST_STR_LEN("Proxy-Connection"))) continue;
649 /* Do not emit HTTP_PROXY in environment.
650 * Some executables use HTTP_PROXY to configure
651 * outgoing proxy. See also https://httpoxy.org/ */
652 if (buffer_is_equal_caseless_string(ds
->key
, CONST_STR_LEN("Proxy"))) continue;
654 buffer_append_string_buffer(b
, ds
->key
);
655 buffer_append_string_len(b
, CONST_STR_LEN(": "));
656 buffer_append_string_buffer(b
, ds
->value
);
657 buffer_append_string_len(b
, CONST_STR_LEN("\r\n"));
661 buffer_append_string_len(b
, CONST_STR_LEN("Connection: close\r\n\r\n"));
663 hctx
->wb_reqlen
= buffer_string_length(b
);
664 chunkqueue_append_buffer(hctx
->wb
, b
);
669 if (con
->request
.content_length
) {
670 chunkqueue_append_chunkqueue(hctx
->wb
, con
->request_content_queue
);
671 hctx
->wb_reqlen
+= con
->request
.content_length
;/* (eventual) total request size */
677 static int proxy_set_state(server
*srv
, handler_ctx
*hctx
, proxy_connection_state_t state
) {
679 hctx
->state_timestamp
= srv
->cur_ts
;
685 static int proxy_response_parse(server
*srv
, connection
*con
, plugin_data
*p
, buffer
*in
) {
687 int http_response_status
= -1;
691 /* [\r]\n -> [\0]\0 */
693 buffer_copy_buffer(p
->parse_response
, in
);
695 for (s
= p
->parse_response
->ptr
; NULL
!= (ns
= strchr(s
, '\n')); s
= ns
+ 1) {
702 if (s
!= ns
&& ns
[-1] == '\r') ns
[-1] = '\0';
704 if (-1 == http_response_status
) {
705 /* The first line of a Response message is the Status-Line */
707 for (key
=s
; *key
&& *key
!= ' '; key
++);
710 http_response_status
= (int) strtol(key
, NULL
, 10);
711 if (http_response_status
< 100 || http_response_status
>= 1000) http_response_status
= 502;
713 http_response_status
= 502;
716 con
->http_status
= http_response_status
;
717 con
->parsed_response
|= HTTP_STATUS
;
721 if (NULL
== (value
= strchr(s
, ':'))) {
722 /* now we expect: "<key>: <value>\n" */
728 key_len
= value
- key
;
732 while (*value
== ' ' || *value
== '\t') value
++;
738 if (0 == strncasecmp(key
, "Date", key_len
)) {
739 con
->parsed_response
|= HTTP_DATE
;
743 if (0 == strncasecmp(key
, "Location", key_len
)) {
744 con
->parsed_response
|= HTTP_LOCATION
;
748 if (0 == strncasecmp(key
, "Connection", key_len
)) {
753 if (0 == strncasecmp(key
, "Content-Length", key_len
)) {
754 con
->response
.content_length
= strtoul(value
, NULL
, 10);
755 con
->parsed_response
|= HTTP_CONTENT_LENGTH
;
763 if (NULL
== (ds
= (data_string
*)array_get_unused_element(con
->response
.headers
, TYPE_STRING
))) {
764 ds
= data_response_init();
766 buffer_copy_string_len(ds
->key
, key
, key_len
);
767 buffer_copy_string(ds
->value
, value
);
769 array_insert_unique(con
->response
.headers
, (data_unset
*)ds
);
777 static int proxy_demux_response(server
*srv
, handler_ctx
*hctx
) {
782 plugin_data
*p
= hctx
->plugin_data
;
783 connection
*con
= hctx
->remote_conn
;
784 int proxy_fd
= hctx
->fd
;
786 /* check how much we have to read */
787 #if !defined(_WIN32) && !defined(__CYGWIN__)
788 if (ioctl(hctx
->fd
, FIONREAD
, &b
)) {
789 if (errno
== EAGAIN
) {
790 fdevent_event_add(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_IN
);
793 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
803 if (hctx
->conf
