upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-03 20:39:41 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
haproxy/src/cli.c

3756 lines
109 KiB
C
Raw Normal View History

[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
/*
[MEDIUM] separate protocol-level accept() from the frontend's For a long time we had two large accept() functions, one for TCP sockets instanciating proxies, and another one for UNIX sockets instanciating the stats interface. A lot of code was duplicated and both did not work exactly the same way. Now we have a stream_sock layer accept() called for either TCP or UNIX sockets, and this function calls the frontend-specific accept() function which does the rest of the frontend-specific initialisation. Some code is still duplicated (session & task allocation, stream interface initialization), and might benefit from having an intermediate session-level accept() callback to perform such initializations. Still there are some minor differences that need to be addressed first. For instance, the monitor nets should only be checked for proxies and not for other connection templates. Last, we renamed l->private as l->frontend. The "private" pointer in the listener is only used to store a frontend, so let's rename it to eliminate this ambiguity. When we later support detached listeners (eg: FTP), we'll add another field to avoid the confusion.
2010-05-28 12:46:57 -04:00
* Functions dedicated to statistics output and the stats socket
[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
*
REORG: stats: massive code reorg and cleanup The dumpstats code looks like a spaghetti plate. Several functions are supposed to be able to do several things but rely on complex states to dispatch the work to independant functions. Most of the HTML output is performed within the switch/case statements of the whole state machine. Let's clean this up by adding new functions to emit the data and have a few more iterators to avoid relying on so complex states. The new stats dump sequence looks like this for CLI and for HTTP : cli_io_handler() -> stats_dump_sess_to_buffer() // "show sess" -> stats_dump_errors_to_buffer() // "show errors" -> stats_dump_raw_info_to_buffer() // "show info" -> stats_dump_raw_info() -> stats_dump_raw_stat_to_buffer() // "show stat" -> stats_dump_csv_header() -> stats_dump_proxy() -> stats_dump_px_hdr() -> stats_dump_fe_stats() -> stats_dump_li_stats() -> stats_dump_sv_stats() -> stats_dump_be_stats() -> stats_dump_px_end() http_stats_io_handler() -> stats_http_redir() -> stats_dump_http() // also emits the HTTP headers -> stats_dump_html_head() // emits the HTML headers -> stats_dump_csv_header() // emits the CSV headers (same as above) -> stats_dump_http_info() // note: ignores non-HTML output -> stats_dump_proxy() // same as above -> stats_dump_http_end() // emits HTML trailer
2012-12-22 14:31:10 -05:00
* Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
[MEDIUM] Collect & show information about last health check, v3 Collect information about last health check result, including L7 code if possible (for example http or smtp return code) and time took to finish last check. Health check info is provided on both stats pages (html & csv) and logged when a server is marked UP or DOWN. Currently active check are marked with an asterisk, but only in html mode. Currently there are 14 status codes: UNK -> unknown INI -> initializing SOCKERR -> socket error L4OK -> check passed on layer 4, no upper layers testing enabled L4TOUT -> layer 1-4 timeout L4CON -> layer 1-4 connection problem, for example "Connection refused" (tcp rst) or "No route to host" (icmp) L6OK -> check passed on layer 6 L6TOUT -> layer 6 (SSL) timeout L6RSP -> layer 6 invalid response - protocol error L7OK -> check passed on layer 7 L7OKC -> check conditionally passed on layer 7, for example 404 with disable-on-404 L7TOUT -> layer 7 (HTTP/SMTP) timeout L7RSP -> layer 7 invalid response - protocol error L7STS -> layer 7 response error, for example HTTP 5xx
2009-09-23 16:09:24 -04:00
* Copyright 2007-2009 Krzysztof Piotr Oledzki <ole@ans.pl>
[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
#include <pwd.h>
#include <grp.h>
[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
#include <net/if.h>
REORG: include: update all files to use haproxy/api.h or api-t.h if needed All files that were including one of the following include files have been updated to only include haproxy/api.h or haproxy/api-t.h once instead: - common/config.h - common/compat.h - common/compiler.h - common/defaults.h - common/initcall.h - common/tools.h The choice is simple: if the file only requires type definitions, it includes api-t.h, otherwise it includes the full api.h. In addition, in these files, explicit includes for inttypes.h and limits.h were dropped since these are now covered by api.h and api-t.h. No other change was performed, given that this patch is large and affects 201 files. At least one (tools.h) was already freestanding and didn't get the new one added.
2020-05-27 06:58:42 -04:00
#include <haproxy/api.h>
CLEANUP: tree-wide: Remove any ref to stream-interfaces Stream-interfaces are gone. Corresponding files can be safely be removed. In addition, comments are updated accordingly.
2022-04-04 05:29:28 -04:00
#include <haproxy/applet.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/base64.h>
REORG: include: move cfgparse.h to haproxy/cfgparse.h There's no point splitting the file in two since only cfgparse uses the types defined there. A few call places were updated and cleaned up. All of them were in C files which register keywords. There is nothing left in common/ now so this directory must not be used anymore.
2020-06-04 18:00:29 -04:00
#include <haproxy/cfgparse.h>
REORG: include: move channel.h to haproxy/channel{,-t}.h The files were moved with no change. The callers were cleaned up a bit and a few of them had channel.h removed since not needed.
2020-06-04 15:07:02 -04:00
#include <haproxy/channel.h>
REORG: include: move checks.h to haproxy/check{,-t}.h All includes that were not absolutely necessary were removed because checks.h happens to very often be part of dependency loops. A warning was added about this in check-t.h. The fields, enums and structs were a bit tidied because it's particularly tedious to find anything there. It would make sense to split this in two or more files (at least extract tcp-checks). The file was renamed to the singular because it was one of the rare exceptions to have an "s" appended to its name compared to the struct name.
2020-06-04 12:21:56 -04:00
#include <haproxy/check.h>
REORG: include: move cli.h to haproxy/cli{,-t}.h Almost no change except moving the cli_kw struct definition after the defines. Almost all users had both types&proto included, which is not surprizing since this code is old and it used to be the norm a decade ago. These places were cleaned.
2020-06-04 14:19:54 -04:00
#include <haproxy/cli.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/compression.h>
REORG: include: move dns.h to haproxy/dns{,-t}.h The files were moved as-is.
2020-06-04 04:53:16 -04:00
#include <haproxy/dns-t.h>
REORG: include: move the error reporting functions to from log.h to errors.h Most of the files dealing with error reports have to include log.h in order to access ha_alert(), ha_warning() etc. But while these functions don't depend on anything, log.h depends on a lot of stuff because it deals with log-formats and samples. As a result it's impossible not to embark long dependencies when using ha_warning() or qfprintf(). This patch moves these low-level functions to errors.h, which already defines the error codes used at the same places. About half of the users of log.h could be adjusted, sometimes revealing other issues such as missing tools.h. Interestingly the total preprocessed size shrunk by 4%.
2020-06-05 11:27:29 -04:00
#include <haproxy/errors.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/fd.h>
#include <haproxy/freq_ctr.h>
REORG: include: move frontend.h to haproxy/frontend.h There was no type file for this one, it only contains frontend_accept().
2020-06-04 05:23:07 -04:00
#include <haproxy/frontend.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/global.h>
REORG: include: split mini-clist into haproxy/list and list-t.h Half of the users of this include only need the type definitions and not the manipulation macros nor the inline functions. Moves the various types into mini-clist-t.h makes the files cleaner. The other one had all its includes grouped at the top. A few files continued to reference it without using it and were cleaned. In addition it was about time that we'd rename that file, it's not "mini" anymore and contains a bit more than just circular lists.
2020-05-27 12:01:47 -04:00
#include <haproxy/list.h>
REORG: include: move listener.h to haproxy/listener{,-t}.h stdlib and list were missing from listener.h, otherwise it was OK.
2020-06-04 08:58:24 -04:00
#include <haproxy/listener.h>
REORG: include: move log.h to haproxy/log{,-t}.h The current state of the logging is a real mess. The main problem is that almost all files include log.h just in order to have access to the alert/warning functions like ha_alert() etc, and don't care about logs. But log.h also deals with real logging as well as log-format and depends on stream.h and various other things. As such it forces a few heavy files like stream.h to be loaded early and to hide missing dependencies depending where it's loaded. Among the missing ones is syslog.h which was often automatically included resulting in no less than 3 users missing it. Among 76 users, only 5 could be removed, and probably 70 don't need the full set of dependencies. A good approach would consist in splitting that file in 3 parts: - one for error output ("errors" ?). - one for log_format processing - and one for actual logging.
2020-06-04 16:01:04 -04:00
#include <haproxy/log.h>
MINOR: mworker: ReloadFailed shown depending on failedreload The ReloadFailed prompt in the master CLI is shown only when failedreloads > 0. It was previously using a check on the wait mode, but we always use the wait mode now.
2021-11-10 04:57:18 -05:00
#include <haproxy/mworker.h>
REORG: include: move mworker.h to haproxy/mworker{,-t}.h One function prototype makes reference to struct mworker_proc which was not defined there but in global.h instead. This definition, along with the PROC_O_* fields were moved to mworker-t.h instead.
2020-06-04 08:07:37 -04:00
#include <haproxy/mworker-t.h>
REORG: include: move pattern.h to haproxy/pattern{,-t}.h It was moved as-is, except for extern declaration of pattern_reference. A few C files used to include it but didn't need it anymore after having been split apart so this was cleaned.
2020-06-04 09:06:28 -04:00
#include <haproxy/pattern-t.h>
REORG: include: move peers.h to haproxy/peers{,-t}.h The cfg_peers external declaration was moved to the main file instead of the type one. A few types were still missing from the proto, causing warnings in the functions prototypes (proxy, stick_table).
2020-06-04 12:38:21 -04:00
#include <haproxy/peers.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/pipe.h>
#include <haproxy/protocol.h>
REORG: include: move proxy.h to haproxy/proxy{,-t}.h This one is particularly difficult to split because it provides all the functions used to manipulate a proxy state and to retrieve names or IDs for error reporting, and as such, it was included in 73 files (down to 68 after cleanup). It would deserve a small cleanup though the cut points are not obvious at the moment given the number of structs involved in the struct proxy itself.
2020-06-04 16:29:18 -04:00
#include <haproxy/proxy.h>
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
#include <haproxy/quic_sock.h>
REORG: include: move sample.h to haproxy/sample{,-t}.h This one is particularly tricky to move because everyone uses it and it depends on a lot of other types. For example it cannot include arg-t.h and must absolutely only rely on forward declarations to avoid dependency loops between vars -> sample_data -> arg. In order to address this one, it would be nice to split the sample_data part out of sample.h.
2020-06-04 09:33:47 -04:00
#include <haproxy/sample-t.h>
REORG: rename cs_utils.h to sc_strm.h This file contains all the stream-connector functions that are specific to application layers of type stream. So let's name it accordingly so that it's easier to figure what's located there. The alphabetical ordering of include files was preserved.
2022-05-27 03:25:10 -04:00
#include <haproxy/sc_strm.h>
REORG: include: move server.h to haproxy/server{,-t}.h extern struct dict server_name_dict was moved from the type file to the main file. A handful of inlined functions were moved at the bottom of the file. Call places were updated to use server-t.h when relevant, or to simply drop the entry when not needed.
2020-06-04 17:20:13 -04:00
#include <haproxy/server.h>
REORG: include: move session.h to haproxy/session{,-t}.h Almost no change was needed beyond a little bit of reordering of the types file and adjustments to use session-t instead of session at a few places.
2020-06-04 12:58:52 -04:00
#include <haproxy/session.h>
MINOR: protocol: register the receiver's I/O handler and not the protocol's Now we define a new sock_accept_iocb() for socket-based stream protocols and use it as a wrapper for listener_accept() which now takes a listener and not an FD anymore. This will allow the receiver's I/O cb to be redefined during registration, and more specifically to get rid of the hard-coded hacks in protocol_bind_all() made for syslog. The previous ->accept() callback in the protocol was removed since it doesn't have anything to do with accept() anymore but is more generic. A few places where listener_accept() was compared against the FD's IO callback for debugging purposes on the CLI were updated.
2020-10-15 15:29:49 -04:00
#include <haproxy/sock.h>
REORG: include: move stats.h to haproxy/stats{,-t}.h Just some minor reordering, and the usual cleanup of call places for those which didn't need it. We don't include the whole tools.h into stats-t anymore but just tools-t.h.
2020-06-04 13:58:55 -04:00
#include <haproxy/stats-t.h>
REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h} There's no more reason for keepin the code and definitions in conn_stream, let's move all that to stconn. The alphabetical ordering of include files was adjusted.
2022-05-27 03:47:12 -04:00
#include <haproxy/stconn.h>
REORG: include: move stream.h to haproxy/stream{,-t}.h This one was not easy because it was embarking many includes with it, which other files would automatically find. At least global.h, arg.h and tools.h were identified. 93 total locations were identified, 8 additional includes had to be added. In the rare files where it was possible to finalize the sorting of includes by adjusting only one or two extra lines, it was done. But all files would need to be rechecked and cleaned up now. It was the last set of files in types/ and proto/ and these directories must not be reused anymore.
2020-06-04 17:46:14 -04:00
#include <haproxy/stream.h>
MEDIUM: mworker: remove USE_SYSTEMD requirement for -Ws Since sd_notify() is now implemented in src/systemd.c, there is no need anymore to build its support conditionnally with USE_SYSTEMD. This patch add supports for -Ws for every build and removes the USE_SYSTEMD build option. It also remove every reference to USE_SYSTEMD in the documentation and the CI. This also allows to run the reg-tests in -Ws with the new VTest support.
2024-11-20 06:02:39 -05:00
#include <haproxy/systemd.h>
REORG: include: move task.h to haproxy/task{,-t}.h The TASK_IS_TASKLET() macro was moved to the proto file instead of the type one. The proto part was a bit reordered to remove a number of ugly forward declaration of static inline functions. About a tens of C and H files had their dependency dropped since they were not using anything from task.h.
2020-06-04 11:25:40 -04:00
#include <haproxy/task.h>
REORG: include: move common/ticks.h to haproxy/ticks.h Nothing needed to be changed, there are no exported types.
2020-06-02 12:15:32 -04:00
#include <haproxy/ticks.h>
REORG: include: move time.h from common/ to haproxy/ This one is included almost everywhere and used to rely on a few other .h that are not needed (unistd, stdlib, standard.h). It could possibly make sense to split it into multiple parts to distinguish operations performed on timers and the internal time accounting, but at this point it does not appear much important.
2020-06-01 05:05:15 -04:00
#include <haproxy/time.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/tools.h>
REORG: include: move version.h to haproxy/ Few files were affected. The release scripts was updated.
2020-05-27 09:59:00 -04:00
#include <haproxy/version.h>
[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
#define PAYLOAD_PATTERN "<<"
CLEANUP: applet: rename struct si_applet to applet Since this one does not depend on stream_interface anymore, remove the "si_" prefix.
2015-04-13 07:50:30 -04:00
static struct applet cli_applet;
MINOR: mworker/cli: the master CLI use its own applet Following the patch b4daee ("MINOR: sock: add a check against cross worker<->master socket activities"), this patch adds a dedicated applet for the master CLI. It ensures that the CLI connection can't be used with the master rights in the case of bugs.
2020-11-05 04:28:53 -05:00
static struct applet mcli_applet;
[CLEANUP] dumpstats: make symbols static where possible
2011-06-15 02:18:44 -04:00
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
static const char cli_permission_denied_msg[] =
[MEDIUM] add access restrictions to the stats socket The stats socket can now run at 3 different levels : - user - operator (default one) - admin These levels are used to restrict access to some information and commands. Only the admin can clear all stats. A user cannot clear anything nor access sensible data such as sessions or errors.
2009-10-10 11:13:00 -04:00
"Permission denied\n"
"";
[REORG] session: move the data_ctx struct to the stream interface's applet This is in fact where those parts belong to. The old data_state was replaced by applet.state and is now initialized when the applet is registered. It's worth noting that the applet does not need to know the session nor the buffer anymore since everything is brought by the stream interface. It is possible that having a separate applet struct would simplify the code but that's not a big deal.
2011-03-10 05:25:07 -05:00
BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
2017-10-29 15:14:08 -04:00
static THREAD_LOCAL char *dynamic_usage_msg = NULL;
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
/* List head of cli keywords */
REORG: cli: split dumpstats.c in src/cli.c and src/stats.c dumpstats.c was containing either the stats code and the CLI code. The cli code has been moved to cli.c and the stats code to stats.c
2016-11-21 11:18:36 -05:00
static struct cli_kw_list cli_keywords = {
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
.list = LIST_HEAD_INIT(cli_keywords.list)
[REORG] session: move the data_ctx struct to the stream interface's applet This is in fact where those parts belong to. The old data_state was replaced by applet.state and is now initialized when the applet is registered. It's worth noting that the applet does not need to know the session nor the buffer anymore since everything is brought by the stream interface. It is possible that having a separate applet struct would simplify the code but that's not a big deal.
2011-03-10 05:25:07 -05:00
};
MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes memcmp()/strcmp() calls were needed in different parts of code to determine the status code. Each new status code introduces new calls, which can become inefficient and source of bugs. This patch reorganizes the code to rely on a numeric status code internally and to be hopefully more generic.
2012-04-04 06:57:21 -04:00
extern const char *stat_status_codes[];
MINOR/BUG: mworker/cli: do not use the unix_bind prefix for the master CLI socket If the configuration file contains a 'unix-bind prefix' directive, and if we use the -S option and specify a UNIX socket path, the path of the socket will be prepended with the value of the unix-bind prefix. For instance, if we have 'unix-bind prefix /tmp/sockets/' and we use '-S /tmp/master-socket' on the command line, we will get this error: Starting proxy MASTER: cannot bind UNIX socket (No such file or directory) [/tmp/sockets/tmp/master-socket] So this patch adds an exception, and will ignore the unix-bind prefix for the master CLI socket. This patch can be backported as far as 1.9.
2021-03-16 10:12:17 -04:00
struct proxy *mworker_proxy; /* CLI proxy of the master */
MINOR: mworker: stores the mcli_reload bind_conf Stores the mcli_reload bind_conf in order to identify it later.
2022-09-24 09:56:25 -04:00
struct bind_conf *mcli_reload_bind_conf;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
/* CLI context for the "show env" command */
struct show_env_ctx {
char **var; /* first variable to show */
int show_one; /* stop after showing the first one */
};
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
/* CLI context for the "show fd" command */
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
/* flags for show_fd_ctx->show_mask */
#define CLI_SHOWFD_F_PI 0x00000001 /* pipes */
#define CLI_SHOWFD_F_LI 0x00000002 /* listeners */
#define CLI_SHOWFD_F_FE 0x00000004 /* frontend conns */
#define CLI_SHOWFD_F_SV 0x00000010 /* server-only conns */
#define CLI_SHOWFD_F_PX 0x00000020 /* proxy-only conns */
#define CLI_SHOWFD_F_BE 0x00000030 /* backend: srv+px */
#define CLI_SHOWFD_F_CO 0x00000034 /* conn: be+fe */
#define CLI_SHOWFD_F_ANY 0x0000003f /* any type */
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
struct show_fd_ctx {
int fd; /* first FD to show */
int show_one; /* stop after showing one FD */
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
uint show_mask; /* CLI_SHOWFD_F_xxx */
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
};
CLEANUP: cli: make "show cli sockets" use its own context Let's create a show_sock_ctx to store the bind_conf and the listener. The entry is reserved when entering the I/O handler since there's no parser here. That's fine because the function doesn't touch the area.
2022-05-05 13:11:05 -04:00
/* CLI context for the "show cli sockets" command */
struct show_sock_ctx {
struct bind_conf *bind_conf;
struct listener *listener;
};
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
static int cmp_kw_entries(const void *a, const void *b)
{
const struct cli_kw *l = *(const struct cli_kw **)a;
const struct cli_kw *r = *(const struct cli_kw **)b;
return strcmp(l->usage ? l->usage : "", r->usage ? r->usage : "");
}
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
/* This will show the help message and list the commands supported at the
* current level that match all of the first words of <args> if args is not
* NULL, or all args if none matches or if args is null.
*/
static char *cli_gen_usage_msg(struct appctx *appctx, char * const *args)
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
{
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
struct cli_kw *entries[CLI_MAX_HELP_ENTRIES];
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
struct cli_kw_list *kw_list;
struct cli_kw *kw;
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *tmp = get_trash_chunk();
struct buffer out;
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
struct { struct cli_kw *kw; int dist; } matches[CLI_MAX_MATCHES], swp;
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
int idx;
MINOR: cli: make "help" support a command in argument With ~100 commands on the CLI, it's particularly difficult to find a specific one in the "help" output. The function used to display the help already supports filtering on certain commands, so in the end it's just needed to pass the argument of the help command to enable the automatic filtering. That's what this patch does so that "help clear" only lists commands starting with "clear" and that "help map" lists commands containing "map" in them.
2021-05-09 14:59:23 -04:00
int ishelp = 0;
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
int length = 0;
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
int help_entries = 0;
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) This makes the code more readable and less prone to copy-paste errors. In addition, it allows to place some __builtin_constant_p() predicates to trigger a link-time error in case the compiler knows that the freed area is constant. It will also produce compile-time error if trying to free something that is not a regular pointer (e.g. a function). The DEBUG_MEM_STATS macro now also defines an instance for ha_free() so that all these calls can be checked. 178 occurrences were converted. The vast majority of them were handled by the following Coccinelle script, some slightly refined to better deal with "&*x" or with long lines: @ rule @ expression E; @@ - free(E); - E = NULL; + ha_free(&E); It was verified that the resulting code is the same, more or less a handful of cases where the compiler optimized slightly differently the temporary variable that holds the copy of the pointer. A non-negligible amount of {free(str);str=NULL;str_len=0;} are still present in the config part (mostly header names in proxies). These ones should also be cleaned for the same reasons, and probably be turned into ist strings.
2021-02-20 04:46:51 -05:00
ha_free(&dynamic_usage_msg);
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
MINOR: cli: make "help" support a command in argument With ~100 commands on the CLI, it's particularly difficult to find a specific one in the "help" output. The function used to display the help already supports filtering on certain commands, so in the end it's just needed to pass the argument of the help command to enable the automatic filtering. That's what this patch does so that "help clear" only lists commands starting with "clear" and that "help map" lists commands containing "map" in them.
2021-05-09 14:59:23 -04:00
if (args && *args && strcmp(*args, "help") == 0) {
args++;
ishelp = 1;
}
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
/* first, let's measure the longest match */
list_for_each_entry(kw_list, &cli_keywords.list, list) {
for (kw = &kw_list->kw[0]; kw->str_kw[0]; kw++) {
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
if (kw->level & ~appctx->cli_level & (ACCESS_MASTER_ONLY|ACCESS_EXPERT|ACCESS_EXPERIMENTAL))
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
continue;
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
if (!(appctx->cli_level & ACCESS_MCLI_DEBUG) &&
(appctx->cli_level & ~kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)) ==
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
(ACCESS_MASTER_ONLY|ACCESS_MASTER))
continue;
/* OK this command is visible */
for (idx = 0; idx < CLI_PREFIX_KW_NB; idx++) {
if (!kw->str_kw[idx])
break; // end of keyword
if (!args || !args[idx] || !*args[idx])
break; // end of command line
if (strcmp(kw->str_kw[idx], args[idx]) != 0)
break;
if (idx + 1 > length)
length = idx + 1;
}
}
}
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
/* now <length> equals the number of exactly matching words */
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
chunk_reset(tmp);
MINOR: cli: make "help" support a command in argument With ~100 commands on the CLI, it's particularly difficult to find a specific one in the "help" output. The function used to display the help already supports filtering on certain commands, so in the end it's just needed to pass the argument of the help command to enable the automatic filtering. That's what this patch does so that "help clear" only lists commands starting with "clear" and that "help map" lists commands containing "map" in them.
2021-05-09 14:59:23 -04:00
if (ishelp) // this is the help message.
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
chunk_strcat(tmp, "The following commands are valid at this level:\n");
MINOR: cli: print parsed command when not found It is useful because when we're passing data to runtime API, specially via code, we can mistakenly send newlines leading to some lines being wrongly interpretted as commands. This is analogous to how it's done in a shell, example bash: $ not_found arg1 bash: not_found: command not found... $ Real world example: Following the official docs to add a cert: $ echo -e "set ssl cert ./cert.pem <<\n$(cat ./cert.pem)\n" | socat stdio tcp4-connect:127.0.0.1:9999 Note, how the payload is sent via '<<\n$(cat ./cert.pem)\n'. If cert.pem contains a newline between various PEM blocks, which is valid, the above command would generate a flood of 'Unknown command' messages for every line sent after the first newline. As a new user, this detail is not clearly visible as socket API doesn't say what exactly what was 'unknown' about it. The cli interface should be obvious around guiding user on "what do do next". This commit changes that by printing the parsed cmd in output like 'Unknown command: "<cmd>"' so the user gets clear "next steps", like bash, regarding what indeed was the wrong command that HAproxy couldn't interpret. Previously: $ echo -e "show version\nhelpp"| socat ./haproxy.sock - | head -n4 2.7-dev6 Unknown command, but maybe one of the following ones is a better match: add map [@<ver>] <map> <key> <val> : add a map entry (payload supported instead of key/val) Now: $ echo -e "show version\nhelpp"| socat ./haproxy.sock - | head -n4 2.7-dev8-737bb7-156 Unknown command: 'helpp', but maybe one of the following ones is a better match: add map [@<ver>] <map> <key> <val> : add a map entry (payload supported instead of key/val)
2022-11-17 07:42:38 -05:00
else {
chunk_strcat(tmp, "Unknown command: '");
if (args && *args)
chunk_strcat(tmp, *args);
chunk_strcat(tmp, "'");
if (!length && (!args || !*args || !**args)) // no match
chunk_strcat(tmp, ". Please enter one of the following commands only:\n");
else // partial match
chunk_strcat(tmp, ", but maybe one of the following ones is a better match:\n");
}
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
for (idx = 0; idx < CLI_MAX_MATCHES; idx++) {
matches[idx].kw = NULL;
matches[idx].dist = INT_MAX;
}
/* In case of partial match we'll look for the best matching entries
* starting from position <length>
*/
BUG/MEDIUM: cli: fix "help" crashing since recent spelling fixes I somehow managed to re-break the "help" command in b736458bf ("MEDIUM: cli: apply spelling fixes for known commands before listing them") after fixing it once. A null-deref happens when checking the args early in the processing. No backport is needed as this was introduced in 2.4-dev12.
2021-03-13 06:25:43 -05:00
if (args && args[length] && *args[length]) {
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
list_for_each_entry(kw_list, &cli_keywords.list, list) {
for (kw = &kw_list->kw[0]; kw->str_kw[0]; kw++) {
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
if (kw->level & ~appctx->cli_level & (ACCESS_MASTER_ONLY|ACCESS_EXPERT|ACCESS_EXPERIMENTAL))
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
continue;
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
if (!(appctx->cli_level & ACCESS_MCLI_DEBUG) &&
((appctx->cli_level & ~kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)) ==
(ACCESS_MASTER_ONLY|ACCESS_MASTER)))
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
continue;
for (idx = 0; idx < length; idx++) {
if (!kw->str_kw[idx])
break; // end of keyword
if (!args || !args[idx] || !*args[idx])
break; // end of command line
if (strcmp(kw->str_kw[idx], args[idx]) != 0)
break;
}
/* extra non-matching words are fuzzy-matched */
if (kw->usage && idx == length && args[idx] && *args[idx]) {
uint8_t word_sig[1024];
uint8_t list_sig[1024];
int dist = 0;
int totlen = 0;
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
int i;
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
/* this one matches, let's compute the distance between the two
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
* on the remaining words. For this we're computing the signature
* of everything that remains and the cumulated length of the
* strings.
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
*/
MINOR: cli: apply the fuzzy matching on the whole command instead of words Now instead of comparing words at an exact position, we build a fingerprint made of all of them, so that we can check for them in any position. For example, "show conn serv" finds "show servers conn" and that "set servers maxconn" proposes both "set server" and "set maxconn servers".
2021-03-12 13:01:59 -05:00
memset(word_sig, 0, sizeof(word_sig));
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
for (i = idx; i < CLI_PREFIX_KW_NB && args[i] && *args[i]; i++) {
update_word_fingerprint(word_sig, args[i]);
totlen += strlen(args[i]);
}
MINOR: cli: apply the fuzzy matching on the whole command instead of words Now instead of comparing words at an exact position, we build a fingerprint made of all of them, so that we can check for them in any position. For example, "show conn serv" finds "show servers conn" and that "set servers maxconn" proposes both "set server" and "set maxconn servers".
2021-03-12 13:01:59 -05:00
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
memset(list_sig, 0, sizeof(list_sig));
for (i = idx; i < CLI_PREFIX_KW_NB && kw->str_kw[i]; i++) {
update_word_fingerprint(list_sig, kw->str_kw[i]);
totlen += strlen(kw->str_kw[i]);
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
}
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
MINOR: cli: apply the fuzzy matching on the whole command instead of words Now instead of comparing words at an exact position, we build a fingerprint made of all of them, so that we can check for them in any position. For example, "show conn serv" finds "show servers conn" and that "set servers maxconn" proposes both "set server" and "set maxconn servers".
2021-03-12 13:01:59 -05:00
dist = word_fingerprint_distance(word_sig, list_sig);
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
/* insert this one at its place if relevant, in order to keep only
* the best matches.
*/
swp.kw = kw; swp.dist = dist;
MINOR: cli: improve fuzzy matching to work on all remaining words at once Till now the fuzzy matching would only work on the same number of words, but this doesn't account for commands like "show servers conn" which involve 3 words and were not proposed when entering only "show conn". Let's improve the situation by building the two fingerprints separately for the correct keyword sequence and the entered one, then compare them. This can result in slightly larger variations due to the different string lengths but is easily compensated for. Thanks to this, we can now see "show servers conn" when entering "show conn", and the following choices are relevant to correct typos: - "show foo" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show env [var] : dump environment variables known to the process show fd [num] : dump list of file descriptors in use show pools : report information about the memory pools usage - "show stuff" show sess [id] : report the list of current sessions or dump this session show info : report information about the running process [desc|json|typed]* show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show tasks : show running tasks - "show stafe" show sess [id] : report the list of current sessions or dump this session show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show fd [num] : dump list of file descriptors in use show table [id]: report table usage stats or dump this table's contents show tasks : show running tasks - "show state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show servers state [id]: dump volatile server information (for backend <id>) It's still visible that the shorter ones continue to easily match, such as "show sess" not having much in common with "show foo" but what matters is that the best candidates are definitely relevant. Probably that listing them in match order would further help.
2021-03-15 05:00:29 -04:00
if (dist < 5*totlen/2 && dist < matches[CLI_MAX_MATCHES-1].dist) {
MEDIUM: cli: apply spelling fixes for known commands before listing them Entering "show tls" would still emit 35 entries. By measuring the distance between all unknown words and the candidates, we can sort them and pick the 10 most likely candidates. This works reasonably well, as now "show tls" only proposes "show tls-keys", "show threads", "show pools" and "show tasks". If the distance is still too high or if a word is missing, the whole prefix list continues to be dumped, thus "show" alone will still report the entire list of commands beginning with "show". It's still impossible to skip a word, for example "show conn" will not propose "show servers conn" because the distance is calculated for each word individually. Some changes to the distance calculation to support updating an existing map could easily address this. But this is already a great improvement.
2021-03-12 12:24:46 -05:00
matches[CLI_MAX_MATCHES-1] = swp;
for (idx = CLI_MAX_MATCHES - 1; --idx >= 0;) {
if (matches[idx+1].dist >= matches[idx].dist)
break;
matches[idx+1] = matches[idx];
matches[idx] = swp;
}
}
}
}
}
}
MINOR: cli: sort the suggestions by order of relevance Now the suggested keywords are sorted with the most relevant ones first instead of scanning them all in registration order and only dumping the proposed ones: - "tra" trace <module> [cmd [args...]] : manage live tracing operator : lower the level of the current CLI session to operator user : lower the level of the current CLI session to user show trace [<module>] : show live tracing state - "pool" show pools : report information about the memory pools usage add acl : add acl entry del map : delete map entry user : lower the level of the current CLI session to user del acl : delete acl entry - "sh ta" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show tasks : show running tasks set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents trace <module> [cmd [args...]] : manage live tracing - "sh state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents show servers state [id]: dump volatile server information (for backend <id>) show sess [id] : report the list of current sessions or dump this session
2021-03-15 05:35:04 -04:00
if (matches[0].kw) {
/* we have fuzzy matches, let's propose them */
for (idx = 0; idx < CLI_MAX_MATCHES; idx++) {
kw = matches[idx].kw;
if (!kw)
break;
/* stop the dump if some words look very unlikely candidates */
if (matches[idx].dist > 5*matches[0].dist/2)
break;
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
if (help_entries < CLI_MAX_HELP_ENTRIES)
entries[help_entries++] = kw;
MINOR: cli: sort the suggestions by order of relevance Now the suggested keywords are sorted with the most relevant ones first instead of scanning them all in registration order and only dumping the proposed ones: - "tra" trace <module> [cmd [args...]] : manage live tracing operator : lower the level of the current CLI session to operator user : lower the level of the current CLI session to user show trace [<module>] : show live tracing state - "pool" show pools : report information about the memory pools usage add acl : add acl entry del map : delete map entry user : lower the level of the current CLI session to user del acl : delete acl entry - "sh ta" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show tasks : show running tasks set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents trace <module> [cmd [args...]] : manage live tracing - "sh state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents show servers state [id]: dump volatile server information (for backend <id>) show sess [id] : report the list of current sessions or dump this session
2021-03-15 05:35:04 -04:00
}
}
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
list_for_each_entry(kw_list, &cli_keywords.list, list) {
MINOR: cli: sort the suggestions by order of relevance Now the suggested keywords are sorted with the most relevant ones first instead of scanning them all in registration order and only dumping the proposed ones: - "tra" trace <module> [cmd [args...]] : manage live tracing operator : lower the level of the current CLI session to operator user : lower the level of the current CLI session to user show trace [<module>] : show live tracing state - "pool" show pools : report information about the memory pools usage add acl : add acl entry del map : delete map entry user : lower the level of the current CLI session to user del acl : delete acl entry - "sh ta" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* show tasks : show running tasks set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents trace <module> [cmd [args...]] : manage live tracing - "sh state" show stat : report counters for each proxy and server [desc|json|no-maint|typed|up]* set table [id] : update or create a table entry's data show table [id]: report table usage stats or dump this table's contents show servers state [id]: dump volatile server information (for backend <id>) show sess [id] : report the list of current sessions or dump this session
2021-03-15 05:35:04 -04:00
/* no full dump if we've already found nice candidates */
if (matches[0].kw)
break;
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
for (kw = &kw_list->kw[0]; kw->str_kw[0]; kw++) {
MEDIUM: cli: disable some keywords in the master The master process does not need all the keywords of the cli, add 2 flags to chose which keyword to use. It might be useful to activate some of them in a debug mode later...
2018-10-26 08:47:37 -04:00
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
/* in a worker or normal process, don't display master-only commands
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
* nor expert/experimental mode commands if not in this mode.
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
*/
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
if (kw->level & ~appctx->cli_level & (ACCESS_MASTER_ONLY|ACCESS_EXPERT|ACCESS_EXPERIMENTAL))
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
continue;
MEDIUM: cli: disable some keywords in the master The master process does not need all the keywords of the cli, add 2 flags to chose which keyword to use. It might be useful to activate some of them in a debug mode later...
2018-10-26 08:47:37 -04:00
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
/* in master, if the CLI don't have the
* ACCESS_MCLI_DEBUG don't display commands that have
* neither the master bit nor the master-only bit.
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
*/
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
if (!(appctx->cli_level & ACCESS_MCLI_DEBUG) &&
((appctx->cli_level & ~kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)) ==
(ACCESS_MASTER_ONLY|ACCESS_MASTER)))
MINOR: cli: test the appctx level for master access instead of comparing pointers Now that the appctx contains the master level, it greatly simplifies all the tests, as we can simply verify that keyword levels match the effective level without having to cheat with applet pointers. This also allows to fold the expert test in them.
2021-03-12 09:20:39 -05:00
continue;
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
for (idx = 0; idx < length; idx++) {
if (!kw->str_kw[idx])
break; // end of keyword
if (!args || !args[idx] || !*args[idx])
break; // end of command line
if (strcmp(kw->str_kw[idx], args[idx]) != 0)
break;
}
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
if (kw->usage && idx == length && help_entries < CLI_MAX_HELP_ENTRIES)
entries[help_entries++] = kw;
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
}
}
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
MINOR: cli: sort the output of the "help" keywords It's still very difficult to find all commands starting with a given keyword like "set", "show" etc. Let's sort the lines by usage message, this is much more convenient.
2021-05-09 15:45:29 -04:00
qsort(entries, help_entries, sizeof(*entries), cmp_kw_entries);
for (idx = 0; idx < help_entries; idx++)
chunk_appendf(tmp, " %s\n", entries[idx]->usage);
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
/* always show the prompt/help/quit commands */
chunk_strcat(tmp,
MINOR: cli: make "help" support a command in argument With ~100 commands on the CLI, it's particularly difficult to find a specific one in the "help" output. The function used to display the help already supports filtering on certain commands, so in the end it's just needed to pass the argument of the help command to enable the automatic filtering. That's what this patch does so that "help clear" only lists commands starting with "clear" and that "help map" lists commands containing "map" in them.
2021-05-09 14:59:23 -04:00
" help [<command>] : list matching or all commands\n"
MINOR: cli: add an option to display the uptime in the CLI's prompt Entering "prompt timed" toggles reporting of the process' uptime in the prompt, which will report days, hours, minutes and seconds since it was started. As discussed with Tim in issue #2145, this can be convenient to roughly estimate the time between two outputs, as well as detecting that a process failed to be reloaded for example.
2023-05-04 08:22:36 -04:00
" prompt [timed] : toggle interactive mode with prompt\n"
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
" quit : disconnect\n");
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
chunk_init(&out, NULL, 0);
chunk_dup(&out, tmp);
MEDIUM: chunks: make the chunk struct's fields match the buffer struct Chunks are only a subset of a buffer (a non-wrapping version with no head offset). Despite this we still carry a lot of duplicated code between buffers and chunks. Replacing chunks with buffers would significantly reduce the maintenance efforts. This first patch renames the chunk's fields to match the name and types used by struct buffers, with the goal of isolating the code changes from the declaration changes. Most of the changes were made with spatch using this coccinelle script : @rule_d1@ typedef chunk; struct chunk chunk; @@ - chunk.str + chunk.area @rule_d2@ typedef chunk; struct chunk chunk; @@ - chunk.len + chunk.data @rule_i1@ typedef chunk; struct chunk *chunk; @@ - chunk->str + chunk->area @rule_i2@ typedef chunk; struct chunk *chunk; @@ - chunk->len + chunk->data Some minor updates to 3 http functions had to be performed to take size_t ints instead of ints in order to match the unsigned length here.
2018-07-13 04:54:26 -04:00
dynamic_usage_msg = out.area;
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
cli_msg(appctx, LOG_INFO, dynamic_usage_msg);
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
return dynamic_usage_msg;
}
struct cli_kw* cli_find_kw(char **args)
{
struct cli_kw_list *kw_list;
struct cli_kw *kw;/* current cli_kw */
char **tmp_args;
const char **tmp_str_kw;
int found = 0;
if (LIST_ISEMPTY(&cli_keywords.list))
return NULL;
list_for_each_entry(kw_list, &cli_keywords.list, list) {
kw = &kw_list->kw[0];
while (*kw->str_kw) {
tmp_args = args;
tmp_str_kw = kw->str_kw;
while (*tmp_str_kw) {
if (strcmp(*tmp_str_kw, *tmp_args) == 0) {
found = 1;
} else {
found = 0;
break;
}
tmp_args++;
tmp_str_kw++;
}
if (found)
return (kw);
kw++;
}
}
return NULL;
}
MINOR: cli: add a function to look up a CLI service description This function will be useful to check if the keyword is already registered. Also add a define for the max number of args. This will be needed by a next patch to fix a bug and will have to be backported.
2020-11-28 14:10:08 -05:00
struct cli_kw* cli_find_kw_exact(char **args)
{
struct cli_kw_list *kw_list;
int found = 0;
int i;
int j;
if (LIST_ISEMPTY(&cli_keywords.list))
return NULL;
list_for_each_entry(kw_list, &cli_keywords.list, list) {
for (i = 0; kw_list->kw[i].str_kw[0]; i++) {
found = 1;
for (j = 0; j < CLI_PREFIX_KW_NB; j++) {
if (args[j] == NULL && kw_list->kw[i].str_kw[j] == NULL) {
break;
}
if (args[j] == NULL || kw_list->kw[i].str_kw[j] == NULL) {
found = 0;
break;
}
if (strcmp(args[j], kw_list->kw[i].str_kw[j]) != 0) {
found = 0;
break;
}
}
if (found)
return &kw_list->kw[i];
}
}
return NULL;
}
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
void cli_register_kw(struct cli_kw_list *kw_list)
{
CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion The current "ADD" vs "ADDQ" is confusing because when thinking in terms of appending at the end of a list, "ADD" naturally comes to mind, but here it does the opposite, it inserts. Several times already it's been incorrectly used where ADDQ was expected, the latest of which was a fortunate accident explained in 6fa922562 ("CLEANUP: stream: explain why we queue the stream at the head of the server list"). Let's use more explicit (but slightly longer) names now: LIST_ADD -> LIST_INSERT LIST_ADDQ -> LIST_APPEND LIST_ADDED -> LIST_INLIST LIST_DEL -> LIST_DELETE The same is true for MT_LISTs, including their "TRY" variant. LIST_DEL_INIT keeps its short name to encourage to use it instead of the lazier LIST_DELETE which is often less safe. The change is large (~674 non-comment entries) but is mechanical enough to remain safe. No permutation was performed, so any out-of-tree code can easily map older names to new ones. The list doc was updated.
