You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by am...@apache.org on 2011/07/21 00:23:11 UTC
svn commit: r1148956 - in /trafficserver/traffic/trunk: CHANGES
iocore/net/I_Net.h mgmt/LocalManager.cc proxy/Main.cc proxy/Main.h
proxy/http/HttpProxyServerMain.cc
Author: amc
Date: Wed Jul 20 22:23:10 2011
New Revision: 1148956
URL: http://svn.apache.org/viewvc?rev=1148956&view=rev
Log:
TS-816: Make attributes work on other ports
Modified:
trafficserver/traffic/trunk/CHANGES
trafficserver/traffic/trunk/iocore/net/I_Net.h
trafficserver/traffic/trunk/mgmt/LocalManager.cc
trafficserver/traffic/trunk/proxy/Main.cc
trafficserver/traffic/trunk/proxy/Main.h
trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc
Modified: trafficserver/traffic/trunk/CHANGES
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/CHANGES?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/CHANGES (original)
+++ trafficserver/traffic/trunk/CHANGES Wed Jul 20 22:23:10 2011
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache Traffic Server 3.1.0
+
+ *) [TS-816] Other ports now obey specified options for both normal
+ and standalone usage.
+
*) [TS-882] traffic_logstats dies when printing log.
*) [TS-804] libcap required when running standalone.
Modified: trafficserver/traffic/trunk/iocore/net/I_Net.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/I_Net.h?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/I_Net.h (original)
+++ trafficserver/traffic/trunk/iocore/net/I_Net.h Wed Jul 20 22:23:10 2011
@@ -64,7 +64,7 @@
#define ACCEPTEX_POOL_SIZE 1
#endif
-#define NO_FD (-1)
+static int const NO_FD = -1;
#define NET_EVENT_OPEN (NET_EVENT_EVENTS_START)
#define NET_EVENT_OPEN_FAILED (NET_EVENT_EVENTS_START+1)
Modified: trafficserver/traffic/trunk/mgmt/LocalManager.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/mgmt/LocalManager.cc?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/mgmt/LocalManager.cc (original)
+++ trafficserver/traffic/trunk/mgmt/LocalManager.cc Wed Jul 20 22:23:10 2011
@@ -31,6 +31,7 @@
*/
#include "libts.h"
+#include <ts/ink_cap.h>
#include "ink_platform.h"
#include "ink_unused.h" /* MAGIC_EDITING_TAG */
#include "MgmtUtils.h"
Modified: trafficserver/traffic/trunk/proxy/Main.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/proxy/Main.cc?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/proxy/Main.cc (original)
+++ trafficserver/traffic/trunk/proxy/Main.cc Wed Jul 20 22:23:10 2011
@@ -846,7 +846,7 @@ check_for_root_uid()
// static void print_accept_fd(HttpPortEntry* e)
//
static void
-print_accept_fd(HttpPortEntry * e)
+print_accept_fd(HttpEntryPoint * e)
{
if (e) {
printf("Accept FDs: ");
@@ -858,7 +858,9 @@ print_accept_fd(HttpPortEntry * e)
}
}
-// static HttpPortEntry* parse_accept_fd_list()
+extern void get_connection_attributes(const char *attr, HttpEntryPoint *result);
+
+// static HttpEntryPoint* parse_accept_fd_list()
//
// Parses the list of FD's and types sent in by the manager
// with the -A flag
@@ -871,77 +873,52 @@ print_accept_fd(HttpPortEntry * e)
//
// If there is no -A arg, returns NULL
//
-// Otherwise returns an array of HttpPortEntry which
-// is terminated with a HttpPortEntry with the fd
+// Otherwise returns an array of HttpEntryPoint which
+// is terminated with a HttpEntryPoint with the fd
// field set to NO_FD
//
-static HttpPortEntry *
+static HttpEntryPoint *
parse_accept_fd_list()
{
- HttpPortEntry *accept_array;
+ HttpEntryPoint *accept_array;
int accept_index = 0;
int list_entries;
- char *cur_entry;
- char *attr_str;
- HttpPortTypes attr = SERVER_PORT_DEFAULT;;
- int fd = 0;
+ int fd = ts::NO_FD;
Tokenizer listTok(",");
- if (!accept_fd_list[0] || (list_entries = listTok.Initialize(accept_fd_list, SHARE_TOKS)) <= 0)
+ if (!accept_fd_list[0]
+ || (list_entries = listTok.Initialize(accept_fd_list, SHARE_TOKS)) <= 0
+ )
return 0;
- accept_array = new HttpPortEntry[list_entries + 1];
- accept_array[0].fd = NO_FD;
+ // Add one because we use NO_FD as an array termination mark later.