.debug
) {
804 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
805 "proxy - have to read:", b
);
809 if ((con
->conf
.stream_response_body
& FDEVENT_STREAM_RESPONSE_BUFMIN
)) {
810 off_t cqlen
= chunkqueue_length(con
->write_queue
);
811 if (cqlen
+ b
> 65536 - 4096) {
812 if (!con
->is_writable
) {
813 /*(defer removal of FDEVENT_IN interest since
814 * connection_state_machine() might be able to send data
815 * immediately, unless !con->is_writable, where
816 * connection_state_machine() might not loop back to call
817 * mod_proxy_handle_subrequest())*/
818 fdevent_event_clr(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_IN
);
820 if (cqlen
>= 65536-1) return 0;
821 b
= 65536 - 1 - (int)cqlen
;
825 buffer_string_prepare_append(hctx
->response
, b
);
827 if (-1 == (r
= read(hctx
->fd
, hctx
->response
->ptr
+ buffer_string_length(hctx
->response
), buffer_string_space(hctx
->response
)))) {
828 if (errno
== EAGAIN
) {
829 fdevent_event_add(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_IN
);
832 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
833 "unexpected end-of-file (perhaps the proxy process died):",
834 proxy_fd
, strerror(errno
));
838 #if defined(_WIN32) || defined(__CYGWIN__)
839 if (0 == r
) return 1; /* fin */
842 /* this should be catched by the b > 0 above */
845 buffer_commit(hctx
->response
, r
);
848 log_error_write(srv
, __FILE__
, __LINE__
, "sdsbs",
849 "demux: Response buffer len", hctx
->response
->used
, ":", hctx
->response
, ":");
852 if (0 == con
->got_response
) {
853 con
->got_response
= 1;
854 buffer_string_prepare_copy(hctx
->response_header
, 1023);
857 if (0 == con
->file_started
) {
860 /* search for the \r\n\r\n in the string */
861 if (NULL
!= (c
= buffer_search_string_len(hctx
->response
, CONST_STR_LEN("\r\n\r\n")))) {
862 size_t hlen
= c
- hctx
->response
->ptr
+ 4;
863 size_t blen
= buffer_string_length(hctx
->response
) - hlen
;
866 buffer_append_string_len(hctx
->response_header
, hctx
->response
->ptr
, hlen
);
868 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "Header:", hctx
->response_header
);
870 /* parse the response header */
871 proxy_response_parse(srv
, con
, p
, hctx
->response_header
);
873 con
->file_started
= 1;
875 if (0 != http_chunk_append_mem(srv
, con
, c
+ 4, blen
)) {
876 /* error writing to tempfile;
877 * truncate response or send 500 if nothing sent yet */
879 con
->file_started
= 0;
882 buffer_reset(hctx
->response
);
884 /* no luck, no header found */
885 /*(reuse MAX_HTTP_REQUEST_HEADER as max size for response headers from backends)*/
886 if (buffer_string_length(hctx
->response
) > MAX_HTTP_REQUEST_HEADER
) {
887 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "response headers too large for", con
->uri
.path
);
888 con
->http_status
= 502; /* Bad Gateway */
894 if (0 != http_chunk_append_buffer(srv
, con
, hctx
->response
)) {
895 /* error writing to tempfile;
896 * truncate response or send 500 if nothing sent yet */
899 buffer_reset(hctx
->response
);
902 /* reading from upstream done */
910 static handler_t
proxy_write_request(server
*srv
, handler_ctx
*hctx
) {
911 data_proxy
*host
= hctx
->host
;
912 connection
*con
= hctx
->remote_conn
;