2021-04-21 01:32:39 -04:00
LIST_APPEND(&cli_keywords.list, &kw_list->list);
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
}
MINOR: cli: add a new keyword dump function New function cli_list_keywords() scans the list of registered CLI keywords and dumps them on stdout. It's now called from dump_registered_keywords() for the class "cli". Some keywords are valid for the master, they'll be suffixed with "[MASTER]". Others are valid for the worker, they'll have "[WORKER]". Those accessible only in expert mode will show "[EXPERT]" and the experimental ones will show "[EXPERIM]".
2022-03-29 09:25:30 -04:00
/* list all known keywords on stdout, one per line */
void cli_list_keywords(void)
{
struct cli_kw_list *kw_list;
MINOR: cli: alphanumerically sort the dump of supported commands Like for previous keyword classes, we're sorting the output. But this time as it's not trivial to do it with multiple words, instead we're proceeding like the help command, we sort them on their usage message when present, and fall back to the first word of the command when there is no usage message (e.g. "help" command).
2022-03-30 06:02:35 -04:00
struct cli_kw *kwp, *kwn, *kw;
MINOR: cli: add a new keyword dump function New function cli_list_keywords() scans the list of registered CLI keywords and dumps them on stdout. It's now called from dump_registered_keywords() for the class "cli". Some keywords are valid for the master, they'll be suffixed with "[MASTER]". Others are valid for the worker, they'll have "[WORKER]". Those accessible only in expert mode will show "[EXPERT]" and the experimental ones will show "[EXPERIM]".
2022-03-29 09:25:30 -04:00
int idx;
MINOR: cli: alphanumerically sort the dump of supported commands Like for previous keyword classes, we're sorting the output. But this time as it's not trivial to do it with multiple words, instead we're proceeding like the help command, we sort them on their usage message when present, and fall back to the first word of the command when there is no usage message (e.g. "help" command).
2022-03-30 06:02:35 -04:00
for (kwn = kwp = NULL;; kwp = kwn) {
list_for_each_entry(kw_list, &cli_keywords.list, list) {
/* note: we sort based on the usage message when available,
* otherwise we fall back to the first keyword.
*/
for (kw = &kw_list->kw[0]; kw->str_kw[0]; kw++) {
if (strordered(kwp ? kwp->usage ? kwp->usage : kwp->str_kw[0] : NULL,
kw->usage ? kw->usage : kw->str_kw[0],
kwn != kwp ? kwn->usage ? kwn->usage : kwn->str_kw[0] : NULL))
kwn = kw;
MINOR: cli: add a new keyword dump function New function cli_list_keywords() scans the list of registered CLI keywords and dumps them on stdout. It's now called from dump_registered_keywords() for the class "cli". Some keywords are valid for the master, they'll be suffixed with "[MASTER]". Others are valid for the worker, they'll have "[WORKER]". Those accessible only in expert mode will show "[EXPERT]" and the experimental ones will show "[EXPERIM]".
2022-03-29 09:25:30 -04:00
}
}
MINOR: cli: alphanumerically sort the dump of supported commands Like for previous keyword classes, we're sorting the output. But this time as it's not trivial to do it with multiple words, instead we're proceeding like the help command, we sort them on their usage message when present, and fall back to the first word of the command when there is no usage message (e.g. "help" command).
2022-03-30 06:02:35 -04:00
if (kwn == kwp)
break;
for (idx = 0; kwn->str_kw[idx]; idx++) {
printf("%s ", kwn->str_kw[idx]);
}
if (kwn->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER))
printf("[MASTER] ");
if (!(kwn->level & ACCESS_MASTER_ONLY))
printf("[WORKER] ");
if (kwn->level & ACCESS_EXPERT)
printf("[EXPERT] ");
if (kwn->level & ACCESS_EXPERIMENTAL)
printf("[EXPERIM] ");
printf("\n");
MINOR: cli: add a new keyword dump function New function cli_list_keywords() scans the list of registered CLI keywords and dumps them on stdout. It's now called from dump_registered_keywords() for the class "cli". Some keywords are valid for the master, they'll be suffixed with "[MASTER]". Others are valid for the worker, they'll have "[WORKER]". Those accessible only in expert mode will show "[EXPERT]" and the experimental ones will show "[EXPERIM]".
2022-03-29 09:25:30 -04:00
}
}
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
/* allocate a new stats frontend named <name>, and return it
* (or NULL in case of lack of memory).
*/
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
static struct proxy *cli_alloc_fe(const char *name, const char *file, int line)
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
{
struct proxy *fe;
CLEANUP: uniformize last argument of malloc/calloc Instead of repeating the type of the LHS argument (sizeof(struct ...)) in calls to malloc/calloc, we directly use the pointer name (sizeof(*...)). The following Coccinelle patch was used: @@ type T; T *x; @@ x = malloc( - sizeof(T) + sizeof(*x) ) @@ type T; T *x; @@ x = calloc(1, - sizeof(T) + sizeof(*x) ) When the LHS is not just a variable name, no change is made. Moreover, the following patch was used to ensure that "1" is consistently used as a first argument of calloc, not the last one: @@ @@ calloc( + 1, ... - ,1 )
2016-04-03 07:48:43 -04:00
fe = calloc(1, sizeof(*fe));
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
if (!fe)
return NULL;
[BUG] proxy: stats frontend and peers were missing many initializers This was revealed with one of the very latest patches which caused the listener_queue not to be initialized on the stats socket frontend. And in fact a number of other ones were missing too. This is getting so boring that now we'll always make use of the same function to initialize any proxy. Doing so has even saved about 500 bytes on the binary due to the avoided code redundancy. No backport is needed.
2011-07-28 19:49:03 -04:00
init_new_proxy(fe);
MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" Rename the global variable "proxy" to "proxies_list". There's been multiple proxies in haproxy for quite some time, and "proxy" is a potential source of bugs, a number of functions have a "proxy" argument, and some code used "proxy" when it really meant "px" or "curproxy". It worked by pure luck, because it usually happened while parsing the config, and thus "proxy" pointed to the currently parsed proxy, but we should probably not rely on this. [wt: some of these are definitely fixes that are worth backporting]
2017-11-24 10:54:05 -05:00
fe->next = proxies_list;
proxies_list = fe;
MINOR: counters: move last_change into counters struct last_change was a member present in both proxy and server struct. It is used as an age statistics to report the last update of the object. Move last_change into fe_counters/be_counters. This is necessary to be able to manipulate it through generic stat column and report it into stats-file. Note that there is a change for proxy structure with now 2 different last_change values, on frontend and backend side. Special care was taken to ensure that the value is initialized only on the proxy side. The other value is set to 0 unless a listen proxy is instantiated. For the moment, only backend counter is reported in stats. However, with now two distinct values, stats could be extended to report it on both side.
2024-04-30 06:04:57 -04:00
fe->fe_counters.last_change = ns_to_sec(now_ns);
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
fe->id = strdup("GLOBAL");
MINOR: cli: delare the CLI frontend as an internal proxy Declare the CLI frontend as an internal proxy so we can check the PR_CAP_INT flag instead of the global.fe_cli pointer for generic use cases.
2021-08-13 09:31:33 -04:00
fe->cap = PR_CAP_FE|PR_CAP_INT;
[MEDIUM] stats: disable complex socket reservation for stats socket The way the unix socket is initialized is awkward. Some of the settings are put in the sockets itself, other ones in the backend. And more importantly the global.maxsock value is adjusted so that the stats socket evades the global maxconn value. This complexifies maxsock computations for nothing, since the stats socket is not supposed to receive hundreds of concurrent connections when the global maxconn is very low. What is needed however is to ensure that there are always connections left for the stats socket even when traffic sockets are saturated, but this guarantee is not offered anymore by current code. So as of now, the stats socket is subject to the global maxconn limitation just as any other socket until a reservation mechanism is implemented.
2011-09-07 06:13:34 -04:00
fe->maxconn = 10; /* default to 10 concurrent connections */
fe->timeout.client = MS_TO_TICKS(10000); /* default timeout of 10 seconds */
BUG/MINOR: proxy: also make the cli and resolvers use the global name As detected by ASAN on the CI, two places still using strdup() on the proxy names were left by commit b325453c3 ("MINOR: proxy: use the global file names for conf->file"). No backport is needed.
2024-09-21 14:08:06 -04:00
fe->conf.file = copy_file_name(file);
MINOR: stats: fill the file and line numbers in the stats frontend The stats frontend struct has config file and line which were not set. They're not used right now but better fill them correctly anyway.
2012-09-18 14:05:00 -04:00
fe->conf.line = line;
MEDIUM: stats: use frontend_accept() as the accept function We don't need to use our dedicated function anymore, so stats_accept() was removed.
2015-03-13 11:14:57 -04:00
fe->accept = frontend_accept;
MINOR: proxy: store the default target into the frontend's configuration Some services such as peers and CLI pre-set the target applet immediately during accept(), and for this reason they're forced to have a dedicated accept() function which does not even properly follow everything the regular one does (eg: sndbuf/rcvbuf/linger/nodelay are not set, etc). Let's store the default target when known into the frontend's config so that it's session_accept() which automatically sets it.
2015-03-13 10:55:16 -04:00
fe->default_target = &cli_applet.obj_type;
MEDIUM: proxy: add the global frontend to the list of normal proxies Since recent changes on the global frontend, it was not possible anymore to soft-reload a process which had a stats socket because the socket would not be disabled upon reload. The only solution to this endless madness is to have the global frontend part of normal proxies. Since we don't want to get an ID that shifts all other proxies and causes trouble in deployed environments, we assign it ID #0 which other proxies can't grab, and we don't report it in the stats pages.
2012-10-04 02:47:34 -04:00
/* the stats frontend is the only one able to assign ID #0 */
fe->conf.id.key = fe->uuid = 0;
eb32_insert(&used_proxy_id, &fe->conf.id);
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
return fe;
}
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
/* This function parses a "stats" statement in the "global" section. It returns
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
* -1 if there is any error, otherwise zero. If it returns -1, it will write an
* error message into the <err> buffer which will be preallocated. The trailing
* '\n' must not be written. The function must be called with <args> pointing to
* the first word after "stats".
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
*/
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
static int cli_parse_global(char **args, int section_type, struct proxy *curpx,
const struct proxy *defpx, const char *file, int line,
char **err)
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
{
MAJOR: listeners: use dual-linked lists to chain listeners with frontends Navigating through listeners was very inconvenient and error-prone. Not to mention that listeners were linked in reverse order and reverted afterwards. In order to definitely get rid of these issues, we now do the following : - frontends have a dual-linked list of bind_conf - frontends have a dual-linked list of listeners - bind_conf have a dual-linked list of listeners - listeners have a pointer to their bind_conf This way we can now navigate from anywhere to anywhere and always find the proper bind_conf for a given listener, as well as find the list of listeners for a current bind_conf.
2012-09-20 10:48:07 -04:00
struct bind_conf *bind_conf;
MEDIUM: stats: remove the stats_sock struct from the global struct Now the stats socket is allocated when the 'stats socket' line is parsed, and assigned using the standard str2listener(). This has two effects : - more than one stats socket can now be declared - stats socket now support protocols other than UNIX The next step is to remove the duplicate bind config parsing.
2012-09-20 14:19:28 -04:00
struct listener *l;
MAJOR: listeners: use dual-linked lists to chain listeners with frontends Navigating through listeners was very inconvenient and error-prone. Not to mention that listeners were linked in reverse order and reverted afterwards. In order to definitely get rid of these issues, we now do the following : - frontends have a dual-linked list of bind_conf - frontends have a dual-linked list of listeners - bind_conf have a dual-linked list of listeners - listeners have a pointer to their bind_conf This way we can now navigate from anywhere to anywhere and always find the proper bind_conf for a given listener, as well as find the list of listeners for a current bind_conf.
2012-09-20 10:48:07 -04:00
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(args[1], "socket") == 0) {
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
int cur_arg;
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
if (*args[2] == 0) {
MEDIUM: stats: remove the stats_sock struct from the global struct Now the stats socket is allocated when the 'stats socket' line is parsed, and assigned using the standard str2listener(). This has two effects : - more than one stats socket can now be declared - stats socket now support protocols other than UNIX The next step is to remove the duplicate bind config parsing.
2012-09-20 14:19:28 -04:00
memprintf(err, "'%s %s' in global section expects an address or a path to a UNIX socket", args[0], args[1]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
return -1;
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!global.cli_fe) {
if ((global.cli_fe = cli_alloc_fe("GLOBAL", file, line)) == NULL) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
[MEDIUM] make the global stats socket part of a frontend Creating a frontend for the global stats socket will help merge unix sockets management with the other socket management. Since frontends are huge structs, we only allocate it if required.
2009-08-16 11:41:45 -04:00
return -1;
}
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
bind_conf = bind_conf_alloc(global.cli_fe, file, line, args[2], xprt_get(XPRT_RAW));
BUG/MINOR: listener: Handle allocation error when allocating a new bind_conf Allocation error are now handled in bind_conf_alloc() functions. Thus callers, when not already done, are also updated to catch NULL return value. This patch may be backported (at least partially) to all stable versions. However, it only fix errors durung configuration parsing. Thus it is not mandatory.
2021-04-12 10:56:37 -04:00
if (!bind_conf) {
memprintf(err, "'%s %s' : out of memory trying to allocate a bind_conf", args[0], args[1]);
return -1;
}
MINOR: cli: add ACCESS_LVL_MASK to store the access level The current level variable use only 2 bits for storing the 3 access level (user, oper and admin). This patch add a bitmask which allows to use the remaining bits for other usage.
2017-05-23 18:57:40 -04:00
bind_conf->level &= ~ACCESS_LVL_MASK;
bind_conf->level |= ACCESS_LVL_OPER; /* default access level */
MAJOR: listeners: use dual-linked lists to chain listeners with frontends Navigating through listeners was very inconvenient and error-prone. Not to mention that listeners were linked in reverse order and reverted afterwards. In order to definitely get rid of these issues, we now do the following : - frontends have a dual-linked list of bind_conf - frontends have a dual-linked list of listeners - bind_conf have a dual-linked list of listeners - listeners have a pointer to their bind_conf This way we can now navigate from anywhere to anywhere and always find the proper bind_conf for a given listener, as well as find the list of listeners for a current bind_conf.
2012-09-20 10:48:07 -04:00
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!str2listener(args[2], global.cli_fe, bind_conf, file, line, err)) {
MEDIUM: stats: remove the stats_sock struct from the global struct Now the stats socket is allocated when the 'stats socket' line is parsed, and assigned using the standard str2listener(). This has two effects : - more than one stats socket can now be declared - stats socket now support protocols other than UNIX The next step is to remove the duplicate bind config parsing.
2012-09-20 14:19:28 -04:00
memprintf(err, "parsing [%s:%d] : '%s %s' : %s\n",
file, line, args[0], args[1], err && *err ? *err : "error");
return -1;
}
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
cur_arg = 3;
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
while (*args[cur_arg]) {
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
struct bind_kw *kw;
MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords Just like with the server keywords, now's the turn of "bind" keywords. The difference is that 100% of the bind keywords are registered, thus we do not need the list of extra keywords. There are multiple bind line parsers today, all were updated: - peers - log - dgram-bind - cli $ printf "listen f\nbind :8000 tcut\n" | ./haproxy -c -f /dev/stdin [NOTICE] 070/101358 (25146) : haproxy version is 2.4-dev11-7b8787-26 [NOTICE] 070/101358 (25146) : path to executable is ./haproxy [ALERT] 070/101358 (25146) : parsing [/dev/stdin:2] : 'bind :8000' unknown keyword 'tcut'; did you mean 'tcp-ut' maybe ? [ALERT] 070/101358 (25146) : Error(s) found in configuration file : /dev/stdin [ALERT] 070/101358 (25146) : Fatal errors found in configuration.
2021-03-12 04:14:07 -05:00
const char *best;
BUG/MEDIUM: cli: make sure we can report a warning from a bind keyword Since recent 2.5 commit c8cac04bd ("MEDIUM: listener: deprecate "process" in favor of "thread" on bind lines"), the "process" bind keyword may report a warning. However some parts like the "stats socket" parser will call such bind keywords and do not expect to face warnings, so this will instantly cause a fatal error to be reported. A concrete effect is that "stats socket ... process 1" will hard-fail indicating the keyword is deprecated and will be removed in 2.7. We must relax this test, but the code isn't designed to report warnings, it uses a single string and only supports reporting an error code (-1). This patch makes a special case of the ERR_WARN code and uses ha_warning() to report it, and keeps the rest of the existing error code for other non-warning codes. Now "process" on the "stats socket" is properly reported as a warning. No backport is needed.
2021-11-20 14:10:41 -05:00
int code;
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
kw = bind_find_kw(args[cur_arg]);
if (kw) {
if (!kw->parse) {
memprintf(err, "'%s %s' : '%s' option is not implemented in this version (check build options).",
args[0], args[1], args[cur_arg]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
return -1;
}
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
BUG/MEDIUM: cli: make sure we can report a warning from a bind keyword Since recent 2.5 commit c8cac04bd ("MEDIUM: listener: deprecate "process" in favor of "thread" on bind lines"), the "process" bind keyword may report a warning. However some parts like the "stats socket" parser will call such bind keywords and do not expect to face warnings, so this will instantly cause a fatal error to be reported. A concrete effect is that "stats socket ... process 1" will hard-fail indicating the keyword is deprecated and will be removed in 2.7. We must relax this test, but the code isn't designed to report warnings, it uses a single string and only supports reporting an error code (-1). This patch makes a special case of the ERR_WARN code and uses ha_warning() to report it, and keeps the rest of the existing error code for other non-warning codes. Now "process" on the "stats socket" is properly reported as a warning. No backport is needed.
2021-11-20 14:10:41 -05:00
code = kw->parse(args, cur_arg, global.cli_fe, bind_conf, err);
/* FIXME: this is ugly, we don't have a way to collect warnings,
* yet some important bind keywords may report warnings that we
* must display.
*/
if (((code & (ERR_WARN|ERR_FATAL|ERR_ALERT)) == ERR_WARN) && err && *err) {
indent_msg(err, 2);
ha_warning("parsing [%s:%d] : '%s %s' : %s\n", file, line, args[0], args[1], *err);
ha_free(err);
}
if (code & ~ERR_WARN) {
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
if (err && *err)
memprintf(err, "'%s %s' : '%s'", args[0], args[1], *err);
else
memprintf(err, "'%s %s' : error encountered while processing '%s'",
args[0], args[1], args[cur_arg]);
[MEDIUM] add access restrictions to the stats socket The stats socket can now run at 3 different levels : - user - operator (default one) - admin These levels are used to restrict access to some information and commands. Only the admin can clear all stats. A user cannot clear anything nor access sensible data such as sessions or errors.
2009-10-10 11:13:00 -04:00
return -1;
}
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
cur_arg += 1 + kw->skip;
continue;
[MEDIUM] add access restrictions to the stats socket The stats socket can now run at 3 different levels : - user - operator (default one) - admin These levels are used to restrict access to some information and commands. Only the admin can clear all stats. A user cannot clear anything nor access sensible data such as sessions or errors.
2009-10-10 11:13:00 -04:00
}
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords Just like with the server keywords, now's the turn of "bind" keywords. The difference is that 100% of the bind keywords are registered, thus we do not need the list of extra keywords. There are multiple bind line parsers today, all were updated: - peers - log - dgram-bind - cli $ printf "listen f\nbind :8000 tcut\n" | ./haproxy -c -f /dev/stdin [NOTICE] 070/101358 (25146) : haproxy version is 2.4-dev11-7b8787-26 [NOTICE] 070/101358 (25146) : path to executable is ./haproxy [ALERT] 070/101358 (25146) : parsing [/dev/stdin:2] : 'bind :8000' unknown keyword 'tcut'; did you mean 'tcp-ut' maybe ? [ALERT] 070/101358 (25146) : Error(s) found in configuration file : /dev/stdin [ALERT] 070/101358 (25146) : Fatal errors found in configuration.
2021-03-12 04:14:07 -05:00
best = bind_find_best_kw(args[cur_arg]);
if (best)
memprintf(err, "'%s %s' : unknown keyword '%s'. Did you mean '%s' maybe ?",
args[0], args[1], args[cur_arg], best);
else
memprintf(err, "'%s %s' : unknown keyword '%s'.",
args[0], args[1], args[cur_arg]);
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
return -1;
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
}
[MAJOR] make unix sockets work again with stats The unix protocol handler had not been updated during the last stream_sock changes. This has been done now. There is still a lot of duplicated code between session.c and proto_uxst.c due to the way the session is handled. Session.c relies on the existence of a frontend while it does not exist here. It is easier to see the difference between the stats part (placed in dumpstats.c) and the unix-stream part (in proto_uxst.c). The hijacking function still needs to be dynamically set into the response buffer, and some cleanup is still required, then all those changes should be forward-ported to the HTTP part. Adding support for new keywords should not cause trouble now.
2008-12-07 10:06:43 -05:00
MINOR: listener: move the ->accept callback to the bind_conf The accept callback directly derives from the upper layer, generally it's session_accept_fd(). As such it's also defined per bind line so it makes sense to move it there.
2023-01-12 13:10:17 -05:00
bind_conf->accept = session_accept_fd;
MINOR: listener: move the nice field to the bind_conf This is another bind line setting which can move to the bind_conf. Note that it leaves a 2-byte hole in the listener struct.
2023-01-12 13:32:45 -05:00
bind_conf->nice = -64; /* we want to boost priority for local stats */
MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf These two flags are entirely for internal use and are even per proxy in practice since they're used for peers and CLI to indicate (for the first one) that the listener(s) are not subject to connection limits, and for the second that the listener(s) should not be stopped on soft-stop. No need to keep them in the listeners, let's move them to the bind_conf under names BC_O_UNLIMITED and BC_O_NOSTOP.
2023-01-12 13:58:42 -05:00
bind_conf->options |= BC_O_UNLIMITED; /* don't make the peers subject to global limits */
MINOR: listener: remove the useless ->default_target field This field is used by stream_new() to optionally set the applet the stream will connect to for simple proxies like the CLI for example. But it has never been configurable to anything and is always strictly equal to the frontend's ->default_target. Let's just drop it and make stream_new() only use the frontend's. It makes more sense anyway as we don't want the proxy to work differently based on the "bind" line. This idea was brought in 1.6 hoping that the h2 implementation would use applets for decoding (which was dropped after the very first attempt in 1.8).
2023-01-12 13:18:34 -05:00
MEDIUM: stats: remove the stats_sock struct from the global struct Now the stats socket is allocated when the 'stats socket' line is parsed, and assigned using the standard str2listener(). This has two effects : - more than one stats socket can now be declared - stats socket now support protocols other than UNIX The next step is to remove the duplicate bind config parsing.
2012-09-20 14:19:28 -04:00
list_for_each_entry(l, &bind_conf->listeners, by_bind) {
BUG/MINOR: config: don't over-count the global maxsock value global.maxsock used to be augmented by the frontend's maxconn value for each frontend listener, which is absurd when there are many listeners in a frontend because the frontend's maxconn fixes an upper limit to how many connections will be accepted on all of its listeners anyway. What is needed instead is to add one to count the listening socket. In addition, the CLI's and peers' value was incremented twice, the first time when creating the listener and the second time in the main init code. Let's now make sure we only increment global.maxsock by the required amount of sockets. This means not adding maxconn for each listener, and relying on the global values when they are correct.
2019-02-27 10:25:28 -05:00
global.maxsock++; /* for the listening socket */
MEDIUM: stats: remove the stats_sock struct from the global struct Now the stats socket is allocated when the 'stats socket' line is parsed, and assigned using the standard str2listener(). This has two effects : - more than one stats socket can now be declared - stats socket now support protocols other than UNIX The next step is to remove the duplicate bind config parsing.
2012-09-20 14:19:28 -04:00
}
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
else if (strcmp(args[1], "timeout") == 0) {
[MEDIUM] add support for time units in the configuration It is not always handy to manipulate large values exprimed in milliseconds for timeouts. Also, some values are entered in seconds (such as the stats refresh interval). This patch adds support for time units. It knows about 'us', 'ms', 's', 'm', 'h', and 'd'. It automatically converts each value into the caller's expected unit. Unit-less values are still passed unchanged. The unit must be passed as a suffix to the number. For instance: clitimeout 15m If any character is not understood, an error is returned.
2007-12-02 16:15:14 -05:00
unsigned timeout;
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
const char *res = parse_time_err(args[2], &timeout, TIME_UNIT_MS);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
MEDIUM: tools: improve time format error detection As reported in GH issue #109 and in discourse issue https://discourse.haproxy.org/t/haproxy-returns-408-or-504-error-when-timeout-client-value-is-every-25d the time parser doesn't error on overflows nor underflows. This is a recurring problem which additionally has the bad taste of taking a long time before hitting the user. This patch makes parse_time_err() return special error codes for overflows and underflows, and adds the control in the call places to report suitable errors depending on the requested unit. In practice, underflows are almost never returned as the parsing function takes care of rounding values up, so this might possibly happen on 64-bit overflows returning exactly zero after rounding though. It is not really possible to cut the patch into pieces as it changes the function's API, hence all callers. Tests were run on about every relevant part (cookie maxlife/maxidle, server inter, stats timeout, timeout*, cli's set timeout command, tcp-request/response inspect-delay).
2019-06-07 13:00:37 -04:00
if (res == PARSE_TIME_OVER) {
memprintf(err, "timer overflow in argument '%s' to '%s %s' (maximum value is 2147483647 ms or ~24.8 days)",
args[2], args[0], args[1]);
return -1;
}
else if (res == PARSE_TIME_UNDER) {
memprintf(err, "timer underflow in argument '%s' to '%s %s' (minimum non-null value is 1 ms)",
args[2], args[0], args[1]);
return -1;
}
else if (res) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' : unexpected character '%c'", args[0], args[1], *res);
[MEDIUM] add support for time units in the configuration It is not always handy to manipulate large values exprimed in milliseconds for timeouts. Also, some values are entered in seconds (such as the stats refresh interval). This patch adds support for time units. It knows about 'us', 'ms', 's', 'm', 'h', and 'd'. It automatically converts each value into the caller's expected unit. Unit-less values are still passed unchanged. The unit must be passed as a suffix to the number. For instance: clitimeout 15m If any character is not understood, an error is returned.
2007-12-02 16:15:14 -05:00
return -1;
}
if (!timeout) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
return -1;
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!global.cli_fe) {
if ((global.cli_fe = cli_alloc_fe("GLOBAL", file, line)) == NULL) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
[BUG] stats: global stats timeout may be specified before stats socket. If the global stats timeout statement was found before the stats socket (or without), the parser would crash because the stats frontend was not initialized. Now we have an allocation function which solves the issue. This bug was introduced with 1.4 so it does not need backporting. (was commit 1c5819d2498ae3643c3880507847f948a53d2773 in 1.4)
2010-08-17 15:48:17 -04:00
return -1;
}
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
global.cli_fe->timeout.client = MS_TO_TICKS(timeout);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
else if (strcmp(args[1], "maxconn") == 0) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
int maxconn = atol(args[2]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
if (maxconn <= 0) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' expects a positive value", args[0], args[1]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
return -1;
}
[MEDIUM] stats: disable complex socket reservation for stats socket The way the unix socket is initialized is awkward. Some of the settings are put in the sockets itself, other ones in the backend. And more importantly the global.maxsock value is adjusted so that the stats socket evades the global maxconn value. This complexifies maxsock computations for nothing, since the stats socket is not supposed to receive hundreds of concurrent connections when the global maxconn is very low. What is needed however is to ensure that there are always connections left for the stats socket even when traffic sockets are saturated, but this guarantee is not offered anymore by current code. So as of now, the stats socket is subject to the global maxconn limitation just as any other socket until a reservation mechanism is implemented.
2011-09-07 06:13:34 -04:00
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!global.cli_fe) {
if ((global.cli_fe = cli_alloc_fe("GLOBAL", file, line)) == NULL) {
MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords All keywords registered using a cfg_kw_list now make use of the new error reporting framework. This allows easier and more precise error reporting without having to deal with complex buffer allocation issues.
2012-05-08 13:47:01 -04:00
memprintf(err, "'%s %s' : out of memory trying to allocate a frontend", args[0], args[1]);
[MEDIUM] stats: disable complex socket reservation for stats socket The way the unix socket is initialized is awkward. Some of the settings are put in the sockets itself, other ones in the backend. And more importantly the global.maxsock value is adjusted so that the stats socket evades the global maxconn value. This complexifies maxsock computations for nothing, since the stats socket is not supposed to receive hundreds of concurrent connections when the global maxconn is very low. What is needed however is to ensure that there are always connections left for the stats socket even when traffic sockets are saturated, but this guarantee is not offered anymore by current code. So as of now, the stats socket is subject to the global maxconn limitation just as any other socket until a reservation mechanism is implemented.
2011-09-07 06:13:34 -04:00
return -1;
}
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
global.cli_fe->maxconn = maxconn;
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
}
MEDIUM: config: remove deprecated "bind-process" directives from frontends This was already causing a deprecation warning and was marked for removal in 2.7, now it happens. An error message indicates this doesn't exist anymore.
2022-07-15 11:14:40 -04:00
else if (strcmp(args[1], "bind-process") == 0) {
BUG/MINOR: cli: clarify error message about stats bind-process In 2.7-dev2, "stats bind-process" was removed by commit 94f763b5e ("MEDIUM: config: remove deprecated "bind-process" directives from frontends") and an error message indicates that it's no more supported. However it says "stats" is not supported instead of "stats bind-process", making it a bit confusing. This should be backported to 2.7.
2023-04-23 03:40:56 -04:00
memprintf(err, "'%s %s' is not supported anymore.", args[0], args[1]);
MEDIUM: config: remove deprecated "bind-process" directives from frontends This was already causing a deprecation warning and was marked for removal in 2.7, now it happens. An error message indicates this doesn't exist anymore.
2022-07-15 11:14:40 -04:00
return -1;
MEDIUM: cli: allow the stats socket to be bound to a specific set of processes Using "stats bind-process", it becomes possible to indicate to haproxy which process will get the incoming connections to the stats socket. It will also shut down the warning when nbproc > 1.
2012-10-22 17:17:18 -04:00
}
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
else {
MEDIUM: cli: allow the stats socket to be bound to a specific set of processes Using "stats bind-process", it becomes possible to indicate to haproxy which process will get the incoming connections to the stats socket. It will also shut down the warning when nbproc > 1.
2012-10-22 17:17:18 -04:00
memprintf(err, "'%s' only supports 'socket', 'maxconn', 'bind-process' and 'timeout' (got '%s')", args[0], args[1]);
[MEDIUM] introduce the "stats" keyword in global section Removed old unused MODE_LOG and MODE_STATS, and replaced the "stats" keyword in the global section. The new "stats" keyword in the global section is used to create a UNIX socket on which the statistics will be accessed. The client must issue a "show stat\n" command in order to get a CSV-formated output similar to the output on the HTTP socket in CSV mode.
2007-10-18 07:53:22 -04:00
return -1;
}
return 0;
}
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
/*
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
* This function exports the bound addresses of a <frontend> in the environment
* variable <varname>. Those addresses are separated by semicolons and prefixed
* with their type (abns@, unix@, sockpair@ etc)
* Return -1 upon error, 0 otherwise
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
*/
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
int listeners_setenv(struct proxy *frontend, const char *varname)
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
{
struct buffer *trash = get_trash_chunk();
struct bind_conf *bind_conf;
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
if (frontend) {
list_for_each_entry(bind_conf, &frontend->conf.bind, by_fe) {
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
struct listener *l;
list_for_each_entry(l, &bind_conf->listeners, by_bind) {
char addr[46];
char port[6];
MINOR: protocol: create abnsz socket address family For now it's the same as abns. We'll need to modify sock_unix_addrcmp(), and a few other ones to support effective path length when dealing with the \0. Let's check with Tristan's patch for this (upcoming patch). Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 15:12:23 -04:00
if (l->rx.addr.ss_family == AF_UNIX ||
l->rx.addr.ss_family == AF_CUST_ABNS ||
l->rx.addr.ss_family == AF_CUST_ABNSZ) {
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
const struct sockaddr_un *un;
REORG: listener: move the listening address to a struct receiver The address will be specific to the receiver so let's move it there.
2020-08-27 01:48:42 -04:00
un = (struct sockaddr_un *)&l->rx.addr;
MINOR: protocol: create abnsz socket address family For now it's the same as abns. We'll need to modify sock_unix_addrcmp(), and a few other ones to support effective path length when dealing with the \0. Let's check with Tristan's patch for this (upcoming patch). Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 15:12:23 -04:00
if (l->rx.addr.ss_family == AF_CUST_ABNS ||
l->rx.addr.ss_family == AF_CUST_ABNSZ) {
BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI Before this fix, HAPROXY_CLI and HAPROXY_MASTER_CLI have contained along with CLI sockets addresses internal sockpairs, which are used only for master CLI (reload sockpair and sockpair shared with a worker process). These internal sockpairs are always need to be hidden. At the moment there is no any client, who uses sockpair addresses for the stats listener or in order to connect to master CLI. So, let's simply not copy these internal sockpair addresses of MASTER and GLOBAL proxy listeners. As listeners with sockpairs are skipped and they can be presented in the listeners list in any order, let's add semicolon separator between addresses only in the case, when there are already some string saved in the trash and we are sure, that we are adding a new address to it. Otherwise, we could have such weird output: HAPROXY_MASTER_CLI=unix@/tmp/mcli.sock;; This fix is need to be backported in all stable versions.
2024-11-12 16:43:49 -05:00
chunk_appendf(trash, "%sabns@%s", (trash->data ? ";" : ""), un->sun_path+1);
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
} else {
BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI Before this fix, HAPROXY_CLI and HAPROXY_MASTER_CLI have contained along with CLI sockets addresses internal sockpairs, which are used only for master CLI (reload sockpair and sockpair shared with a worker process). These internal sockpairs are always need to be hidden. At the moment there is no any client, who uses sockpair addresses for the stats listener or in order to connect to master CLI. So, let's simply not copy these internal sockpair addresses of MASTER and GLOBAL proxy listeners. As listeners with sockpairs are skipped and they can be presented in the listeners list in any order, let's add semicolon separator between addresses only in the case, when there are already some string saved in the trash and we are sure, that we are adding a new address to it. Otherwise, we could have such weird output: HAPROXY_MASTER_CLI=unix@/tmp/mcli.sock;; This fix is need to be backported in all stable versions.
2024-11-12 16:43:49 -05:00
chunk_appendf(trash, "%sunix@%s", (trash->data ? ";" : ""), un->sun_path);
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
}
REORG: listener: move the listening address to a struct receiver The address will be specific to the receiver so let's move it there.
2020-08-27 01:48:42 -04:00
} else if (l->rx.addr.ss_family == AF_INET) {
addr_to_str(&l->rx.addr, addr, sizeof(addr));
port_to_str(&l->rx.addr, port, sizeof(port));
BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI Before this fix, HAPROXY_CLI and HAPROXY_MASTER_CLI have contained along with CLI sockets addresses internal sockpairs, which are used only for master CLI (reload sockpair and sockpair shared with a worker process). These internal sockpairs are always need to be hidden. At the moment there is no any client, who uses sockpair addresses for the stats listener or in order to connect to master CLI. So, let's simply not copy these internal sockpair addresses of MASTER and GLOBAL proxy listeners. As listeners with sockpairs are skipped and they can be presented in the listeners list in any order, let's add semicolon separator between addresses only in the case, when there are already some string saved in the trash and we are sure, that we are adding a new address to it. Otherwise, we could have such weird output: HAPROXY_MASTER_CLI=unix@/tmp/mcli.sock;; This fix is need to be backported in all stable versions.
2024-11-12 16:43:49 -05:00
chunk_appendf(trash, "%sipv4@%s:%s", (trash->data ? ";" : ""), addr, port);
REORG: listener: move the listening address to a struct receiver The address will be specific to the receiver so let's move it there.
2020-08-27 01:48:42 -04:00
} else if (l->rx.addr.ss_family == AF_INET6) {
addr_to_str(&l->rx.addr, addr, sizeof(addr));
port_to_str(&l->rx.addr, port, sizeof(port));
BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI Before this fix, HAPROXY_CLI and HAPROXY_MASTER_CLI have contained along with CLI sockets addresses internal sockpairs, which are used only for master CLI (reload sockpair and sockpair shared with a worker process). These internal sockpairs are always need to be hidden. At the moment there is no any client, who uses sockpair addresses for the stats listener or in order to connect to master CLI. So, let's simply not copy these internal sockpair addresses of MASTER and GLOBAL proxy listeners. As listeners with sockpairs are skipped and they can be presented in the listeners list in any order, let's add semicolon separator between addresses only in the case, when there are already some string saved in the trash and we are sure, that we are adding a new address to it. Otherwise, we could have such weird output: HAPROXY_MASTER_CLI=unix@/tmp/mcli.sock;; This fix is need to be backported in all stable versions.
2024-11-12 16:43:49 -05:00
chunk_appendf(trash, "%sipv6@[%s]:%s", (trash->data ? ";" : ""), addr, port);
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
}
BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI Before this fix, HAPROXY_CLI and HAPROXY_MASTER_CLI have contained along with CLI sockets addresses internal sockpairs, which are used only for master CLI (reload sockpair and sockpair shared with a worker process). These internal sockpairs are always need to be hidden. At the moment there is no any client, who uses sockpair addresses for the stats listener or in order to connect to master CLI. So, let's simply not copy these internal sockpair addresses of MASTER and GLOBAL proxy listeners. As listeners with sockpairs are skipped and they can be presented in the listeners list in any order, let's add semicolon separator between addresses only in the case, when there are already some string saved in the trash and we are sure, that we are adding a new address to it. Otherwise, we could have such weird output: HAPROXY_MASTER_CLI=unix@/tmp/mcli.sock;; This fix is need to be backported in all stable versions.
2024-11-12 16:43:49 -05:00
/* AF_CUST_SOCKPAIR is explicitly skipped, we don't want to show reload and shared
* master CLI sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI
*/
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
}
}
trash->area[trash->data++] = '\0';
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
if (setenv(varname, trash->area, 1) < 0)
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
return -1;
}
return 0;
}
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
int cli_socket_setenv()
{
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (listeners_setenv(global.cli_fe, "HAPROXY_CLI") < 0)
MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable It works the same way as the HAPROXY_CLI variable, it exports the listeners addresses separated by semicolons.
2019-04-12 10:09:24 -04:00
return -1;
if (listeners_setenv(mworker_proxy, "HAPROXY_MASTER_CLI") < 0)
return -1;
return 0;
}
MINOR: cli: export HAPROXY_CLI environment variable Export the HAPROXY_CLI environment variable which contains the list of all stats sockets (including the sockpair@) separated by semicolons.
2019-04-01 05:30:06 -04:00
REGISTER_CONFIG_POSTPARSER("cli", cli_socket_setenv);
MINOR: cli: create new function cli_has_level() to validate permissions This function is used to check that the CLI features the appropriate level of permissions or to prepare the adequate error message.
2016-11-23 11:01:39 -05:00
/* Verifies that the CLI at least has a level at least as high as <level>
* (typically ACCESS_LVL_ADMIN). Returns 1 if OK, otherwise 0. In case of
* failure, an error message is prepared and the appctx's state is adjusted
* to print it so that a return 1 is enough to abort any processing.
*/
int cli_has_level(struct appctx *appctx, int level)
{
MEDIUM: cli: store CLI level in the appctx Store and check the level in the appctx in order to allow dynamic permission changes over the CLI.
2018-12-13 03:05:44 -05:00
if ((appctx->cli_level & ACCESS_LVL_MASK) < level) {
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
cli_err(appctx, cli_permission_denied_msg);
MINOR: cli: create new function cli_has_level() to validate permissions This function is used to check that the CLI features the appropriate level of permissions or to prepare the adequate error message.
2016-11-23 11:01:39 -05:00
return 0;
}
return 1;
}
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
/* same as cli_has_level but for the CLI proxy and without error message */
int pcli_has_level(struct stream *s, int level)
{
if ((s->pcli_flags & ACCESS_LVL_MASK) < level) {
return 0;
}
return 1;
}
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
/* Returns severity_output for the current session if set, or default for the socket */
static int cli_get_severity_output(struct appctx *appctx)
{
if (appctx->cli_severity_output)
return appctx->cli_severity_output;
CLEANUP: applet: remove the unneeded appctx->owner This one is the pointer to the conn_stream which is always in the endpoint that is always present in the appctx, thus it's not needed. This patch removes it and replaces it with appctx_cs() instead. A few occurences that were using __cs_strm(appctx->owner) were moved directly to appctx_strm() which does the equivalent.
2022-05-11 08:09:57 -04:00
return strm_li(appctx_strm(appctx))->bind_conf->severity_output;
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
}
[MINOR] stats: report the server warm up status in a "throttle" column A new "throttle" column has been added to HTML and RAW stats to indicate in percent, the level of throttling due to server warmup. The column is empty at 100%.