+ accept_array = new HttpEntryPoint[list_entries + 1];
- for (int i = 0; i < list_entries; i++) {
- cur_entry = (char *) listTok[i];
+ for (int i = 0; i < list_entries; ++i) {
+ HttpEntryPoint* pent = accept_array + accept_index;
+ char const* cur_entry = listTok[i];
+ char* next;
// Check to see if there is a port attribute
- attr_str = strchr(cur_entry, ':');
+ char const* attr_str = strchr(cur_entry, ':');
if (attr_str != NULL) {
- *attr_str = '\0';
attr_str = attr_str + 1;
}
// Handle the file descriptor
- fd = strtoul(cur_entry, NULL, 10);
+ fd = strtoul(cur_entry, &next, 10);
+ if (next == cur_entry) {
+ Warning("Failed to parse file descriptor '%s'", cur_entry);
+ continue; // number parsing failure
+ }
// Handle reading the attribute
- if (attr_str == NULL) {
- attr = SERVER_PORT_DEFAULT;
- } else {
- if (strlen(attr_str) > 2) {
- Warning("too many port attribute fields (more than 2) '%s'", attr);
- attr = SERVER_PORT_DEFAULT;
- } else {
- switch (*attr_str) {
- case 'S':
- // S is the special case of SSL term
- ink_assert(ssl_accept_file_descriptor == NO_FD);
- ssl_accept_file_descriptor = fd;
- continue;
- case 'C':
- attr = SERVER_PORT_COMPRESSED;
- break;
- case 'T':
- attr = SERVER_PORT_BLIND_TUNNEL;
- break;
- case 'X':
- case '=':
- case '<':
- case '>':
- case '\0':
- attr = SERVER_PORT_DEFAULT;
- break;
- default:
- Warning("unknown port attribute '%s'", attr_str);
- attr = SERVER_PORT_DEFAULT;
- };
- }
+ get_connection_attributes(attr_str, pent);
+ if (SERVER_PORT_SSL == pent->type) {
+ ink_assert(ssl_accept_file_descriptor == NO_FD);
+ ssl_accept_file_descriptor = fd;
+ continue;
}
-
- accept_array[accept_index].fd = fd;
- accept_array[accept_index].type = attr;
- accept_index++;
+ accept_array[accept_index++].fd = fd;
}
ink_assert(accept_index < list_entries + 1);
@@ -951,10 +928,6 @@ parse_accept_fd_list()
return accept_array;
}
-#if defined(linux)
-#include <sys/prctl.h>
-#endif
-
static int
set_core_size(const char *name, RecDataT data_type, RecData data, void *opaque_token)
{
@@ -1515,7 +1488,7 @@ main(int argc, char **argv)
#if TS_HAS_PROFILER
ProfilerStart("/tmp/ts.prof");
#endif
- bool found_admin_user = false;
+ bool admin_user_p = false;
NOWARN_UNUSED(argc);
@@ -1597,7 +1570,7 @@ main(int argc, char **argv)
const long max_login = sysconf(_SC_LOGIN_NAME_MAX) <= 0 ? _POSIX_LOGIN_NAME_MAX : sysconf(_SC_LOGIN_NAME_MAX);
char *user = (char *)xmalloc(max_login);
*user = '\0';
- found_admin_user =
+ admin_user_p =
(REC_ERR_OKAY ==
TS_ReadConfigString(user, "proxy.config.admin.user_id", max_login)
)
@@ -1605,14 +1578,14 @@ main(int argc, char **argv)
&& 0 != strcmp(user, "#-1")
;
-# if TS_USE_POSIX_CAPS
+# if TS_USE_POSIX_CAP
// Change the user of the process.
// Do this before we start threads so we control the user id of the
// threads (rather than have it change asynchronously during thread
// execution). We also need to do this before we fiddle with capabilities
// as those are thread local and if we change the user id it will
// modify the capabilities in other threads, breaking things.