916 switch(hctx
->state
) {
917 case PROXY_STATE_INIT
:
918 #if defined(HAVE_SYS_UN_H)
919 if (strstr(host
->host
->ptr
,"/")) {
920 if (-1 == (hctx
->fd
= fdevent_socket_nb_cloexec(AF_UNIX
, SOCK_STREAM
, 0))) {
921 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "socket failed: ", strerror(errno
));
922 return HANDLER_ERROR
;
926 #if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
927 if (strstr(host
->host
->ptr
,":")) {
928 if (-1 == (hctx
->fd
= fdevent_socket_nb_cloexec(AF_INET6
, SOCK_STREAM
, 0))) {
929 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "socket failed: ", strerror(errno
));
930 return HANDLER_ERROR
;
935 if (-1 == (hctx
->fd
= fdevent_socket_nb_cloexec(AF_INET
, SOCK_STREAM
, 0))) {
936 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "socket failed: ", strerror(errno
));
937 return HANDLER_ERROR
;
944 fdevent_register(srv
->ev
, hctx
->fd
, proxy_handle_fdevent
, hctx
);
946 if (-1 == fdevent_fcntl_set(srv
->ev
, hctx
->fd
)) {
947 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "fcntl failed: ", strerror(errno
));
949 return HANDLER_ERROR
;
953 case PROXY_STATE_CONNECT
:
954 if (hctx
->state
== PROXY_STATE_INIT
) {
955 switch (proxy_establish_connection(srv
, hctx
)) {
957 proxy_set_state(srv
, hctx
, PROXY_STATE_CONNECT
);
959 /* connection is in progress, wait for an event and call getsockopt() below */
961 fdevent_event_set(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_OUT
);
963 return HANDLER_WAIT_FOR_EVENT
;
965 /* if ECONNREFUSED choose another connection */
968 return HANDLER_ERROR
;
970 /* everything is ok, go on */
975 socklen_t socket_error_len
= sizeof(socket_error
);
977 /* try to finish the connect() */
978 if (0 != getsockopt(hctx
->fd
, SOL_SOCKET
, SO_ERROR
, &socket_error
, &socket_error_len
)) {
979 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
980 "getsockopt failed:", strerror(errno
));
982 return HANDLER_ERROR
;
984 if (socket_error
!= 0) {
985 log_error_write(srv
, __FILE__
, __LINE__
, "ss",
986 "establishing connection failed:", strerror(socket_error
),
987 "port:", hctx
->host
->port
);
989 return HANDLER_ERROR
;
991 if (hctx
->conf
.debug
) {
992 log_error_write(srv
, __FILE__
, __LINE__
, "s", "proxy - connect - delayed success");
996 /* ok, we have the connection */
998 proxy_set_state(srv
, hctx
, PROXY_STATE_PREPARE_WRITE
);
1000 case PROXY_STATE_PREPARE_WRITE
:
1001 proxy_create_env(srv
, hctx
);
1003 fdevent_event_add(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_IN
);
1004 proxy_set_state(srv
, hctx
, PROXY_STATE_WRITE
);
1007 case PROXY_STATE_WRITE
:;
1008 ret
= srv
->network_backend_write(srv
, con
, hctx
->fd
, hctx
->wb
, MAX_WRITE_LIMIT
);
1010 chunkqueue_remove_finished_chunks(hctx
->wb
);
1012 if (-1 == ret
) { /* error on our side */
1013 log_error_write(srv
, __FILE__
, __LINE__
, "ssd", "write failed:", strerror(errno
), errno
);
1015 return HANDLER_ERROR
;
1016 } else if (-2 == ret
) { /* remote close */
1017 log_error_write(srv
, __FILE__
, __LINE__
, "ssd", "write failed, remote connection close:", strerror(errno
), errno
);
1019 return HANDLER_ERROR
;
1022 if (hctx
->wb
->bytes_out
== hctx
->wb_reqlen
) {