2007-11-30 12:16:29 -05:00
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
/* Processes the CLI interpreter on the stats socket. This function is called
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
* from the CLI's IO handler running in an appctx context. The function returns
* 1 if the request was understood, otherwise zero (in which case an error
* message will be displayed). It is called with appctx->st0
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
* set to CLI_ST_GETREQ and presets ->st2 to 0 so that parsers don't have to do
* it. It will possilbly leave st0 to CLI_ST_CALLBACK if the keyword needs to
* have its own I/O handler called again. Most of the time, parsers will only
* set st0 to CLI_ST_PRINT and put their message to be displayed into cli.msg.
MINOR: cli: automatically enable a CLI I/O handler when there's no parser Sometimes a registered keyword will not need any specific parsing nor initialization, so it's annoying to have to write an empty parsing function returning zero just for this. This patch makes it possible to automatically call a keyword's I/O handler of when the parsing function is not defined, while still allowing a parser to set the I/O handler itself.
2016-12-16 11:59:25 -05:00
* If a keyword parser is NULL and an I/O handler is declared, the I/O handler
* will automatically be used.
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
*/
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_request(struct appctx *appctx)
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
{
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
char *args[MAX_CLI_ARGS + 1], *p, *end, *payload = NULL;
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
int i = 0;
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
struct cli_kw *kw;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
p = b_head(&appctx->inbuf);
end = b_tail(&appctx->inbuf);
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
/*
* Get pointers on words.
* One extra slot is reserved to store a pointer on a null byte.
*/
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
while (i < MAX_CLI_ARGS && p < end) {
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
int j, k;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
/* skip leading spaces/tabs */
p += strspn(p, " \t");
if (!*p)
break;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
MEDIUM: cli: allow custom pattern for payload The CLI payload syntax has some limitation, it can't handle payloads with empty lines, which is a common problem when uploading a PEM file over the CLI. This patch implements a way to customize the ending pattern of the CLI, so we can't look for other things than empty lines. A char cli_payload_pat[8] is used in the appctx to store the customized pattern. The pattern can't be more than 7 characters and can still empty to match an empty line. The cli_io_handler() identifies the pattern and stores it, and cli_parse_request() identifies the end of the payload. If the customized pattern between "<<" and "\n" is more than 7 characters, it is not considered as a pattern. This patch only implements the parser for the 'stats socket', another patch is needed for the 'master CLI'.
2023-11-27 10:04:20 -05:00
/* first check if the '<<' is present, but this is not enough
* because we don't know if this is the end of the string */
if (strncmp(p, PAYLOAD_PATTERN, strlen(PAYLOAD_PATTERN)) == 0) {
int pat_len = strlen(appctx->cli_payload_pat);
/* then if the customized pattern is empty, check if the next character is '\0' */
if (pat_len == 0 && p[strlen(PAYLOAD_PATTERN)] == '\0') {
payload = p + strlen(PAYLOAD_PATTERN) + 1;
break;
}
/* else if we found the customized pattern at the end of the string */
if (strcmp(p + strlen(PAYLOAD_PATTERN), appctx->cli_payload_pat) == 0) {
payload = p + strlen(PAYLOAD_PATTERN) + pat_len + 1;
break;
}
BUG/MINOR: cli/payload: do not search for args inside payload The CLI's payload parser is over-complicated and as such contains more bugs than needed. One of them is that it uses strstr() to find the ending tag, ignoring spaces before it, while the argument locator creates a new arg on each space, without checking if the end of the word appears past the previously found end. This results in "<<" being considered as the start of a new argument if preceeded by more than one space, and the payload being damaged with a \0 inserted at the first space or tab. Let's make an easily backportable fix for now. This fix makes sure that the trailing zero from the first line is properly kept after '<<' and that the end tag is looked for only as an isolated argument and nothing else. This also gets rid of the unsuitable strstr() call and now makes sure that strcspn() will not return elements that are found in the payload. For the long term the loop must be rewritten to get rid of those unsuitable strcspn() and strstr() calls which work past each other, and the cli_parse_request() function should be split into a tokenizer and an executor that are used from the caller instead of letting the caller play games with what it finds there. This should be backported wherever CLI payload is supported, i.e. 2.0+.
2021-09-17 05:07:45 -04:00
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
args[i] = p;
BUG/MINOR: cli: allow space escaping on the CLI It was not possible to escape spaces over the CLI, making impossible the insertion of new ACL entries with spaces from the CLI. This patch fixes the escaping of spaces over the CLI. It is now possible to launch "add acl agents.acl My\ User\ Agent" over the CLI. Could be backported in all stable branches. Should fix issue #400.
2020-06-08 10:08:06 -04:00
while (1) {
p += strcspn(p, " \t\\");
/* escaped chars using backlashes (\) */
if (*p == '\\') {
if (!*++p)
break;
if (!*++p)
break;
} else {
break;
}
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
*p++ = 0;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
/* unescape backslashes (\) */
for (j = 0, k = 0; args[i][k]; k++) {
if (args[i][k] == '\\') {
if (args[i][k + 1] == '\\')
k++;
BUG/MINOR: cli: allow the backslash to be escaped on the CLI In 1.5-dev20, commit 48bcfda ("MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char") introduced support for backslash on the CLI, but it strips all backslashes in all arguments instead of only unescaping them, making it impossible to pass a backslash in an argument. This will allow us to use a backslash in a command over the socket, eg. "add acl #0 ABC\\XYZ". [wt: this should be backported to 1.7 and 1.6]
2016-11-24 05:33:12 -05:00
else
continue;
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
args[i][j] = args[i][k];
MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char We'll need to pass patterns on the CLI for lookups. Till now there was no need for a backslash, so it's still time to support them just like in the config file.
2013-12-10 12:54:58 -05:00
j++;
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
args[i][j] = 0;
MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char We'll need to pass patterns on the CLI for lookups. Till now there was no need for a backslash, so it's still time to support them just like in the config file.
2013-12-10 12:54:58 -05:00
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
i++;
}
/* fill unused slots */
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
p = b_tail(&appctx->inbuf);
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
for (; i < MAX_CLI_ARGS + 1; i++)
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
args[i] = p;
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
BUG/MINOR: cli: don't complain about empty command on empty lines There's something very irritating on the CLI, when just pressing ENTER, it complains "Unknown command: ''..." and dumps all the help. This action is often done to add a bit of clearance after a dump to visually find delimitors later, but this stupid error makes it unusable. This patch addresses this by just returning on empty command instead of trying to look up a matching keyword. It will result in an empty line to mark the end of the empty command and a prompt again. It's probably not worth backporting this given that nobody seems to have complained about it yet.
2023-05-11 10:32:56 -04:00
if (!**args)
return 0;
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
kw = cli_find_kw(args);
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
if (!kw ||
(kw->level & ~appctx->cli_level & ACCESS_MASTER_ONLY) ||
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
(!(appctx->cli_level & ACCESS_MCLI_DEBUG) &&
(appctx->cli_level & ~kw->level & (ACCESS_MASTER_ONLY|ACCESS_MASTER)) == (ACCESS_MASTER_ONLY|ACCESS_MASTER))) {
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
/* keyword not found in this mode */
MINOR: cli: filter the list of commands to the matching part The error message on the CLI has become unreadable due to the long list and it's not even sorted, making it even harder to figure the right command. This patch starts by looking if some of the words match something known, and if so, will limit the listing only to those commands that start like the current one. The "help", "prompt" and "quit" commands are always shown to help the user try something else. Now thanks to this, typing "add" or "del" will only list "add acl", "add map" and not 50 lines anymore. As a small bonus, we won't print "Unknown command" anymore in response to the "help" command.
2021-03-12 11:13:28 -05:00
cli_gen_usage_msg(appctx, args);
MEDIUM: cli: disable some keywords in the master The master process does not need all the keywords of the cli, add 2 flags to chose which keyword to use. It might be useful to activate some of them in a debug mode later...
2018-10-26 08:47:37 -04:00
return 0;
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
}
MEDIUM: cli: disable some keywords in the master The master process does not need all the keywords of the cli, add 2 flags to chose which keyword to use. It might be useful to activate some of them in a debug mode later...
2018-10-26 08:47:37 -04:00
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
/* don't handle expert mode commands if not in this mode. */
if (kw->level & ~appctx->cli_level & ACCESS_EXPERT) {
cli_err(appctx, "This command is restricted to expert mode only.\n");
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
return 0;
MINOR: cli: print the error message in the parser function itself By doing so we can report more accurate information about what's wrong. As a first step, we already distinguish the case of expert-only commands from other ones.
2021-03-12 09:57:47 -05:00
}
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
if (kw->level & ~appctx->cli_level & ACCESS_EXPERIMENTAL) {
cli_err(appctx, "This command is restricted to experimental mode only.\n");
return 0;
}
MINOR: cli: set tainted when using CLI expert/experimental mode Mark the process as tainted as soon as a command command only accessible in expert or experimental mode is executed.
2021-05-05 10:29:23 -04:00
if (kw->level == ACCESS_EXPERT)
mark_tainted(TAINTED_CLI_EXPERT_MODE);
else if (kw->level == ACCESS_EXPERIMENTAL)
mark_tainted(TAINTED_CLI_EXPERIMENTAL_MODE);
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
appctx->io_handler = kw->io_handler;
BUG/MAJOR: cli: fix custom io_release was crushed by NULL. The io_release could be set into the parsing request handler and must not be crushed. This patch should be backported on mainline branches 1.7 and 1.6
2017-06-29 13:54:13 -04:00
appctx->io_release = kw->io_release;
BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed The io_release() callback of the cli_kw is supposed to be used to clean what an io_handler() has made. It is called once the work in the IO handler is finished, or when the connection was aborted by the client. This patch fixes a bug where the io_release callback was called even when the parse() callback failed. Which means that the io_release() could called even if the io_handler() was not called. Should be backported in every versions that have a cli_kw->release(). (as far as 1.7)
2019-10-25 15:10:14 -04:00
if (kw->parse && kw->parse(args, payload, appctx, kw->private) != 0)
goto fail;
/* kw->parse could set its own io_handler or io_release handler */
if (!appctx->io_handler)
goto fail;
appctx->st0 = CLI_ST_CALLBACK;
return 1;
fail:
appctx->io_handler = NULL;
appctx->io_release = NULL;
CLEANUP: cli: simplify the request parser a little bit stats_sock_parse_request() was renamed cli_parse_request(). It now takes an appctx instead of a stream interface, and presets ->st2 to 0 so that most handlers will not have to set it anymore. The io_handler is set by default to the keyword's IO handler so that the parser can simply change it without having to rewrite the new state.
2016-11-24 10:23:38 -05:00
return 1;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
}
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
/* prepends then outputs the argument msg with a syslog-type severity depending on severity_output value */
MINOR: cli: Use applet API to write output message Instead of using the channel API to to write output message from the CLI applet, we use the applet API. This way, the applet does not need to take care to request more room it it fails to put its message into the channel's buffer.
2023-05-05 04:56:00 -04:00
static int cli_output_msg(struct appctx *appctx, const char *msg, int severity, int severity_output)
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
{
MAJOR: chunks: replace struct chunk with struct buffer Now all the code used to manipulate chunks uses a struct buffer instead. The functions are still called "chunk*", and some of them will progressively move to the generic buffer handling code as they are cleaned up.
2018-07-13 05:56:34 -04:00
struct buffer *tmp;
BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs Some commands are still missing their trailing LF, and very few were even already spotted in the past emitting more than one. The risk of missing this LF is particularly high, especially when tests are run in non- interactive mode where the output looks good at first glance. The problem is that once run in interactive mode, the missing empty line makes the command not being complete, and scripts can wait forever. Let's tackle the problem at its root: messages emitted at the end must always end with an LF and we know some miss it. Thus, in cli_output_msg() we now start by removing the trailing LFs from the string, and we always add exactly one. This way the trailing LF added by correct functions are silently ignored and all functions are now correct. This would need to be progressively backported to all supported versions in order to address them all at once, though the risk of breaking a legacy script relying on the wrong output is never zero. At first it should at least go as far as the lastest LTS (2.8), and maybe another one depending on user demands. Note that it also requires previous patch ("BUG/MINOR: vars/cli: fix missing LF after "get var" output") because it fixes a test for a bogus output for "get var" in a VTC.
2024-02-08 12:15:23 -05:00
struct ist imsg;
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
tmp = get_trash_chunk();
chunk_reset(tmp);
BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs Some commands are still missing their trailing LF, and very few were even already spotted in the past emitting more than one. The risk of missing this LF is particularly high, especially when tests are run in non- interactive mode where the output looks good at first glance. The problem is that once run in interactive mode, the missing empty line makes the command not being complete, and scripts can wait forever. Let's tackle the problem at its root: messages emitted at the end must always end with an LF and we know some miss it. Thus, in cli_output_msg() we now start by removing the trailing LFs from the string, and we always add exactly one. This way the trailing LF added by correct functions are silently ignored and all functions are now correct. This would need to be progressively backported to all supported versions in order to address them all at once, though the risk of breaking a legacy script relying on the wrong output is never zero. At first it should at least go as far as the lastest LTS (2.8), and maybe another one depending on user demands. Note that it also requires previous patch ("BUG/MINOR: vars/cli: fix missing LF after "get var" output") because it fixes a test for a bogus output for "get var" in a VTC.
2024-02-08 12:15:23 -05:00
if (likely(severity_output == CLI_SEVERITY_NONE))
goto send_it;
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
if (severity < 0 || severity > 7) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("socket command feedback with invalid severity %d", severity);
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
chunk_printf(tmp, "[%d]: ", severity);
}
else {
switch (severity_output) {
case CLI_SEVERITY_NUMBER:
chunk_printf(tmp, "[%d]: ", severity);
break;
case CLI_SEVERITY_STRING:
chunk_printf(tmp, "[%s]: ", log_levels[severity]);
break;
default:
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Unrecognized severity output %d", severity_output);
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
}
}
BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs Some commands are still missing their trailing LF, and very few were even already spotted in the past emitting more than one. The risk of missing this LF is particularly high, especially when tests are run in non- interactive mode where the output looks good at first glance. The problem is that once run in interactive mode, the missing empty line makes the command not being complete, and scripts can wait forever. Let's tackle the problem at its root: messages emitted at the end must always end with an LF and we know some miss it. Thus, in cli_output_msg() we now start by removing the trailing LFs from the string, and we always add exactly one. This way the trailing LF added by correct functions are silently ignored and all functions are now correct. This would need to be progressively backported to all supported versions in order to address them all at once, though the risk of breaking a legacy script relying on the wrong output is never zero. At first it should at least go as far as the lastest LTS (2.8), and maybe another one depending on user demands. Note that it also requires previous patch ("BUG/MINOR: vars/cli: fix missing LF after "get var" output") because it fixes a test for a bogus output for "get var" in a VTC.
2024-02-08 12:15:23 -05:00
send_it:
/* the vast majority of messages have their trailing LF but a few are
* still missing it, and very rare ones might even have two. For this
* reason, we'll first delete the trailing LFs if present, then
* systematically append one.
*/
for (imsg = ist(msg); imsg.len > 0 && imsg.ptr[imsg.len - 1] == '\n'; imsg.len--)
;
chunk_istcat(tmp, imsg);
chunk_istcat(tmp, ist("\n"));
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
MINOR: cli: Use applet API to write output message Instead of using the channel API to to write output message from the CLI applet, we use the applet API. This way, the applet does not need to take care to request more room it it fails to put its message into the channel's buffer.
2023-05-05 04:56:00 -04:00
return applet_putchk(appctx, tmp);
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
}
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
int cli_init(struct appctx *appctx)
{
struct stconn *sc = appctx_sc(appctx);
struct bind_conf *bind_conf = strm_li(__sc_strm(sc))->bind_conf;
appctx->cli_severity_output = bind_conf->severity_output;
applet_reset_svcctx(appctx);
appctx->st0 = CLI_ST_GETREQ;
appctx->cli_level = bind_conf->level;
/* Wakeup the applet ASAP. */
applet_need_more_data(appctx);
return 0;
}
size_t cli_snd_buf(struct appctx *appctx, struct buffer *buf, size_t count, unsigned flags)
{
char *str;
size_t len, ret = 0;
int lf = 0;
if (appctx->st0 == CLI_ST_INIT)
cli_init(appctx);
BUG/MEDIUM: cli: Be sure to drop all input data in END state Commit 7214dcd ("BUG/MEDIUM: applet: Don't pretend to have more data to handle EOI/EOS/ERROR") revealed a bug with the CLI applet. Pending input data when the applet is in CLI_ST_END state were never consumed or dropped, leading to a wakeup loop. The CLI applet implements its own snd_buf callback function. It is important it consumes all pending input data. Otherwise, the applet is woken up in loop until it empties the request buffer. Another way to fix the issue would be to report an error. But in that case, it seems reasonnable to drop these data. The issue can be observed on reload, in master/worker mode, because of issue about the last ACK message which was never consummed by the _getsocks() command. This patch should fix the issue #2862. It must be backported to 3.1 with the commit above.
2025-02-17 08:49:34 -05:00
else if (appctx->st0 == CLI_ST_END) {
/* drop all data on END state */
ret = count;
b_del(buf, ret);
goto end;
}
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
else if (appctx->st0 != CLI_ST_GETREQ)
goto end;
if (b_space_wraps(&appctx->inbuf))
b_slow_realign(&appctx->inbuf, trash.area, b_data(&appctx->inbuf));
while (1) {
/* payload doesn't take escapes nor does it end on semi-colons,
* so we use the regular getline. Normal mode however must stop
* on LFs and semi-colons that are not prefixed by a backslash.
* Note we reserve one byte at the end to insert a trailing nul
* byte.
*/
str = b_tail(&appctx->inbuf);
if (!(appctx->st1 & APPCTX_CLI_ST1_PAYLOAD))
len = b_getdelim(buf, ret, count, str, b_room(&appctx->inbuf) - 1, "\n;", '\\');
else
len = b_getline(buf, ret, count, str, b_room(&appctx->inbuf) - 1);
if (!len) {
BUG/MINOR: cli: Don't warn about a too big command for incomplete commands When a command is too big to fit in a buffer, a error is returned before closing. However, the error is also returned if the command is small enough but incomplete. It happens on abort. In this case, the error must not be reported. The regression was introduced when a dedicated sn_buf callbac function was added. To fix the issue, both cases are now handled separately. No backport needed.
2024-04-08 01:41:17 -04:00
if (!b_room(buf) || (count > b_room(&appctx->inbuf) - 1)) {
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
cli_err(appctx, "The command is too big for the buffer size. Please change tune.bufsize in the configuration to use a bigger command.\n");
applet_set_error(appctx);
b_reset(&appctx->inbuf);
}
BUG/MINOR: cli: Don't warn about a too big command for incomplete commands When a command is too big to fit in a buffer, a error is returned before closing. However, the error is also returned if the command is small enough but incomplete. It happens on abort. In this case, the error must not be reported. The regression was introduced when a dedicated sn_buf callbac function was added. To fix the issue, both cases are now handled separately. No backport needed.
2024-04-08 01:41:17 -04:00
else if (flags & CO_SFL_LAST_DATA) {
applet_set_eos(appctx);
applet_set_error(appctx);
b_reset(&appctx->inbuf);
}
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
break;
}
ret += len;
count -= len;
if (str[len-1] == '\n')
lf = 1;
len--;
BUG/MINOR: cli: cli_snd_buf: preserve \r\n for payload lines cli_snd_buf() analyzez input line by line. Before this patch it has always scanned a given line for the presence of '\r' followed by '\n'. This is only needed for strings, that contain the commands itself like "show ssl cert\n", "set ssl cert test.pem <<\n". In case of strings, which contain the command's payload, like "-----BEGIN CERTIFICATE-----\r\n", '\r\n' should be preserved as is. This patch fixes the GitHub issue #2818. This patch should be backported in v3.1 and in v3.0.
2024-12-12 13:38:38 -05:00
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
if (appctx->st1 & APPCTX_CLI_ST1_PAYLOAD) {
str[len+1] = '\0';
b_add(&appctx->inbuf, len+1);
}
else {
BUG/MINOR: cli: cli_snd_buf: preserve \r\n for payload lines cli_snd_buf() analyzez input line by line. Before this patch it has always scanned a given line for the presence of '\r' followed by '\n'. This is only needed for strings, that contain the commands itself like "show ssl cert\n", "set ssl cert test.pem <<\n". In case of strings, which contain the command's payload, like "-----BEGIN CERTIFICATE-----\r\n", '\r\n' should be preserved as is. This patch fixes the GitHub issue #2818. This patch should be backported in v3.1 and in v3.0.
2024-12-12 13:38:38 -05:00
/* Remove the trailing \r, if any and add a null byte at the
* end. For normal mode, the trailing \n is removed, but we
* conserve \r\n or \n sequences for payload mode.
*/
if (len && str[len-1] == '\r')
len--;
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
str[len] = '\0';
b_add(&appctx->inbuf, len);
}
if (appctx->st1 & APPCTX_CLI_ST1_PAYLOAD) {
/* look for a pattern */
if (len == strlen(appctx->cli_payload_pat)) {
/* here use 'len' because str still contains the \n */
if (strncmp(str, appctx->cli_payload_pat, len) == 0) {
/* remove the last two \n */
b_sub(&appctx->inbuf, strlen(appctx->cli_payload_pat) + 2);
*b_tail(&appctx->inbuf) = '\0';
appctx->st1 &= ~APPCTX_CLI_ST1_PAYLOAD;
if (!(appctx->st1 & APPCTX_CLI_ST1_PROMPT) && lf)
appctx->st1 |= APPCTX_CLI_ST1_LASTCMD;
}
}
}
else {
char *last_arg;
/*
* Look for the "payload start" pattern at the end of a
* line Its location is not remembered here, this is
* just to switch to a gathering mode.
*
* The pattern must start by << followed by 0 to 7
* characters, and finished by the end of the command
* (\n or ;).
*/
/* look for the first space starting by the end of the line */
for (last_arg = b_tail(&appctx->inbuf); last_arg != b_head(&appctx->inbuf); last_arg--) {
if (*last_arg == ' ' || *last_arg == '\t') {
last_arg++;
break;
}
}
if (strncmp(last_arg, PAYLOAD_PATTERN, strlen(PAYLOAD_PATTERN)) == 0) {
ssize_t pat_len = strlen(last_arg + strlen(PAYLOAD_PATTERN));
/* A customized pattern can't be more than 7 characters
* if it's more, don't make it a payload
*/
if (pat_len < sizeof(appctx->cli_payload_pat)) {
appctx->st1 |= APPCTX_CLI_ST1_PAYLOAD;
/* copy the customized pattern, don't store the << */
strncpy(appctx->cli_payload_pat, last_arg + strlen(PAYLOAD_PATTERN), sizeof(appctx->cli_payload_pat)-1);
appctx->cli_payload_pat[sizeof(appctx->cli_payload_pat)-1] = '\0';
b_add(&appctx->inbuf, 1); // keep the trailing \0 after the pattern
}
}
else {
if (!(appctx->st1 & APPCTX_CLI_ST1_PROMPT) && lf)
appctx->st1 |= APPCTX_CLI_ST1_LASTCMD;
}
}
if (!(appctx->st1 & APPCTX_CLI_ST1_PAYLOAD) || (appctx->st1 & APPCTX_CLI_ST1_PROMPT)) {
appctx->st0 = CLI_ST_PARSEREQ;
break;
}
}
b_del(buf, ret);
end:
return ret;
}
CLEANUP: conn_stream: tree-wide rename to stconn (stream connector) This renames the "struct conn_stream" to "struct stconn" and updates the descriptions in all comments (and the rare help descriptions) to "stream connector" or "connector". This touches a lot of files but the change is minimal. The local variables were not even renamed, so there's still a lot of "cs" everywhere.
2022-05-17 13:07:51 -04:00
/* This I/O handler runs as an applet embedded in a stream connector. It is
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
* used to processes I/O from/to the stats unix socket. The system relies on a
* state machine handling requests and various responses. We read a request,
* then we process it and send the response, and we possibly display a prompt.
MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx() We're about to remove si->appctx, so first let's replace all occurrences of its usage with a dynamic extract from si->end. A lot of code was changed by search-n-replace, but the behaviour was intentionally not altered. The code surrounding calls to stream_int_register_handler() was slightly changed since we can only use si->end *after* the registration.
2013-12-01 03:15:12 -05:00
* Then we can read again. The state is stored in appctx->st0 and is one of the
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
* CLI_ST_* constants. appctx->st1 is used to indicate whether prompt is enabled
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
* or not.
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
*/
MINOR: cli: export cli_io_handler() to ease symbol resolution It's common to meet this function in backtraces, it's a bit annoying that it's not resolved, so let's export it so that it becomes resolvable.
2025-03-13 12:28:12 -04:00
void cli_io_handler(struct appctx *appctx)
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
{
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
if (applet_fl_test(appctx, APPCTX_FL_OUTBLK_ALLOC|APPCTX_FL_OUTBLK_FULL))
goto out;
if (!appctx_get_buf(appctx, &appctx->outbuf)) {
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
goto out;
BUG/MEDIUM: cli: Eat output data when waiting for appctx shutdown When the cli applet is executed while a shut is pending, the remaining output data must always be consumed. Otherwise, this can prevent the stream to exit, leading to a spinning loop on the applet. This patch should fix the issue #2107. It is 2.8-specific. No backport needed.
2023-04-07 12:07:51 -04:00
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
if (unlikely(applet_fl_test(appctx, APPCTX_FL_EOS|APPCTX_FL_ERROR))) {
appctx->st0 = CLI_ST_END;
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled When an entity tries to get a buffer, if it cannot be allocted, for example because the number of buffers which may be allocated per process is limited, this entity is added in a list (called <buffer_wq>) and wait for an available buffer. Historically, the <buffer_wq> list was logically attached to streams because it were the only entities likely to be added in it. Now, applets can also be waiting for a free buffer. And with filters, we could imagine to have more other entities waiting for a buffer. So it make sense to have a generic list. Anyway, with the current design there is a bug. When an applet failed to get a buffer, it will wait. But we add the stream attached to the applet in <buffer_wq>, instead of the applet itself. So when a buffer is available, we wake up the stream and not the waiting applet. So, it is possible to have waiting applets and never awakened. So, now, <buffer_wq> is independant from streams. And we really add the waiting entity in <buffer_wq>. To be generic, the entity is responsible to define the callback used to awaken it. In addition, applets will still request an input buffer when they become active. But they will not be sleeped anymore if no buffer are available. So this is the responsibility to the applet I/O handler to check if this buffer is allocated or not. This way, an applet can decide if this buffer is required or not and can do additional processing if not. [wt: backport to 1.7 and 1.6]
2016-12-09 11:30:18 -05:00
goto out;
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
while (1) {
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
if (appctx->st0 == CLI_ST_INIT) {
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
/* reset severity to default at init */
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
cli_init(appctx);
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
}
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
else if (appctx->st0 == CLI_ST_END) {
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
applet_set_eos(appctx);
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
break;
}
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
else if (appctx->st0 == CLI_ST_GETREQ) {
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
/* Now we close the output if we're not in interactive
* mode and the request buffer is empty. This still
* allows pipelined requests to be sent in
* non-interactive mode.
*/
if (se_fl_test(appctx->sedesc, SE_FL_SHW)) {
appctx->st0 = CLI_ST_END;
continue;
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
}
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
break;
}
else if (appctx->st0 == CLI_ST_PARSEREQ) {
[OPTIM] stats: check free space before trying to print This alone makes a typical HTML stats dump consume 10% CPU less, because we avoid doing complex printf calls to drop them later. Only a few common cases have been checked, those which are very likely to run for nothing.
2009-10-11 17:35:10 -04:00
/* ensure we have some output room left in the event we
* would want to return some info right after parsing.
*/
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
if (buffer_almost_full(&appctx->outbuf)) {
applet_fl_set(appctx, APPCTX_FL_OUTBLK_FULL);
[OPTIM] stats: check free space before trying to print This alone makes a typical HTML stats dump consume 10% CPU less, because we avoid doing complex printf calls to drop them later. Only a few common cases have been checked, those which are very likely to run for nothing.
2009-10-11 17:35:10 -04:00
break;
MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes Since commit 6b66f3e ([MAJOR] implement autonomous inter-socket forwarding) introduced in 1.3.16-rc1, we've been relying on a stupid mechanism to wake up the task after a write, which was an exact copy-paste of the reader side. The principle was that if we empty a buffer and there's no forwarding scheduled or if the *producer* is not in a connected state, then we wake the task up. That does not make any sense. It happens to wake up too late sometimes (eg, when the request analyser waits for some room in the buffer to start to work), and leads to unneeded wakeups in client-side keep-alive, because the task is woken up when the response is sent, while the analysers are simply waiting for a new request. In order to fix this, we introduce a new channel flag : CF_WAKE_WRITE. It is designed so that an analyser can explicitly request being notified when some data were written. It is used only when the HTTP request or response analysers need to wait for more room in the buffers. It is automatically cleared upon wake up. The flag is also automatically set by the functions which try to write into a buffer from an applet when they fail (bi_putblk() etc...). That allows us to remove the stupid condition above and avoid some wakeups. In http-server-close and in http-keep-alive modes, this reduces from 4 to 3 the average number of wakeups per request, and increases the overall performance by about 1.5%.
2013-12-31 11:26:25 -05:00
}
[OPTIM] stats: check free space before trying to print This alone makes a typical HTML stats dump consume 10% CPU less, because we avoid doing complex printf calls to drop them later. Only a few common cases have been checked, those which are very likely to run for nothing.
2009-10-11 17:35:10 -04:00
MINOR: cli: always reset the applet task's timeout The CLI applet doesn't make use of its timeout at all, only the stream does. That's a wonder because it allows any command's I/O handler to trivially set a wakeup timer by simply touching the task's ->expire field, and the I/O handler will automatically be woken up again. The only condition for this is that we properly take care of clearing that timeout whenever we finish processing a command and switch back to the PROMPT state. That's what this patch does.
2024-02-08 14:53:31 -05:00
appctx->t->expire = TICK_ETERNITY;
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
appctx->st0 = CLI_ST_PROMPT;
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
if (!(appctx->st1 & APPCTX_CLI_ST1_PAYLOAD)) {
cli_parse_request(appctx);
b_reset(&appctx->inbuf);
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
}
}
BUG/MINOR: stats: do not call cli_release_handler 3 times If an error happens during a dump on the CLI, an explicit call to cli_release_handler() is performed. This is not needed anymore since we introduced ->release() in the applet which is called upon error. Let's remove this confusing call which can even be risky in some situations.
2015-09-25 13:21:19 -04:00
else { /* output functions */
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
struct cli_print_ctx *ctx;
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
const char *msg;
int sev;
BUG/MINOR: cli: Report an error to user if command or payload is too big Too big command, larger than a buffer, was silently rejected by the CLI applet. It was handled as an error and the connection was closed, but no error message was reported to user to notify him. Now an error is reported before closing. It is only displayed if the chunk buffer used by the CLI applet is full and no delimiter (\n or ;) is found to mark the end of the command. It works for a simple command but also for a command with a huge payload. This patch could be backported to all stable versions.
2024-03-28 09:52:29 -04:00
cli_output:
MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx() We're about to remove si->appctx, so first let's replace all occurrences of its usage with a dynamic extract from si->end. A lot of code was changed by search-n-replace, but the behaviour was intentionally not altered. The code surrounding calls to stream_int_register_handler() was slightly changed since we can only use si->end *after* the registration.
2013-12-01 03:15:12 -05:00
switch (appctx->st0) {
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
case CLI_ST_PROMPT:
BUG/MINOR: Handle interactive mode in cli handler A previous commit broke the interactive stats cli prompt. Specifically, it was not clear that we could be in STAT_CLI_PROMPT when we get to the output functions for the cli handler, and the switch statement did not handle this case. We would then fall through to the default statement, which was recently changed to set error flags on the socket. This in turn causes the socket to be closed, which is not what we wanted in this specific case. To fix, we add a case for STAT_CLI_PROMPT, and simply break out of the switch statement. Testing: - Connected to unix stats socket, issued 'prompt', observed that I could issue multiple consecutive commands. - Connected to unix stats socket, issued 'prompt', observed that socket timed out after inactivity expired. - Connected to unix stats socket, issued 'prompt' then 'set timeout cli 5', observed that socket timed out after 5 seconds expired. - Connected to unix stats socket, issued invalid commands, received usage output. - Connected to unix stats socket, issued 'show info', received info output and socket disconnected. - Connected to unix stats socket, issued 'show stat', received stats output and socket disconnected. - Repeated above tests with TCP stats socket. [wt: no backport needed, this was introduced during the applet rework in 1.6]
2015-10-02 11:08:10 -04:00
break;
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
case CLI_ST_PRINT: /* print const message in msg */
case CLI_ST_PRINT_ERR: /* print const error in msg */
case CLI_ST_PRINT_DYN: /* print dyn message in msg, free */
CLEANUP: cli: rename dynamic error printing state Rename CLI_ST_PRINT_FREE to CLI_ST_PRINT_DYNERR. Most notably, this highlights that this is reserved to error printing. This is done to ensure consistency between CLI_ST_PRINT/CLI_ST_PRINT_DYN and CLI_ST_PRINT_ERR/CLI_ST_PRINT_DYNERR. The name is also consistent with the function cli_dynerr() which activates it.
2022-11-10 05:47:36 -05:00
case CLI_ST_PRINT_DYNERR: /* print dyn error in err, free */
MINOR: cli: define usermsgs print context CLI 'add server' handler relies on usermsgs_ctx to display errors in internal function on CLI output. This may be also extended to other handlers. However, to not clutter stderr from another contextes, usermsgs_ctx must be resetted when it is not needed anymore. This operation cannot be conducted in the CLI parse handler as display is conducted after it. To achieve this, define new CLI states CLI_ST_PRINT_UMSG / CLI_ST_PRINT_UMSGERR. Their principles is nearly identical to states for dynamic messages printing.
2022-11-10 08:24:51 -05:00
case CLI_ST_PRINT_UMSG: /* print usermsgs_ctx and reset it */
case CLI_ST_PRINT_UMSGERR: /* print usermsgs_ctx as error and reset it */
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
/* the message is in the svcctx */
ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
if (appctx->st0 == CLI_ST_PRINT || appctx->st0 == CLI_ST_PRINT_ERR) {
sev = appctx->st0 == CLI_ST_PRINT_ERR ?
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
LOG_ERR : ctx->severity;
msg = ctx->msg;
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
}
CLEANUP: cli: rename dynamic error printing state Rename CLI_ST_PRINT_FREE to CLI_ST_PRINT_DYNERR. Most notably, this highlights that this is reserved to error printing. This is done to ensure consistency between CLI_ST_PRINT/CLI_ST_PRINT_DYN and CLI_ST_PRINT_ERR/CLI_ST_PRINT_DYNERR. The name is also consistent with the function cli_dynerr() which activates it.
2022-11-10 05:47:36 -05:00
else if (appctx->st0 == CLI_ST_PRINT_DYN || appctx->st0 == CLI_ST_PRINT_DYNERR) {
sev = appctx->st0 == CLI_ST_PRINT_DYNERR ?
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
LOG_ERR : ctx->severity;
msg = ctx->err;
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
if (!msg) {
sev = LOG_ERR;
msg = "Out of memory.\n";
}
}
MINOR: cli: define usermsgs print context CLI 'add server' handler relies on usermsgs_ctx to display errors in internal function on CLI output. This may be also extended to other handlers. However, to not clutter stderr from another contextes, usermsgs_ctx must be resetted when it is not needed anymore. This operation cannot be conducted in the CLI parse handler as display is conducted after it. To achieve this, define new CLI states CLI_ST_PRINT_UMSG / CLI_ST_PRINT_UMSGERR. Their principles is nearly identical to states for dynamic messages printing.
2022-11-10 08:24:51 -05:00
else if (appctx->st0 == CLI_ST_PRINT_UMSG ||
appctx->st0 == CLI_ST_PRINT_UMSGERR) {
sev = appctx->st0 == CLI_ST_PRINT_UMSGERR ?
LOG_ERR : ctx->severity;
msg = usermsgs_str();
}
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
else {
sev = LOG_ERR;
msg = "Internal error.\n";
}
BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE Some error paths (especially those followed when running out of memory) can set the error message to NULL. In order to avoid a crash, use a generic message ("Out of memory") when this case arises. It should be backported to 1.8. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-16 12:50:19 -04:00
MINOR: cli: Use applet API to write output message Instead of using the channel API to to write output message from the CLI applet, we use the applet API. This way, the applet does not need to take care to request more room it it fails to put its message into the channel's buffer.
2023-05-05 04:56:00 -04:00
if (cli_output_msg(appctx, msg, sev, cli_get_severity_output(appctx)) != -1) {
CLEANUP: cli: rename dynamic error printing state Rename CLI_ST_PRINT_FREE to CLI_ST_PRINT_DYNERR. Most notably, this highlights that this is reserved to error printing. This is done to ensure consistency between CLI_ST_PRINT/CLI_ST_PRINT_DYN and CLI_ST_PRINT_ERR/CLI_ST_PRINT_DYNERR. The name is also consistent with the function cli_dynerr() which activates it.
2022-11-10 05:47:36 -05:00
if (appctx->st0 == CLI_ST_PRINT_DYN ||
appctx->st0 == CLI_ST_PRINT_DYNERR) {
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
ha_free(&ctx->err);
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
}
MINOR: cli: define usermsgs print context CLI 'add server' handler relies on usermsgs_ctx to display errors in internal function on CLI output. This may be also extended to other handlers. However, to not clutter stderr from another contextes, usermsgs_ctx must be resetted when it is not needed anymore. This operation cannot be conducted in the CLI parse handler as display is conducted after it. To achieve this, define new CLI states CLI_ST_PRINT_UMSG / CLI_ST_PRINT_UMSGERR. Their principles is nearly identical to states for dynamic messages printing.
2022-11-10 08:24:51 -05:00
else if (appctx->st0 == CLI_ST_PRINT_UMSG ||
appctx->st0 == CLI_ST_PRINT_UMSGERR) {
usermsgs_clr(NULL);
}
MINOR: cli: always reset the applet task's timeout The CLI applet doesn't make use of its timeout at all, only the stream does. That's a wonder because it allows any command's I/O handler to trivially set a wakeup timer by simply touching the task's ->expire field, and the I/O handler will automatically be woken up again. The only condition for this is that we properly take care of clearing that timeout whenever we finish processing a command and switch back to the PROMPT state. That's what this patch does.
2024-02-08 14:53:31 -05:00
appctx->t->expire = TICK_ETERNITY;
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
appctx->st0 = CLI_ST_PROMPT;
MEDIUM: dumpstats: Display error message during add of values. This patch adds new display type. This display returns allocated string, when the string is flush into buffers, it is freed. This permit to return the content of "memprintf(err, ...)" messages. The pat_ref_add functions has changed to return error.
2014-01-29 13:08:49 -05:00
}
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
if (applet_fl_test(appctx, APPCTX_FL_ERR_PENDING)) {
appctx->st0 = CLI_ST_END;
continue;
}
MEDIUM: dumpstats: Display error message during add of values. This patch adds new display type. This display returns allocated string, when the string is flush into buffers, it is freed. This permit to return the content of "memprintf(err, ...)" messages. The pat_ref_add functions has changed to return error.
2014-01-29 13:08:49 -05:00
break;
MINOR: cli: add two new states to print messages on the CLI Right now we used to have extremely inconsistent states to report output, one is CLI_ST_PRINT which prints constant message cli->msg with the assigned severity, and CLI_ST_PRINT_FREE which prints dynamically allocated cli->err with severity LOG_ERR, and nothing in between, eventhough it's useful to be able to report dynamically allocated messages as well as constant error messages. This patch adds two extra states, which are not particularly well named given the constraints imposed by existing ones. One is CLI_ST_PRINT_ERR which prints a constant error message. The other one is CLI_ST_PRINT_DYN which prints a dynamically allocated message. By doing so we maintain the compatibility with current code. It is important to keep in mind that we cannot pre-initialize pointers and automatically detect what message type it is based on the assigned fields, because the CLI's context is in a union shared with all other users, thus unused fields contain anything upon return. This is why we have no choice but using 4 states. Keeping the two fields <msg> and <err> remains useful because one is const and not the other one, and this catches may copy-paste mistakes. It's just that <err> is pretty confusing here, it should be renamed.
2019-08-09 03:57:36 -04:00
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
case CLI_ST_CALLBACK: /* use custom pointer */
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
if (appctx->io_handler)
MINOR: cli: add private pointer and release function This pointer will be used for storing private context. With this, the same executed function can handle more than one keyword. This will be very useful for creation Lua cli bindings. The release function is called when the command is terminated (give back the hand to the prompt) or when the session is broken (timeout or client closed).
2016-11-12 04:51:33 -05:00
if (appctx->io_handler(appctx)) {
MINOR: cli: always reset the applet task's timeout The CLI applet doesn't make use of its timeout at all, only the stream does. That's a wonder because it allows any command's I/O handler to trivially set a wakeup timer by simply touching the task's ->expire field, and the I/O handler will automatically be woken up again. The only condition for this is that we properly take care of clearing that timeout whenever we finish processing a command and switch back to the PROMPT state. That's what this patch does.