- if (found_admin_user) {
+ if (admin_user_p) {
PreserveCapabilities();
change_uid_gid(user);
RestrictCapabilities();
@@ -1641,7 +1614,9 @@ main(int argc, char **argv)
diags->prefix_str = "Server ";
if (is_debug_tag_set("diags"))
diags->dump();
+# if TS_USE_POSIX_CAP
DebugCapabilities("server"); // Can do this now, logging is up.
+# endif
// Check if we should do mlockall()
#if defined(MCL_FUTURE)
@@ -1689,10 +1664,10 @@ main(int argc, char **argv)
init_http_aeua_filter();
// Parse the accept port list from the manager
- http_port_attr_array = parse_accept_fd_list();
+ http_open_port_array = parse_accept_fd_list();
if (is_debug_tag_set("accept_fd"))
- print_accept_fd(http_port_attr_array);
+ print_accept_fd(http_open_port_array);
// Sanity checks
@@ -1923,8 +1898,9 @@ main(int argc, char **argv)
}
# if ! TS_USE_POSIX_CAP
- if (found_admin_user) {
+ if (admin_user_p) {
change_uid_gid(user);
+ DebugCapabilities("server");
xfree(user);
}
# endif
Modified: trafficserver/traffic/trunk/proxy/Main.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/proxy/Main.h?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/proxy/Main.h (original)
+++ trafficserver/traffic/trunk/proxy/Main.h Wed Jul 20 22:23:10 2011
@@ -33,6 +33,7 @@
#ifndef _Main_h_
#define _Main_h_
+#include <ts/ink_defs.h>
#include "libts.h"
#include "Regression.h"
#include "I_Version.h"
@@ -107,30 +108,34 @@ enum HttpPortTypes
SERVER_PORT_SSL
};
-struct HttpPortEntry
-{
- int fd;
- HttpPortTypes type;
+struct HttpEntryPoint {
+ int fd; ///< Pre-opened file descriptor if present.
+ HttpPortTypes type; ///< Type of connection.
+ int port; ///< Port on which to listent.
+ unsigned int domain; ///< Networking domain.
+ /// Set if inbound connects (from client) are/were transparent.
+ bool f_inbound_transparent;
+ /// Set if outbound connections (to origin servers) are transparent.
+ bool f_outbound_transparent;
+
+ HttpEntryPoint()
+ : fd(ts::NO_FD)
+ , type(SERVER_PORT_DEFAULT)
+ , port(-1)
+ , domain(AF_INET)
+ , f_inbound_transparent(false)
+ , f_outbound_transparent(false)
+ { }
};
-extern HttpPortEntry *http_port_attr_array;
+/// Ports that are already open (passed via -A from manager).
+extern HttpEntryPoint *http_open_port_array;
+/// Ports to open in this process.
+extern HttpEntryPoint *http_other_port_array;
extern Version version;
extern AppVersionInfo appVersionInfo;
-struct HttpOtherPortEntry
-{
- int port;
- int domain;
- HttpPortTypes type;
- /// Set if outbound connections (to origin servers) are transparent.
- bool f_outbound_transparent;
- /// Set if inbound connects (from client) are/were transparent.