1023 fdevent_event_clr(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_OUT
);
1024 proxy_set_state(srv
, hctx
, PROXY_STATE_READ
);
1026 off_t wblen
= hctx
->wb
->bytes_in
- hctx
->wb
->bytes_out
;
1027 if (hctx
->wb
->bytes_in
< hctx
->wb_reqlen
&& wblen
< 65536 - 16384) {
1028 /*(con->conf.stream_request_body & FDEVENT_STREAM_REQUEST)*/
1029 if (!(con
->conf
.stream_request_body
& FDEVENT_STREAM_REQUEST_POLLIN
)) {
1030 con
->conf
.stream_request_body
|= FDEVENT_STREAM_REQUEST_POLLIN
;
1031 con
->is_readable
= 1; /* trigger optimistic read from client */
1035 fdevent_event_clr(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_OUT
);
1037 fdevent_event_add(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_OUT
);
1041 return HANDLER_WAIT_FOR_EVENT
;
1042 case PROXY_STATE_READ
:
1043 /* waiting for a response */
1044 return HANDLER_WAIT_FOR_EVENT
;
1046 log_error_write(srv
, __FILE__
, __LINE__
, "s", "(debug) unknown state");
1047 return HANDLER_ERROR
;
1053 static int mod_proxy_patch_connection(server
*srv
, connection
*con
, plugin_data
*p
) {
1055 plugin_config
*s
= p
->config_storage
[0];
1061 /* skip the first, the global context */
1062 for (i
= 1; i
< srv
->config_context
->used
; i
++) {
1063 data_config
*dc
= (data_config
*)srv
->config_context
->data
[i
];
1064 s
= p
->config_storage
[i
];
1066 /* condition didn't match */
1067 if (!config_check_cond(srv
, con
, dc
)) continue;
1070 for (j
= 0; j
< dc
->value
->used
; j
++) {
1071 data_unset
*du
= dc
->value
->data
[j
];
1073 if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("proxy.server"))) {
1075 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("proxy.debug"))) {
1077 } else if (buffer_is_equal_string(du
->key
, CONST_STR_LEN("proxy.balance"))) {
1087 static handler_t
proxy_send_request(server
*srv
, handler_ctx
*hctx
) {
1088 /* ok, create the request */
1089 handler_t rc
= proxy_write_request(srv
, hctx
);
1090 if (HANDLER_ERROR
!= rc
) {
1093 data_proxy
*host
= hctx
->host
;
1094 log_error_write(srv
, __FILE__
, __LINE__
, "sbdd", "proxy-server disabled:",
1099 /* disable this server */
1100 host
->is_disabled
= 1;
1101 host
->disable_ts
= srv
->cur_ts
;
1103 /* reset the environment and restart the sub-request */
1104 return proxy_reconnect(srv
, hctx
);
1109 static handler_t
proxy_recv_response(server
*srv
, handler_ctx
*hctx
);
1112 SUBREQUEST_FUNC(mod_proxy_handle_subrequest
) {
1113 plugin_data
*p
= p_d
;
1115 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
1117 if (NULL
== hctx
) return HANDLER_GO_ON
;
1120 if (con
->mode
!= p
->id
) return HANDLER_GO_ON
;
1122 if ((con
->conf
.stream_response_body
& FDEVENT_STREAM_RESPONSE_BUFMIN
)
1123 && con
->file_started
) {
1124 if (chunkqueue_length(con
->write_queue
) > 65536 - 4096) {
1125 fdevent_event_clr(srv
->ev
, &(hctx
->fde_ndx
), hctx
->fd
, FDEVENT_IN
);
1126 } else if (!(fdevent_event_get_interest(srv
->ev
, hctx
->fd
) & FDEVENT_IN
)) {
1127 /* optimistic read from backend, which might re-enable FDEVENT_IN */
1128 handler_t rc
= proxy_recv_response(srv
, hctx
); /*(might invalidate hctx)*/
1129 if (rc
!= HANDLER_GO_ON
) return rc
; /*(unless HANDLER_GO_ON)*/
1133 if (0 == hctx
->wb
->bytes_in
1134 ? con
->state
== CON_STATE_READ_POST