2024-02-08 14:53:31 -05:00
appctx->t->expire = TICK_ETERNITY;
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
appctx->st0 = CLI_ST_PROMPT;
MINOR: cli: add private pointer and release function This pointer will be used for storing private context. With this, the same executed function can handle more than one keyword. This will be very useful for creation Lua cli bindings. The release function is called when the command is terminated (give back the hand to the prompt) or when the session is broken (timeout or client closed).
2016-11-12 04:51:33 -05:00
if (appctx->io_release) {
appctx->io_release(appctx);
appctx->io_release = NULL;
MINOR: cli: make sure to always print a pending message after release() If a release handler produces a final message, it's currently left pending in the CLI context and needs another I/O event to be dumped because immediately after calling ->release, we check for states OUTPUT and above and we wait until more data arrives. This patch adds continue statement to go back to the loop immediately after leaving the release handler in order to attempt to emit the output message. At this point it's not sure whether any release handlers are producing messages, so it's probably not needed to backport this.
2024-02-08 11:22:41 -05:00
/* some release handlers might have
* pending output to print.
*/
continue;
MINOR: cli: add private pointer and release function This pointer will be used for storing private context. With this, the same executed function can handle more than one keyword. This will be very useful for creation Lua cli bindings. The release function is called when the command is terminated (give back the hand to the prompt) or when the session is broken (timeout or client closed).
2016-11-12 04:51:33 -05:00
}
}
MEDIUM: cli: register CLI keywords with cli_register_kw() To register a new cli keyword, you need to declare a cli_kw_list structure in your source file: static struct cli_kw_list cli_kws = {{ },{ { { "test", "list", NULL }, "test list : do some tests on the cli", test_parsing, NULL }, { { NULL }, NULL, NULL, NULL, NULL } }}; And then register it: cli_register_kw(&cli_kws); The first field is an array of 5 elements, where you declare the keywords combination which will match, it must be ended by a NULL element. The second field is used as a usage message, it will appear in the help of the cli, you can set it to NULL if you don't want to show it, it's a good idea if you want to overwrite some existing keywords. The two last fields are callbacks. The first one is used at parsing time, you can use it to parse the arguments of your keywords and print small messages. The function must return 1 in case of a failure, otherwise 0: #include <proto/dumpstats.h> static int test_parsing(char **args, struct appctx *appctx) { struct chunk out; if (!*args[2]) { appctx->ctx.cli.msg = "Error: the 3rd argument is mandatory !"; appctx->st0 = STAT_CLI_PRINT; return 1; } chunk_reset(&trash); chunk_printf(&trash, "arg[3]: %s\n", args[2]); chunk_init(&out, NULL, 0); chunk_dup(&out, &trash); appctx->ctx.cli.err = out.str; appctx->st0 = STAT_CLI_PRINT_FREE; /* print and free in the default cli_io_handler */ return 0; } The last field is the IO handler callback, it can be set to NULL if you want to use the default cli_io_handler() otherwise you can write your own. You can use the private pointer in the appctx if you need to store a context or some data. stats_dump_sess_to_buffer() is a good example of IO handler, IO handlers often use the appctx->st2 variable for the state machine. The handler must return 0 in case it have to be recall later otherwise 1.
2016-10-13 11:57:55 -04:00
break;
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
default: /* abnormal state */
BUG/MINOR: cli: Don't set SE flags from the cli applet Since the CLI was updated to use the new applet API, it should no longer set directly the SE flags. Instead, the corresponding applet flags must be set, using the applet API (appet_set_*). It is true for the CLI I/O handler but also for the commands parse function and I/O callback function. This patch should be backported as far as 3.0.
2025-02-06 09:15:27 -05:00
applet_set_error(appctx);
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
break;
}
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
/* The post-command prompt is either LF alone or LF + '> ' in interactive mode */
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
if (appctx->st0 == CLI_ST_PROMPT) {
MINOR: cli: add an option to display the uptime in the CLI's prompt Entering "prompt timed" toggles reporting of the process' uptime in the prompt, which will report days, hours, minutes and seconds since it was started. As discussed with Tim in issue #2145, this can be convenient to roughly estimate the time between two outputs, as well as detecting that a process failed to be reloaded for example.
2023-05-04 08:22:36 -04:00
char prompt_buf[20];
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
const char *prompt = "";
if (appctx->st1 & APPCTX_CLI_ST1_PROMPT) {
/*
* when entering a payload with interactive mode, change the prompt
* to emphasize that more data can still be sent
*/
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
if (b_data(&appctx->inbuf) && appctx->st1 & APPCTX_CLI_ST1_PAYLOAD)
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
prompt = "+ ";
MINOR: cli: add an option to display the uptime in the CLI's prompt Entering "prompt timed" toggles reporting of the process' uptime in the prompt, which will report days, hours, minutes and seconds since it was started. As discussed with Tim in issue #2145, this can be convenient to roughly estimate the time between two outputs, as well as detecting that a process failed to be reloaded for example.
2023-05-04 08:22:36 -04:00
else if (appctx->st1 & APPCTX_CLI_ST1_TIMED) {
uint up = ns_to_sec(now_ns - start_time_ns);
snprintf(prompt_buf, sizeof(prompt_buf),
"\n[%u:%02u:%02u:%02u]> ",
(up / 86400), (up / 3600) % 24, (up / 60) % 60, up % 60);
prompt = prompt_buf;
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
else
prompt = "\n> ";
}
else {
BUG/MINOR: mworker/cli: don't output a \n before the response When using a level lower than admin on the master CLI, a \n is output before the response, this is caused by the response of the "operator" or "user" that are sent before the actual command. To fix this problem we introduce the flag APPCTX_CLI_ST1_NOLF which ask a command response to not be followed by the final \n. This patch made a special case with the command operator and user followed by a - so they are not followed by \n. This patch must be backported to 2.0 and 1.9.
2019-07-01 04:56:15 -04:00
if (!(appctx->st1 & (APPCTX_CLI_ST1_PAYLOAD|APPCTX_CLI_ST1_NOLF)))
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
prompt = "\n";
}
BUG/MEDIUM: cli: always reset the service context between commands Erwan Le Goas reported that chaining certain commands on the CLI would systematically crash the process; for example, "show version; show sess". This happened since the conversion of cli context to appctx->svcctx, because if applet_reserve_svcctx() is called a first time for a tiny context, it's allocated in-situ, and later a keyword that wants a larger one will see that it's not null and will reuse it and will overwrite the end of the first one's context. What is missing is a reset of the svcctx when looping back to CLI_ST_GETREQ. This needs to be backported to 2.6, and relies on previous commit "MINOR: applet: add a function to reset the svcctx of an applet".
2022-08-18 12:04:37 -04:00
if (applet_putstr(appctx, prompt) != -1) {
applet_reset_svcctx(appctx);
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
appctx->st0 = CLI_ST_GETREQ;
BUG/MEDIUM: cli: always reset the service context between commands Erwan Le Goas reported that chaining certain commands on the CLI would systematically crash the process; for example, "show version; show sess". This happened since the conversion of cli context to appctx->svcctx, because if applet_reserve_svcctx() is called a first time for a tiny context, it's allocated in-situ, and later a keyword that wants a larger one will see that it's not null and will reuse it and will overwrite the end of the first one's context. What is missing is a reset of the svcctx when looping back to CLI_ST_GETREQ. This needs to be backported to 2.6, and relies on previous commit "MINOR: applet: add a function to reset the svcctx of an applet".
2022-08-18 12:04:37 -04:00
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
}
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
/* If the output functions are still there, it means they require more room. */
BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing The CLI applet process one request after another. Thus, when several requests are pipelined, it is important to notify it won't consume remaining outgoing data while it is processing a request. Otherwise, the applet may be woken up in loop. For instance, it may happen with the HTTP client while we are waiting for the server response if a shutr is received. This patch must be backported in all supported versions after an observation period. But a massive refactoring was performed in 2.6. So, for the 2.5 and below, the patch will have to be adapted. Note also that, AFAIK, the bug can only be triggered by the HTTP client for now.
2022-06-01 11:25:42 -04:00
if (appctx->st0 >= CLI_ST_OUTPUT) {
applet_wont_consume(appctx);
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
break;
BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing The CLI applet process one request after another. Thus, when several requests are pipelined, it is important to notify it won't consume remaining outgoing data while it is processing a request. Otherwise, the applet may be woken up in loop. For instance, it may happen with the HTTP client while we are waiting for the server response if a shutr is received. This patch must be backported in all supported versions after an observation period. But a massive refactoring was performed in 2.6. So, for the 2.5 and below, the patch will have to be adapted. Note also that, AFAIK, the bug can only be triggered by the HTTP client for now.
2022-06-01 11:25:42 -04:00
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
MEDIUM: cli: Use the sedesc to report and detect end of processing It is the same kind of change than for the cache applet. Idea is to use the SE desc instead of the channel or the SC to report end-of-input, end-of-stream and errors. Truncated commands are now reported on error. Other changes are the same than for the cache applet. We now set SE_FL_EOS flag instead of calling cf_shutr() and calls to cf_shutw are removed.
2023-03-31 04:25:07 -04:00
/* Now we close the output if we're not in interactive
* mode and the request buffer is empty. This still
* allows pipelined requests to be sent in
* non-interactive mode.
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
*/
BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands The issue was decribed in commit "BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n". In non-interactive mode, it was possible to use a newline character as delimiter for pipelined commands. As a consequence, it was possible to stop commands processing on the middle. With the above commit, a warning is emitted to notify users. With this one, we restore the expected behavior, as documented in the management guide. Only the first line of commands is parsed. This commit will not be backported to avoid breaking changes on stable versions. This commit has of course some visible effects. All script using a newline character as delimiter to pipeline commands in non-interactive mode will stop working. Only the first command will be evaluated, all others will be ignored. Pipelined commands MUST now be separated by a semi-colon. But there is a more subtle and probably more annoying change. It is no longer possible to pipeline commands with a payload ! A command with a payload will always be the last one evaluated because it must be finished by a newline (eventually preceeded by a custom pattern). It is really annoying to introduce such breaking change. But, on the long term, it is mandatory. The 2.8 will be the last LST version supporting the old behavior (with some warning however). This will let 4 years to users to adapt their scripts. No backport needed.
2024-02-20 12:39:50 -05:00
if ((appctx->st1 & (APPCTX_CLI_ST1_PROMPT|APPCTX_CLI_ST1_PAYLOAD|APPCTX_CLI_ST1_LASTCMD)) == APPCTX_CLI_ST1_LASTCMD) {
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
applet_set_eoi(appctx);
appctx->st0 = CLI_ST_END;
continue;
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
[MEDIUM] stats: don't use s->ana_state anymore The stats handler used to store internal states in s->ana_state. Now we only rely on si->st0 in which we can store as many states as we have possible outputs. This cleans up the stats code a lot and makes it more maintainable. It has also reduced code size by a few hundred bytes.
2009-10-04 08:22:18 -04:00
/* switch state back to GETREQ to read next requests */
BUG/MEDIUM: cli: always reset the service context between commands Erwan Le Goas reported that chaining certain commands on the CLI would systematically crash the process; for example, "show version; show sess". This happened since the conversion of cli context to appctx->svcctx, because if applet_reserve_svcctx() is called a first time for a tiny context, it's allocated in-situ, and later a keyword that wants a larger one will see that it's not null and will reuse it and will overwrite the end of the first one's context. What is missing is a reset of the svcctx when looping back to CLI_ST_GETREQ. This needs to be backported to 2.6, and relies on previous commit "MINOR: applet: add a function to reset the svcctx of an applet".
2022-08-18 12:04:37 -04:00
applet_reset_svcctx(appctx);
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* These are in CLI states, not stats states anymore. STAT_CLI_O_CUSTOM was more appropriately renamed CLI_ST_CALLBACK.
2016-11-24 09:53:53 -05:00
appctx->st0 = CLI_ST_GETREQ;
BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing The CLI applet process one request after another. Thus, when several requests are pipelined, it is important to notify it won't consume remaining outgoing data while it is processing a request. Otherwise, the applet may be woken up in loop. For instance, it may happen with the HTTP client while we are waiting for the server response if a shutr is received. This patch must be backported in all supported versions after an observation period. But a massive refactoring was performed in 2.6. So, for the 2.5 and below, the patch will have to be adapted. Note also that, AFAIK, the bug can only be triggered by the HTTP client for now.
2022-06-01 11:25:42 -04:00
applet_will_consume(appctx);
BUG/MINOR: applet: Always expect data when CLI is waiting for a new command There is a mechanism for applets to disable the read timeout on the opposite side if it is now waiting for any data. Of course, there is also a way to re-activate it. But, it must excplicitly be handle by applets. For the CLI, some commands may state no input data are expected. So we must be sure to reset its state when the applet is waiting for a new command. For now, it is not a bug because no CLI command uses this mechanism. This patch must be backported to 2.8.
2023-09-06 03:17:33 -04:00
applet_expect_data(appctx);
BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing The CLI applet process one request after another. Thus, when several requests are pipelined, it is important to notify it won't consume remaining outgoing data while it is processing a request. Otherwise, the applet may be woken up in loop. For instance, it may happen with the HTTP client while we are waiting for the server response if a shutr is received. This patch must be backported in all supported versions after an observation period. But a massive refactoring was performed in 2.6. So, for the 2.5 and below, the patch will have to be adapted. Note also that, AFAIK, the bug can only be triggered by the HTTP client for now.
2022-06-01 11:25:42 -04:00
BUG/MINOR: mworker/cli: don't output a \n before the response When using a level lower than admin on the master CLI, a \n is output before the response, this is caused by the response of the "operator" or "user" that are sent before the actual command. To fix this problem we introduce the flag APPCTX_CLI_ST1_NOLF which ask a command response to not be followed by the final \n. This patch made a special case with the command operator and user followed by a - so they are not followed by \n. This patch must be backported to 2.0 and 1.9.
2019-07-01 04:56:15 -04:00
/* reactivate the \n at the end of the response for the next command */
appctx->st1 &= ~APPCTX_CLI_ST1_NOLF;
MEDIUM: cli: yield between each pipelined command Pipelining commands on the CLI is sometimes needed for batched operations such as map deletion etc, but it causes two problems: - some possibly long-running commands will be run in series without yielding, possibly causing extremely long latencies that will affect quality of service and even trigger the watchdog, as seen in github issue #1515. - short commands that end on a buffer size boundary, when not run in interactive mode, will often cause the socket to be closed when the last command is parsed, because the buffer is empty. This patch proposes a small change to this: by yielding in the CLI applet after processing a command when there are data left, we significantly reduce the latency, since only one command is executed per call, and we leave an opportunity for the I/O layers to refill the request buffer with more commands, hence to execute all of them much more often. With this change there's no more watchdog triggered on long series of "del map" on large map files, and the operations are much less disturbed. It would be desirable to backport this patch to stable versions after some period of observation in recent versions.
2022-01-19 11:11:36 -05:00
/* this forces us to yield between pipelined commands and
* avoid extremely long latencies (e.g. "del map" etc). In
* addition this increases the likelihood that the stream
* refills the buffer with new bytes in non-interactive
* mode, avoiding to close on apparently empty commands.
*/
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
break;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
}
[MEDIUM] stats: replace the stats socket analyser with an SI applet We can get rid of the stats analyser by moving all the stats code to a stream interface applet. Above being cleaner, it provides new advantages such as the ability to process requests and responses from the same function and work only with simple state machines. There's no need for any hijack hack anymore. The direct advantage for the user are the interactive mode and the ability to chain several commands delimited by a semi-colon. Now if the user types "prompt", he gets a prompt from which he can send as many requests as he wants. All outputs are terminated by a blank line followed by a new prompt, so this can be used from external tools too. The code is not very clean, it needs some rework, but some part of the dirty parts are due to the remnants of the hijack mode used in the old functions we call. The old AN_REQ_STATS_SOCK analyser flag is now unused and has been removed.
2009-09-22 13:31:03 -04:00
}
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers The applet I/O handlers now rely on si_applet_done() which itself decides to wake up or sleep the appctx. Now it becomes critical that applte handlers properly call this on every exit path so that the appctx is removed from the active list after I/O have been handled. One such call was added to the Lua socket handler. It used to work without it probably because the main task is woken up by the parent task but now it's needed.
2015-04-19 11:20:03 -04:00
out:
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
if (appctx->st0 == CLI_ST_END) {
/* eat the whole request */
b_reset(&appctx->inbuf);
applet_fl_clr(appctx, APPCTX_FL_INBLK_FULL);
}
CLEANUP: cli: Remove useless debug message in cli_io_handler() When compiled in debug mode, HAProxy prints a debug message at the end of the cli I/O handle. It is pretty annoying and useless because, we can active applet traces. Thus, just remove it.
2023-04-18 12:36:43 -04:00
return;
[CLEANUP] move remaining stats sockets code to dumpstats The remains of the stats socket code has nothing to do in proto_uxst anymore and must move to dumpstats. The code is much cleaner and more structured. It was also an opportunity to rename AN_REQ_UNIX_STATS as AN_REQ_STATS_SOCK as the stats socket is no longer unix-specific either. The last item refering to stats in proto_uxst is the setting of the task's nice value which should in fact come from the listener.
2009-08-16 13:06:42 -04:00
}
CLEANUP: conn_stream: tree-wide rename to stconn (stream connector) This renames the "struct conn_stream" to "struct stconn" and updates the descriptions in all comments (and the rare help descriptions) to "stream connector" or "connector". This touches a lot of files but the change is minimal. The local variables were not even renamed, so there's still a lot of "cs" everywhere.
2022-05-17 13:07:51 -04:00
/* This is called when the stream connector is closed. For instance, upon an
BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list show sess <id> puts a backref into the session it's dumping. If the output is interrupted, the backref cannot always be removed because it's only done in the I/O handler. This can randomly corrupt the backref list when the session closes, because it passes the pointer to the next session which itself might be watched. The case is hard to reproduce (hundreds of attempts) but monitoring systems might encounter it frequently. Thus we have to add a release handler which does the cleanup even when the I/O handler is not called. This issue should also be present in 1.4 so the patch should be backported.
2012-11-25 20:22:40 -05:00
* external abort, we won't call the i/o handler anymore so we may need to
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 18:22:06 -04:00
* remove back references to the stream currently being dumped.
BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list show sess <id> puts a backref into the session it's dumping. If the output is interrupted, the backref cannot always be removed because it's only done in the I/O handler. This can randomly corrupt the backref list when the session closes, because it passes the pointer to the next session which itself might be watched. The case is hard to reproduce (hundreds of attempts) but monitoring systems might encounter it frequently. Thus we have to add a release handler which does the cleanup even when the I/O handler is not called. This issue should also be present in 1.4 so the patch should be backported.
2012-11-25 20:22:40 -05:00
*/
MEDIUM: applet: make the applet not depend on a stream interface anymore Now that applet's functions only take an appctx in argument, not a stream interface. This slightly simplifies the code and will be needed to take the appctx out of the stream interface.
2015-04-13 06:05:19 -04:00
static void cli_release_handler(struct appctx *appctx)
BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list show sess <id> puts a backref into the session it's dumping. If the output is interrupted, the backref cannot always be removed because it's only done in the I/O handler. This can randomly corrupt the backref list when the session closes, because it passes the pointer to the next session which itself might be watched. The case is hard to reproduce (hundreds of attempts) but monitoring systems might encounter it frequently. Thus we have to add a release handler which does the cleanup even when the I/O handler is not called. This issue should also be present in 1.4 so the patch should be backported.
2012-11-25 20:22:40 -05:00
{
MINOR: cli: add private pointer and release function This pointer will be used for storing private context. With this, the same executed function can handle more than one keyword. This will be very useful for creation Lua cli bindings. The release function is called when the command is terminated (give back the hand to the prompt) or when the session is broken (timeout or client closed).
2016-11-12 04:51:33 -05:00
if (appctx->io_release) {
appctx->io_release(appctx);
appctx->io_release = NULL;
}
CLEANUP: cli: rename dynamic error printing state Rename CLI_ST_PRINT_FREE to CLI_ST_PRINT_DYNERR. Most notably, this highlights that this is reserved to error printing. This is done to ensure consistency between CLI_ST_PRINT/CLI_ST_PRINT_DYN and CLI_ST_PRINT_ERR/CLI_ST_PRINT_DYNERR. The name is also consistent with the function cli_dynerr() which activates it.
2022-11-10 05:47:36 -05:00
else if (appctx->st0 == CLI_ST_PRINT_DYN || appctx->st0 == CLI_ST_PRINT_DYNERR) {
CLEANUP: cli: move the status print context into its own context Now that the CLI's print context is alone in the appctx, it's possible to refine the appctx's ctx layout so that the cli part matches exactly a regular svcctx, and as such move the CLI context into an svcctx like other applets. External code will still build and work because the struct cli perfectly maps onto the struct cli_print_ctx that's located into svc.storage. This is of course only to make a smooth transition during 2.6 and will disappear immediately after. A tiny change had to be applied to the opentracing addon which performs direct accesses to the CLI's err pointer in its own print function. The rest uses the standard cli_print_* which were the only ones that needed a small change. The whole "ctx.cli" struct could be tagged as deprecated so that any possibly existing external code that relies on it will get build warnings, and the comments in the struct are pretty clear about the way to fix it, and the lack of future of this old API.
2022-05-06 11:16:35 -04:00
struct cli_print_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
ha_free(&ctx->err);
MEDIUM: dumpstats: Display error message during add of values. This patch adds new display type. This display returns allocated string, when the string is flush into buffers, it is freed. This permit to return the content of "memprintf(err, ...)" messages. The pat_ref_add functions has changed to return error.
2014-01-29 13:08:49 -05:00
}
MINOR: cli: define usermsgs print context CLI 'add server' handler relies on usermsgs_ctx to display errors in internal function on CLI output. This may be also extended to other handlers. However, to not clutter stderr from another contextes, usermsgs_ctx must be resetted when it is not needed anymore. This operation cannot be conducted in the CLI parse handler as display is conducted after it. To achieve this, define new CLI states CLI_ST_PRINT_UMSG / CLI_ST_PRINT_UMSGERR. Their principles is nearly identical to states for dynamic messages printing.
2022-11-10 08:24:51 -05:00
else if (appctx->st0 == CLI_ST_PRINT_UMSG || appctx->st0 == CLI_ST_PRINT_UMSGERR) {
usermsgs_clr(NULL);
}
BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list show sess <id> puts a backref into the session it's dumping. If the output is interrupted, the backref cannot always be removed because it's only done in the I/O handler. This can randomly corrupt the backref list when the session closes, because it passes the pointer to the next session which itself might be watched. The case is hard to reproduce (hundreds of attempts) but monitoring systems might encounter it frequently. Thus we have to add a release handler which does the cleanup even when the I/O handler is not called. This issue should also be present in 1.4 so the patch should be backported.
2012-11-25 20:22:40 -05:00
}
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
/* This function dumps all environmnent variables to the buffer. It returns 0
* if the output buffer is full and it needs to be called again, otherwise
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
* non-zero. It takes its context from the show_env_ctx in svcctx, and will
* start from ->var and dump only one variable if ->show_one is set.
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
*/
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
static int cli_io_handler_show_env(struct appctx *appctx)
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
{
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
struct show_env_ctx *ctx = appctx->svcctx;
char **var = ctx->var;
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
chunk_reset(&trash);
/* we have two inner loops here, one for the proxy, the other one for
* the buffer.
*/
MINOR: appctx/cli: remove the env entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 11:45:44 -05:00
while (*var) {
chunk_printf(&trash, "%s\n", *var);
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
CLEANUP: applet: use applet_put*() everywhere possible This applies the change so that the applet code stops using ci_putchk() and friends everywhere possible, for the much saferapplet_put*() instead. The change is mechanical but large. Two or three functions used to have no appctx and a cs derived from the appctx instead, which was a reminiscence of old times' stream_interface. These were simply changed to directly take the appctx. No sensitive change was performed, and the old (more complex) API is still usable when needed (e.g. the channel is already known). The change touched roughly a hundred of locations, with no less than 124 lines removed. It's worth noting that the stats applet, the oldest of the series, could get a serious lifting, as it's still very channel-centric instead of propagating the appctx along the chain. Given that this code doesn't change often, there's no emergency to clean it up but it would look better.
2022-05-18 09:07:19 -04:00
if (applet_putchk(appctx, &trash) == -1)
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
return 0;
CLEANUP: applet: use applet_put*() everywhere possible This applies the change so that the applet code stops using ci_putchk() and friends everywhere possible, for the much saferapplet_put*() instead. The change is mechanical but large. Two or three functions used to have no appctx and a cs derived from the appctx instead, which was a reminiscence of old times' stream_interface. These were simply changed to directly take the appctx. No sensitive change was performed, and the old (more complex) API is still usable when needed (e.g. the channel is already known). The change touched roughly a hundred of locations, with no less than 124 lines removed. It's worth noting that the stats applet, the oldest of the series, could get a serious lifting, as it's still very channel-centric instead of propagating the appctx along the chain. Given that this code doesn't change often, there's no emergency to clean it up but it would look better.
2022-05-18 09:07:19 -04:00
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
if (ctx->show_one)
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
break;
MINOR: appctx/cli: remove the env entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 11:45:44 -05:00
var++;
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
ctx->var = var;
MINOR: cli: add a new "show env" command Using environment variables in configuration files can make troubleshooting complicated because there's no easy way to verify that the variables are correct. This patch introduces a new "show env" command which displays the whole environment on the CLI, one variable per line. The socket must at least have level operator to display the environment.
2016-02-16 05:27:28 -05:00
}
/* dump complete */
return 1;
}
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
/* This function dumps all file descriptors states (or the requested one) to
* the buffer. It returns 0 if the output buffer is full and it needs to be
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
* called again, otherwise non-zero. It takes its context from the show_fd_ctx
* in svcctx, only dumps one entry if ->show_one is non-zero, and (re)starts
* from ->fd.
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
*/
static int cli_io_handler_show_fd(struct appctx *appctx)
{
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
struct show_fd_ctx *fdctx = appctx->svcctx;
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
uint match = fdctx->show_mask;
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
int fd = fdctx->fd;
BUG/MINOR: cli/fd: don't isolate the thread for each individual fd It takes ages to proceed with "show fd" when there is sustained activity because it uses the rendez-vous point for each and every file descriptor in the loop. It's very common to see socat timeout there. Instead of doing this, let's just isolate the function when entering the loop. Its duration is limited by the number of FDs that may be emitted in a single buffer anyway, so it's much lighter and responds much faster.
2018-12-18 09:45:11 -05:00
int ret = 1;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
chunk_reset(&trash);
BUG/MINOR: cli/fd: don't isolate the thread for each individual fd It takes ages to proceed with "show fd" when there is sustained activity because it uses the rendez-vous point for each and every file descriptor in the loop. It's very common to see socat timeout there. Instead of doing this, let's just isolate the function when entering the loop. Its duration is limited by the number of FDs that may be emitted in a single buffer anyway, so it's much lighter and responds much faster.
2018-12-18 09:45:11 -05:00
/* isolate the threads once per round. We're limited to a buffer worth
* of output anyway, it cannot last very long.
*/
thread_isolate();
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
/* we have two inner loops here, one for the proxy, the other one for
* the buffer.
*/
BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" This bug is present since 7a4a0ac71d ("MINOR: cli: add a new "show fd" command"). This should be backported to 1.8. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-03-09 12:51:16 -05:00
while (fd >= 0 && fd < global.maxsock) {
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
struct fdtab fdt;
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
const struct listener *li = NULL;
const struct server *sv = NULL;
const struct proxy *px = NULL;
const struct connection *conn = NULL;
BUILD/MINOR: cli: fix a build warning introduced by last commit Commit 35b1b48 ("MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available") introduced an accidental build warning due to a missing const statement.
2018-03-29 07:19:37 -04:00
const struct mux_ops *mux = NULL;
MINOR: cli: make "show fd" also report the xprt and xprt_ctx These ones are definitely missing from some dumps, let's report them! We print the xprt's name instead of its useless pointer, as well as its ctx when xprt is not NULL.
2021-01-20 08:40:04 -05:00
const struct xprt_ops *xprt = NULL;
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
const void *ctx = NULL;
MINOR: cli: make "show fd" also report the xprt and xprt_ctx These ones are definitely missing from some dumps, let's report them! We print the xprt's name instead of its useless pointer, as well as its ctx when xprt is not NULL.
2021-01-20 08:40:04 -05:00
const void *xprt_ctx = NULL;
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
const struct quic_conn *qc = NULL;
BUILD/MINOR: cli: shut a minor gcc warning in "show fd" Recent commit 7a4a0ac ("MINOR: cli: add a new "show fd" command") introduced a warning when building at -O2 and above. The compiler doesn't know if a variable's value might have changed between two if blocks so warns that some values might be used uninitialized, which is not the case. Let's simply initialize them to shut the warning.
2017-08-09 10:35:44 -04:00
uint32_t conn_flags = 0;
DEBUG: cli/show_fd: Display connection error code When FD are dumps, the connection error code is now displayed. This may help to diagnose why a connection error occurred. This patch may be backported to help debugging.
2023-03-14 10:48:06 -04:00
uint8_t conn_err = 0;
MINOR: cli/show_fd: report that a connection is back or not It simply adds a "back={0,1}" depending on the connection's side, it's useful to debug.
2018-12-19 12:40:58 -05:00
int is_back = 0;
MINOR: cli: give the show_fd helpers the ability to report a suspicious entry Now the show_fd helpers at the transport and mux levels return an integer which indicates whether or not the inspected entry looks suspicious. When an entry is reported as suspicious, "show fd" will suffix it with an exclamation mark ('!') in the dump, that is supposed to help detecting them. For now, helpers were adjusted to adapt to the new API but none of them reports any suspicious entry yet.
2021-01-21 02:26:06 -05:00
int suspicious = 0;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
fdt = fdtab[fd];
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
/* When DEBUG_FD is set, we also report closed FDs that have a
* non-null event count to detect stuck ones.
*/
BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD DEBUG_FD was added by commit 38e8a1c in 2.2-dev, and "show fd" was slightly modified to still allow to print orphaned/closed FDs if their count is non-null. But bypassing the existing test made it possible to dereference fdt.owner which can be null. Let's adjust the condition to avoid this. No backport is needed.
2020-06-29 08:23:31 -04:00
if (!fdt.owner) {
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
#ifdef DEBUG_FD
BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD DEBUG_FD was added by commit 38e8a1c in 2.2-dev, and "show fd" was slightly modified to still allow to print orphaned/closed FDs if their count is non-null. But bypassing the existing test made it possible to dereference fdt.owner which can be null. Let's adjust the condition to avoid this. No backport is needed.
2020-06-29 08:23:31 -04:00
if (!fdt.event_count)
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
#endif
BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD DEBUG_FD was added by commit 38e8a1c in 2.2-dev, and "show fd" was slightly modified to still allow to print orphaned/closed FDs if their count is non-null. But bypassing the existing test made it possible to dereference fdt.owner which can be null. Let's adjust the condition to avoid this. No backport is needed.
2020-06-29 08:23:31 -04:00
goto skip; // closed
}
REORG: connection: move the socket iocb (conn_fd_handler) to sock.c conn_fd_handler() is 100% specific to socket code. It's about time it moves to sock.c which manipulates socket FDs. With it comes conn_fd_check() which tests for the socket's readiness. The ugly connection status check at the end of the iocb was moved to an inlined function in connection.h so that if we need it for other socket layers it's not too hard to reuse. The code was really only moved and not changed at all.
2020-12-11 09:54:36 -05:00
else if (fdt.iocb == sock_conn_iocb) {
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
conn = (const struct connection *)fdt.owner;
conn_flags = conn->flags;
DEBUG: cli/show_fd: Display connection error code When FD are dumps, the connection error code is now displayed. This may help to diagnose why a connection error occurred. This patch may be backported to help debugging.
2023-03-14 10:48:06 -04:00
conn_err = conn->err_code;
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
mux = conn->mux;
ctx = conn->ctx;
MINOR: cli: make "show fd" also report the xprt and xprt_ctx These ones are definitely missing from some dumps, let's report them! We print the xprt's name instead of its useless pointer, as well as its ctx when xprt is not NULL.
2021-01-20 08:40:04 -05:00
xprt = conn->xprt;
xprt_ctx = conn->xprt_ctx;
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
li = objt_listener(conn->target);
sv = objt_server(conn->target);
px = objt_proxy(conn->target);
is_back = conn_is_back(conn);
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
if (atleast2(fdt.thread_mask))
suspicious = 1;
if (conn->handle.fd != fd)
suspicious = 1;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
#if defined(USE_QUIC)
else if (fdt.iocb == quic_conn_sock_fd_iocb) {
qc = fdtab[fd].owner;
li = qc ? qc->li : NULL;
xprt_ctx = qc ? qc->xprt_ctx : NULL;
conn = qc ? qc->conn : NULL;
xprt = conn ? conn->xprt : NULL; // in fact it's &ssl_quic
mux = conn ? conn->mux : NULL;
/* quic_conns don't always have a connection but they
* always have an xprt_ctx.
*/
}
else if (fdt.iocb == quic_lstnr_sock_fd_iocb) {
li = objt_listener(fdtab[fd].owner);
}
#endif
MINOR: protocol: register the receiver's I/O handler and not the protocol's Now we define a new sock_accept_iocb() for socket-based stream protocols and use it as a wrapper for listener_accept() which now takes a listener and not an FD anymore. This will allow the receiver's I/O cb to be redefined during registration, and more specifically to get rid of the hard-coded hacks in protocol_bind_all() made for syslog. The previous ->accept() callback in the protocol was removed since it doesn't have anything to do with accept() anymore but is more generic. A few places where listener_accept() was compared against the FD's IO callback for debugging purposes on the CLI were updated.
2020-10-15 15:29:49 -04:00
else if (fdt.iocb == sock_accept_iocb)
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
li = fdt.owner;
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
if (!(((conn || xprt_ctx) &&
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
((match & CLI_SHOWFD_F_SV && sv) ||
(match & CLI_SHOWFD_F_PX && px) ||
(match & CLI_SHOWFD_F_FE && li))) ||
(!conn &&
((match & CLI_SHOWFD_F_LI && li) ||
(match & CLI_SHOWFD_F_PI && !li /* only pipes match this */))))) {
/* not a desired type */
goto skip;
}
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
if (!fdt.thread_mask)
suspicious = 1;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
chunk_printf(&trash,
MINOR: fd: add a generation number to file descriptors This patch adds a counter of close() on file descriptors in the fdtab. The goal is to better detect if reported events concern the current or a previous file descriptor. For now the counter is only added, and is showed in "show fd" as "gen". We're reusing unused space at the end of the struct. If it's needed for something more important later, this patch can be reverted.
2025-01-30 10:25:40 -05:00
" %5d : st=0x%06x(%c%c %c%c%c%c%c W:%c%c%c R:%c%c%c) ref=%#x gid=%d tmask=0x%lx umask=0x%lx prmsk=0x%lx pwmsk=0x%lx owner=%p gen=%u tkov=%u iocb=%p(",
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
fd,
fdt.state,
MINOR: cli/show-fd: slightly reorganize the FD status flags Slightly reorder the status flags to better match their order in the "state" field, and also decode the "shut" state which is particularly useful and already part of this field.
2021-04-07 02:48:12 -04:00
(fdt.state & FD_CLONED) ? 'C' : 'c',
(fdt.state & FD_LINGER_RISK) ? 'L' : 'l',
MEDIUM: fd: merge fdtab[].ev and state for FD_EV_* and FD_POLL_* into state For a long time we've had fdtab[].ev and fdtab[].state which contain two arbitrary sets of information, one is mostly the configuration plus some shutdown reports and the other one is the latest polling status report which also contains some sticky error and shutdown reports. These ones used to be stored into distinct chars, complicating certain operations and not even allowing to clearly see concurrent accesses (e.g. fd_delete_orphan() would set the state to zero while fd_insert() would only set the event to zero). This patch creates a single uint with the two sets in it, still delimited at the byte level for better readability. The original FD_EV_* values remained at the lowest bit levels as they are also known by their bit value. The next step will consist in merging the remaining bits into it. The whole bits are now cleared both in fd_insert() and _fd_delete_orphan() because after a complete check, it is certain that in both cases these functions are the only ones touching these areas. Indeed, for _fd_delete_orphan(), the thread_mask has already been zeroed before a poller can call fd_update_event() which would touch the state, so it is certain that _fd_delete_orphan() is alone. Regarding fd_insert(), only one thread will get an FD at any moment, and it as this FD has already been released by _fd_delete_orphan() by definition it is certain that previous users have definitely stopped touching it. Strictly speaking there's no need for clearing the state again in fd_insert() but it's cheap and will remove some doubts during some troubleshooting sessions.
2021-04-06 11:23:40 -04:00
(fdt.state & FD_POLL_HUP) ? 'H' : 'h',
(fdt.state & FD_POLL_ERR) ? 'E' : 'e',
(fdt.state & FD_POLL_OUT) ? 'O' : 'o',
(fdt.state & FD_POLL_PRI) ? 'P' : 'p',
(fdt.state & FD_POLL_IN) ? 'I' : 'i',
MINOR: cli/show-fd: slightly reorganize the FD status flags Slightly reorder the status flags to better match their order in the "state" field, and also decode the "shut" state which is particularly useful and already part of this field.
2021-04-07 02:48:12 -04:00
(fdt.state & FD_EV_SHUT_W) ? 'S' : 's',
(fdt.state & FD_EV_READY_W) ? 'R' : 'r',
(fdt.state & FD_EV_ACTIVE_W) ? 'A' : 'a',
(fdt.state & FD_EV_SHUT_R) ? 'S' : 's',
(fdt.state & FD_EV_READY_R) ? 'R' : 'r',
(fdt.state & FD_EV_ACTIVE_R) ? 'A' : 'a',
MINOR: cli/fd: show fd's tgid and refcount in "show fd" We really need to display these values now.
2022-07-08 04:23:01 -04:00
(fdt.refc_tgid >> 4) & 0xffff,
(fdt.refc_tgid) & 0xffff,
MINOR: cli: report cache indexes in "show fd" Instead of just indicating "cache={0,1}" we now report cache.next and cache.prev since they are the ones used with the lockless fd cache.
2018-03-30 09:00:15 -04:00
fdt.thread_mask, fdt.update_mask,
MINOR: fd/cli: report the polling mask in "show fd" It's missing and often needed when trying to debug a situation, let's report the polling mask as well in "show fd".
2023-03-02 09:05:31 -05:00
polled_mask[fd].poll_recv,
polled_mask[fd].poll_send,
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
fdt.owner,
MINOR: fd: add a generation number to file descriptors This patch adds a counter of close() on file descriptors in the fdtab. The goal is to better detect if reported events concern the current or a previous file descriptor. For now the counter is only added, and is showed in "show fd" as "gen". We're reusing unused space at the end of the struct. If it's needed for something more important later, this patch can be reverted.
2025-01-30 10:25:40 -05:00
fdt.generation,
DEBUG: fd: add a counter of takeovers of an FD since it was last opened That's essentially in order to help with debugging strange cases like the occasional epoll issues/races, by keeping a counter of how many times an FD was taken over since last inserted. The room is available so let's use it. If it's needed later, this patch can easily be reverted. The counter is also reported in "show fd" as "tkov".
2025-01-30 09:59:11 -05:00
fdt.nb_takeover,
MINOR: cli: make "show fd" rely on resolve_sym_name() This way we can drop all hard-coded iocb matching.
2020-03-03 11:29:58 -05:00
fdt.iocb);
resolve_sym_name(&trash, NULL, fdt.iocb);
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
if (!fdt.owner) {
chunk_appendf(&trash, ")");
}
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
else if (conn) {
DEBUG: cli/show_fd: Display connection error code When FD are dumps, the connection error code is now displayed. This may help to diagnose why a connection error occurred. This patch may be backported to help debugging.
2023-03-14 10:48:06 -04:00
chunk_appendf(&trash, ") back=%d cflg=0x%08x cerr=%d", is_back, conn_flags, conn_err);
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
if (!(conn->flags & CO_FL_FDLESS) && conn->handle.fd != fd) {
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
chunk_appendf(&trash, " fd=%d(BOGUS)", conn->handle.fd);
suspicious = 1;
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
} else if ((conn->flags & CO_FL_FDLESS) && (qc != conn->handle.qc)) {
chunk_appendf(&trash, " qc=%p(BOGUS)", conn->handle.qc);
suspicious = 1;
MINOR: cli/show_fd: report local and report ports when known FD dumps are not always easy to match against netstat dumps, and often require an lsof as a third dump. Let's emit the socket family, and the local and remore ports when the FD is an IPv4/IPv6 socket, this will significantly ease the matching.