- bool f_inbound_transparent;
-};
-extern HttpOtherPortEntry *http_other_port_array;
-
-
#define TS_ReadConfigInteger REC_ReadConfigInteger
#define TS_ReadConfigFloat REC_ReadConfigFloat
#define TS_ReadConfigString REC_ReadConfigString
Modified: trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc?rev=1148956&r1=1148955&r2=1148956&view=diff
==============================================================================
--- trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc (original)
+++ trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc Wed Jul 20 22:23:10 2011
@@ -35,8 +35,8 @@
#include "HttpTunnel.h"
#include "Tokenizer.h"
-HttpPortEntry *http_port_attr_array = NULL;
-HttpOtherPortEntry *http_other_port_array = NULL;
+HttpEntryPoint *http_open_port_array = NULL;
+HttpEntryPoint *http_other_port_array = NULL;
#ifdef DEBUG
extern "C"
@@ -76,22 +76,8 @@ struct DumpStats: public Continuation
}
};
-
-struct Attributes {
- HttpPortTypes type;
- int domain;
- bool f_outbound_transparent;
- bool f_inbound_transparent;
-
- Attributes()
- : type(SERVER_PORT_DEFAULT)
- , domain(AF_INET)
- , f_outbound_transparent(false)
- , f_inbound_transparent(false)
- {}
-};
-
-void get_connection_attributes(const char *attr, Attributes *result) {
+// Does not modify result->port
+void get_connection_attributes(const char *attr, HttpEntryPoint *result) {
int attr_len;
result->type = SERVER_PORT_DEFAULT;
@@ -109,6 +95,7 @@ void get_connection_attributes(const cha
}
switch (*attr) {
+ case 'S' : result->type = SERVER_PORT_SSL; break;
case 'C': result->type = SERVER_PORT_COMPRESSED; break;
case '<':
result->f_outbound_transparent = true;
@@ -137,17 +124,15 @@ void get_connection_attributes(const cha
}
-static HttpOtherPortEntry *
+static HttpEntryPoint *
parse_http_server_other_ports()
{
int list_entries;
int accept_index = 0;
int port = 0;
char *other_ports_str = NULL;
- char *cur_entry;
- char *attr_str;
Tokenizer listTok(", ");
- HttpOtherPortEntry *additional_ports_array;
+ HttpEntryPoint *additional_ports_array;
other_ports_str = HTTP_ConfigReadString("proxy.config.http.server_other_ports");
@@ -157,40 +142,33 @@ parse_http_server_other_ports()
list_entries = listTok.Initialize(other_ports_str, SHARE_TOKS);
- if (list_entries > 0) {
- additional_ports_array = new HttpOtherPortEntry[list_entries + 1];
- additional_ports_array[0].port = -1;
- } else {
- return NULL;
- }
+ if (list_entries <= 0) return 0;
- for (int i = 0; i < list_entries; i++) {
- cur_entry = (char *) listTok[i];
+ // Add one so last entry is marked with @a fd of @c NO_FD
+ additional_ports_array = new HttpEntryPoint[list_entries + 1];
+
+ for (int i = 0; i < list_entries; ++i) {
+ HttpEntryPoint* pent = additional_ports_array + accept_index;
+ char const* cur_entry = listTok[i];
+ char* next;
// Check to see if there is a port attribute
- attr_str = strchr(cur_entry, ':');
- if (attr_str != NULL) {
- *attr_str = '\0';
- attr_str = attr_str + 1;
- }
+ char const* attr_str = strchr(cur_entry, ':');
+ if (attr_str != NULL) attr_str = attr_str + 1;
+
// Port value
- // coverity[secure_coding]
- // sscanf of token from tokenizer
- if (sscanf(cur_entry, "%d", &port) != 1) {
- Warning("failed to read accept port, discarding");
+ port = strtoul(cur_entry, &next, 10);
+ if (next == cur_entry) {
+ Warning("failed to read accept port '%s', discarding", cur_entry);
+ continue;
+ } else if (!(1 <= port || port <= 65535)) {
+ Warning("Port value '%s' out of range, discarding", cur_entry);
continue;
}
- additional_ports_array[accept_index].port = port;
-
- Attributes attr;
- get_connection_attributes(attr_str, &attr);
- additional_ports_array[accept_index].type = attr.type;
- additional_ports_array[accept_index].domain = attr.domain;
- additional_ports_array[accept_index].f_outbound_transparent = attr.f_outbound_transparent;
- additional_ports_array[accept_index].f_inbound_transparent = attr.f_inbound_transparent;
-
- accept_index++;
+ pent->port = port;
+ get_connection_attributes(attr_str, pent);
+ ++accept_index;
}
ink_assert(accept_index < list_entries + 1);
@@ -241,6 +219,7 @@ start_HttpProxyServer(int fd, int port,
{
char *dump_every_str = 0;
static bool called_once = false;
+ NetProcessor::AcceptOptions opt;
////////////////////////////////
// check if accept port is in //
@@ -258,84 +237,70 @@ start_HttpProxyServer(int fd, int port,
eventProcessor.schedule_every(NEW(new DumpStats), HRTIME_SECONDS(dump_every_sec), ET_CALL);
}
-/*
- char * state_machines_max_count = NULL;
- if ((state_machines_max_count =
- getenv("HTTP_STATE_MACHINE_MAX_COUNT")) != 0)
- {
- HttpStateMachine::m_state_machines_max_count =
- atoi(state_machines_max_count);
-
- ink_release_assert (HttpStateMachine::m_state_machines_max_count >= 1);
- }
- */
///////////////////////////////////
// start accepting connections //
///////////////////////////////////
- char *attr_string = 0;
- static HttpPortTypes type = SERVER_PORT_DEFAULT;
- NetProcessor::AcceptOptions opt;
- opt.port = port;
+
+ ink_assert(!called_once);
+
opt.accept_threads = accept_threads;
- if (!called_once) {
+ // If ports are already open, just listen on those and ignore other
+ // configuration.