1135 : hctx
->wb
->bytes_in
< hctx
->wb_reqlen
) {
1136 /*(64k - 4k to attempt to avoid temporary files
1137 * in conjunction with FDEVENT_STREAM_REQUEST_BUFMIN)*/
1138 if (hctx
->wb
->bytes_in
- hctx
->wb
->bytes_out
> 65536 - 4096
1139 && (con
->conf
.stream_request_body
& FDEVENT_STREAM_REQUEST_BUFMIN
)){
1140 con
->conf
.stream_request_body
&= ~FDEVENT_STREAM_REQUEST_POLLIN
;
1141 if (0 != hctx
->wb
->bytes_in
) return HANDLER_WAIT_FOR_EVENT
;
1143 handler_t r
= connection_handle_read_post_state(srv
, con
);
1144 chunkqueue
*req_cq
= con
->request_content_queue
;
1145 if (0 != hctx
->wb
->bytes_in
&& !chunkqueue_is_empty(req_cq
)) {
1146 chunkqueue_append_chunkqueue(hctx
->wb
, req_cq
);
1147 if (fdevent_event_get_interest(srv
->ev
, hctx
->fd
) & FDEVENT_OUT
) {
1148 return (r
== HANDLER_GO_ON
) ? HANDLER_WAIT_FOR_EVENT
: r
;
1151 if (r
!= HANDLER_GO_ON
) return r
;
1155 return ((0 == hctx
->wb
->bytes_in
|| !chunkqueue_is_empty(hctx
->wb
))
1156 && hctx
->state
!= PROXY_STATE_CONNECT
)
1157 ? proxy_send_request(srv
, hctx
)
1158 : HANDLER_WAIT_FOR_EVENT
;
1162 static handler_t
proxy_recv_response(server
*srv
, handler_ctx
*hctx
) {
1164 switch (proxy_demux_response(srv
, hctx
)) {
1168 http_response_backend_error(srv
, hctx
->remote_conn
);
1172 proxy_connection_close(srv
, hctx
);
1174 return HANDLER_FINISHED
;
1177 return HANDLER_GO_ON
;
1181 static handler_t
proxy_handle_fdevent(server
*srv
, void *ctx
, int revents
) {
1182 handler_ctx
*hctx
= ctx
;
1183 connection
*con
= hctx
->remote_conn
;
1185 joblist_append(srv
, con
);
1187 if (revents
& FDEVENT_IN
) {
1188 handler_t rc
= proxy_recv_response(srv
,hctx
);/*(might invalidate hctx)*/
1189 if (rc
!= HANDLER_GO_ON
) return rc
; /*(unless HANDLER_GO_ON)*/
1192 if (revents
& FDEVENT_OUT
) {
1193 return proxy_send_request(srv
, hctx
); /*(might invalidate hctx)*/
1196 /* perhaps this issue is already handled */
1197 if (revents
& FDEVENT_HUP
) {
1198 if (hctx
->state
== PROXY_STATE_CONNECT
) {
1199 /* connect() -> EINPROGRESS -> HUP */
1200 proxy_send_request(srv
, hctx
); /*(might invalidate hctx)*/
1201 } else if (con
->file_started
) {
1202 /* drain any remaining data from kernel pipe buffers
1203 * even if (con->conf.stream_response_body
1204 * & FDEVENT_STREAM_RESPONSE_BUFMIN)
1205 * since event loop will spin on fd FDEVENT_HUP event
1206 * until unregistered. */
1209 rc
= proxy_recv_response(srv
,hctx
);/*(might invalidate hctx)*/
1210 } while (rc
== HANDLER_GO_ON
); /*(unless HANDLER_GO_ON)*/
1211 return rc
; /* HANDLER_FINISHED or HANDLER_ERROR */
1213 proxy_connection_close(srv
, hctx
);
1215 } else if (revents
& FDEVENT_ERR
) {
1216 log_error_write(srv
, __FILE__
, __LINE__
, "sd", "proxy-FDEVENT_ERR, but no HUP", revents
);
1218 http_response_backend_error(srv
, con
);
1219 proxy_connection_close(srv
, hctx
);
1222 return HANDLER_FINISHED
;
1225 static handler_t
mod_proxy_check_extension(server
*srv
, connection
*con
, void *p_d
) {
1226 plugin_data
*p
= p_d
;
1230 data_array
*extension
= NULL
;
1233 if (con
->mode
!= DIRECT
) return HANDLER_GO_ON
;
1235 /* Possibly, we processed already this request */
1236 if (con
->file_started
== 1) return HANDLER_GO_ON
;
1238 mod_proxy_patch_connection(srv