2021-02-05 04:54:52 -05:00
} else {
struct sockaddr_storage sa;
socklen_t salen;
salen = sizeof(sa);
if (getsockname(fd, (struct sockaddr *)&sa, &salen) != -1) {
MEDIUM: protocol: make abns a custom unix socket address family This is a pre-requisite to adding the abnsz socket address family: in this patch we make use of protocol API rework started by 732913f ("MINOR: protocol: properly assign the sock_domain and sock_family") in order to implement a dedicated address family for ABNS sockets (based on UNIX parent family). Thanks to this, it will become trivial to implement a new ABNSZ (for abns zero) family which is essentially the same as ABNS but with a slight difference when it comes to path handling (ABNS uses the whole sun_path length, while ABNSZ's path is zero terminated and evaluation stops at 0) It was verified that this patch doesn't break reg-tests and behaves properly (tests performed on the CLI with show sess and show fd). Anywhere relevant, AF_CUST_ABNS is handled alongside AF_UNIX. If no distinction needs to be made, real_family() is used to fetch the proper real family type to handle it properly. Both stream and dgram were converted, so no functional change should be expected for this "internal" rework, except that proto will be displayed as "abns_{stream,dgram}" instead of "unix_{stream,dgram}". Before ("show sess" output): 0x64c35528aab0: proto=unix_stream src=unix:1 fe=GLOBAL be=<NONE> srv=<none> ts=00 epoch=0 age=0s calls=1 rate=0 cpu=0 lat=0 rq[f=848000h,i=0,an=00h,ax=] rp[f=80008000h,i=0,an=00h,ax=] scf=[8,0h,fd=21,rex=10s,wex=] scb=[8,1h,fd=-1,rex=,wex=] exp=10s rc=0 c_exp= After: 0x619da7ad74c0: proto=abns_stream src=unix:1 fe=GLOBAL be=<NONE> srv=<none> ts=00 epoch=0 age=0s calls=1 rate=0 cpu=0 lat=0 rq[f=848000h,i=0,an=00h,ax=] rp[f=80008000h,i=0,an=00h,ax=] scf=[8,0h,fd=22,rex=10s,wex=] scb=[8,1h,fd=-1,rex=,wex=] exp=10s rc=0 c_exp= Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 12:48:14 -04:00
/* only real address families in .ss_family (as provided by getsockname) */
MINOR: cli/show_fd: report local and report ports when known FD dumps are not always easy to match against netstat dumps, and often require an lsof as a third dump. Let's emit the socket family, and the local and remore ports when the FD is an IPv4/IPv6 socket, this will significantly ease the matching.
2021-02-05 04:54:52 -05:00
if (sa.ss_family == AF_INET)
chunk_appendf(&trash, " fam=ipv4 lport=%d", ntohs(((const struct sockaddr_in *)&sa)->sin_port));
else if (sa.ss_family == AF_INET6)
chunk_appendf(&trash, " fam=ipv6 lport=%d", ntohs(((const struct sockaddr_in6 *)&sa)->sin6_port));
else if (sa.ss_family == AF_UNIX)
chunk_appendf(&trash, " fam=unix");
}
salen = sizeof(sa);
if (getpeername(fd, (struct sockaddr *)&sa, &salen) != -1) {
if (sa.ss_family == AF_INET)
chunk_appendf(&trash, " rport=%d", ntohs(((const struct sockaddr_in *)&sa)->sin_port));
else if (sa.ss_family == AF_INET6)
chunk_appendf(&trash, " rport=%d", ntohs(((const struct sockaddr_in6 *)&sa)->sin6_port));
}
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
}
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
if (px)
chunk_appendf(&trash, " px=%s", px->id);
else if (sv)
BUG/MINOR: cli: fix server name output in "show fd" A server name was displayed as <srv>/<proxy> instead of the reverse. It only confuses diagnostics. This was introduced by commit 7a4a0ac71 ("MINOR: cli: add a new "show fd" command") so this fix can be backport down to 1.8.
2021-07-06 05:41:10 -04:00
chunk_appendf(&trash, " sv=%s/%s", sv->proxy->id, sv->id);
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
else if (li)
chunk_appendf(&trash, " fe=%s", li->bind_conf->frontend->id);
MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available This is handy to quickly distinguish H2 connections as well as to easily access the h2c context. It could be backported to 1.8 to help during troubleshooting sessions.
2018-03-28 12:41:30 -04:00
MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" This function will be called from the CLI's "show fd" command to append some extra mux-specific information that only the mux handler can decode. This is supposed to help collect various hints about what is happening when facing certain anomalies.
2018-03-30 08:41:19 -04:00
if (mux) {
CLEANUP: connection: rename conn->mux_ctx to conn->ctx We most often store the mux context there but it can also be something else while setting up the connection. Better call it "ctx" and know that it's the owner's context than misleadingly call it mux_ctx and get caught doing suspicious tricks.
2018-12-19 08:12:10 -05:00
chunk_appendf(&trash, " mux=%s ctx=%p", mux->name, ctx);
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
if (!ctx && !qc)
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
suspicious = 1;
MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" This function will be called from the CLI's "show fd" command to append some extra mux-specific information that only the mux handler can decode. This is supposed to help collect various hints about what is happening when facing certain anomalies.
2018-03-30 08:41:19 -04:00
if (mux->show_fd)
MINOR: cli: give the show_fd helpers the ability to report a suspicious entry Now the show_fd helpers at the transport and mux levels return an integer which indicates whether or not the inspected entry looks suspicious. When an entry is reported as suspicious, "show fd" will suffix it with an exclamation mark ('!') in the dump, that is supposed to help detecting them. For now, helpers were adjusted to adapt to the new API but none of them reports any suspicious entry yet.
2021-01-21 02:26:06 -05:00
suspicious |= mux->show_fd(&trash, fdt.owner);
MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" This function will be called from the CLI's "show fd" command to append some extra mux-specific information that only the mux handler can decode. This is supposed to help collect various hints about what is happening when facing certain anomalies.
2018-03-30 08:41:19 -04:00
}
MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available This is handy to quickly distinguish H2 connections as well as to easily access the h2c context. It could be backported to 1.8 to help during troubleshooting sessions.
2018-03-28 12:41:30 -04:00
else
chunk_appendf(&trash, " nomux");
MINOR: cli: make "show fd" also report the xprt and xprt_ctx These ones are definitely missing from some dumps, let's report them! We print the xprt's name instead of its useless pointer, as well as its ctx when xprt is not NULL.
2021-01-20 08:40:04 -05:00
chunk_appendf(&trash, " xprt=%s", xprt ? xprt->name : "");
MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps. Just like we did for the muxes, now the transport layers will have the ability to provide helpers to report more detailed information about their internal context. When the helper is not known, the pointer continues to be dumped as-is if it's not NULL. This way a transport with no context nor dump function will not add a useless "xprt_ctx=(nil)" but the pointer will be emitted if valid or if a helper is defined.
2021-01-20 09:30:56 -05:00
if (xprt) {
if (xprt_ctx || xprt->show_fd)
chunk_appendf(&trash, " xprt_ctx=%p", xprt_ctx);
if (xprt->show_fd)
MINOR: cli: give the show_fd helpers the ability to report a suspicious entry Now the show_fd helpers at the transport and mux levels return an integer which indicates whether or not the inspected entry looks suspicious. When an entry is reported as suspicious, "show fd" will suffix it with an exclamation mark ('!') in the dump, that is supposed to help detecting them. For now, helpers were adjusted to adapt to the new API but none of them reports any suspicious entry yet.
2021-01-21 02:26:06 -05:00
suspicious |= xprt->show_fd(&trash, conn, xprt_ctx);
MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps. Just like we did for the muxes, now the transport layers will have the ability to provide helpers to report more detailed information about their internal context. When the helper is not known, the pointer continues to be dumped as-is if it's not NULL. This way a transport with no context nor dump function will not add a useless "xprt_ctx=(nil)" but the pointer will be emitted if valid or if a helper is defined.
2021-01-20 09:30:56 -05:00
}
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
MINOR: cli: make "show fd" identify QUIC connections and listeners Now we can detect the listener associated with a QUIC listener and report a bit more info (e.g. listening port and frontend name), and provide a bit more info about connections as well, and filter on both front connections and listeners using the "l" and "f" flags.
2023-05-11 11:06:22 -04:00
else if (li && !xprt_ctx) {
MINOR: cli/show_fd: report local and report ports when known FD dumps are not always easy to match against netstat dumps, and often require an lsof as a third dump. Let's emit the socket family, and the local and remore ports when the FD is an IPv4/IPv6 socket, this will significantly ease the matching.
2021-02-05 04:54:52 -05:00
struct sockaddr_storage sa;
socklen_t salen;
MINOR: cli: make "show fd" rely on resolve_sym_name() This way we can drop all hard-coded iocb matching.
2020-03-03 11:29:58 -05:00
chunk_appendf(&trash, ") l.st=%s fe=%s",
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
listener_state_str(li),
li->bind_conf->frontend->id);
MINOR: cli/show_fd: report local and report ports when known FD dumps are not always easy to match against netstat dumps, and often require an lsof as a third dump. Let's emit the socket family, and the local and remore ports when the FD is an IPv4/IPv6 socket, this will significantly ease the matching.
2021-02-05 04:54:52 -05:00
salen = sizeof(sa);
if (getsockname(fd, (struct sockaddr *)&sa, &salen) != -1) {
MEDIUM: protocol: make abns a custom unix socket address family This is a pre-requisite to adding the abnsz socket address family: in this patch we make use of protocol API rework started by 732913f ("MINOR: protocol: properly assign the sock_domain and sock_family") in order to implement a dedicated address family for ABNS sockets (based on UNIX parent family). Thanks to this, it will become trivial to implement a new ABNSZ (for abns zero) family which is essentially the same as ABNS but with a slight difference when it comes to path handling (ABNS uses the whole sun_path length, while ABNSZ's path is zero terminated and evaluation stops at 0) It was verified that this patch doesn't break reg-tests and behaves properly (tests performed on the CLI with show sess and show fd). Anywhere relevant, AF_CUST_ABNS is handled alongside AF_UNIX. If no distinction needs to be made, real_family() is used to fetch the proper real family type to handle it properly. Both stream and dgram were converted, so no functional change should be expected for this "internal" rework, except that proto will be displayed as "abns_{stream,dgram}" instead of "unix_{stream,dgram}". Before ("show sess" output): 0x64c35528aab0: proto=unix_stream src=unix:1 fe=GLOBAL be=<NONE> srv=<none> ts=00 epoch=0 age=0s calls=1 rate=0 cpu=0 lat=0 rq[f=848000h,i=0,an=00h,ax=] rp[f=80008000h,i=0,an=00h,ax=] scf=[8,0h,fd=21,rex=10s,wex=] scb=[8,1h,fd=-1,rex=,wex=] exp=10s rc=0 c_exp= After: 0x619da7ad74c0: proto=abns_stream src=unix:1 fe=GLOBAL be=<NONE> srv=<none> ts=00 epoch=0 age=0s calls=1 rate=0 cpu=0 lat=0 rq[f=848000h,i=0,an=00h,ax=] rp[f=80008000h,i=0,an=00h,ax=] scf=[8,0h,fd=22,rex=10s,wex=] scb=[8,1h,fd=-1,rex=,wex=] exp=10s rc=0 c_exp= Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 12:48:14 -04:00
/* only real address families in .ss_family (as provided by getsockname) */
MINOR: cli/show_fd: report local and report ports when known FD dumps are not always easy to match against netstat dumps, and often require an lsof as a third dump. Let's emit the socket family, and the local and remore ports when the FD is an IPv4/IPv6 socket, this will significantly ease the matching.
2021-02-05 04:54:52 -05:00
if (sa.ss_family == AF_INET)
chunk_appendf(&trash, " fam=ipv4 lport=%d", ntohs(((const struct sockaddr_in *)&sa)->sin_port));
else if (sa.ss_family == AF_INET6)
chunk_appendf(&trash, " fam=ipv6 lport=%d", ntohs(((const struct sockaddr_in6 *)&sa)->sin6_port));
else if (sa.ss_family == AF_UNIX)
chunk_appendf(&trash, " fam=unix");
}
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
CLEANUP: cli: make "show fd" use a const connection to access other fields Over time the code has uglified, casting fdt.owner as a struct connection for about everything. Let's have a const struct connection* there and take this opportunity for passing all fields as const as well. Additionally a misplaced closing parenthesis on the output was fixed.
2021-01-20 08:13:46 -05:00
else
chunk_appendf(&trash, ")");
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
#ifdef DEBUG_FD
chunk_appendf(&trash, " evcnt=%u", fdtab[fd].event_count);
MINOR: cli/show_fd: report some easily detectable suspicious states A file descriptor which maps to a connection but has more than one thread in its mask, or an FD handle that doesn't correspond to the FD, or wiht no mux context, or an FD with no thread in its mask, or with more than 1 million events is flagged as suspicious.
2021-01-21 03:07:29 -05:00
if (fdtab[fd].event_count >= 1000000)
suspicious = 1;
MINOR: debug: add a new DEBUG_FD build option When DEBUG_FD is set at build time, we'll keep a counter of per-FD events in the fdtab. This counter is reported in "show fd" even for closed FDs if not zero. The purpose is to help spot situations where an apparently closed FD continues to be reported in loops, or where some events are dismissed.
2020-06-23 04:04:54 -04:00
#endif
MINOR: cli: give the show_fd helpers the ability to report a suspicious entry Now the show_fd helpers at the transport and mux levels return an integer which indicates whether or not the inspected entry looks suspicious. When an entry is reported as suspicious, "show fd" will suffix it with an exclamation mark ('!') in the dump, that is supposed to help detecting them. For now, helpers were adjusted to adapt to the new API but none of them reports any suspicious entry yet.
2021-01-21 02:26:06 -05:00
chunk_appendf(&trash, "%s\n", suspicious ? " !" : "");
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
CLEANUP: applet: use applet_put*() everywhere possible This applies the change so that the applet code stops using ci_putchk() and friends everywhere possible, for the much saferapplet_put*() instead. The change is mechanical but large. Two or three functions used to have no appctx and a cs derived from the appctx instead, which was a reminiscence of old times' stream_interface. These were simply changed to directly take the appctx. No sensitive change was performed, and the old (more complex) API is still usable when needed (e.g. the channel is already known). The change touched roughly a hundred of locations, with no less than 124 lines removed. It's worth noting that the stats applet, the oldest of the series, could get a serious lifting, as it's still very channel-centric instead of propagating the appctx along the chain. Given that this code doesn't change often, there's no emergency to clean it up but it would look better.
2022-05-18 09:07:19 -04:00
if (applet_putchk(appctx, &trash) == -1) {
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
fdctx->fd = fd;
BUG/MINOR: cli/fd: don't isolate the thread for each individual fd It takes ages to proceed with "show fd" when there is sustained activity because it uses the rendez-vous point for each and every file descriptor in the loop. It's very common to see socat timeout there. Instead of doing this, let's just isolate the function when entering the loop. Its duration is limited by the number of FDs that may be emitted in a single buffer anyway, so it's much lighter and responds much faster.
2018-12-18 09:45:11 -05:00
ret = 0;
break;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
skip:
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
if (fdctx->show_one)
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
break;
fd++;
}
BUG/MINOR: cli/fd: don't isolate the thread for each individual fd It takes ages to proceed with "show fd" when there is sustained activity because it uses the rendez-vous point for each and every file descriptor in the loop. It's very common to see socat timeout there. Instead of doing this, let's just isolate the function when entering the loop. Its duration is limited by the number of FDs that may be emitted in a single buffer anyway, so it's much lighter and responds much faster.
2018-12-18 09:45:11 -05:00
end:
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
/* dump complete */
BUG/MINOR: cli/fd: don't isolate the thread for each individual fd It takes ages to proceed with "show fd" when there is sustained activity because it uses the rendez-vous point for each and every file descriptor in the loop. It's very common to see socat timeout there. Instead of doing this, let's just isolate the function when entering the loop. Its duration is limited by the number of FDs that may be emitted in a single buffer anyway, so it's much lighter and responds much faster.
2018-12-18 09:45:11 -05:00
thread_release();
return ret;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
/*
MINOR: appctx/cli: remove the cli_socket entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 06:58:09 -05:00
* CLI IO handler for `show cli sockets`.
CLEANUP: cli: make "show cli sockets" use its own context Let's create a show_sock_ctx to store the bind_conf and the listener. The entry is reserved when entering the I/O handler since there's no parser here. That's fine because the function doesn't touch the area.
2022-05-05 13:11:05 -04:00
* Uses the svcctx as a show_sock_ctx to store/retrieve the bind_conf and the
* listener pointers.
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
*/
static int cli_io_handler_show_cli_sock(struct appctx *appctx)
{
CLEANUP: cli: make "show cli sockets" use its own context Let's create a show_sock_ctx to store the bind_conf and the listener. The entry is reserved when entering the I/O handler since there's no parser here. That's fine because the function doesn't touch the area.
2022-05-05 13:11:05 -04:00
struct show_sock_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
struct bind_conf *bind_conf = ctx->bind_conf;
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
if (!global.cli_fe)
goto done;
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
chunk_reset(&trash);
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
if (!bind_conf) {
/* first call */
CLEANUP: applet: use applet_put*() everywhere possible This applies the change so that the applet code stops using ci_putchk() and friends everywhere possible, for the much saferapplet_put*() instead. The change is mechanical but large. Two or three functions used to have no appctx and a cs derived from the appctx instead, which was a reminiscence of old times' stream_interface. These were simply changed to directly take the appctx. No sensitive change was performed, and the old (more complex) API is still usable when needed (e.g. the channel is already known). The change touched roughly a hundred of locations, with no less than 124 lines removed. It's worth noting that the stats applet, the oldest of the series, could get a serious lifting, as it's still very channel-centric instead of propagating the appctx along the chain. Given that this code doesn't change often, there's no emergency to clean it up but it would look better.
2022-05-18 09:07:19 -04:00
if (applet_putstr(appctx, "# socket lvl processes\n") == -1)
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
goto full;
bind_conf = LIST_ELEM(global.cli_fe->conf.bind.n, typeof(bind_conf), by_fe);
}
list_for_each_entry_from(bind_conf, &global.cli_fe->conf.bind, by_fe) {
CLEANUP: cli: make "show cli sockets" use its own context Let's create a show_sock_ctx to store the bind_conf and the listener. The entry is reserved when entering the I/O handler since there's no parser here. That's fine because the function doesn't touch the area.
2022-05-05 13:11:05 -04:00
struct listener *l = ctx->listener;
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
if (!l)
l = LIST_ELEM(bind_conf->listeners.n, typeof(l), by_bind);
list_for_each_entry_from(l, &bind_conf->listeners, by_bind) {
char addr[46];
char port[6];
MINOR: protocol: create abnsz socket address family For now it's the same as abns. We'll need to modify sock_unix_addrcmp(), and a few other ones to support effective path length when dealing with the \0. Let's check with Tristan's patch for this (upcoming patch). Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 15:12:23 -04:00
if (l->rx.addr.ss_family == AF_UNIX ||
l->rx.addr.ss_family == AF_CUST_ABNS ||
l->rx.addr.ss_family == AF_CUST_ABNSZ) {
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
const struct sockaddr_un *un;
un = (struct sockaddr_un *)&l->rx.addr;
MINOR: protocol: create abnsz socket address family For now it's the same as abns. We'll need to modify sock_unix_addrcmp(), and a few other ones to support effective path length when dealing with the \0. Let's check with Tristan's patch for this (upcoming patch). Co-authored-by: Aurelien DARRAGON <adarragon@haproxy.com>
2024-08-09 15:12:23 -04:00
if (l->rx.addr.ss_family == AF_CUST_ABNS ||
l->rx.addr.ss_family == AF_CUST_ABNSZ) {
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
chunk_appendf(&trash, "abns@%s ", un->sun_path+1);
} else {
chunk_appendf(&trash, "unix@%s ", un->sun_path);
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
}
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
} else if (l->rx.addr.ss_family == AF_INET) {
addr_to_str(&l->rx.addr, addr, sizeof(addr));
port_to_str(&l->rx.addr, port, sizeof(port));
chunk_appendf(&trash, "ipv4@%s:%s ", addr, port);
} else if (l->rx.addr.ss_family == AF_INET6) {
addr_to_str(&l->rx.addr, addr, sizeof(addr));
port_to_str(&l->rx.addr, port, sizeof(port));
chunk_appendf(&trash, "ipv6@[%s]:%s ", addr, port);
} else if (l->rx.addr.ss_family == AF_CUST_SOCKPAIR) {
chunk_appendf(&trash, "sockpair@%d ", ((struct sockaddr_in *)&l->rx.addr)->sin_addr.s_addr);
} else
chunk_appendf(&trash, "unknown ");
if ((bind_conf->level & ACCESS_LVL_MASK) == ACCESS_LVL_ADMIN)
chunk_appendf(&trash, "admin ");
else if ((bind_conf->level & ACCESS_LVL_MASK) == ACCESS_LVL_OPER)
chunk_appendf(&trash, "operator ");
else if ((bind_conf->level & ACCESS_LVL_MASK) == ACCESS_LVL_USER)
chunk_appendf(&trash, "user ");
else
chunk_appendf(&trash, " ");
chunk_appendf(&trash, "all\n");
CLEANUP: applet: use applet_put*() everywhere possible This applies the change so that the applet code stops using ci_putchk() and friends everywhere possible, for the much saferapplet_put*() instead. The change is mechanical but large. Two or three functions used to have no appctx and a cs derived from the appctx instead, which was a reminiscence of old times' stream_interface. These were simply changed to directly take the appctx. No sensitive change was performed, and the old (more complex) API is still usable when needed (e.g. the channel is already known). The change touched roughly a hundred of locations, with no less than 124 lines removed. It's worth noting that the stats applet, the oldest of the series, could get a serious lifting, as it's still very channel-centric instead of propagating the appctx along the chain. Given that this code doesn't change often, there's no emergency to clean it up but it would look better.
2022-05-18 09:07:19 -04:00
if (applet_putchk(appctx, &trash) == -1) {
CLEANUP: cli: make "show cli sockets" use its own context Let's create a show_sock_ctx to store the bind_conf and the listener. The entry is reserved when entering the I/O handler since there's no parser here. That's fine because the function doesn't touch the area.
2022-05-05 13:11:05 -04:00
ctx->bind_conf = bind_conf;
ctx->listener = l;
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
goto full;
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
}
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
}
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
}
CLEANUP: cli: simplify the "show cli sockets" I/O handler The code is was a bit convoluted by the use of a state machine around st2 that is not used since only the STAT_ST_LIST state was used, and the test of global.cli_fe inside the loop while it ought better be tested before entering there. Let's get rid of this unneded state and simplify the code. There's no more need for ->st2 now. The code looks more changed than it really is due to the reindent caused by the removal of the switch statement, but "git show -b" shows what really changed.
2022-05-05 12:52:36 -04:00
done:
return 1;
full:
return 0;
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
}
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
/* parse a "show env" CLI request. Returns 0 if it needs to continue, 1 if it
MINOR: cli: make "show env" accessible via master CLI without enabling debug Before this patch, we have need to put the master CLI in debug mode to be able to issue 'show env' command for the master process. Output of this command is handy even for the master process context, as it allows to control its environment variables, which could be used/modified in the 'global' section. So, let's provide in 'show env' command structure the level ACCESS_MASTER. This allows to see and to access this command in master CLI without putting it in debug mode.
2024-11-18 04:46:33 -05:00
* wants to stop here. It reserves a show_env_ctx where it puts the variable to
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
* be dumped as well as a flag if a single variable is requested, otherwise puts
* environ there.
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
*/
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_show_env(char **args, char *payload, struct appctx *appctx, void *private)
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
{
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
struct show_env_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
extern char **environ;
MINOR: appctx/cli: remove the env entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 11:45:44 -05:00
char **var;
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
if (!cli_has_level(appctx, ACCESS_LVL_OPER))
return 1;
MINOR: appctx/cli: remove the env entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 11:45:44 -05:00
var = environ;
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
if (*args[2]) {
int len = strlen(args[2]);
MINOR: appctx/cli: remove the env entry from the appctx union This one now migrates to the general purpose cli.p0.
2016-12-16 11:45:44 -05:00
for (; *var; var++) {
if (strncmp(*var, args[2], len) == 0 &&
(*var)[len] == '=')
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
break;
}
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (!*var)
return cli_err(appctx, "Variable not found\n");
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
ctx->show_one = 1;
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
}
CLEANUP: cli: make "show env" use its own context There is the variable to start from (or environ) and an option to stop after dumping the first one, just like "show fd". Let's have a small locally-defined context with these two fields.
2022-05-05 11:45:52 -04:00
ctx->var = var;
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
return 0;
}
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
/* parse a "show fd" CLI request. Returns 0 if it needs to continue, 1 if it
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
* wants to stop here. It sets a show_fd_ctx context where, if a specific fd is
* requested, it puts the FD number into ->fd and sets ->show_one to 1.
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
*/
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_show_fd(char **args, char *payload, struct appctx *appctx, void *private)
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
{
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
struct show_fd_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
const char *c;
int arg;
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
if (!cli_has_level(appctx, ACCESS_LVL_OPER))
return 1;
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
arg = 2;
/* when starting with an inversion we preset every flag */
if (*args[arg] == '!' || *args[arg] == '-')
ctx->show_mask = CLI_SHOWFD_F_ANY;
while (*args[arg] && !isdigit((uchar)*args[arg])) {
uint flag = 0, inv = 0;
c = args[arg];
while (*c) {
switch (*c) {
case '!': inv = !inv; break;
case '-': inv = !inv; break;
case 'p': flag = CLI_SHOWFD_F_PI; break;
case 'l': flag = CLI_SHOWFD_F_LI; break;
case 'c': flag = CLI_SHOWFD_F_CO; break;
case 'f': flag = CLI_SHOWFD_F_FE; break;
case 'b': flag = CLI_SHOWFD_F_BE; break;
case 's': flag = CLI_SHOWFD_F_SV; break;
case 'd': flag = CLI_SHOWFD_F_PX; break;
default: return cli_err(appctx, "Invalid FD type\n");
}
c++;
if (!inv)
ctx->show_mask |= flag;
else
ctx->show_mask &= ~flag;
}
arg++;
}
/* default mask is to show everything */
if (!ctx->show_mask)
ctx->show_mask = CLI_SHOWFD_F_ANY;
if (*args[arg]) {
CLEANUP: cli: make "show fd" use its own context The "show fd" command used to rely on cli.i0 for the fd, and st2 just to decide whether to stop after the first value or not. It could have been possible to decide to use just a negative integer to dump a single value, but it's as easy and more durable to declare a two-field struct show_fd_ctx for this.
2022-05-05 11:56:58 -04:00
ctx->fd = atoi(args[2]);
ctx->show_one = 1;
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
}
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
MINOR: cli: add a new "show fd" command This one dumps the fdtab for all active FDs with some quickly interpretable characters to read the flags (like upper case=set, lower case=unset). It can probably be improved to report fdupdt[] and/or fdinfo[] but at least it provides a good start and allows to see how FDs are seen. When the fd owner is a connection, its flags are also reported as it can help compare with the polling status, and the target (fe/px/sv) as well. When it's a listener, the listener's state is reported as well as the frontend it belongs to.
2017-07-25 13:32:50 -04:00
return 0;
}
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
/* parse a "set timeout" CLI request. It always returns 1. */
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_set_timeout(char **args, char *payload, struct appctx *appctx, void *private)
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
{
CLEANUP: applet: remove the unneeded appctx->owner This one is the pointer to the conn_stream which is always in the endpoint that is always present in the appctx, thus it's not needed. This patch removes it and replaces it with appctx_cs() instead. A few occurences that were using __cs_strm(appctx->owner) were moved directly to appctx_strm() which does the equivalent.
2022-05-11 08:09:57 -04:00
struct stream *s = appctx_strm(appctx);
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
if (strcmp(args[2], "cli") == 0) {
unsigned timeout;
const char *res;
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (!*args[3])
return cli_err(appctx, "Expects an integer value.\n");
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
res = parse_time_err(args[3], &timeout, TIME_UNIT_S);
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (res || timeout < 1)
return cli_err(appctx, "Invalid timeout value.\n");
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
MEDIUM: stconn: Replace read and write timeouts by a unique I/O timeout Read and write timeouts (.rto and .wto) are now replaced by an unique timeout, call .ioto. Since the recent refactoring on channel's timeouts, both use the same value, the client timeout on client side and the server timeout on the server side. Thus, this part may be simplified. Now it represents the I/O timeout.
2023-02-15 02:13:33 -05:00
s->scf->ioto = 1 + MS_TO_TICKS(timeout*1000);
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
task_wakeup(s->task, TASK_WOKEN_MSG); // recompute timeouts
return 1;
}
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_err(appctx, "'set timeout' only supports 'cli'.\n");
REORG: cli: move "set timeout" to its own handler The code remained in the same file, it just simplifies the parser.
2016-11-22 14:33:32 -05:00
}
REORG: cli: move "set maxconn global" to its own handler The code remained in the same file, it just simplifies the parser and makes use of cli_has_level().
2016-11-23 05:10:59 -05:00
/* parse a "set maxconn global" command. It always returns 1. */
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_set_maxconn_global(char **args, char *payload, struct appctx *appctx, void *private)
REORG: cli: move "set maxconn global" to its own handler The code remained in the same file, it just simplifies the parser and makes use of cli_has_level().
2016-11-23 05:10:59 -05:00
{
int v;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (!*args[3])
return cli_err(appctx, "Expects an integer value.\n");
REORG: cli: move "set maxconn global" to its own handler The code remained in the same file, it just simplifies the parser and makes use of cli_has_level().
2016-11-23 05:10:59 -05:00
v = atoi(args[3]);
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (v > global.hardmaxconn)
return cli_err(appctx, "Value out of range.\n");
REORG: cli: move "set maxconn global" to its own handler The code remained in the same file, it just simplifies the parser and makes use of cli_has_level().
2016-11-23 05:10:59 -05:00
/* check for unlimited values */
if (v <= 0)
v = global.hardmaxconn;
global.maxconn = v;
/* Dequeues all of the listeners waiting for a resource */
MINOR: listener: split dequeue_all_listener() in two We use it half times for the global_listener_queue and half times for a proxy's queue and this requires the callers to take care of these. Let's split it in two versions, the current one working only on the global queue and another one dedicated to proxies for the per-proxy queues. This cleans up quite a bit of code.
2019-12-10 08:10:52 -05:00
dequeue_all_listeners();
REORG: cli: move "set maxconn global" to its own handler The code remained in the same file, it just simplifies the parser and makes use of cli_has_level().
2016-11-23 05:10:59 -05:00
return 1;
}
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
static int set_severity_output(int *target, char *argument)
{
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(argument, "none") == 0) {
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
*target = CLI_SEVERITY_NONE;
return 1;
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
else if (strcmp(argument, "number") == 0) {
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
*target = CLI_SEVERITY_NUMBER;
return 1;
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
else if (strcmp(argument, "string") == 0) {
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
*target = CLI_SEVERITY_STRING;
return 1;
}
return 0;
}
/* parse a "set severity-output" command. */
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_set_severity_output(char **args, char *payload, struct appctx *appctx, void *private)
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
{
BUG/MINOR: mworker/cli: fix set severity-output support "set severity-output" is one of these command that changes the appctx state so the next commands are affected. Unfortunately the master CLI works with pipelining and server close mode, which means the connection between the master and the worker is closed after each response, so for the next command this is a new appctx state. To fix the problem, 2 new flags are added ACCESS_MCLI_SEVERITY_STR and ACCESS_MCLI_SEVERITY_NB which are used to prefix each command sent to the worker with the right "set severity-output" command. This patch fixes issue #2350. It could be backported as far as 2.6.
2023-12-06 05:15:01 -05:00
/* this will ask the applet to not output a \n after the command */
if (strcmp(args[3], "-") == 0)
appctx->st1 |= APPCTX_CLI_ST1_NOLF;
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
if (*args[2] && set_severity_output(&appctx->cli_severity_output, args[2]))
return 0;
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_err(appctx, "one of 'none', 'number', 'string' is a required argument\n");
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
}
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
/* show the level of the current CLI session */
static int cli_parse_show_lvl(char **args, char *payload, struct appctx *appctx, void *private)
{
if ((appctx->cli_level & ACCESS_LVL_MASK) == ACCESS_LVL_ADMIN)
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_msg(appctx, LOG_INFO, "admin\n");
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
else if ((appctx->cli_level & ACCESS_LVL_MASK) == ACCESS_LVL_OPER)
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_msg(appctx, LOG_INFO, "operator\n");
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
else if ((appctx->cli_level & ACCESS_LVL_MASK) == ACCESS_LVL_USER)
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_msg(appctx, LOG_INFO, "user\n");
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
else
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_msg(appctx, LOG_INFO, "unknown\n");
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
}
/* parse and set the CLI level dynamically */
static int cli_parse_set_lvl(char **args, char *payload, struct appctx *appctx, void *private)
{
BUG/MINOR: mworker/cli: don't output a \n before the response When using a level lower than admin on the master CLI, a \n is output before the response, this is caused by the response of the "operator" or "user" that are sent before the actual command. To fix this problem we introduce the flag APPCTX_CLI_ST1_NOLF which ask a command response to not be followed by the final \n. This patch made a special case with the command operator and user followed by a - so they are not followed by \n. This patch must be backported to 2.0 and 1.9.
2019-07-01 04:56:15 -04:00
/* this will ask the applet to not output a \n after the command */
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(args[1], "-") == 0)
BUG/MINOR: mworker/cli: don't output a \n before the response When using a level lower than admin on the master CLI, a \n is output before the response, this is caused by the response of the "operator" or "user" that are sent before the actual command. To fix this problem we introduce the flag APPCTX_CLI_ST1_NOLF which ask a command response to not be followed by the final \n. This patch made a special case with the command operator and user followed by a - so they are not followed by \n. This patch must be backported to 2.0 and 1.9.
2019-07-01 04:56:15 -04:00
appctx->st1 |= APPCTX_CLI_ST1_NOLF;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(args[0], "operator") == 0) {
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
if (!cli_has_level(appctx, ACCESS_LVL_OPER)) {
return 1;
}
appctx->cli_level &= ~ACCESS_LVL_MASK;
appctx->cli_level |= ACCESS_LVL_OPER;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp(args[0], "user") == 0) {
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
if (!cli_has_level(appctx, ACCESS_LVL_USER)) {
return 1;
}
appctx->cli_level &= ~ACCESS_LVL_MASK;
appctx->cli_level |= ACCESS_LVL_USER;
}
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
appctx->cli_level &= ~(ACCESS_EXPERT|ACCESS_EXPERIMENTAL);
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
return 1;
}
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
/* parse and set the CLI expert/experimental-mode dynamically */
static int cli_parse_expert_experimental_mode(char **args, char *payload, struct appctx *appctx, void *private)
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
{
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
int level;
char *level_str;
char *output = NULL;
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
/* this will ask the applet to not output a \n after the command */
if (*args[1] && *args[2] && strcmp(args[2], "-") == 0)
appctx->st1 |= APPCTX_CLI_ST1_NOLF;
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
CLEANUP: Apply strcmp.cocci This fixes the use of the various *cmp functions to use != 0 or == 0.
2021-10-16 11:48:15 -04:00
if (strcmp(args[0], "expert-mode") == 0) {
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
level = ACCESS_EXPERT;
level_str = "expert-mode";
}
CLEANUP: Apply strcmp.cocci This fixes the use of the various *cmp functions to use != 0 or == 0.
2021-10-16 11:48:15 -04:00
else if (strcmp(args[0], "experimental-mode") == 0) {
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
level = ACCESS_EXPERIMENTAL;
level_str = "experimental-mode";
}
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
else if (strcmp(args[0], "mcli-debug-mode") == 0) {
level = ACCESS_MCLI_DEBUG;
level_str = "mcli-debug-mode";
}
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
else {
return 1;
}
if (!*args[1]) {
memprintf(&output, "%s is %s\n", level_str,
(appctx->cli_level & level) ? "ON" : "OFF");
return cli_dynmsg(appctx, LOG_INFO, output);
}
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
appctx->cli_level &= ~level;
MINOR: cli: add an expert mode to hide dangerous commands Some commands like the debug ones are not enabled by default but can be useful on some production environments. In order to avoid the temptation of using them incorrectly, let's introduce an "expert" mode for a CLI connection, which allows some commands to appear and be used. It is enabled by command "expert-mode on" which is not listed by default.
2019-10-24 11:55:53 -04:00
if (strcmp(args[1], "on") == 0)
MINOR: cli: implement experimental-mode Experimental mode is similar to expert-mode. It can be used to access to features still in development.
2021-03-18 10:32:53 -04:00
appctx->cli_level |= level;
MEDIUM: cli: show and change CLI permissions Implement "show cli level" which show the level of the current CLI session. Implement "operator" and "user" which lower the permissions of the current CLI session.
2018-12-13 03:05:45 -05:00
return 1;
}
MINOR: cli: "show version" displays the current process version This patch implements a simple "show version" command which returns the version of the current process. It's available from the master and the worker processes, so it is easy to check if the master and the workers have the same version. This is a minor patch that really improve compatibility checks for scripts. Could be backported in haproxy version as far as 2.0.
2021-12-14 09:22:29 -05:00
/* shows HAProxy version */
static int cli_parse_show_version(char **args, char *payload, struct appctx *appctx, void *private)
{
char *msg = NULL;
return cli_dynmsg(appctx, LOG_INFO, memprintf(&msg, "%s\n", haproxy_version));
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
int cli_parse_default(char **args, char *payload, struct appctx *appctx, void *private)
MEDIUM: cli: 'show cli sockets' list the CLI sockets 'show cli sockets' from the CLI socket displays the list of CLI sockets available, with their level and process number.
2016-12-15 12:06:44 -05:00
{
return 0;
}
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
/* enable or disable the anonymized mode, it returns 1 when it works or displays an error message if it doesn't. */
static int cli_parse_set_anon(char **args, char *payload, struct appctx *appctx, void *private)
{
uint32_t tmp;
long long key;
if (strcmp(args[2], "on") == 0) {
MINOR: cli: remove error message with 'set anon on|off' Removed the error message in 'set anon on|off', it's more user friendly: users use 'set anon on' even if the mode is already activated, and the same for 'set anon off'. That allows users to write the command line in the anonymized mode they want without errors. No backport needed, except if anonymization mechanism is backported.
2022-09-28 11:04:29 -04:00
if (*args[3]) {
key = atoll(args[3]);
if (key < 1 || key > UINT_MAX)
return cli_err(appctx, "Value out of range (1 to 4294967295 expected).\n");
appctx->cli_anon_key = key;
}
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
else {
MINOR: cli: remove error message with 'set anon on|off' Removed the error message in 'set anon on|off', it's more user friendly: users use 'set anon on' even if the mode is already activated, and the same for 'set anon off'. That allows users to write the command line in the anonymized mode they want without errors. No backport needed, except if anonymization mechanism is backported.
2022-09-28 11:04:29 -04:00
tmp = HA_ATOMIC_LOAD(&global.anon_key);
if (tmp != 0)
appctx->cli_anon_key = tmp;
else
appctx->cli_anon_key = ha_random32();
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
}
}
else if (strcmp(args[2], "off") == 0) {
MINOR: cli: remove error message with 'set anon on|off' Removed the error message in 'set anon on|off', it's more user friendly: users use 'set anon on' even if the mode is already activated, and the same for 'set anon off'. That allows users to write the command line in the anonymized mode they want without errors. No backport needed, except if anonymization mechanism is backported.
2022-09-28 11:04:29 -04:00
if (*args[3]) {
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
return cli_err(appctx, "Key can't be added while disabling anonymized mode\n");
}
else {
appctx->cli_anon_key = 0;
}
}
else {
return cli_err(appctx,
"'set anon' only supports :\n"
" - 'on' [key] to enable the anonymized mode\n"
" - 'off' to disable the anonymized mode");
}
return 1;
}
MINOR: anon: store the anonymizing key in the global structure Add a uint32_t key in global to hash words with it. A new CLI command 'set global-key <key>' was added to change the global anonymizing key. The global may also be set in the configuration using the global "anonkey" directive. For now this key is not used.
2022-09-14 11:24:22 -04:00
/* This function set the global anonyzing key, restricted to level 'admin' */
static int cli_parse_set_global_key(char **args, char *payload, struct appctx *appctx, void *private)
{
long long key;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return cli_err(appctx, "Permission denied\n");
if (!*args[2])
return cli_err(appctx, "Expects an integer value.\n");
key = atoll(args[2]);
if (key < 0 || key > UINT_MAX)
return cli_err(appctx, "Value out of range (0 to 4294967295 expected).\n");
HA_ATOMIC_STORE(&global.anon_key, key);
return 1;
}
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
/* shows the anonymized mode state to everyone, and the key except for users, it always returns 1. */
static int cli_parse_show_anon(char **args, char *payload, struct appctx *appctx, void *private)
{
char *msg = NULL;
char *anon_mode = NULL;
uint32_t c_key = appctx->cli_anon_key;
if (!c_key)
anon_mode = "Anonymized mode disabled";
else
anon_mode = "Anonymized mode enabled";
if ( !((appctx->cli_level & ACCESS_LVL_MASK) < ACCESS_LVL_OPER) && c_key != 0) {
cli_dynmsg(appctx, LOG_INFO, memprintf(&msg, "%s\nKey : %u\n", anon_mode, c_key));
}
else {
cli_dynmsg(appctx, LOG_INFO, memprintf(&msg, "%s\n", anon_mode));
}
return 1;
}
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
/* parse a "set rate-limit" command. It always returns 1. */
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_set_ratelimit(char **args, char *payload, struct appctx *appctx, void *private)
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
{
int v;
int *res;
int mul = 1;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
if (strcmp(args[2], "connections") == 0 && strcmp(args[3], "global") == 0)
res = &global.cps_lim;
else if (strcmp(args[2], "sessions") == 0 && strcmp(args[3], "global") == 0)
res = &global.sps_lim;
#ifdef USE_OPENSSL
else if (strcmp(args[2], "ssl-sessions") == 0 && strcmp(args[3], "global") == 0)
res = &global.ssl_lim;
#endif
else if (strcmp(args[2], "http-compression") == 0 && strcmp(args[3], "global") == 0) {
res = &global.comp_rate_lim;
mul = 1024;
}
else {
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
return cli_err(appctx,
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
"'set rate-limit' only supports :\n"
" - 'connections global' to set the per-process maximum connection rate\n"
" - 'sessions global' to set the per-process maximum session rate\n"
#ifdef USE_OPENSSL
BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage The correct keyword is 'ssl-sessions' (vs. 'ssl-session'). The typo was introduced in 45c742be05 ('REORG: cli: move the "set rate-limit" functions to their own parser'). Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-03-11 11:55:02 -04:00
" - 'ssl-sessions global' to set the per-process maximum SSL session rate\n"
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
#endif
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
" - 'http-compression global' to set the per-process maximum compression speed in kB/s\n");
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
}
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (!*args[4])
return cli_err(appctx, "Expects an integer value.\n");
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
v = atoi(args[4]);
CLEANUP: cli: replace all occurrences of manual handling of return messages There were 221 places where a status message or an error message were built to be returned on the CLI. All of them were replaced to use cli_err(), cli_msg(), cli_dynerr() or cli_dynmsg() depending on what was expected. This removed a lot of duplicated code because most of the times, 4 lines are replaced by a single, safer one.