+ if (http_open_port_array) {
+ for ( HttpEntryPoint* pent = http_open_port_array
+ ; ts::NO_FD != pent->fd
+ ; ++pent
+ ) {
+ opt.f_outbound_transparent = pent->f_outbound_transparent;
+ opt.f_inbound_transparent = pent->f_inbound_transparent;
+ netProcessor.main_accept(NEW(new HttpAccept(pent->type)), pent->fd, NULL, NULL, false, false, opt);
+ }
+ } else {
+ static HttpPortTypes type = SERVER_PORT_DEFAULT;
+ char *attr_string = 0;
+ opt.port = port;
+
// function can be called several times : do memory allocation once
+
REC_ReadConfigStringAlloc(attr_string, "proxy.config.http.server_port_attr");
REC_ReadConfigInteger(opt.recv_bufsize, "proxy.config.net.sock_recv_buffer_size_in");
REC_ReadConfigInteger(opt.send_bufsize, "proxy.config.net.sock_send_buffer_size_in");
REC_ReadConfigInteger(opt.sockopt_flags, "proxy.config.net.sock_option_flag_in");
if (attr_string) {
- Attributes attr;
+ HttpEntryPoint attr;
get_connection_attributes(attr_string, &attr);
type = attr.type;
opt.domain = attr.domain;
Debug("http_tproxy", "Primary listen socket transparency is %s\n",
- attr.f_inbound_transparent && attr.f_outbound_transparent ? "bidirectional"
- : attr.f_inbound_transparent ? "inbound"
- : attr.f_outbound_transparent ? "outbound"
- : "off"
- );
+ attr.f_inbound_transparent && attr.f_outbound_transparent ? "bidirectional"
+ : attr.f_inbound_transparent ? "inbound"
+ : attr.f_outbound_transparent ? "outbound"
+ : "off"
+ );
opt.f_outbound_transparent = attr.f_outbound_transparent;
opt.f_inbound_transparent = attr.f_inbound_transparent;
xfree(attr_string);
}
- called_once = true;
- if (http_port_attr_array) {
- for (int i = 0; http_port_attr_array[i].fd != NO_FD; i++) {
- HttpPortEntry & e = http_port_attr_array[i];
- if (e.fd)
- netProcessor.main_accept(NEW(new HttpAccept(e.type)), e.fd, NULL, NULL, false, false, opt);
- }
- } else {
- // If traffic_server wasn't started with -A, get the list
- // of other ports directly.
- http_other_port_array = parse_http_server_other_ports();
- }
- }
- if (!http_port_attr_array) {
+
netProcessor.main_accept(NEW(new HttpAccept(type)), fd, NULL, NULL, false, false, opt);
+ http_other_port_array = parse_http_server_other_ports();
if (http_other_port_array) {
for (int i = 0; http_other_port_array[i].port != -1; i++) {
- HttpOtherPortEntry & e = http_other_port_array[i];
+ HttpEntryPoint & e = http_other_port_array[i];
if ((e.port<1) || (e.port> 65535))
Warning("additional port out of range ignored: %d", e.port);
else {
opt.port = e.port;
opt.domain = e.domain;
opt.f_outbound_transparent = e.f_outbound_transparent;
- netProcessor.main_accept(NEW(new HttpAccept(e.type)), fd, NULL, NULL, false, false, opt);
+ opt.f_inbound_transparent = e.f_inbound_transparent;
+ netProcessor.main_accept(NEW(new HttpAccept(e.type)), e.fd, NULL, NULL, false, false, opt);
}
}
}
- } else {
- for (int i = 0; http_port_attr_array[i].fd != NO_FD; i++) {
- HttpPortEntry & e = http_port_attr_array[i];
- if (!e.fd) {
- netProcessor.main_accept(NEW(new HttpAccept(type)), fd, NULL, NULL, false, false, opt);
- }
- }
}
SslConfigParams *sslParam = sslTerminationConfig.acquire();