, con
, p
);
1241 if (buffer_string_is_empty(fn
)) return HANDLER_ERROR
;
1242 s_len
= buffer_string_length(fn
);
1244 /* check if extension matches */
1245 for (k
= 0; k
< p
->conf
.extensions
->used
; k
++) {
1246 data_array
*ext
= NULL
;
1249 ext
= (data_array
*)p
->conf
.extensions
->data
[k
];
1251 if (buffer_is_empty(ext
->key
)) continue;
1253 ct_len
= buffer_string_length(ext
->key
);
1255 if (s_len
< ct_len
) continue;
1257 /* check extension in the form "/proxy_pattern" */
1258 if (*(ext
->key
->ptr
) == '/') {
1259 if (strncmp(fn
->ptr
, ext
->key
->ptr
, ct_len
) == 0) {
1263 } else if (0 == strncmp(fn
->ptr
+ s_len
- ct_len
, ext
->key
->ptr
, ct_len
)) {
1264 /* check extension in the form ".fcg" */
1270 if (NULL
== extension
) {
1271 return HANDLER_GO_ON
;
1274 host
= mod_proxy_extension_host_get(srv
, con
, extension
, p
->conf
.balance
, (int)p
->conf
.debug
);
1276 return HANDLER_FINISHED
;
1279 /* found a server */
1283 * if check-local is disabled, use the uri.path handler
1287 /* init handler-context */
1289 hctx
= handler_ctx_init();
1291 hctx
->remote_conn
= con
;
1292 hctx
->plugin_data
= p
;
1294 hctx
->ext
= extension
;
1296 hctx
->conf
.balance
= p
->conf
.balance
;
1297 hctx
->conf
.debug
= p
->conf
.debug
;
1299 con
->plugin_ctx
[p
->id
] = hctx
;
1302 if (p
->conf
.debug
) {
1303 log_error_write(srv
, __FILE__
, __LINE__
, "sbd",
1304 "proxy - found a host",
1305 host
->host
, host
->port
);
1308 return HANDLER_GO_ON
;
1312 static handler_t
mod_proxy_connection_reset(server
*srv
, connection
*con
, void *p_d
) {
1313 plugin_data
*p
= p_d
;
1314 handler_ctx
*hctx
= con
->plugin_ctx
[p
->id
];
1315 if (hctx
) proxy_connection_close(srv
, hctx
);
1317 return HANDLER_GO_ON
;
1322 * the trigger re-enables the disabled connections after the timeout is over
1326 TRIGGER_FUNC(mod_proxy_trigger
) {
1327 plugin_data
*p
= p_d
;
1329 if (p
->config_storage
) {
1331 for (i
= 0; i
< srv
->config_context
->used
; i
++) {
1332 plugin_config
*s
= p
->config_storage
[i
];
1336 /* get the extensions for all configs */
1338 for (k
= 0; k
< s
->extensions
->used
; k
++) {
1339 data_array
*extension
= (data_array
*)s
->extensions
->data
[k
];
1342 for (n
= 0; n
< extension
->value
->used
; n
++) {
1343 data_proxy
*host
= (data_proxy
*)extension
->value
->data
[n
];
1345 if (!host
->is_disabled
||
1346 srv
->cur_ts
- host
->disable_ts
< 5) continue;
1348 log_error_write(srv
, __FILE__
, __LINE__
, "sbd",
1349 "proxy - re-enabled:",
1350 host
->host
, host
->port
);
1352 host
->is_disabled
= 0;
1358 return HANDLER_GO_ON
;
1362 int mod_proxy_plugin_init(plugin
*p
);
1363 int mod_proxy_plugin_init(plugin
*p
) {
1364 p
->version
= LIGHTTPD_VERSION_ID
;
1365 p
->name
= buffer_init_string("proxy");
1367 p
->init
= mod_proxy_init
;
1368 p
->cleanup
= mod_proxy_free
;
1369 p
->set_defaults
= mod_proxy_set_defaults
;
1370 p
->connection_reset
= mod_proxy_connection_reset
; /* end of req-resp cycle */
1371 p
->handle_connection_close
= mod_proxy_connection_reset
; /* end of client connection */
1372 p
->handle_uri_clean
= mod_proxy_check_extension
;
1373 p
->handle_subrequest
= mod_proxy_handle_subrequest
;
1374 p
->handle_trigger
= mod_proxy_trigger
;