2019-08-09 05:21:01 -04:00
if (v < 0)
return cli_err(appctx, "Value out of range.\n");
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
*res = v * mul;
/* Dequeues all of the listeners waiting for a resource */
MINOR: listener: split dequeue_all_listener() in two We use it half times for the global_listener_queue and half times for a proxy's queue and this requires the callers to take care of these. Let's split it in two versions, the current one working only on the global queue and another one dedicated to proxies for the per-proxy queues. This cleans up quite a bit of code.
2019-12-10 08:10:52 -05:00
dequeue_all_listeners();
REORG: cli: move the "set rate-limit" functions to their own parser All 4 rate-limit settings were handled at once given that exactly the same checks are performed on them. In case of missing or incorrect argument, the detailed supported options are printed with their use case. This was the last specific entry in the CLI parser, some additional cleanup may still be done.
2016-11-24 08:51:17 -05:00
return 1;
}
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
/* Parse a "wait <time>" command.
* It uses a "cli_wait_ctx" struct for its context.
* Returns 0 if the server deletion has been successfully scheduled, 1 on failure.
*/
static int cli_parse_wait(char **args, char *payload, struct appctx *appctx, void *private)
{
struct cli_wait_ctx *ctx = applet_reserve_svcctx(appctx, sizeof(*ctx));
uint wait_ms;
const char *err;
if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
return 1;
if (!*args[1])
return cli_err(appctx, "Expects a duration in milliseconds.\n");
err = parse_time_err(args[1], &wait_ms, TIME_UNIT_MS);
MINOR: cli/wait: make the wait command support a more detailed help message We'll want to add some waiting conditions, so let's support -h to show the available list, and also print this usage on unknown options.
2024-02-09 11:40:43 -05:00
if (err || wait_ms < 1) {
/* in case -h is passed as the first option, continue to the next test */
if (strcmp(args[1], "-h") == 0)
args--;
else
return cli_err(appctx, "Invalid duration.\n");
}
MINOR: cli/wait: rename the condition "srv-unused" to "srv-removable" As previously discussed, "srv-unused" is sufficiently ambiguous to cause some trouble over the long term. Better use "srv-removable" to indicate that the server is removable, and if the conditions to delete a server change over time, the wait condition will be adjusted without renaming it.
2024-04-27 03:12:34 -04:00
if (strcmp(args[2], "srv-removable") == 0) {
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
struct ist be_name, sv_name;
if (!*args[3])
return cli_err(appctx, "Missing server name (<backend>/<server>).\n");
sv_name = ist(args[3]);
be_name = istsplit(&sv_name, '/');
if (!istlen(sv_name))
return cli_err(appctx, "Require 'backend/server'.\n");
be_name = istdup(be_name);
sv_name = istdup(sv_name);
if (!isttest(be_name) || !isttest(sv_name)) {
free(istptr(be_name));
free(istptr(sv_name));
return cli_err(appctx, "Out of memory trying to clone the server name.\n");
}
ctx->args[0] = ist0(be_name);
ctx->args[1] = ist0(sv_name);
ctx->cond = CLI_WAIT_COND_SRV_UNUSED;
}
else if (*args[2]) {
MINOR: cli/wait: make the wait command support a more detailed help message We'll want to add some waiting conditions, so let's support -h to show the available list, and also print this usage on unknown options.
2024-02-09 11:40:43 -05:00
/* show the command's help either upon request (-h) or error */
err = "Usage: wait {-h|<duration>} [condition [args...]]\n"
" - '-h' displays this help\n"
" - <duration> is the maximum wait time, optionally suffixed by the unit among\n"
" 'us', 'ms', 's', 'm', 'h', and 'd'. ; the default unit is milliseconds.\n"
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
" - <condition> indicates what to wait for, no longer than the specified\n"
" duration. Supported conditions are:\n"
" - <none> : by default, just sleep for the specified duration.\n"
MINOR: cli/wait: rename the condition "srv-unused" to "srv-removable" As previously discussed, "srv-unused" is sufficiently ambiguous to cause some trouble over the long term. Better use "srv-removable" to indicate that the server is removable, and if the conditions to delete a server change over time, the wait condition will be adjusted without renaming it.
2024-04-27 03:12:34 -04:00
" - srv-removable <px>/<sv> : wait for this server to become removable.\n"
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
"";
MINOR: cli/wait: make the wait command support a more detailed help message We'll want to add some waiting conditions, so let's support -h to show the available list, and also print this usage on unknown options.
2024-02-09 11:40:43 -05:00
if (strcmp(args[2], "-h") == 0)
return cli_msg(appctx, LOG_INFO, err);
else
return cli_err(appctx, err);
}
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
ctx->start = now_ms;
ctx->deadline = tick_add(now_ms, wait_ms);
/* proceed with the I/O handler */
return 0;
}
/* Execute a "wait" condition. The delay is exponentially incremented between
* now_ms and ctx->deadline in powers of 1.5 and with a bound set to 10% of the
* programmed wait time, so that in a few wakeups we can later check a condition
* with reasonable accuracy. Shutdowns and other errors are handled as well and
* terminate the operation, but not new inputs so that it remains possible to
* chain other commands after it. Returns 0 if not finished, 1 if finished.
*/
static int cli_io_handler_wait(struct appctx *appctx)
{
struct cli_wait_ctx *ctx = appctx->svcctx;
uint total, elapsed, left, wait;
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
int ret;
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
/* note: upon first invocation, the timeout is not set */
if (tick_isset(appctx->t->expire) &&
!tick_is_expired(appctx->t->expire, now_ms))
goto wait;
/* here we should evaluate our waiting conditions, if any */
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
if (ctx->cond == CLI_WAIT_COND_SRV_UNUSED) {
/* check if the server in args[0]/args[1] can be released now */
ret = srv_check_for_deletion(ctx->args[0], ctx->args[1], NULL, NULL, NULL);
if (ret < 0) {
/* unrecoverable failure */
ctx->error = CLI_WAIT_ERR_FAIL;
return 1;
} else if (ret > 0) {
/* immediate success */
ctx->error = CLI_WAIT_ERR_DONE;
return 1;
}
/* let's check the timer */
}
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
/* and here we recalculate the new wait time or abort */
left = tick_remain(now_ms, ctx->deadline);
if (!left) {
/* let the release handler know we've expired. When there is no
* wait condition, it's a simple sleep so we declare we're done.
*/
if (ctx->cond == CLI_WAIT_COND_NONE)
ctx->error = CLI_WAIT_ERR_DONE;
else
ctx->error = CLI_WAIT_ERR_EXP;
return 1;
}
total = tick_remain(ctx->start, ctx->deadline);
elapsed = total - left;
wait = elapsed / 2 + 1;
if (wait > left)
wait = left;
else if (wait > total / 10)
wait = total / 10;
appctx->t->expire = tick_add(now_ms, wait);
wait:
/* Stop waiting upon close/abort/error */
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
if (unlikely(se_fl_test(appctx->sedesc, SE_FL_SHW)) && !b_data(&appctx->inbuf)) {
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
ctx->error = CLI_WAIT_ERR_INTR;
return 1;
}
MINOR: cli: No longer check SC for shutdown to interrupt wait command Thanks to the previous patch ("MEDIUM: applet: Add notion of shutdown for write for applets"), it is no longer necessary to check SC flags to detect shutdowns to interrupt the wait command. It is possible to remove this ugly workaround. In addition, we only test the SE for shutdown because end of stream and error are already checked by the CLI I/O handler. And it is no longer necessary to remove output data from the channel's buffer because shutdown are not reported if there are remaining outgoing data. Of course, if the "wait" command is backported, the commit above and this one must be backported too.
2024-02-12 16:29:06 -05:00
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
return 0;
}
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
/* release structs allocated by "delete server" */
static void cli_release_wait(struct appctx *appctx)
{
struct cli_wait_ctx *ctx = appctx->svcctx;
const char *msg;
MINOR: cli/wait: also pass up to 4 arguments to the external conditions Conditions will need to have context, arguments etc from the command line. Since these will vary with time (otherwise we wouldn't wait), let's just pass them as text (possibly pre-processed). We're starting with 4 strings that are expected to be allocated by strdup() and are always sent to free() upon release.
2024-02-09 14:09:59 -05:00
int i;
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
switch (ctx->error) {
case CLI_WAIT_ERR_EXP: msg = "Wait delay expired.\n"; break;
case CLI_WAIT_ERR_INTR: msg = "Interrupted.\n"; break;
MINOR: cli/wait: also support an unrecoverable failure status Since we'll support waiting for an action to succeed or permanently fail, we need the ability to return an unrecoverable failure. Let's add CLI_WAIT_ERR_FAIL for this. A static error message may be placed into ctx->msg to report to the user why the failure is unrecoverable.
2024-02-09 14:05:14 -05:00
case CLI_WAIT_ERR_FAIL: msg = ctx->msg ? ctx->msg : "Failed.\n"; break;
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
default: msg = "Done.\n"; break;
}
MINOR: cli/wait: also pass up to 4 arguments to the external conditions Conditions will need to have context, arguments etc from the command line. Since these will vary with time (otherwise we wouldn't wait), let's just pass them as text (possibly pre-processed). We're starting with 4 strings that are expected to be allocated by strdup() and are always sent to free() upon release.
2024-02-09 14:09:59 -05:00
for (i = 0; i < sizeof(ctx->args) / sizeof(ctx->args[0]); i++)
ha_free(&ctx->args[i]);
MINOR: cli: add a new "wait" command to wait for a certain delay This allows to insert delays between commands, i.e. to collect a same set of metrics at a fixed interval. E.g: $ socat -t20 /path/to/socket <<< "show activity; wait 10s; show activity" The goal will be to extend the feature to optionally support waiting on certain conditions. For this reason the struct definitions and enums were placed into cli-t.h.
2024-02-08 15:45:22 -05:00
if (ctx->error == CLI_WAIT_ERR_DONE)
cli_msg(appctx, LOG_INFO, msg);
else
cli_err(appctx, msg);
}
MINOR: cli: add 'expose-fd listeners' to pass listeners FDs This patch changes the stats socket rights for allowing the sending of listening sockets. The previous behavior was to allow any unix stats socket with admin level to send sockets. It's not possible anymore, you have to set this option to activate the socket sending. Example: stats socket /var/run/haproxy4.sock mode 666 expose-fd listeners level user process 4
2017-05-26 11:42:10 -04:00
/* parse the "expose-fd" argument on the bind lines */
static int bind_parse_expose_fd(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
{
if (!*args[cur_arg + 1]) {
memprintf(err, "'%s' : missing fd type", args[cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(args[cur_arg + 1], "listeners") == 0) {
MINOR: cli: add 'expose-fd listeners' to pass listeners FDs This patch changes the stats socket rights for allowing the sending of listening sockets. The previous behavior was to allow any unix stats socket with admin level to send sockets. It's not possible anymore, you have to set this option to activate the socket sending. Example: stats socket /var/run/haproxy4.sock mode 666 expose-fd listeners level user process 4
2017-05-26 11:42:10 -04:00
conf->level |= ACCESS_FD_LISTENERS;
} else {
memprintf(err, "'%s' only supports 'listeners' (got '%s')",
args[cur_arg], args[cur_arg+1]);
return ERR_ALERT | ERR_FATAL;
}
return 0;
}
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
/* parse the "level" argument on the bind lines */
static int bind_parse_level(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
{
if (!*args[cur_arg + 1]) {
memprintf(err, "'%s' : missing level", args[cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
if (strcmp(args[cur_arg + 1], "user") == 0) {
MINOR: cli: add ACCESS_LVL_MASK to store the access level The current level variable use only 2 bits for storing the 3 access level (user, oper and admin). This patch add a bitmask which allows to use the remaining bits for other usage.
2017-05-23 18:57:40 -04:00
conf->level &= ~ACCESS_LVL_MASK;
conf->level |= ACCESS_LVL_USER;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp(args[cur_arg + 1], "operator") == 0) {
MINOR: cli: add ACCESS_LVL_MASK to store the access level The current level variable use only 2 bits for storing the 3 access level (user, oper and admin). This patch add a bitmask which allows to use the remaining bits for other usage.
2017-05-23 18:57:40 -04:00
conf->level &= ~ACCESS_LVL_MASK;
conf->level |= ACCESS_LVL_OPER;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp(args[cur_arg + 1], "admin") == 0) {
MINOR: cli: add ACCESS_LVL_MASK to store the access level The current level variable use only 2 bits for storing the 3 access level (user, oper and admin). This patch add a bitmask which allows to use the remaining bits for other usage.
2017-05-23 18:57:40 -04:00
conf->level &= ~ACCESS_LVL_MASK;
conf->level |= ACCESS_LVL_ADMIN;
} else {
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
memprintf(err, "'%s' only supports 'user', 'operator', and 'admin' (got '%s')",
args[cur_arg], args[cur_arg+1]);
return ERR_ALERT | ERR_FATAL;
}
return 0;
}
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
static int bind_parse_severity_output(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err)
{
if (!*args[cur_arg + 1]) {
memprintf(err, "'%s' : missing severity format", args[cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
if (set_severity_output(&conf->severity_output, args[cur_arg+1]))
return 0;
else {
memprintf(err, "'%s' only supports 'none', 'number', and 'string' (got '%s')",
args[cur_arg], args[cur_arg+1]);
return ERR_ALERT | ERR_FATAL;
}
}
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
/* Send all the bound sockets, always returns 1 */
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int _getsocks(char **args, char *payload, struct appctx *appctx, void *private)
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
{
MINOR: cli: warning on _getsocks when socket were closed The previous attempt was reverted because it would emit a warning when the sockets are still in the process when a reload failed, so this was an expected 2nd try. This warning however, will be displayed if a new process successfully get the previous sockets AND the sendable number of sockets is 0. This way the user will be warned if he tried to get the sockets fromt the wrong process.
2022-07-28 09:33:41 -04:00
static int already_sent = 0;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
char *cmsgbuf = NULL;
unsigned char *tmpbuf = NULL;
struct cmsghdr *cmsg;
CLEANUP: applet: rename appctx_cs() to appctx_sc() It returns a stream connector, not a conn_stream anymore, so let's fix its name.
2022-05-27 05:08:15 -04:00
struct stconn *sc = appctx_sc(appctx);
CLEANUP: cli: rename all occurrences of stconn "cs" to "sc" Function arguments and local variables called "cs" were renamed to "sc" in the various keyword handlers.
2022-05-27 04:26:46 -04:00
struct stream *s = __sc_strm(sc);
struct connection *remote = sc_conn(sc_opposite(sc));
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
struct msghdr msghdr;
struct iovec iov;
MINOR: socket transfer: Set a timeout on the socket. Make sure we're not stuck forever by setting a timeout on the socket.
2017-04-06 08:45:14 -04:00
struct timeval tv = { .tv_sec = 1, .tv_usec = 0 };
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
const char *ns_name, *if_name;
unsigned char ns_nlen, if_nlen;
int nb_queued;
int cur_fd = 0;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
int *tmpfd;
int tot_fd_nb = 0;
BUG/MINOR: cli: make sure the "getsock" command is only called on connections Theorically nothing would prevent a front applet form connecting to a stats socket, and if a "getsock" command was issued, it would cause a crash. Right now nothing in the code does this so in its current form there is no impact. It may or may not be backported to 1.8.
2018-09-20 05:22:29 -04:00
int fd = -1;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
int curoff = 0;
BUG/MINOR: cli: make sure the "getsock" command is only called on connections Theorically nothing would prevent a front applet form connecting to a stats socket, and if a "getsock" command was issued, it would cause a crash. Right now nothing in the code does this so in its current form there is no impact. It may or may not be backported to 1.8.
2018-09-20 05:22:29 -04:00
int old_fcntl = -1;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
int ret;
BUG/MINOR: cli: make sure the "getsock" command is only called on connections Theorically nothing would prevent a front applet form connecting to a stats socket, and if a "getsock" command was issued, it would cause a crash. Right now nothing in the code does this so in its current form there is no impact. It may or may not be backported to 1.8.
2018-09-20 05:22:29 -04:00
if (!remote) {
ha_warning("Only works on real connections\n");
goto out;
}
fd = remote->handle.fd;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
/* Temporary set the FD in blocking mode, that will make our life easier */
old_fcntl = fcntl(fd, F_GETFL);
if (old_fcntl < 0) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Couldn't get the flags for the unix socket\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
cmsgbuf = malloc(CMSG_SPACE(sizeof(int) * MAX_SEND_FD));
if (!cmsgbuf) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Failed to allocate memory to send sockets\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
if (fcntl(fd, F_SETFL, old_fcntl &~ O_NONBLOCK) == -1) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Cannot make the unix socket blocking\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
MINOR: socket transfer: Set a timeout on the socket. Make sure we're not stuck forever by setting a timeout on the socket.
2017-04-06 08:45:14 -04:00
setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (void *)&tv, sizeof(tv));
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
iov.iov_base = &tot_fd_nb;
iov.iov_len = sizeof(tot_fd_nb);
MINOR: cli: add 'expose-fd listeners' to pass listeners FDs This patch changes the stats socket rights for allowing the sending of listening sockets. The previous behavior was to allow any unix stats socket with admin level to send sockets. It's not possible anymore, you have to set this option to activate the socket sending. Example: stats socket /var/run/haproxy4.sock mode 666 expose-fd listeners level user process 4
2017-05-26 11:42:10 -04:00
if (!(strm_li(s)->bind_conf->level & ACCESS_FD_LISTENERS))
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
memset(&msghdr, 0, sizeof(msghdr));
/*
* First, calculates the total number of FD, so that we can let
DOC: Use gender neutral language This patch updates the documentation files and code comments to avoid the use of gender specific phrasing in favor of "they" or "it".
2020-07-22 19:59:40 -04:00
* the caller know how much it should expect.
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
*/
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
for (cur_fd = 0;cur_fd < global.maxsock; cur_fd++)
MINOR: fd: move .exported into fdtab[].state No need to keep this flag apart any more, let's merge it into the global state.
2021-04-06 12:09:06 -04:00
tot_fd_nb += !!(fdtab[cur_fd].state & FD_EXPORTED);
BUG/MEDIUM: cli: _getsocks must send the peers sockets This bug prevents to reload HAProxy when you have both the seamless reload (-x / expose-fd listeners) and the peers. Indeed the _getsocks command does not send the FDs of the peers listeners, so if no reuseport is possible during the bind, the new process will fail to bind and exits. With this feature, it is not possible to fallback on the SIGTTOU method if we didn't receive all the sockets, because you can't close() the sockets of the new process without closing those of the previous process, they are the same. Should fix bug #443. Must be backported as far as 1.8.
2020-01-16 09:32:08 -05:00
MINOR: cli: warning on _getsocks when socket were closed The previous attempt was reverted because it would emit a warning when the sockets are still in the process when a reload failed, so this was an expected 2nd try. This warning however, will be displayed if a new process successfully get the previous sockets AND the sendable number of sockets is 0. This way the user will be warned if he tried to get the sockets fromt the wrong process.
2022-07-28 09:33:41 -04:00
if (tot_fd_nb == 0) {
if (already_sent)
ha_warning("_getsocks: attempt to get sockets but they were already sent and closed in this process!\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
MINOR: cli: warning on _getsocks when socket were closed The previous attempt was reverted because it would emit a warning when the sockets are still in the process when a reload failed, so this was an expected 2nd try. This warning however, will be displayed if a new process successfully get the previous sockets AND the sendable number of sockets is 0. This way the user will be warned if he tried to get the sockets fromt the wrong process.
2022-07-28 09:33:41 -04:00
}
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
/* First send the total number of file descriptors, so that the
* receiving end knows what to expect.
*/
msghdr.msg_iov = &iov;
msghdr.msg_iovlen = 1;
ret = sendmsg(fd, &msghdr, 0);
if (ret != sizeof(tot_fd_nb)) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Failed to send the number of sockets to send\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
/* Now send the fds */
msghdr.msg_control = cmsgbuf;
msghdr.msg_controllen = CMSG_SPACE(sizeof(int) * MAX_SEND_FD);
cmsg = CMSG_FIRSTHDR(&msghdr);
cmsg->cmsg_len = CMSG_LEN(MAX_SEND_FD * sizeof(int));
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
tmpfd = (int *)CMSG_DATA(cmsg);
/* For each socket, e message is sent, containing the following :
* Size of the namespace name (or 0 if none), as an unsigned char.
* The namespace name, if any
* Size of the interface name (or 0 if none), as an unsigned char
* The interface name, if any
MEDIUM: reload: stop passing listener options along with FDs During a reload operation, we used to send listener options associated with each passed file descriptor. These were passed as binary contents for the size of the "options" field in the struct listener. This means that any flag value change or field size change would be problematic, the former failing to properly grab certain options, the latter possibly causing permanent failures during this operation. Since these two previous commits: MINOR: reload: determine the foreing binding status from the socket BUG/MINOR: reload: detect the OS's v6only status before choosing an old socket we don't need this anymore as the values are determined from the file descriptor itself. Let's just turn the previous 32 bits to vestigal space, send them as zeroes and ignore them on receipt. The only possible side effect is if someone would want to roll back from a 2.3 to 2.2 or earlier, such options might be ignored during this reload. But other forthcoming changes might make this fail as well anyway so that's not a reason for keeping this behavior.
2020-08-26 04:30:09 -04:00
* 32 bits of zeroes (used to be listener options).
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
*/
/* We will send sockets MAX_SEND_FD per MAX_SEND_FD, allocate a
CLEANUP: assorted typo fixes in the code and comments This is 7th iteration of typo fixes
2020-04-07 16:07:56 -04:00
* buffer big enough to store the socket information.
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
*/
BUILD: use MAXPATHLEN instead of NAME_MAX. This fixes building on at least Solaris, where NAME_MAX doesn't exist.
2017-11-04 10:13:01 -04:00
tmpbuf = malloc(MAX_SEND_FD * (1 + MAXPATHLEN + 1 + IFNAMSIZ + sizeof(int)));
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
if (tmpbuf == NULL) {
CLEANUP: assorted typo fixes in the code and comments This is 7th iteration of typo fixes
2020-04-07 16:07:56 -04:00
ha_warning("Failed to allocate memory to transfer socket information\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
nb_queued = 0;
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
iov.iov_base = tmpbuf;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
for (cur_fd = 0; cur_fd < global.maxsock; cur_fd++) {
MINOR: fd: move .exported into fdtab[].state No need to keep this flag apart any more, let's merge it into the global state.
2021-04-06 12:09:06 -04:00
if (!(fdtab[cur_fd].state & FD_EXPORTED))
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
continue;
BUG/MEDIUM: fd: mark FD transferred to another process as FD_CLONED The crappy epoll API stroke again with reloads and transferred FDs. Indeed, when listening sockets are retrieved by a new worker from a previous one, and the old one finally stops listening on them, it closes the FDs. But in this case, since the sockets themselves were not closed, epoll will not unregister them and will continue to report new activity for these in the old process, which can only observe, count an fd_poll_drop event and not unregister them since they're not reachable anymore. The unfortunate effect is that long-lasting old processes are woken up at the same rate as the new process when accepting new connections, and can waste a lot of CPU. Accept rates divided by 8 were observed on a small test involving a slow transfer on 10 connections facing a reload every second so that 10 processes were busy dealing with them while another process was hammering the service with new connections. Fortunately, years ago we implemented a flag FD_CLONED exactly for similar purposes. Let's simply mark transferred FDs with FD_CLONED so that the process knows that these ones require special treatment and have to be manually unregistered before being closed. This does the job fine, now old processes correctly unregister the FD before closing it and no longer receive accept events for the new process. This needs to be backported to all stable versions. It only affects epoll, as usual, and this time in combination with transferred FDs (typically reloads in master-worker mode). Thanks to Damien Claisse for providing all detailed measurements and statistics allowing to understand and reproduce the problem.
2025-02-12 10:25:13 -05:00
/* this FD is now shared between processes */
HA_ATOMIC_OR(&fdtab[cur_fd].state, FD_CLONED);
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
ns_name = if_name = "";
ns_nlen = if_nlen = 0;
/* for now we can only retrieve namespaces and interfaces from
* pure listeners.
*/
MINOR: protocol: register the receiver's I/O handler and not the protocol's Now we define a new sock_accept_iocb() for socket-based stream protocols and use it as a wrapper for listener_accept() which now takes a listener and not an FD anymore. This will allow the receiver's I/O cb to be redefined during registration, and more specifically to get rid of the hard-coded hacks in protocol_bind_all() made for syslog. The previous ->accept() callback in the protocol was removed since it doesn't have anything to do with accept() anymore but is more generic. A few places where listener_accept() was compared against the FD's IO callback for debugging purposes on the CLI were updated.
2020-10-15 15:29:49 -04:00
if (fdtab[cur_fd].iocb == sock_accept_iocb) {
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
const struct listener *l = fdtab[cur_fd].owner;
MINOR: listener: prefer to retrieve the socket's settings via the receiver Some socket settings used to be retrieved via the listener and the bind_conf. Now instead we use the receiver and its settings whenever appropriate. This will simplify the removal of the dependency on the listener.
2020-09-03 01:50:19 -04:00
if (l->rx.settings->interface) {
if_name = l->rx.settings->interface;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
if_nlen = strlen(if_name);
}
#ifdef USE_NS
MINOR: listener: prefer to retrieve the socket's settings via the receiver Some socket settings used to be retrieved via the listener and the bind_conf. Now instead we use the receiver and its settings whenever appropriate. This will simplify the removal of the dependency on the listener.
2020-09-03 01:50:19 -04:00
if (l->rx.settings->netns) {
ns_name = l->rx.settings->netns->node.key;
ns_nlen = l->rx.settings->netns->name_len;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
}
#endif
}
/* put the FD into the CMSG_DATA */
tmpfd[nb_queued++] = cur_fd;
/* first block is <ns_name_len> <ns_name> */
tmpbuf[curoff++] = ns_nlen;
if (ns_nlen)
memcpy(tmpbuf + curoff, ns_name, ns_nlen);
curoff += ns_nlen;
/* second block is <if_name_len> <if_name> */
tmpbuf[curoff++] = if_nlen;
if (if_nlen)
memcpy(tmpbuf + curoff, if_name, if_nlen);
curoff += if_nlen;
/* we used to send the listener options here before 2.3 */
memset(tmpbuf + curoff, 0, sizeof(int));
curoff += sizeof(int);
/* there's a limit to how many FDs may be sent at once */
if (nb_queued == MAX_SEND_FD) {
iov.iov_len = curoff;
if (sendmsg(fd, &msghdr, 0) != curoff) {
ha_warning("Failed to transfer sockets\n");
BUG/MINOR: cli: Fix memory leak on error for _getsocks command Some errors in parse function of _getsocks commands were not properly handled and immediately returned, leading to a memory leak on cmsgbuf and tmpbuf buffers. To fix the issue, instead of immediately return with -1, we jump to "out" label. Returning 1 intead of -1 in that case is valid. This was reported by Coverity in #2841: CIDs 1587773 and 1587772. This patch should be backported as far as 2.4.
2025-02-06 09:30:30 -05:00
goto out;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
}
/* Wait for an ack */
do {
ret = recv(fd, &tot_fd_nb, sizeof(tot_fd_nb), 0);
} while (ret == -1 && errno == EINTR);
if (ret <= 0) {
ha_warning("Unexpected error while transferring sockets\n");
BUG/MINOR: cli: Fix memory leak on error for _getsocks command Some errors in parse function of _getsocks commands were not properly handled and immediately returned, leading to a memory leak on cmsgbuf and tmpbuf buffers. To fix the issue, instead of immediately return with -1, we jump to "out" label. Returning 1 intead of -1 in that case is valid. This was reported by Coverity in #2841: CIDs 1587773 and 1587772. This patch should be backported as far as 2.4.
2025-02-06 09:30:30 -05:00
goto out;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
}
curoff = 0;
nb_queued = 0;
}
BUG/MEDIUM: cli: _getsocks must send the peers sockets This bug prevents to reload HAProxy when you have both the seamless reload (-x / expose-fd listeners) and the peers. Indeed the _getsocks command does not send the FDs of the peers listeners, so if no reuseport is possible during the bind, the new process will fail to bind and exits. With this feature, it is not possible to fallback on the SIGTTOU method if we didn't receive all the sockets, because you can't close() the sockets of the new process without closing those of the previous process, they are the same. Should fix bug #443. Must be backported as far as 1.8.
2020-01-16 09:32:08 -05:00
}
MINOR: cli: warning on _getsocks when socket were closed The previous attempt was reverted because it would emit a warning when the sockets are still in the process when a reload failed, so this was an expected 2nd try. This warning however, will be displayed if a new process successfully get the previous sockets AND the sendable number of sockets is 0. This way the user will be warned if he tried to get the sockets fromt the wrong process.
2022-07-28 09:33:41 -04:00
already_sent = 1;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
/* flush pending stuff */
if (nb_queued) {
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
iov.iov_len = curoff;
MEDIUM: reload: pass all exportable FDs, not just listeners Now we don't limit ourselves to listeners found in proxies nor peers anymore, we're instead scanning all known FDs for those marked with ".exported=1". Just doing so has significantly simplified the code, and will later allow to yield while sending FDs if desired. When it comes to retrieving a possible namespace name or interface name, for now this is only performed on listeners since these are the only ones carrying such info. Once this moves somewhere else, we'll be able to also pass these info for UDP receivers for example, with only tiny changes.
2020-08-19 11:03:55 -04:00
cmsg->cmsg_len = CMSG_LEN(nb_queued * sizeof(int));
msghdr.msg_controllen = CMSG_SPACE(nb_queued * sizeof(int));
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
if (sendmsg(fd, &msghdr, 0) != curoff) {
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Failed to transfer sockets\n");
BUG/MINOR: cli: Wait for the last ACK when FDs are xferred from the old worker On reload, the new worker requests bound FDs to the old one. The old worker sends them in message of at most 252 FDs. Each message is acknowledged by the new worker. All messages sent or received by the old worker are handled manually via sendmsg/recv syscalls. So the old worker must be sure consume all the ACK replies. However, the last one was never consumed. So it was considered as a command by the CLI applet. This issue was hidden since recently. But it was the root cause of the issue #2862. Note this last ack is also the first one when there are less than 252 FDs to transfer. This patch must be backported to all stable versions.
2025-02-17 09:16:15 -05:00
goto out;
}
/* Wait for an ack */
do {
ret = recv(fd, &tot_fd_nb, sizeof(tot_fd_nb), 0);
} while (ret == -1 && errno == EINTR);
if (ret <= 0) {
ha_warning("Unexpected error while transferring sockets\n");
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
goto out;
}
}
out:
BUG/MINOR: cli: Fix a possible infinite loop in _getsocks() In _getsocks() functuoin, when we failed to set the unix socket in non-blocking mode, a goto to "out" label led to loop infinitly. To fix the issue, we must only let the function exit. This patch should be backported to all stable versions.
2025-02-06 09:37:52 -05:00
if (fd >= 0 && old_fcntl >= 0 && fcntl(fd, F_SETFL, old_fcntl) == -1)
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
2017-11-24 10:50:31 -05:00
ha_warning("Cannot make the unix socket non-blocking\n");
BUG/MINOR: cli: Don't set SE flags from the cli applet Since the CLI was updated to use the new applet API, it should no longer set directly the SE flags. Instead, the corresponding applet flags must be set, using the applet API (appet_set_*). It is true for the CLI I/O handler but also for the commands parse function and I/O callback function. This patch should be backported as far as 3.0.
2025-02-06 09:15:27 -05:00
applet_set_eoi(appctx);
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
appctx->st0 = CLI_ST_END;
free(cmsgbuf);
free(tmpbuf);
return 1;
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
static int cli_parse_simple(char **args, char *payload, struct appctx *appctx, void *private)
{
if (*args[0] == 'h')
/* help */
MINOR: cli: make "help" support a command in argument With ~100 commands on the CLI, it's particularly difficult to find a specific one in the "help" output. The function used to display the help already supports filtering on certain commands, so in the end it's just needed to pass the argument of the help command to enable the automatic filtering. That's what this patch does so that "help clear" only lists commands starting with "clear" and that "help map" lists commands containing "map" in them.
2021-05-09 14:59:23 -04:00
cli_gen_usage_msg(appctx, args);
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
else if (*args[0] == 'p')
/* prompt */
MINOR: cli: add an option to display the uptime in the CLI's prompt Entering "prompt timed" toggles reporting of the process' uptime in the prompt, which will report days, hours, minutes and seconds since it was started. As discussed with Tim in issue #2145, this can be convenient to roughly estimate the time between two outputs, as well as detecting that a process failed to be reloaded for example.
2023-05-04 08:22:36 -04:00
if (strcmp(args[1], "timed") == 0) {
appctx->st1 |= APPCTX_CLI_ST1_PROMPT;
appctx->st1 ^= APPCTX_CLI_ST1_TIMED;
}
else
appctx->st1 ^= APPCTX_CLI_ST1_PROMPT;
BUG/MEDIUM: cli: Set SE_FL_EOI flag for '_getsocks' and 'quit' commands An applet must never set SE_FL_EOS flag without SE_FL_EOI or SE_FL_ERROR flags. Here, SE_FL_EOI flag was missing for "quit" or "_getsocks" commands. Indeed, these commands are terminal. This bug triggers a BUG_ON() recently added. This patch is related to the issue #2107. It is 2.8-specific. No backport needed.
2023-04-07 11:58:21 -04:00
else if (*args[0] == 'q') {
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
/* quit */
BUG/MINOR: cli: Don't set SE flags from the cli applet Since the CLI was updated to use the new applet API, it should no longer set directly the SE flags. Instead, the corresponding applet flags must be set, using the applet API (appet_set_*). It is true for the CLI I/O handler but also for the commands parse function and I/O callback function. This patch should be backported as far as 3.0.
2025-02-06 09:15:27 -05:00
applet_set_eoi(appctx);
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
appctx->st0 = CLI_ST_END;
BUG/MEDIUM: cli: Set SE_FL_EOI flag for '_getsocks' and 'quit' commands An applet must never set SE_FL_EOS flag without SE_FL_EOI or SE_FL_ERROR flags. Here, SE_FL_EOI flag was missing for "quit" or "_getsocks" commands. Indeed, these commands are terminal. This bug triggers a BUG_ON() recently added. This patch is related to the issue #2107. It is 2.8-specific. No backport needed.
2023-04-07 11:58:21 -04:00
}
MEDIUM: cli: Add payload support In order to use arbitrary data in the CLI (multiple lines or group of words that must be considered as a whole, for example), it is now possible to add a payload to the commands. To do so, the first line needs to end with a special pattern: <<\n. Everything that follows will be left untouched by the CLI parser and will be passed to the commands parsers. Per-command support will need to be added to take advantage of this feature. Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
2018-04-18 07:26:46 -04:00
return 1;
}
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
MINOR: cli: add an 'echo' command Add an echo command to write text over the CLI output.
2024-10-24 11:20:57 -04:00
static int cli_parse_echo(char **args, char *payload, struct appctx *appctx, void *private)
{
int i = 1; /* starts after 'echo' */
chunk_reset(&trash);
while (*args[i]) {
/* add a space if there was a word before */
if (i == 1)
chunk_printf(&trash, "%s", args[i]);
else
chunk_appendf(&trash, " %s", args[i]);
i++;
}
chunk_appendf(&trash, "\n");
cli_msg(appctx, LOG_INFO, trash.area);
return 1;
}
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
static int _send_status(char **args, char *payload, struct appctx *appctx, void *private)
{
MINOR: mworker: stop MASTER proxy listener on worker mcli sockpair After sending its "READY" status worker should not keep the access to MASTER proxy, thus, it shouldn't be able to send any other commands further to master process. To achieve this, let's stop in master context master CLI listener attached on the sockpair shared with worker. We do this just after receiving the worker's status message.
2024-10-22 09:09:29 -04:00
struct listener *mproxy_li;
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
struct mworker_proc *proc;
BUG/MEDIUM: mworker: report status, if daemonized master fails As daemonization fork happens now very early and before the master-worker fork, if master or worker processes fail during the initialization, some critical errors can't be reported to stdout. The launching (parent) process in such cases exits with 0. This makes an impression, that master and his worker have successfully started at background, which really complicates the operations. In the previous commit a pipe was added to make daemonized child communicate with his parent. Let's add the same logic to master-worker mode. Up to receiving the READY message from the worker, master will "forward" it via the pipe to the launching process. Launching process can obtain master's exit status, if the master fails to start and nothing has been written in the pipe. This fix should be backported only in 3.1.
2024-12-09 12:56:01 -05:00
char *msg = "READY\n";
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
int pid;
BUG_ON((strcmp(args[0], "_send_status") != 0),
"Triggered in _send_status by unsupported command name.\n");
pid = atoi(args[2]);
list_for_each_entry(proc, &proc_list, list) {
/* update status of the new worker */
MINOR: mworker: stop MASTER proxy listener on worker mcli sockpair After sending its "READY" status worker should not keep the access to MASTER proxy, thus, it shouldn't be able to send any other commands further to master process. To achieve this, let's stop in master context master CLI listener attached on the sockpair shared with worker. We do this just after receiving the worker's status message.
2024-10-22 09:09:29 -04:00
if (proc->pid == pid) {
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
proc->options &= ~PROC_O_INIT;
MINOR: mworker: stop MASTER proxy listener on worker mcli sockpair After sending its "READY" status worker should not keep the access to MASTER proxy, thus, it shouldn't be able to send any other commands further to master process. To achieve this, let's stop in master context master CLI listener attached on the sockpair shared with worker. We do this just after receiving the worker's status message.
2024-10-22 09:09:29 -04:00
mproxy_li = fdtab[proc->ipc_fd[0]].owner;
stop_listener(mproxy_li, 0, 0, 0);
}
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
/* send TERM to workers, which have exceeded max_reloads counter */
if (max_reloads != -1) {
if ((proc->options & PROC_O_TYPE_WORKER) &&
(proc->options & PROC_O_LEAVING) &&
(proc->reloads > max_reloads) && (proc->pid > 0)) {
kill(proc->pid, SIGTERM);
}
}
}
BUG/MINOR: startup: fix pidfile creation Pidfile should be created at the latest initialization stage, when we are sure, that process is able to start successfully, otherwise PID value, written in this file is no longer valid. So, for the standalone mode, let's move the block, which opens the pidfile and let's put it just before applying "chroot". In master-worker mode, master doesn't perform chroot. So it creates the pidfile, only when the "READY" message from the newly forked worker is received. This should be backported only in 3.1
2024-12-02 10:05:16 -05:00
/* At this point we are sure, that newly forked worker is started,
* so we can write our PID in a pidfile, if provided. Master doesn't
* perform chroot.
*/
BUG/MINOR: startup: fix error path for master, if can't open pidfile If master process can't open a pidfile, there is no sense to send SIGTTIN to oldpids, as it will exit. So, old workers will terminate as well. It's better to send the last alert to the log about unrecoverable error, because master is already in its polling loop. For the standalone mode we should keep the previous logic in this case: send SIGTTIN to old process and unbind listeners for the new one. So, it's better to put this error path in main(), as it's done when other configuration settings can't be applied. This patch should be backported only in 3.1.
2024-12-03 15:33:55 -05:00
if (global.pidfile != NULL) {
if (handle_pidfile() < 0) {
ha_alert("Fatal error(s) found, exiting.\n");
exit(1);
}
}
BUG/MINOR: startup: fix pidfile creation Pidfile should be created at the latest initialization stage, when we are sure, that process is able to start successfully, otherwise PID value, written in this file is no longer valid. So, for the standalone mode, let's move the block, which opens the pidfile and let's put it just before applying "chroot". In master-worker mode, master doesn't perform chroot. So it creates the pidfile, only when the "READY" message from the newly forked worker is received. This should be backported only in 3.1
2024-12-02 10:05:16 -05:00
BUG/MINOR: mworker: fix -D -W -sf/-st modes When a new master process is launched like below: ./haproxy -W -D -p ha.pid -sf $(cat ha.pid)... The old master process and its workers do not stop. Since the master-worker refactoring, the code, which sends USR1/TERM to old pids from -sf, is called only for the standalone mode. In master-worker mode we should receive the READY message from the newly forked worker at first, in order to be able to terminate the previous master. So, to fix this, let's terminate the previous master in _send_status(), where we parse the READY message from the newly forked worker. And let's continue to use oldpids array, as it was in 3.0, in order to stop the workers, launched before the reload. This patch should be backported only in 3.1.
2024-12-03 15:13:47 -05:00
/* either send USR1/TERM to old master, case when we launched as -W -D ... -sf $(cat pidfile),
* or send USR1/TERM to old worker processes.
*/
if (nb_oldpids > 0) {
nb_oldpids = tell_old_pids(oldpids_sig);
}
BUG/MEDIUM: mworker: report status, if daemonized master fails As daemonization fork happens now very early and before the master-worker fork, if master or worker processes fail during the initialization, some critical errors can't be reported to stdout. The launching (parent) process in such cases exits with 0. This makes an impression, that master and his worker have successfully started at background, which really complicates the operations. In the previous commit a pipe was added to make daemonized child communicate with his parent. Let's add the same logic to master-worker mode. Up to receiving the READY message from the worker, master will "forward" it via the pipe to the launching process. Launching process can obtain master's exit status, if the master fails to start and nothing has been written in the pipe. This fix should be backported only in 3.1.
2024-12-09 12:56:01 -05:00
if (daemon_fd[1] != -1) {
if (write(daemon_fd[1], msg, strlen(msg)) < 0) {
ha_alert("[%s.main()] Failed to write into pipe with parent process: %s\n", progname, strerror(errno));
exit(1);
}
close(daemon_fd[1]);
daemon_fd[1] = -1;
}
MINOR: startup: replace HAPROXY_LOAD_SUCCESS with global load_status After master-worker refactoring, master performs re-exec only once up to receiving "reload" command or USR2 signal. There is no more the second master's re-exec to free unused memory. Thus, there is no longer need to export environment variable HAPROXY_LOAD_SUCCESS with worker process load status. This status can be simply saved in a global variable load_status.
2024-11-12 05:28:46 -05:00
load_status = 1;
MEDIUM: startup: split sending oldpids_sig logic for standalone and mworker modes Before refactoring the master-worker mode, in all runtime modes, when the new process successfully parsed its configuration and bound to sockets, it sent either SIGUSR1 or SIGTERM to the previous one in order to terminate it. Let's keep this logic as is for the standalone mode. In addition, in standalone mode we need to send the signal to old process before calling set_identity(), because in set_identity() effective user or group may change. So, the order is important here. In case of master-worker mode after refactoring, master terminates the previous worker by itself up to receiving "READY" status from the new one in _send_status(). Master also sets at this moment HAPROXY_LOAD_SUCCESS env variable and checks, if there are some other workers to terminate with max_reloads exceeded. So, now in master-worker mode we terminate old workers only, when the new one has successfully done all initialization steps and has sent "READY" status to master.
2024-10-03 05:16:35 -04:00
ha_notice("Loading success.\n");
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
MINOR: mworker: reintroduce systemd support Let's reintroduce systemd support in the refactored master-worker mode. As for now, the master-worker fork happens during early initialization steps and then the master process receieves the "READY" status message from the newly forked worker, that has successfully loaded. Let's propagate this "READY" status message at this moment to the systemd from the master process context (_send_status()). We use the master process to send messages to systemd, because it is only the process, monitored by systemd. In master recovery mode, we also need to send to the systemd the "READY" message, but with the status "Reload failed". "READY" will signal to systemd, that master process is still alive, because it doesn't exit in recovery mode and it keeps the existed worker. Status "Reload failed" will signal to user, that something wrong has happened with the configuration. Same message logic was originally preserved for the case, when the worker fails to read its configuration, see on_new_child_failure() for more details.
2024-10-11 13:36:32 -04:00
if (global.tune.options & GTUNE_USE_SYSTEMD)
sd_notifyf(0, "READY=1\nMAINPID=%lu\nSTATUS=Ready.\n", (unsigned long)getpid());
BUG/MINOR: mworker: fix -D -W -sf/-st modes When a new master process is launched like below: ./haproxy -W -D -p ha.pid -sf $(cat ha.pid)... The old master process and its workers do not stop. Since the master-worker refactoring, the code, which sends USR1/TERM to old pids from -sf, is called only for the standalone mode. In master-worker mode we should receive the READY message from the newly forked worker at first, in order to be able to terminate the previous master. So, to fix this, let's terminate the previous master in _send_status(), where we parse the READY message from the newly forked worker. And let's continue to use oldpids array, as it was in 3.0, in order to stop the workers, launched before the reload. This patch should be backported only in 3.1.
2024-12-03 15:13:47 -05:00
BUG/MINOR: mworker: detach from tty when received READY from worker Some master process' initialization steps are conditioned by receiving the READY message from worker (pidfile creation, forwarding READY message to the launching parent). So, master process can not do these initialization routines before. If the master process fails, while creating pid or forwarding the READY to the parent in daemon mode, he exits with a proper alert message. In daemon mode we no longer see such message, as process is already detached from the tty. To fix this, as these alerts could be very useful, let's detach the master process from the tty after his last initialization steps in _send_status.
2024-12-09 14:20:40 -05:00
/* master and worker have successfully started, now we can set quiet mode
* if MODE_DAEMON
*/
if ((!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) &&
(global.mode & MODE_DAEMON)) {
/* detach from the tty, this is required to properly daemonize. */
if ((getenv("HAPROXY_MWORKER_REEXEC") == NULL))
stdio_quiet(-1);
global.mode &= ~MODE_VERBOSE;
global.mode |= MODE_QUIET; /* ensure that we won't say anything from now */
}
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
return 1;
}
MEDIUM: cli: write a prompt for the CLI proxy of the master Write a prompt with the PID of the target or master. It's always activated for now. Example: 1234> master>
2018-10-26 08:47:47 -04:00
void pcli_write_prompt(struct stream *s)
{
struct buffer *msg = get_trash_chunk();
CLEANUP: stconn: rename cs_{i,o}{b,c} to sc_{i,o}{b,c} We're starting to propagate the stream connector's new name through the API. Most call places of these functions that retrieve the channel or its buffer are in applets. The local variable names are not changed in order to keep the changes small and reviewable. There were ~92 uses of cs_ic(), ~96 of cs_oc() (due to co_get*() being less factorizable than ci_put*), and ~5 accesses to the buffer itself.
2022-05-18 09:55:18 -04:00
struct channel *oc = sc_oc(s->scf);
MEDIUM: cli: write a prompt for the CLI proxy of the master Write a prompt with the PID of the target or master. It's always activated for now. Example: 1234> master>
2018-10-26 08:47:47 -04:00
CLEANUP: cli: use dedicated define instead of appctx ones Replace APPCTX_CLI_ST1_PAYLOAD and APPCTX_CLI_ST1_PROMPT by PCLI_F_PAYLOAD and PCLI_F_PROMPT in the master CLI code.
2018-12-13 03:05:46 -05:00
if (!(s->pcli_flags & PCLI_F_PROMPT))
MINOR: cli: parse prompt command in the CLI proxy Handle the prompt command. Works the same way as the CLI.
2018-12-11 10:10:54 -05:00
return;
CLEANUP: cli: use dedicated define instead of appctx ones Replace APPCTX_CLI_ST1_PAYLOAD and APPCTX_CLI_ST1_PROMPT by PCLI_F_PAYLOAD and PCLI_F_PROMPT in the master CLI code.
2018-12-13 03:05:46 -05:00
if (s->pcli_flags & PCLI_F_PAYLOAD) {
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
chunk_appendf(msg, "+ ");
} else {
MINOR: master/cli: also implement the timed prompt on the master CLI This provides more consistency between the master and the worker. When "prompt timed" is passed on the master, the timed mode is toggled. When enabled, for a master it will show the master process' uptime, and for a worker it will show this worker's uptime. Example: master> prompt timed [0:00:00:50] master> show proc #<PID> <type> <reloads> <uptime> <version> 11940 master 1 [failed: 0] 0d00h02m10s 2.8-dev11-474c14-21 # workers 11955 worker 0 0d00h00m59s 2.8-dev11-474c14-21 # old workers 11942 worker 1 0d00h02m10s 2.8-dev11-474c14-21 # programs [0:00:00:58] master> @!11955 [0:00:01:03] 11955> @!11942 [0:00:02:17] 11942> @ [0:00:01:10] master>
2023-05-11 10:14:02 -04:00
if (s->pcli_next_pid == 0) {
/* master's prompt */
if (s->pcli_flags & PCLI_F_TIMED) {
uint up = ns_to_sec(now_ns - start_time_ns);
chunk_appendf(msg, "[%u:%02u:%02u:%02u] ",
(up / 86400), (up / 3600) % 24, (up / 60) % 60, up % 60);
}
MINOR: mworker/cli: add flags in the prompt The master CLI prompt is now able to show flags in its prompt depending on the mode used: experimental (x), expert (e), mcli-debug (d).
2022-02-02 08:13:54 -05:00
chunk_appendf(msg, "master%s",
MINOR: mworker: ReloadFailed shown depending on failedreload The ReloadFailed prompt in the master CLI is shown only when failedreloads > 0. It was previously using a check on the wait mode, but we always use the wait mode now.
2021-11-10 04:57:18 -05:00
(proc_self->failedreloads > 0) ? "[ReloadFailed]" : "");
MINOR: master/cli: also implement the timed prompt on the master CLI This provides more consistency between the master and the worker. When "prompt timed" is passed on the master, the timed mode is toggled. When enabled, for a master it will show the master process' uptime, and for a worker it will show this worker's uptime. Example: master> prompt timed [0:00:00:50] master> show proc #<PID> <type> <reloads> <uptime> <version> 11940 master 1 [failed: 0] 0d00h02m10s 2.8-dev11-474c14-21 # workers 11955 worker 0 0d00h00m59s 2.8-dev11-474c14-21 # old workers 11942 worker 1 0d00h02m10s 2.8-dev11-474c14-21 # programs [0:00:00:58] master> @!11955 [0:00:01:03] 11955> @!11942 [0:00:02:17] 11942> @ [0:00:01:10] master>
2023-05-11 10:14:02 -04:00
}
else {
/* worker's prompt */
if (s->pcli_flags & PCLI_F_TIMED) {
const struct mworker_proc *tmp, *proc;
uint up;
/* set proc to the worker corresponding to pcli_next_pid or NULL */
proc = NULL;
list_for_each_entry(tmp, &proc_list, list) {
if (!(tmp->options & PROC_O_TYPE_WORKER))
continue;
if (tmp->pid == s->pcli_next_pid) {
proc = tmp;
break;
}
}
if (!proc)
chunk_appendf(msg, "[gone] ");
else {
up = date.tv_sec - proc->timestamp;
if ((int)up < 0) /* must never be negative because of clock drift */
up = 0;
chunk_appendf(msg, "[%u:%02u:%02u:%02u] ",
(up / 86400), (up / 3600) % 24, (up / 60) % 60, up % 60);
}
}
MINOR: mworker/cli: add flags in the prompt The master CLI prompt is now able to show flags in its prompt depending on the mode used: experimental (x), expert (e), mcli-debug (d).
2022-02-02 08:13:54 -05:00
chunk_appendf(msg, "%d", s->pcli_next_pid);
MINOR: master/cli: also implement the timed prompt on the master CLI This provides more consistency between the master and the worker. When "prompt timed" is passed on the master, the timed mode is toggled. When enabled, for a master it will show the master process' uptime, and for a worker it will show this worker's uptime. Example: master> prompt timed [0:00:00:50] master> show proc #<PID> <type> <reloads> <uptime> <version> 11940 master 1 [failed: 0] 0d00h02m10s 2.8-dev11-474c14-21 # workers 11955 worker 0 0d00h00m59s 2.8-dev11-474c14-21 # old workers 11942 worker 1 0d00h02m10s 2.8-dev11-474c14-21 # programs [0:00:00:58] master> @!11955 [0:00:01:03] 11955> @!11942 [0:00:02:17] 11942> @ [0:00:01:10] master>
2023-05-11 10:14:02 -04:00
}
MINOR: mworker/cli: add flags in the prompt The master CLI prompt is now able to show flags in its prompt depending on the mode used: experimental (x), expert (e), mcli-debug (d).
2022-02-02 08:13:54 -05:00
if (s->pcli_flags & (ACCESS_EXPERIMENTAL|ACCESS_EXPERT|ACCESS_MCLI_DEBUG)) {
chunk_appendf(msg, "(");
if (s->pcli_flags & ACCESS_EXPERIMENTAL)
chunk_appendf(msg, "x");
if (s->pcli_flags & ACCESS_EXPERT)
chunk_appendf(msg, "e");
if (s->pcli_flags & ACCESS_MCLI_DEBUG)
chunk_appendf(msg, "d");
chunk_appendf(msg, ")");
}
chunk_appendf(msg, "> ");
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
}
MEDIUM: cli: write a prompt for the CLI proxy of the master Write a prompt with the PID of the target or master. It's always activated for now. Example: 1234> master>
2018-10-26 08:47:47 -04:00
co_inject(oc, msg->area, msg->data);
}
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* The pcli_* functions are used for the CLI proxy in the master */
MEDIUM: mworker/cli: does not disconnect the master CLI upon error In the proxy CLI analyzer, when pcli_parse_request returns -1, the client was shut to prevent any problem with the master CLI. This behavior is a little bit excessive and not handy at all in prompt mode. For example one could have activated multiples mode, then have an error which disconnect the CLI, and they would have to reconnect and enter all the modes again. This patch introduces the pcli_error() function, which only output an error and flush the input buffer, instead of closing everything. When encountering a parsing error, this function is used, and the prompt is written again, without any disconnection.
2023-05-14 12:36:00 -04:00
/* flush the input buffer and output an error */
void pcli_error(struct stream *s, const char *msg)
{
struct buffer *buf = get_trash_chunk();
struct channel *oc = &s->res;
struct channel *ic = &s->req;
chunk_initstr(buf, msg);
if (likely(buf && buf->data))
co_inject(oc, buf->area, buf->data);
channel_erase(ic);
}
/* flush the input buffer, output the error and close */
MINOR: cli: helper to write an response message and close pcli_reply_and_close() writes a message to the client and close the connection. To be used only in the CLI proxy.
2018-10-26 08:47:48 -04:00
void pcli_reply_and_close(struct stream *s, const char *msg)
{
struct buffer *buf = get_trash_chunk();
chunk_initstr(buf, msg);
MINOR: stream-int/stream: Move si_retnclose() in the stream scope si_retnclose() is used to send a reply to a client before closing. There is no use on the server side, in spite of the function is generic. Thus, it is renamed stream_retnclose() and moved into the stream scope. The function now handle a stream and explicitly send a message to the client.
2022-03-31 03:47:24 -04:00
stream_retnclose(s, buf);
MINOR: cli: helper to write an response message and close pcli_reply_and_close() writes a message to the client and close the connection. To be used only in the CLI proxy.
2018-10-26 08:47:48 -04:00
}
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
static enum obj_type *pcli_pid_to_server(int proc_pid)
{
struct mworker_proc *child;
MINOR: mworker/cli: the master CLI use its own applet Following the patch b4daee ("MINOR: sock: add a check against cross worker<->master socket activities"), this patch adds a dedicated applet for the master CLI. It ensures that the CLI connection can't be used with the master rights in the case of bugs.
2020-11-05 04:28:53 -05:00
/* return the mCLI applet of the master */
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
if (proc_pid == 0)
MINOR: mworker/cli: the master CLI use its own applet Following the patch b4daee ("MINOR: sock: add a check against cross worker<->master socket activities"), this patch adds a dedicated applet for the master CLI. It ensures that the CLI connection can't be used with the master rights in the case of bugs.
2020-11-05 04:28:53 -05:00
return &mcli_applet.obj_type;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
list_for_each_entry(child, &proc_list, list) {
if (child->pid == proc_pid){
return &child->srv->obj_type;
}
}
return NULL;
}
/* Take a CLI prefix in argument (eg: @!1234 @master @1)
* Return:
* 0: master
* > 0: pid of a worker
* < 0: didn't find a worker
*/
static int pcli_prefix_to_pid(const char *prefix)
{
int proc_pid;
struct mworker_proc *child;
char *errtol = NULL;
if (*prefix != '@') /* not a prefix, should not happen */
return -1;
prefix++;
if (!*prefix) /* sent @ alone, return the master */
return 0;
if (strcmp("master", prefix) == 0) {
return 0;
} else if (*prefix == '!') {
prefix++;
if (!*prefix)
return -1;
proc_pid = strtol(prefix, &errtol, 10);
if (*errtol != '\0')
return -1;
list_for_each_entry(child, &proc_list, list) {
CLEANUP: mworker: remove the type field in mworker_proc Since the introduction of the options field, we can use it to store the type of process. type = 'm' is replaced by PROC_O_TYPE_MASTER type = 'w' is replaced by PROC_O_TYPE_WORKER type = 'e' is replaced by PROC_O_TYPE_PROG The old values are still used in the HAPROXY_PROCESSES environment variable to pass the information during a reload.
2019-04-12 10:09:23 -04:00
if (!(child->options & PROC_O_TYPE_WORKER))
MINOR: cli: show master information in 'show proc' Displays the master information in show proc.
2018-11-19 12:46:18 -05:00
continue;
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
if (child->pid == proc_pid){
return child->pid;
}
}
} else {
struct mworker_proc *chosen = NULL;
/* this is a relative pid */
proc_pid = strtol(prefix, &errtol, 10);
if (*errtol != '\0')
return -1;
if (proc_pid == 0) /* return the master */
return 0;
BUG/MINOR: mworker/cli: relative pid prefix not validated anymore Since e8422bf ("MEDIUM: global: remove the relative_pid from global and mworker"), the relative pid prefix is not tested anymore on the master CLI. Which means any value will fall into the "1" process. Since we removed the nbproc, only the "1" and the "0" (master) value are correct, any other value should return an error. Fix issue #1793. This must be backported as far as 2.5.
2022-07-20 08:30:56 -04:00
if (proc_pid != 1) /* only the "@1" relative PID is supported */
return -1;
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
/* chose the right process, the current one is the one with the
least number of reloads */
list_for_each_entry(child, &proc_list, list) {
CLEANUP: mworker: remove the type field in mworker_proc Since the introduction of the options field, we can use it to store the type of process. type = 'm' is replaced by PROC_O_TYPE_MASTER type = 'w' is replaced by PROC_O_TYPE_WORKER type = 'e' is replaced by PROC_O_TYPE_PROG The old values are still used in the HAPROXY_PROCESSES environment variable to pass the information during a reload.
2019-04-12 10:09:23 -04:00
if (!(child->options & PROC_O_TYPE_WORKER))
MINOR: cli: show master information in 'show proc' Displays the master information in show proc.
2018-11-19 12:46:18 -05:00
continue;
MEDIUM: global: remove the relative_pid from global and mworker The relative_pid is always 1. In mworker mode we also have a child->relative_pid which is always equalt relative_pid, except for a master (0) or external process (-1), but these types are usually tested for, except for one place that was amended to carefully check for the PROC_O_TYPE_WORKER option. Changes were pretty limited as most usages of relative_pid were for designating a process in stats output and peers protocol.
2021-06-15 03:08:18 -04:00
if (child->reloads == 0)
return child->pid;
else if (chosen == NULL || child->reloads < chosen->reloads)
chosen = child;
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
}
if (chosen)
return chosen->pid;
}
return -1;
}
CLEANUP: mworker/cli: add comments about pcli_find_and_exec_kw() Add a comment about the pcli_find_and_exec_kw().
2023-12-07 12:02:29 -05:00
/*
* pcli_find_and_exec_kw() parses a command for the master CLI. It looks for a
* prefix or a command that is handled directly by the proxy and never sent to
* a worker.
*
* Return:
* >= 0 : number of words that were parsed and need to be skipped
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
* = -1 : error
*/
int pcli_find_and_exec_kw(struct stream *s, char **args, int argl, char **errmsg, int *next_pid)
{
if (argl < 1)
return 0;
/* there is a prefix */
if (args[0][0] == '@') {
int target_pid = pcli_prefix_to_pid(args[0]);
if (target_pid == -1) {
memprintf(errmsg, "Can't find the target PID matching the prefix '%s'\n", args[0]);
return -1;
}
/* if the prefix is alone, define a default target */
if (argl == 1)
s->pcli_next_pid = target_pid;
else
*next_pid = target_pid;
return 1;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp("prompt", args[0]) == 0) {
MINOR: master/cli: also implement the timed prompt on the master CLI This provides more consistency between the master and the worker. When "prompt timed" is passed on the master, the timed mode is toggled. When enabled, for a master it will show the master process' uptime, and for a worker it will show this worker's uptime. Example: master> prompt timed [0:00:00:50] master> show proc #<PID> <type> <reloads> <uptime> <version> 11940 master 1 [failed: 0] 0d00h02m10s 2.8-dev11-474c14-21 # workers 11955 worker 0 0d00h00m59s 2.8-dev11-474c14-21 # old workers 11942 worker 1 0d00h02m10s 2.8-dev11-474c14-21 # programs [0:00:00:58] master> @!11955 [0:00:01:03] 11955> @!11942 [0:00:02:17] 11942> @ [0:00:01:10] master>
2023-05-11 10:14:02 -04:00
if (argl >= 2 && strcmp(args[1], "timed") == 0) {
s->pcli_flags |= PCLI_F_PROMPT;
s->pcli_flags ^= PCLI_F_TIMED;
}
else
s->pcli_flags ^= PCLI_F_PROMPT;
MINOR: cli: parse prompt command in the CLI proxy Handle the prompt command. Works the same way as the CLI.
2018-12-11 10:10:54 -05:00
return argl; /* return the number of elements in the array */
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp("quit", args[0]) == 0) {
MINOR: channel/stconn: Replace channel_shutr_now() by sc_schedule_abort() After the flag renaming, it is now the turn for the channel function to be renamed and moved in the SC scope. channel_shutr_now() is replaced by sc_schedule_abort(). The request channel is replaced by the front SC and the response is replace by the back SC.
2023-04-13 09:40:10 -04:00
sc_schedule_abort(s->scf);
MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown() After the flag renaming, it is now the turn for the channel function to be renamed and moved in the SC scope. channel_shutw_now() is replaced by sc_schedule_shutdown(). The request channel is replaced by the front SC and the response is replace by the back SC.
2023-04-13 09:56:26 -04:00
sc_schedule_shutdown(s->scf);
MINOR: cli: implements 'quit' in the CLI proxy Implements the 'quit' command. Works the same way as the CLI command.
2018-12-11 10:10:55 -05:00
return argl; /* return the number of elements in the array */
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp(args[0], "operator") == 0) {
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
if (!pcli_has_level(s, ACCESS_LVL_OPER)) {
memprintf(errmsg, "Permission denied!\n");
return -1;
}
s->pcli_flags &= ~ACCESS_LVL_MASK;
s->pcli_flags |= ACCESS_LVL_OPER;
return argl;
CLEANUP: Compare the return value of `XXXcmp()` functions with zero According to coding-style.txt it is recommended to use: `strcmp(a, b) == 0` instead of `!strcmp(a, b)` So let's do this. The change was performed by running the following (very long) coccinelle patch on src/: @@ statement S; expression E; expression F; @@ if ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) ( S | { ... } ) @@ statement S; expression E; expression F; @@ if ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) ( S | { ... } ) @@ expression E; expression F; expression G; @@ ( G && ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( G || ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 && G ) @@ expression E; expression F; expression G; @@ ( ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) != 0 || G ) @@ expression E; expression F; expression G; @@ ( G && - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( G || - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 && G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 || G ) @@ expression E; expression F; expression G; @@ ( - ! ( dns_hostname_cmp | eb_memcmp | memcmp | strcasecmp | strcmp | strncasecmp | strncmp ) - (E, F) + (E, F) == 0 )
2021-01-02 16:31:53 -05:00
} else if (strcmp(args[0], "user") == 0) {
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
if (!pcli_has_level(s, ACCESS_LVL_USER)) {
memprintf(errmsg, "Permission denied!\n");
return -1;
}
s->pcli_flags &= ~ACCESS_LVL_MASK;
s->pcli_flags |= ACCESS_LVL_USER;
return argl;
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
} else if (strcmp(args[0], "expert-mode") == 0) {
if (!pcli_has_level(s, ACCESS_LVL_ADMIN)) {
memprintf(errmsg, "Permission denied!\n");
return -1;
}
s->pcli_flags &= ~ACCESS_EXPERT;
if ((argl > 1) && (strcmp(args[1], "on") == 0))
s->pcli_flags |= ACCESS_EXPERT;
return argl;
} else if (strcmp(args[0], "experimental-mode") == 0) {
if (!pcli_has_level(s, ACCESS_LVL_ADMIN)) {
memprintf(errmsg, "Permission denied!\n");
return -1;
}
s->pcli_flags &= ~ACCESS_EXPERIMENTAL;
if ((argl > 1) && (strcmp(args[1], "on") == 0))
s->pcli_flags |= ACCESS_EXPERIMENTAL;
return argl;
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
} else if (strcmp(args[0], "mcli-debug-mode") == 0) {
if (!pcli_has_level(s, ACCESS_LVL_ADMIN)) {
memprintf(errmsg, "Permission denied!\n");
return -1;
}
s->pcli_flags &= ~ACCESS_MCLI_DEBUG;
if ((argl > 1) && (strcmp(args[1], "on") == 0))
s->pcli_flags |= ACCESS_MCLI_DEBUG;
return argl;
BUG/MINOR: mworker/cli: fix set severity-output support "set severity-output" is one of these command that changes the appctx state so the next commands are affected. Unfortunately the master CLI works with pipelining and server close mode, which means the connection between the master and the worker is closed after each response, so for the next command this is a new appctx state. To fix the problem, 2 new flags are added ACCESS_MCLI_SEVERITY_STR and ACCESS_MCLI_SEVERITY_NB which are used to prefix each command sent to the worker with the right "set severity-output" command. This patch fixes issue #2350. It could be backported as far as 2.6.
2023-12-06 05:15:01 -05:00
} else if (strcmp(args[0], "set") == 0) {
if ((argl > 1) && (strcmp(args[1], "severity-output") == 0)) {
if ((argl > 2) &&strcmp(args[2], "none") == 0) {
s->pcli_flags &= ~(ACCESS_MCLI_SEVERITY_NB|ACCESS_MCLI_SEVERITY_STR);
} else if ((argl > 2) && strcmp(args[2], "string") == 0) {
s->pcli_flags |= ACCESS_MCLI_SEVERITY_STR;
} else if ((argl > 2) && strcmp(args[2], "number") == 0) {
s->pcli_flags |= ACCESS_MCLI_SEVERITY_NB;
} else {
memprintf(errmsg, "one of 'none', 'number', 'string' is a required argument\n");
return -1;
}
/* only skip argl if we have "set severity-output" not only "set" */
return argl;
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
}
return 0;
}
/*
* Parse the CLI request:
* - It does basically the same as the cli_io_handler, but as a proxy
* - It can exec a command and strip non forwardable commands
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
*
* Return:
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
* - the number of characters to forward or
* - 1 if there is an error or not enough data
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
*/
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
int pcli_parse_request(struct stream *s, struct channel *req, char **errmsg, int *next_pid)
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
{
BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them Pipelined commands easily result in request buffers to wrap, and the master-cli parser only deals with linear buffers since it needs contiguous keywords to look for in a list. As soon as a buffer wraps, some commands are ignored and the parser is called in loops because the wrapped data do not leave the buffer. Let's take the easiest path that's already used at the HTTP layer, we simply realign the buffer if its input wraps. This rarely happens anyway (typically once per buffer), remains reasonably cheap and guarantees this cannot happen anymore. This needs to be backported as far as 2.0.
2022-01-20 02:47:35 -05:00
char *str;
char *end;
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
char *args[MAX_CLI_ARGS + 1]; /* +1 for storing a NULL */
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
int argl; /* number of args */
char *p;
char *trim = NULL;
int wtrim = 0; /* number of words to trim */
int reql = 0;
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
int ret;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
int i = 0;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them Pipelined commands easily result in request buffers to wrap, and the master-cli parser only deals with linear buffers since it needs contiguous keywords to look for in a list. As soon as a buffer wraps, some commands are ignored and the parser is called in loops because the wrapped data do not leave the buffer. Let's take the easiest path that's already used at the HTTP layer, we simply realign the buffer if its input wraps. This rarely happens anyway (typically once per buffer), remains reasonably cheap and guarantees this cannot happen anymore. This needs to be backported as far as 2.0.
2022-01-20 02:47:35 -05:00
/* we cannot deal with a wrapping buffer, so let's take care of this
* first.
*/
if (b_head(&req->buf) + b_data(&req->buf) > b_wrap(&req->buf))
b_slow_realign(&req->buf, trash.area, co_data(req));
str = (char *)ci_head(req);
end = (char *)ci_stop(req);
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
p = str;
CLEANUP: cli: use dedicated define instead of appctx ones Replace APPCTX_CLI_ST1_PAYLOAD and APPCTX_CLI_ST1_PROMPT by PCLI_F_PAYLOAD and PCLI_F_PROMPT in the master CLI code.
2018-12-13 03:05:46 -05:00
if (!(s->pcli_flags & PCLI_F_PAYLOAD)) {
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
/* Looks for the end of one command */
while (p+reql < end) {
/* handle escaping */
if (p[reql] == '\\') {
BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI Fix the semicolon escaping which must be handled in the master CLI, the commands were wrongly splitted and could be forwarded partially to the target CLI.
2020-06-18 12:45:04 -04:00
reql+=2;
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
continue;
}
if (p[reql] == ';' || p[reql] == '\n') {
/* found the end of the command */
p[reql] = '\n';
reql++;
break;
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
reql++;
}
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
} else {
while (p+reql < end) {
if (p[reql] == '\n') {
/* found the end of the line */
reql++;
break;
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
reql++;
}
}
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
/* set end to first byte after the end of the command */
end = p + reql;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
/* there is no end to this command, need more to parse ! */
BUG/MEDIUM: mcli: do not try to parse empty buffers When pcli_parse_request() is called with an empty buffer, it still tries to parse it and can go on believing it finds an empty request if the last char before the beginning of the buffer is a '\n'. In this case it overwrites it with a zero and processes it as an empty command, doing nothing but not making the buffer progress. This results in an infinite loop that is stopped by the watchdog. For a reason related to another issue (yet to be fixed), this can easily be reproduced by pipelining lots of commands such as "show version". Let's add a length check after the search for a '\n'. This needs to be backported as far as 2.0.
2022-01-20 02:31:50 -05:00
if (!reql || *(end-1) != '\n') {
CLEANUP: mworker/cli: use a label to return errors Remove the returns in the function to end directly at the end label.
2023-11-28 11:28:07 -05:00
ret = -1;
goto end;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
}
MINOR: mworker/cli: implements the customized payload pattern for master CLI Implements the customized payload pattern for the master CLI. The pattern is stored in the stream in char pcli_payload_pat[8]. The principle is basically the same as the CLI one, it looks for '<<' then stores what's between '<<' and '\n', and look for it to exit the payload mode.
2023-11-28 11:57:21 -05:00
/* in payload mode, skip the whole parsing/exec and just look for a pattern */
BUG/MEDIUM: cli: handle correctly prefix and payload In the master CLI, the commands and the prefix were still parsed and trimmed after the pattern payload. Don't parse anything but the end of a line till we are in payload mode. Put the search of the pattern after the trim so we can use correctly a payload with a command which is prefixed by @.
2018-12-13 03:05:48 -05:00
if (s->pcli_flags & PCLI_F_PAYLOAD) {
MINOR: mworker/cli: implements the customized payload pattern for master CLI Implements the customized payload pattern for the master CLI. The pattern is stored in the stream in char pcli_payload_pat[8]. The principle is basically the same as the CLI one, it looks for '<<' then stores what's between '<<' and '\n', and look for it to exit the payload mode.
2023-11-28 11:57:21 -05:00
if (reql-1 == strlen(s->pcli_payload_pat)) {
/* the custom pattern len can be 0 (empty line) */
if (strncmp(str, s->pcli_payload_pat, strlen(s->pcli_payload_pat)) == 0) {
s->pcli_flags &= ~PCLI_F_PAYLOAD;
}
}
CLEANUP: mworker/cli: use a label to return errors Remove the returns in the function to end directly at the end label.
2023-11-28 11:28:07 -05:00
ret = reql;
goto end;
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
*(end-1) = '\0';
/* splits the command in words */
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
while (i < MAX_CLI_ARGS && p < end) {
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
/* skip leading spaces/tabs */
p += strspn(p, " \t");
if (!*p)
break;
args[i] = p;
BUG/MINOR: mworker/cli: fix the escaping in the master CLI The master CLI must not do the escaping since it forwards the commands to another CLI. It should be able to split into words by taking care of the escaping, but must not remove the forwarded backslashes. This fix do the same thing as the previous patch applied to the cli_parse_request() function, by taking care of the escaping during the word split, but it also remove the part which was removing the backslashes from the forwarded command.
2020-06-18 12:03:57 -04:00
while (1) {
p += strcspn(p, " \t\\");
/* escaped chars using backlashes (\) */
if (*p == '\\') {
if (!*++p)
break;
if (!*++p)
break;
} else {
break;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
}
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
BUG/MINOR: mworker/cli: fix the escaping in the master CLI The master CLI must not do the escaping since it forwards the commands to another CLI. It should be able to split into words by taking care of the escaping, but must not remove the forwarded backslashes. This fix do the same thing as the previous patch applied to the cli_parse_request() function, by taking care of the escaping during the word split, but it also remove the part which was removing the backslashes from the forwarded command.
2020-06-18 12:03:57 -04:00
*p++ = 0;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
i++;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
argl = i;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
MINOR: mworker/cli: implements the customized payload pattern for master CLI Implements the customized payload pattern for the master CLI. The pattern is stored in the stream in char pcli_payload_pat[8]. The principle is basically the same as the CLI one, it looks for '<<' then stores what's between '<<' and '\n', and look for it to exit the payload mode.
2023-11-28 11:57:21 -05:00
/* first look for '<<' at the beginning of the last argument */
BUG/MEDIUM: cli: Don't look for payload pattern on empty commands A regression was introduced by commit 9431aa0bdf ("BUG/MEDIUM: cli: Don't look for payload pattern on empty commands"). On empty commands (really empty or containing spaces and tabs), the number of arguments set to 0. However we look for the payload pattern without checking it. The result is an access at the index -1 in the argument array. It is of course invalid. To fix the issue, we just skip this part when there is no argument. Note that the empty command is still sent to the worker. This patch should solve the issue #2365. No backport needed.
2023-11-29 07:20:59 -05:00
if (argl && strncmp(args[argl-1], PAYLOAD_PATTERN, strlen(PAYLOAD_PATTERN)) == 0) {
MINOR: mworker/cli: implements the customized payload pattern for master CLI Implements the customized payload pattern for the master CLI. The pattern is stored in the stream in char pcli_payload_pat[8]. The principle is basically the same as the CLI one, it looks for '<<' then stores what's between '<<' and '\n', and look for it to exit the payload mode.
2023-11-28 11:57:21 -05:00
size_t pat_len = strlen(args[argl-1] + strlen(PAYLOAD_PATTERN));
/*
* A customized pattern can't be more than 7 characters
* if it's more, don't make it a payload
*/
if (pat_len < sizeof(s->pcli_payload_pat)) {
s->pcli_flags |= PCLI_F_PAYLOAD;
/* copy the customized pattern, don't store the << */
strncpy(s->pcli_payload_pat, args[argl-1] + strlen(PAYLOAD_PATTERN), sizeof(s->pcli_payload_pat)-1);
s->pcli_payload_pat[sizeof(s->pcli_payload_pat)-1] = '\0';
}
}
CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS This is the number of args accepted on a command received on the CLI, is has long been totally independent of stats and should not carry this misleading "stats" name anymore.
2021-03-13 04:59:23 -05:00
for (; i < MAX_CLI_ARGS + 1; i++)
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
args[i] = NULL;
wtrim = pcli_find_and_exec_kw(s, args, argl, errmsg, next_pid);
/* End of words are ending by \0, we need to replace the \0s by spaces
CLEANUP: cleanup a commentary in pcli_parse_request() Remove '1' from a commentary in pcli_parse_request()
2022-02-02 08:07:08 -05:00
before forwarding them */
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
p = str;
BUG/MEDIUM: cli: handle correctly prefix and payload In the master CLI, the commands and the prefix were still parsed and trimmed after the pattern payload. Don't parse anything but the end of a line till we are in payload mode. Put the search of the pattern after the trim so we can use correctly a payload with a command which is prefixed by @.
2018-12-13 03:05:48 -05:00
while (p < end-1) {
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
if (*p == '\0')
*p = ' ';
p++;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
*(end-1) = '\n';
if (wtrim > 0) {
trim = &args[wtrim][0];
if (trim == NULL) /* if this was the last word in the table */
trim = end;
b_del(&req->buf, trim - str);
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
ret = end - trim;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
} else if (wtrim < 0) {
/* parsing error */
CLEANUP: mworker/cli: use a label to return errors Remove the returns in the function to end directly at the end label.
2023-11-28 11:28:07 -05:00
ret = -1;
goto end;
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
} else {
/* the whole string */
ret = end - str;
}
if (ret > 1) {
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
/* the mcli-debug-mode is only sent to the applet of the master */
if ((s->pcli_flags & ACCESS_MCLI_DEBUG) && *next_pid <= 0) {
CLEANUP: mworker/cli: clean up the mode handling Cleanup the mode handling by refactoring the strings constant that are written multiple times
2024-08-09 11:41:36 -04:00
const char *cmd = "mcli-debug-mode on -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
}
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
if (s->pcli_flags & ACCESS_EXPERIMENTAL) {
CLEANUP: mworker/cli: clean up the mode handling Cleanup the mode handling by refactoring the strings constant that are written multiple times
2024-08-09 11:41:36 -04:00
const char *cmd = "experimental-mode on -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
}
if (s->pcli_flags & ACCESS_EXPERT) {
CLEANUP: mworker/cli: clean up the mode handling Cleanup the mode handling by refactoring the strings constant that are written multiple times
2024-08-09 11:41:36 -04:00
const char *cmd = "expert-mode on -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
}
BUG/MINOR: mworker/cli: fix set severity-output support "set severity-output" is one of these command that changes the appctx state so the next commands are affected. Unfortunately the master CLI works with pipelining and server close mode, which means the connection between the master and the worker is closed after each response, so for the next command this is a new appctx state. To fix the problem, 2 new flags are added ACCESS_MCLI_SEVERITY_STR and ACCESS_MCLI_SEVERITY_NB which are used to prefix each command sent to the worker with the right "set severity-output" command. This patch fixes issue #2350. It could be backported as far as 2.6.
2023-12-06 05:15:01 -05:00
if (s->pcli_flags & ACCESS_MCLI_SEVERITY_STR) {
BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI Since commit 3d93ecc ("BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands") and commit 598c7f16 ("BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n"), the pipelined command on the master CLI are either broken or emit warnings depending on which version. The reason is that mode applied on the master CLI are saved on the in the current CLI session, and then reinserted for each pipelined command, however, these commande were inserted as new lines. For example: "@1; expert-mode on; debug dev log foo; debug dev log bar" Would be sent as: "expert mode on\ndebug dev log foo" "expert mode on\ndebug dev log bar" This patch fixes the issue by using the new ci_insert() function which inserts a string instead of a newline, and the command are now suffixed by ';' upon insertion allowing a correct pipelined command chain. This must be backported with the previous commit introducing ci_insert() in every stable version. This is broken since the 3.0 version, but it emits a warning in every version below, because 598c7f164 was backported.
2024-08-08 11:09:15 -04:00
const char *cmd = "set severity-output string -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
BUG/MINOR: mworker/cli: fix set severity-output support "set severity-output" is one of these command that changes the appctx state so the next commands are affected. Unfortunately the master CLI works with pipelining and server close mode, which means the connection between the master and the worker is closed after each response, so for the next command this is a new appctx state. To fix the problem, 2 new flags are added ACCESS_MCLI_SEVERITY_STR and ACCESS_MCLI_SEVERITY_NB which are used to prefix each command sent to the worker with the right "set severity-output" command. This patch fixes issue #2350. It could be backported as far as 2.6.
2023-12-06 05:15:01 -05:00
}
if (s->pcli_flags & ACCESS_MCLI_SEVERITY_NB) {
BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI Since commit 3d93ecc ("BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands") and commit 598c7f16 ("BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n"), the pipelined command on the master CLI are either broken or emit warnings depending on which version. The reason is that mode applied on the master CLI are saved on the in the current CLI session, and then reinserted for each pipelined command, however, these commande were inserted as new lines. For example: "@1; expert-mode on; debug dev log foo; debug dev log bar" Would be sent as: "expert mode on\ndebug dev log foo" "expert mode on\ndebug dev log bar" This patch fixes the issue by using the new ci_insert() function which inserts a string instead of a newline, and the command are now suffixed by ';' upon insertion allowing a correct pipelined command chain. This must be backported with the previous commit introducing ci_insert() in every stable version. This is broken since the 3.0 version, but it emits a warning in every version below, because 598c7f164 was backported.
2024-08-08 11:09:15 -04:00
const char *cmd = "set severity-output number -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
BUG/MINOR: mworker/cli: fix set severity-output support "set severity-output" is one of these command that changes the appctx state so the next commands are affected. Unfortunately the master CLI works with pipelining and server close mode, which means the connection between the master and the worker is closed after each response, so for the next command this is a new appctx state. To fix the problem, 2 new flags are added ACCESS_MCLI_SEVERITY_STR and ACCESS_MCLI_SEVERITY_NB which are used to prefix each command sent to the worker with the right "set severity-output" command. This patch fixes issue #2350. It could be backported as far as 2.6.
2023-12-06 05:15:01 -05:00
}
MINOR: mworker/cli: set expert/experimental mode from the CLI Allow to set the master CLI in expert or experimental mode. No command within the master are unlocked yet, but it gives the ability to send expert or experimental commands to the workers. echo "@1; experimental-mode on; del server be1/s2" | socat /var/run/haproxy.master - echo "experimental-mode on; @1 del server be1/s2" | socat /var/run/haproxy.master -
2022-02-01 10:08:50 -05:00
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
if (pcli_has_level(s, ACCESS_LVL_ADMIN)) {
goto end;
} else if (pcli_has_level(s, ACCESS_LVL_OPER)) {
CLEANUP: mworker/cli: clean up the mode handling Cleanup the mode handling by refactoring the strings constant that are written multiple times
2024-08-09 11:41:36 -04:00
const char *cmd = "operator -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
} else if (pcli_has_level(s, ACCESS_LVL_USER)) {
CLEANUP: mworker/cli: clean up the mode handling Cleanup the mode handling by refactoring the strings constant that are written multiple times
2024-08-09 11:41:36 -04:00
const char *cmd = "user -;";
ci_insert(req, 0, cmd, strlen(cmd));
ret += strlen(cmd);
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
}
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
}
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
end:
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
return ret;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
int pcli_wait_for_request(struct stream *s, struct channel *req, int an_bit)
{
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
int next_pid = -1;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
int to_forward;
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
char *errmsg = NULL;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
CLEANUP: assorted typo fixes in the code and comments This is 29th iteration of typo fixes
2021-12-25 01:45:52 -05:00
/* Don't read the next command if still processing the response of the
BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time The proxy used by the master CLI is an internal proxy and no filter are registered on it. Thus, there is no reason to take care to set or unset filter analyzers in the master CLI analyzers. AN_REQ_FLT_END was set on the request channel to prevent the infinite forward and be sure to be able to process one commande at a time. However, the only work because CF_FLT_ANALYZE flag was used by error as a channel analyzer instead of a channel flag. This erroneously set AN_RES_FLT_END on the request channel, that really prevent the infinite forward, be side effet. In fact, We must avoid this kind of trick because this only work by chance and may be source of bugs in future. Instead, we must always keep the CLI request analyzer and add an early return if the response is not fully processed. It happens when the CLI response analyzer is set. This patch must be backported as far as 2.0.
2021-10-18 08:52:49 -04:00
* current one. Just wait. At this stage, errors should be handled by
* the response analyzer.
*/
if (s->res.analysers & AN_RES_WAIT_CLI)
return 0;
MEDIUM: cli: handle CLI level from the master CLI Handle the CLI level in the master CLI. In order to do this, the master CLI stores the level in the stream. Each command are prefixed by a "user" or "operator" command before they are forwarded to the target CLI. The level can be configured in the haproxy program arguments with the level keyword: -S /tmp/sock,level,admin -S /tmp/sock2,level,user.
2018-12-13 03:05:47 -05:00
if ((s->pcli_flags & ACCESS_LVL_MASK) == ACCESS_LVL_NONE)
s->pcli_flags |= strm_li(s)->bind_conf->level & ACCESS_LVL_MASK;
MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status Upon a reload with the master CLI, the FD of the master CLI session is received by the internal socketpair listener. This session is used to display the status of the reload and then will close.
2022-09-24 10:14:50 -04:00
/* stream that comes from the reload listener only responses the reload
* status and quits */
if (!(s->pcli_flags & PCLI_F_RELOAD)
&& strm_li(s)->bind_conf == mcli_reload_bind_conf)
goto send_status;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
read_again:
/* if the channel is closed for read, we won't receive any more data
from the client, but we don't want to forward this close to the
server */
channel_dont_close(req);
/* We don't know yet to which server we will connect */
channel_dont_connect(req);
MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it The channel flag CF_READ_DONTWAIT is renamed to SC_FL_RCV_ONCE and moved into the stream-connector.
2023-03-16 09:40:03 -04:00
s->scf->flags |= SC_FL_RCV_ONCE;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* need more data */
if (!ci_data(req))
BUG/MEDIUM: cli: Never wait for more data on client shutdown When a shutdown is detected on the cli, we try to execute all pending commands first before closing the connection. It is required because commands execution is serialized. However, when the last part is a partial command, the cli connection is not closed, waiting for more data. Because there is no timeout for now on the cli socket, the connection remains infinitely in this state. And because the maxconn is set to 10, if it happens several times, the cli socket quickly becomes unresponsive because all its slots are waiting for more data on a closed connections. This patch should fix the issue #1512. It must be backported as far as 2.0.
2022-01-18 02:44:23 -05:00
goto missing_data;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* If there is data available for analysis, log the end of the idle time. */
if (c_data(req) && s->logs.t_idle == -1)
MEDIUM: clock: replace timeval "now" with integer "now_ns" This puts an end to the occasional confusion between the "now" date that is internal, monotonic and not synchronized with the system's date, and "date" which is the system's date and not necessarily monotonic. Variable "now" was removed and replaced with a 64-bit integer "now_ns" which is a counter of nanoseconds. It wraps every 585 years, so if all goes well (i.e. if humanity does not need haproxy anymore in 500 years), it will just never wrap. This implies that now_ns is never nul and that the zero value can reliably be used as "not set yet" for a timestamp if needed. This will also simplify date checks where it becomes possible again to do "date1<date2". All occurrences of "tv_to_ns(&now)" were simply replaced by "now_ns". Due to the intricacies between now, global_now and now_offset, all 3 had to be turned to nanoseconds at once. It's not a problem since all of them were solely used in 3 functions in clock.c, but they make the patch look bigger than it really is. The clock_update_local_date() and clock_update_global_date() functions are now much simpler as there's no need anymore to perform conversions nor to round the timeval up or down. The wrapping continues to happen by presetting the internal offset in the short future so that the 32-bit now_ms continues to wrap 20 seconds after boot. The start_time used to calculate uptime can still be turned to nanoseconds now. One interrogation concerns global_now_ms which is used only for the freq counters. It's unclear whether there's more value in using two variables that need to be synchronized sequentially like today or to just use global_now_ns divided by 1 million. Both approaches will work equally well on modern systems, the difference might come from smaller ones. Better not change anyhting for now. One benefit of the new approach is that we now have an internal date with a resolution of the nanosecond and the precision of the microsecond, which can be useful to extend some measurements given that timestamps also have this resolution.
2023-04-28 03:16:15 -04:00
s->logs.t_idle = ns_to_ms(now_ns - s->logs.accept_ts) - s->logs.t_handshake;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
to_forward = pcli_parse_request(s, req, &errmsg, &next_pid);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
if (to_forward > 0) {
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
int target_pid;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* enough data */
/* forward only 1 command */
channel_forward(req, to_forward);
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
CLEANUP: cli: use dedicated define instead of appctx ones Replace APPCTX_CLI_ST1_PAYLOAD and APPCTX_CLI_ST1_PROMPT by PCLI_F_PAYLOAD and PCLI_F_PROMPT in the master CLI code.
2018-12-13 03:05:46 -05:00
if (!(s->pcli_flags & PCLI_F_PAYLOAD)) {
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
/* we send only 1 command per request, and we write close after it */
MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown() After the flag renaming, it is now the turn for the channel function to be renamed and moved in the SC scope. channel_shutw_now() is replaced by sc_schedule_shutdown(). The request channel is replaced by the front SC and the response is replace by the back SC.
2023-04-13 09:56:26 -04:00
sc_schedule_shutdown(s->scb);
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
} else {
pcli_write_prompt(s);
}
s->res.flags |= CF_WAKE_ONCE; /* need to be called again */
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->res.analysers |= AN_RES_WAIT_CLI;
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
if (!(s->flags & SF_ASSIGNED)) {
if (next_pid > -1)
target_pid = next_pid;
else
target_pid = s->pcli_next_pid;
/* we can connect now */
s->target = pcli_pid_to_server(target_pid);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode The master process encounter a crash when trying to access an old process which left from the master CLI. To reproduce the problem, you need a prompt to a previous worker, then wait for this worker to leave, once it left launch a command from this prompt. The s->target is then filled with a NULL which is dereferenced when trying to connect(). This patch fixes the problem by checking if s->target is NULL. Must be backported as far as 2.0.
2021-12-10 08:14:53 -05:00
if (!s->target)
goto server_disconnect;
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
s->flags |= (SF_DIRECT | SF_ASSIGNED);
channel_auto_connect(req);
}
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
} else if (to_forward == 0) {
/* we trimmed things but we might have other commands to consume */
MEDIUM: cli: rework the CLI proxy parser Rework the CLI proxy parser to look more like the CLI parser, corner case and escaping are handled the same way. The parser now splits the commands in words instead of just handling the prefixes. It's easier to compare words and arguments of a command this way and to parse internal command that will be consumed directly by the CLI proxy.
2018-12-11 10:10:53 -05:00
pcli_write_prompt(s);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
goto read_again;
BUG/MEDIUM: cli: Never wait for more data on client shutdown When a shutdown is detected on the cli, we try to execute all pending commands first before closing the connection. It is required because commands execution is serialized. However, when the last part is a partial command, the cli connection is not closed, waiting for more data. Because there is no timeout for now on the cli socket, the connection remains infinitely in this state. And because the maxconn is set to 10, if it happens several times, the cli socket quickly becomes unresponsive because all its slots are waiting for more data on a closed connections. This patch should fix the issue #1512. It must be backported as far as 2.0.
2022-01-18 02:44:23 -05:00
} else if (to_forward == -1) {
MEDIUM: mworker/cli: does not disconnect the master CLI upon error In the proxy CLI analyzer, when pcli_parse_request returns -1, the client was shut to prevent any problem with the master CLI. This behavior is a little bit excessive and not handy at all in prompt mode. For example one could have activated multiples mode, then have an error which disconnect the CLI, and they would have to reconnect and enter all the modes again. This patch introduces the pcli_error() function, which only output an error and flush the input buffer, instead of closing everything. When encountering a parsing error, this function is used, and the prompt is written again, without any disconnection.
2023-05-14 12:36:00 -04:00
if (!errmsg) /* no error means missing data */
goto missing_data;
/* there was an error during the parsing */
pcli_error(s, errmsg);
pcli_write_prompt(s);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
return 0;
send_help:
b_reset(&req->buf);
b_putblk(&req->buf, "help\n", 5);
goto read_again;
BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode The master process encounter a crash when trying to access an old process which left from the master CLI. To reproduce the problem, you need a prompt to a previous worker, then wait for this worker to leave, once it left launch a command from this prompt. The s->target is then filled with a NULL which is dereferenced when trying to connect(). This patch fixes the problem by checking if s->target is NULL. Must be backported as far as 2.0.
2021-12-10 08:14:53 -05:00
MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status Upon a reload with the master CLI, the FD of the master CLI session is received by the internal socketpair listener. This session is used to display the status of the reload and then will close.
2022-09-24 10:14:50 -04:00
send_status:
s->pcli_flags |= PCLI_F_RELOAD;
CLEANUP: fix a few reported typos in code comments These are only the few relevant changes among those reported here: https://github.com/haproxy/haproxy/actions/runs/4856148287/jobs/8655397661
2023-05-07 01:07:44 -04:00
/* don't use ci_putblk here because SHUT_DONE could have been sent */
MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status Upon a reload with the master CLI, the FD of the master CLI session is received by the internal socketpair listener. This session is used to display the status of the reload and then will close.
2022-09-24 10:14:50 -04:00
b_reset(&req->buf);
b_putblk(&req->buf, "_loadstatus;quit\n", 17);
goto read_again;
BUG/MEDIUM: cli: Never wait for more data on client shutdown When a shutdown is detected on the cli, we try to execute all pending commands first before closing the connection. It is required because commands execution is serialized. However, when the last part is a partial command, the cli connection is not closed, waiting for more data. Because there is no timeout for now on the cli socket, the connection remains infinitely in this state. And because the maxconn is set to 10, if it happens several times, the cli socket quickly becomes unresponsive because all its slots are waiting for more data on a closed connections. This patch should fix the issue #1512. It must be backported as far as 2.0.
2022-01-18 02:44:23 -05:00
missing_data:
MINOR: stconn: Add a flag to report EOS at the stream-connector level SC_FL_EOS flag is added to report the end-of-stream at the SC level. It will be used to distinguish end of stream reported by the endoint, via the SE_FL_EOS flag, and the abort triggered by the stream, via the SC_FL_ABRT_DONE flag. In this patch, the flag is defined and is systematically tested everywhere SC_FL_ABRT_DONE is tested. It should be safe because it is never set.
2023-04-17 10:17:32 -04:00
if (s->scf->flags & (SC_FL_ABRT_DONE|SC_FL_EOS)) {
BUG/MEDIUM: cli: Never wait for more data on client shutdown When a shutdown is detected on the cli, we try to execute all pending commands first before closing the connection. It is required because commands execution is serialized. However, when the last part is a partial command, the cli connection is not closed, waiting for more data. Because there is no timeout for now on the cli socket, the connection remains infinitely in this state. And because the maxconn is set to 10, if it happens several times, the cli socket quickly becomes unresponsive because all its slots are waiting for more data on a closed connections. This patch should fix the issue #1512. It must be backported as far as 2.0.
2022-01-18 02:44:23 -05:00
/* There is no more request or a only a partial one and we
* receive a close from the client, we can leave */
MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown() After the flag renaming, it is now the turn for the channel function to be renamed and moved in the SC scope. channel_shutw_now() is replaced by sc_schedule_shutdown(). The request channel is replaced by the front SC and the response is replace by the back SC.
2023-04-13 09:56:26 -04:00
sc_schedule_shutdown(s->scf);
BUG/MEDIUM: cli: Never wait for more data on client shutdown When a shutdown is detected on the cli, we try to execute all pending commands first before closing the connection. It is required because commands execution is serialized. However, when the last part is a partial command, the cli connection is not closed, waiting for more data. Because there is no timeout for now on the cli socket, the connection remains infinitely in this state. And because the maxconn is set to 10, if it happens several times, the cli socket quickly becomes unresponsive because all its slots are waiting for more data on a closed connections. This patch should fix the issue #1512. It must be backported as far as 2.0.
2022-01-18 02:44:23 -05:00
s->req.analysers &= ~AN_REQ_WAIT_CLI;
return 1;
}
else if (channel_full(req, global.tune.maxrewrite)) {
/* buffer is full and we didn't catch the end of a command */
goto send_help;
}
return 0;
BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode The master process encounter a crash when trying to access an old process which left from the master CLI. To reproduce the problem, you need a prompt to a previous worker, then wait for this worker to leave, once it left launch a command from this prompt. The s->target is then filled with a NULL which is dereferenced when trying to connect(). This patch fixes the problem by checking if s->target is NULL. Must be backported as far as 2.0.
2021-12-10 08:14:53 -05:00
server_disconnect:
pcli_reply_and_close(s, "Can't connect to the target CLI!\n");
return 0;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
int pcli_wait_for_response(struct stream *s, struct channel *rep, int an_bit)
{
struct proxy *fe = strm_fe(s);
struct proxy *be = s->be;
MEDIUM: stream: Stop to use SE flags to detect read errors from analyzers In the same way the previous commit, we stop to use SE_FL_ERROR flag from analyzers and their sub-functions. We now fully rely on SC_FL_ERROR to do so.
2023-04-14 06:05:55 -04:00
if ((s->scb->flags & SC_FL_ERROR) || (rep->flags & (CF_READ_TIMEOUT|CF_WRITE_TIMEOUT)) ||
MINOR: tree-wide: Replace several chn_cons() by the corresponding SC At many places, call to chn_cons() can be easily replaced by the corresponding SC. It is a bit easier to understand which side is manipulated.
2023-04-13 10:37:37 -04:00
((s->scf->flags & SC_FL_SHUT_DONE) && (rep->to_forward || co_data(rep)))) {
MINOR: cli: can't connect to the target CLI Return an error and quit if the CLI proxy is not able to connect to a target.
2018-11-06 11:37:11 -05:00
pcli_reply_and_close(s, "Can't connect to the target CLI!\n");
BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time The proxy used by the master CLI is an internal proxy and no filter are registered on it. Thus, there is no reason to take care to set or unset filter analyzers in the master CLI analyzers. AN_REQ_FLT_END was set on the request channel to prevent the infinite forward and be sure to be able to process one commande at a time. However, the only work because CF_FLT_ANALYZE flag was used by error as a channel analyzer instead of a channel flag. This erroneously set AN_RES_FLT_END on the request channel, that really prevent the infinite forward, be side effet. In fact, We must avoid this kind of trick because this only work by chance and may be source of bugs in future. Instead, we must always keep the CLI request analyzer and add an early return if the response is not fully processed. It happens when the CLI response analyzer is set. This patch must be backported as far as 2.0.
2021-10-18 08:52:49 -04:00
s->req.analysers &= ~AN_REQ_WAIT_CLI;
MINOR: cli: can't connect to the target CLI Return an error and quit if the CLI proxy is not able to connect to a target.
2018-11-06 11:37:11 -05:00
s->res.analysers &= ~AN_RES_WAIT_CLI;
return 0;
}
MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it The channel flag CF_READ_DONTWAIT is renamed to SC_FL_RCV_ONCE and moved into the stream-connector.
2023-03-16 09:40:03 -04:00
s->scb->flags |= SC_FL_RCV_ONCE; /* try to get back here ASAP */
MINOR: stconn/channel: Move CF_NEVER_WAIT into the SC and rename it The channel flag CF_NEVER_WAIT is renamed to SC_FL_SND_NEVERWAIT and moved into the stream-connector.
2023-03-17 10:38:18 -04:00
s->scf->flags |= SC_FL_SND_NEVERWAIT;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* don't forward the close */
channel_dont_close(&s->res);
channel_dont_close(&s->req);
CLEANUP: cli: use dedicated define instead of appctx ones Replace APPCTX_CLI_ST1_PAYLOAD and APPCTX_CLI_ST1_PROMPT by PCLI_F_PAYLOAD and PCLI_F_PROMPT in the master CLI code.
2018-12-13 03:05:46 -05:00
if (s->pcli_flags & PCLI_F_PAYLOAD) {
MEDIUM: cli: handle payload in CLI proxy The CLI proxy was not handling payload. To do that, we needed to keep a connection active on a server and to transfer each new line over that connection until we receive a empty line. The CLI proxy handles the payload in the same way that the CLI do it. Examples: $ echo -e "@1;add map #-1 <<\n$(cat data)\n" | socat /tmp/master-socket - $ socat /tmp/master-socket readline prompt master> @1 25130> add map #-1 << + test test + test2 test2 + test3 test3 + 25130>
2018-12-11 10:10:57 -05:00
s->res.analysers &= ~AN_RES_WAIT_CLI;
s->req.flags |= CF_WAKE_ONCE; /* need to be called again if there is some command left in the request */
return 0;
}
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* forward the data */
if (ci_data(rep)) {
c_adv(rep, ci_data(rep));
return 0;
}
MINOR: stconn: Add a flag to report EOS at the stream-connector level SC_FL_EOS flag is added to report the end-of-stream at the SC level. It will be used to distinguish end of stream reported by the endoint, via the SE_FL_EOS flag, and the abort triggered by the stream, via the SC_FL_ABRT_DONE flag. In this patch, the flag is defined and is systematically tested everywhere SC_FL_ABRT_DONE is tested. It should be safe because it is never set.
2023-04-17 10:17:32 -04:00
if (s->scb->flags & (SC_FL_ABRT_DONE|SC_FL_EOS)) {
MEDIUM: log: consider log-steps proxy setting for existing log origins During tcp/http transaction processing, haproxy may produce logs at different steps during the processing (accept, connect, request, response, close). But the behavior is hardly configurable because haproxy will only emit a single log per transaction, and by default it will try to produce the log once all log aliases or fetches used in the logformat could be satisfied, which means the log is often emitted during connection teardown, unless "option logasap" is used. We were often asked to have a way to emit multiple logs for a single transaction, like for instance emit log during accept, then request, response and close for instance, see GH #401 for more context. Thanks to "log-steps" keyword introduced by commit "MINOR: log: introduce "log-steps" proxy keyword", it is now possible to explictly configure when logs should be generated by haproxy when processing a transaction. This commit adds the required checks so that log-steps proxy option is properly considered for existing logs generated by haproxy. If "log-steps" is not specified on the proxy, the old behavior is preserved. Note: a slight cpu overhead should only be visible when "log-steps" keyword will be used due to the implementation relying on eb32 lookup instead of basic bitfield check as described in "MINOR: proxy: add log_steps struct member". However, the default behavior shouldn't be affected. When combining log-steps with log-profiles, user has the ability to explicitly control how and when haproxy should generate logs during requests handling.
2024-09-04 09:03:46 -04:00
uint8_t do_log = 0;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* stream cleanup */
MEDIUM: cli: write a prompt for the CLI proxy of the master Write a prompt with the PID of the target or master. It's always activated for now. Example: 1234> master>
2018-10-26 08:47:47 -04:00
pcli_write_prompt(s);
CLEANUP: stconn: tree-wide rename stream connector flags CS_FL_* to SC_FL_* This follows the natural naming. There are roughly 100 changes, all totally trivial.
2022-05-17 13:44:42 -04:00
s->scb->flags |= SC_FL_NOLINGER | SC_FL_NOHALF;
MINOR: channel/stconn: Replace sc_shutr() by sc_abort() All reference to a shutr is replaced by an abort. So sc_shutr() is renamed sc_abort(). SC app ops functions are renamed accordingly.
2023-04-13 10:10:23 -04:00
sc_abort(s->scb);
MINOR: channel/stconn: Replace sc_shutw() by sc_shutdown() All reference to a shutw is replaced by an abort. So sc_shutw() is renamed sc_shutdown(). SC app ops functions are renamed accordingly.
2023-04-13 10:23:48 -04:00
sc_shutdown(s->scb);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/*
* starting from there this the same code as
* http_end_txn_clean_session().
*
* It allows to do frontend keepalive while reconnecting to a
* new server for each request.
*/
if (s->flags & SF_BE_ASSIGNED) {
CLEANUP: atomic/tree-wide: replace single increments/decrements with inc/dec This patch replaces roughly all occurrences of an HA_ATOMIC_ADD(&foo, 1) or HA_ATOMIC_SUB(&foo, 1) with the equivalent HA_ATOMIC_INC(&foo) and HA_ATOMIC_DEC(&foo) respectively. These are 507 changes over 45 files.
2021-04-06 07:53:36 -04:00
HA_ATOMIC_DEC(&be->beconn);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
if (unlikely(s->srv_conn))
sess_change_server(s, NULL);
}
MEDIUM: clock: replace timeval "now" with integer "now_ns" This puts an end to the occasional confusion between the "now" date that is internal, monotonic and not synchronized with the system's date, and "date" which is the system's date and not necessarily monotonic. Variable "now" was removed and replaced with a 64-bit integer "now_ns" which is a counter of nanoseconds. It wraps every 585 years, so if all goes well (i.e. if humanity does not need haproxy anymore in 500 years), it will just never wrap. This implies that now_ns is never nul and that the zero value can reliably be used as "not set yet" for a timestamp if needed. This will also simplify date checks where it becomes possible again to do "date1<date2". All occurrences of "tv_to_ns(&now)" were simply replaced by "now_ns". Due to the intricacies between now, global_now and now_offset, all 3 had to be turned to nanoseconds at once. It's not a problem since all of them were solely used in 3 functions in clock.c, but they make the patch look bigger than it really is. The clock_update_local_date() and clock_update_global_date() functions are now much simpler as there's no need anymore to perform conversions nor to round the timeval up or down. The wrapping continues to happen by presetting the internal offset in the short future so that the 32-bit now_ms continues to wrap 20 seconds after boot. The start_time used to calculate uptime can still be turned to nanoseconds now. One interrogation concerns global_now_ms which is used only for the freq counters. It's unclear whether there's more value in using two variables that need to be synchronized sequentially like today or to just use global_now_ns divided by 1 million. Both approaches will work equally well on modern systems, the difference might come from smaller ones. Better not change anyhting for now. One benefit of the new approach is that we now have an internal date with a resolution of the nanosecond and the precision of the microsecond, which can be useful to extend some measurements given that timestamps also have this resolution.
2023-04-28 03:16:15 -04:00
s->logs.t_close = ns_to_ms(now_ns - s->logs.accept_ts);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
stream_process_counters(s);
/* don't count other requests' data */
s->logs.bytes_in -= ci_data(&s->req);
s->logs.bytes_out -= ci_data(&s->res);
/* we may need to know the position in the queue */
pendconn_free(s);
/* let's do a final log if we need it */
MEDIUM: log: consider log-steps proxy setting for existing log origins During tcp/http transaction processing, haproxy may produce logs at different steps during the processing (accept, connect, request, response, close). But the behavior is hardly configurable because haproxy will only emit a single log per transaction, and by default it will try to produce the log once all log aliases or fetches used in the logformat could be satisfied, which means the log is often emitted during connection teardown, unless "option logasap" is used. We were often asked to have a way to emit multiple logs for a single transaction, like for instance emit log during accept, then request, response and close for instance, see GH #401 for more context. Thanks to "log-steps" keyword introduced by commit "MINOR: log: introduce "log-steps" proxy keyword", it is now possible to explictly configure when logs should be generated by haproxy when processing a transaction. This commit adds the required checks so that log-steps proxy option is properly considered for existing logs generated by haproxy. If "log-steps" is not specified on the proxy, the old behavior is preserved. Note: a slight cpu overhead should only be visible when "log-steps" keyword will be used due to the implementation relying on eb32 lookup instead of basic bitfield check as described in "MINOR: proxy: add log_steps struct member". However, the default behavior shouldn't be affected. When combining log-steps with log-profiles, user has the ability to explicitly control how and when haproxy should generate logs during requests handling.
2024-09-04 09:03:46 -04:00
if (fe->to_log == LW_LOGSTEPS) {
if (log_orig_proxy(LOG_ORIG_TXN_CLOSE, fe))
do_log = 1;
}
else if (!lf_expr_isempty(&fe->logformat) && s->logs.logwait)
do_log = 1;
if (do_log &&
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
!(s->flags & SF_MONITOR) &&
(!(fe->options & PR_O_NULLNOLOG) || s->req.total)) {
MINOR: log: introduce log_orig flags Rename 'enum log_orig' to 'enum log_orig_id', since this enum specifically contains the log origin ids. Add 'struct log_orig' which wraps 'enum log_orig' with optional flags (no flags defined for now). Add log_orig() helper func that takes id and flags as parameter and returns log_orig struct initialized with input arguments. Update functions taking log origin as parameter so they explicitly take log orig id or log orig wrapper as argument depending on the level of context expected by the function.
2024-09-23 11:22:45 -04:00
s->do_log(s, log_orig(LOG_ORIG_TXN_CLOSE, LOG_ORIG_FL_NONE));
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
/* stop tracking content-based counters */
stream_stop_content_counters(s);
stream_update_time_stats(s);
s->logs.accept_date = date; /* user-visible date for logging */
MEDIUM: clock: replace timeval "now" with integer "now_ns" This puts an end to the occasional confusion between the "now" date that is internal, monotonic and not synchronized with the system's date, and "date" which is the system's date and not necessarily monotonic. Variable "now" was removed and replaced with a 64-bit integer "now_ns" which is a counter of nanoseconds. It wraps every 585 years, so if all goes well (i.e. if humanity does not need haproxy anymore in 500 years), it will just never wrap. This implies that now_ns is never nul and that the zero value can reliably be used as "not set yet" for a timestamp if needed. This will also simplify date checks where it becomes possible again to do "date1<date2". All occurrences of "tv_to_ns(&now)" were simply replaced by "now_ns". Due to the intricacies between now, global_now and now_offset, all 3 had to be turned to nanoseconds at once. It's not a problem since all of them were solely used in 3 functions in clock.c, but they make the patch look bigger than it really is. The clock_update_local_date() and clock_update_global_date() functions are now much simpler as there's no need anymore to perform conversions nor to round the timeval up or down. The wrapping continues to happen by presetting the internal offset in the short future so that the 32-bit now_ms continues to wrap 20 seconds after boot. The start_time used to calculate uptime can still be turned to nanoseconds now. One interrogation concerns global_now_ms which is used only for the freq counters. It's unclear whether there's more value in using two variables that need to be synchronized sequentially like today or to just use global_now_ns divided by 1 million. Both approaches will work equally well on modern systems, the difference might come from smaller ones. Better not change anyhting for now. One benefit of the new approach is that we now have an internal date with a resolution of the nanosecond and the precision of the microsecond, which can be useful to extend some measurements given that timestamps also have this resolution.
2023-04-28 03:16:15 -04:00
s->logs.accept_ts = now_ns; /* corrected date for internal use */
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->logs.t_handshake = 0; /* There are no handshake in keep alive connection. */
s->logs.t_idle = -1;
MEDIUM: tree-wide: replace timeval with nanoseconds in tv_accept and tv_request Let's get rid of timeval in storage of internal timestamps so that they are no longer mistaken for wall clock time. These were exclusively used subtracted from each other or to/from "now" after being converted to ns, so this patch removes the tv_to_ns() conversion to use them natively. Two occurrences of tv_isge() were turned to a regular wrapping subtract.
2023-04-27 03:46:02 -04:00
s->logs.request_ts = 0;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->logs.t_queue = -1;
s->logs.t_connect = -1;
s->logs.t_data = -1;
s->logs.t_close = 0;
s->logs.prx_queue_pos = 0; /* we get the number of pending conns before us */
s->logs.srv_queue_pos = 0; /* we will get this number soon */
s->logs.bytes_in = s->req.total = ci_data(&s->req);
s->logs.bytes_out = s->res.total = ci_data(&s->res);
stream_del_srv_conn(s);
if (objt_server(s->target)) {
if (s->flags & SF_CURR_SESS) {
s->flags &= ~SF_CURR_SESS;
CLEANUP: atomic/tree-wide: replace single increments/decrements with inc/dec This patch replaces roughly all occurrences of an HA_ATOMIC_ADD(&foo, 1) or HA_ATOMIC_SUB(&foo, 1) with the equivalent HA_ATOMIC_INC(&foo) and HA_ATOMIC_DEC(&foo) respectively. These are 507 changes over 45 files.
2021-04-06 07:53:36 -04:00
HA_ATOMIC_DEC(&__objt_server(s->target)->cur_sess);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
BUILD: threads: fix minor build warnings when threads are disabled These potential null-deref warnings are emitted on gcc 7 and above when threads are disabled due to the use of objt_server() after an existing validity test. Let's switch to __objt_server() since we know the pointer is valid, it will not confuse the compiler. Some of these may be backported to 1.8.
2018-12-02 13:28:41 -05:00
if (may_dequeue_tasks(__objt_server(s->target), be))
MEDIUM: queue: simplify again the process_srv_queue() API (v2) This basically undoes the API changes that were performed by commit 0274286dd ("BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check") to address the deadlock issue: since process_srv_queue() doesn't use the server lock anymore, it doesn't need the "server_locked" argument, so let's get rid of it before it gets used again.
2021-06-22 12:47:51 -04:00
process_srv_queue(__objt_server(s->target));
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
s->target = NULL;
BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli When several commands are chained on the master CLI, the same client connection is used. Because, it is a TCP connection, the mux PT is used. It means there is no stream at the mux level. It is not possible to release the applicative stream between each commands as for the HTTP. So, to work around this limitation, between two commands, the master CLI is resetting the stream. It does exactly what it was performed on HTTP to manage keep-alive connections on old HAProxy versions. But this part was copied from a code dealing with connection only while the back endpoint can be an applet or a mux for the master cli. The previous fix on the mux PT ("BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown") revealed a bug. Between two commands, the back endpoint was only released if the connection's XPRT was closed. This works if the back endpoint is an applet because there is no connection. But for commands sent to a worker, a connection is used. At this stage, this only works if the connection's XPRT is closed. Otherwise, the old endpoint is never detached leading to undefined behavior on the next command execution (most probably a crash). Without the commit above, the connection's XPRT is always closed on shutdown. It is no longer true. At this stage, we must inconditionnally release the back endpoint by resetting the corresponding sedesc to fix the bug. This patch must be backported with the commit above in all stable versions. On 2.4 and lower, it will need to be adapted.
2024-09-02 12:29:02 -04:00
/* Always release our endpoint */
s->srv_conn = NULL;
if (sc_reset_endp(s->scb) < 0) {
if (!s->conn_err_type)
s->conn_err_type = STRM_ET_CONN_OTHER;
if (s->srv_error)
s->srv_error(s, s->scb);
return 1;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
}
BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli When several commands are chained on the master CLI, the same client connection is used. Because, it is a TCP connection, the mux PT is used. It means there is no stream at the mux level. It is not possible to release the applicative stream between each commands as for the HTTP. So, to work around this limitation, between two commands, the master CLI is resetting the stream. It does exactly what it was performed on HTTP to manage keep-alive connections on old HAProxy versions. But this part was copied from a code dealing with connection only while the back endpoint can be an applet or a mux for the master cli. The previous fix on the mux PT ("BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown") revealed a bug. Between two commands, the back endpoint was only released if the connection's XPRT was closed. This works if the back endpoint is an applet because there is no connection. But for commands sent to a worker, a connection is used. At this stage, this only works if the connection's XPRT is closed. Otherwise, the old endpoint is never detached leading to undefined behavior on the next command execution (most probably a crash). Without the commit above, the connection's XPRT is always closed on shutdown. It is no longer true. At this stage, we must inconditionnally release the back endpoint by resetting the corresponding sedesc to fix the bug. This patch must be backported with the commit above in all stable versions. On 2.4 and lower, it will need to be adapted.
2024-09-02 12:29:02 -04:00
se_fl_clr(s->scb->sedesc, ~SE_FL_DETACHED);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
CLEANUP: stream: rename "csf" and "csb" to "scf" and "scb" These are the stream connectors, let's give them consistent names. The patch is large (405 locations) but totally trivial.
2022-05-17 13:40:40 -04:00
sockaddr_free(&s->scb->dst);
MAJOR: stream: store the target address into s->target_addr When forcing the outgoing address of a connection, till now we used to allocate this outgoing connection and set the address into it, then set SF_ADDR_SET. With connection reuse this causes a whole lot of issues and difficulties in the code. Thanks to the previous changes, it is now possible to store the target address into the stream instead, and copy the address from the stream to the connection when initializing the connection. assign_server_address() does this and as a result SF_ADDR_SET now reflects the presence of the target address in the stream, not in the connection. The http_proxy mode, the peers and the master's CLI now use the same mechanism. For now the existing connection code was not removed to limit the amount of tricky changes, but the allocated connection is not used anymore. This change also revealed a latent issue that we've been having around option http_proxy : the address was set in the connection but neither the SF_ADDR_SET nor the SF_ASSIGNED flags were set. It looks like the connection could establish only due to the fact that it existed with a non-null destination address.
2019-07-18 09:47:45 -04:00
CLEANUP: stconn: rename final state manipulation functions from cs_* to sc_* This applies the following renaming. It's a bit large but pretty mechanical: cs_state -> sc_state (enum) cs_alloc_ibuf() -> sc_alloc_ibuf() cs_is_conn_error() -> sc_is_conn_error() cs_opposite() -> sc_opposite() cs_report_error() -> sc_report_error() cs_set_state() -> sc_set_state() cs_state_bit() -> sc_state_bit() cs_state_in() -> sc_state_in() cs_state_str() -> sc_state_str()
2022-05-27 03:03:30 -04:00
sc_set_state(s->scb, SC_ST_INI);
MINOR: stconn: Add a flag to ack endpoint errors at SC level The flag SC_FL_ERROR is added to ack errors on the endpoint. When SE_FL_ERROR flag is detected on the SE descriptor, the corresponding is set on the SC. Idea is to avoid, as far as possible, to manipulated the SE descriptor in upper layers and know when an error in the endpoint is handled by the SC. For now, this flag is only set and cleared but never tested.
2023-04-14 04:42:08 -04:00
s->scb->flags &= ~(SC_FL_ERROR|SC_FL_SHUT_DONE|SC_FL_SHUT_WANTED);
CLEANUP: stconn: tree-wide rename stream connector flags CS_FL_* to SC_FL_* This follows the natural naming. There are roughly 100 changes, all totally trivial.
2022-05-17 13:44:42 -04:00
s->scb->flags &= SC_FL_ISBACK | SC_FL_DONT_WAKE; /* we're in the context of process_stream */
MEDIUM: tree-wide: Move flags about shut from the channel to the SC The purpose of this patch is only a one-to-one replacement, as far as possible. CF_SHUTR(_NOW) and CF_SHUTW(_NOW) flags are now carried by the stream-connecter. CF_ prefix is replaced by SC_FL_ one. Of course, it is not so simple because at many places, we were testing if a channel was shut for reads and writes in same time. To do the same, shut for reads must be tested on one side on the SC and shut for writes on the other side on the opposite SC. A special care was taken with process_stream(). flags of SCs must be saved to be able to detect changes, just like for the channels.
2023-04-03 12:32:50 -04:00
s->req.flags &= ~(CF_AUTO_CONNECT|CF_STREAMER|CF_STREAMER_FAST|CF_WROTE_DATA);
s->res.flags &= ~(CF_STREAMER|CF_STREAMER_FAST|CF_WRITE_EVENT|CF_WROTE_DATA|CF_READ_EVENT);
MEDIUM: stream: remove the confusing SF_ADDR_SET flag This flag is no longer needed now that it must always match the presence of a destination address on the backend conn_stream. Worse, before previous patch, if it were to be accidently removed while the address is present, it could result in a leak of that address since alloc_dst_address() would first be called to flush it. Its usage has a long history where addresses were stored in an area shared with the connection, but as this is no longer the case, there's no reason for putting this burden onto application-level code that should not focus on setting obscure flags. The only place where that made a small difference is in the dequeuing code in case of queue redistribution, because previously the code would first clear the flag, and only later when trying to deal with the queue, would release the address. It's not even certain whether there would exist a code path going to connect_server() without calling pendconn_dequeue() first (e.g. retries on queue timeout maybe?). Now the pendconn_dequeue() code will rely on SF_ASSIGNED to decide to clear and release the address, since that flag is always set while in a server's queue, and its clearance implies that we don't want to keep the address. At least it remains consistent and there's no more risk of leaking it.
2022-05-02 10:36:47 -04:00
s->flags &= ~(SF_DIRECT|SF_ASSIGNED|SF_BE_ASSIGNED|SF_FORCE_PRST|SF_IGNORE_PRST);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->flags &= ~(SF_CURR_SESS|SF_REDIRECTABLE|SF_SRV_REUSED);
s->flags &= ~(SF_ERR_MASK|SF_FINST_MASK|SF_REDISP);
MINOR: stream-int/stream: Move conn_retries counter in the stream The conn_retries counter may be moved into the stream structure. It only concerns the connection establishment. The frontend stream-interface does not use it. So it is a logical change.
2022-03-29 09:42:09 -04:00
s->conn_retries = 0; /* used for logging too */
MEDIUM: stream-int/stream: Use connect expiration instead of SI expiration The expiration date in the stream-interface was only used on the server side to set the connect, queue or turn-around timeout. It was checked on the frontend stream-interface, but never used concretely. So it was removed and replaced by a connect expiration date in the stream itself. Thus, SI_FL_EXP flag in stream-interfaces is replaced by a stream flag, SF_CONN_EXP.
2022-03-29 13:02:31 -04:00
s->conn_exp = TICK_ETERNITY;
MEDIUM: stream-int: Move SI err_type in the stream Only the server side is concerned by the stream-interface error type. It is useless to have an err_type field on the client side. So, it is now move to the stream. SI_ET_* are renames STRM_ET_* and moved in stream-t.h header file.
2022-03-30 13:39:30 -04:00
s->conn_err_type = STRM_ET_NONE;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* reinitialise the current rule list pointer to NULL. We are sure that
* any rulelist match the NULL pointer.
*/
s->current_rule_list = NULL;
s->be = strm_fe(s);
s->logs.logwait = strm_fe(s)->to_log;
s->logs.level = 0;
stream_del_srv_conn(s);
s->target = NULL;
/* re-init store persistence */
s->store_count = 0;
BUG/MINOR: cli: Atomically inc the global request counter between CLI commands The global request counter is used to set the stream id (s->uniq_id). It is incremented at different places. And it must be atomically incremented because it is a global value. However, in the analyer dealing with CLI command response, this was not the case. It is now fixed. This patch must be backported to all stable versions.
2024-07-16 08:42:20 -04:00
s->uniq_id = _HA_ATOMIC_FETCH_ADD(&global.req_count, 1);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
BUG/MINOR: mcli: Pretend the mux have more data to deliver between two commands Since the commit "OPTIM: stconn: Don't pretend mux have more data to deliver on EOI/EOS/ERROR", the SC no longer pretend its mux have more data to deliver when one of EOI/EOS/ERROR flags are set on its sedesc. However, for the master cli, it is an issue because any EOI/EOS at the end of a command is in fact detected on the attempt to get the next command. To do so, the stream is reset. Because if the commit above, the next received is never performed. To fix the issue, when the stream is reset, the front SC pretend its mux have more data to deliver. This patch must only be bacported if the commit above is backported.
2024-09-27 12:14:33 -04:00
s->scf->flags &= ~(SC_FL_EOI|SC_FL_EOS|SC_FL_ERROR|SC_FL_ABRT_DONE|SC_FL_ABRT_WANTED);
MINOR: stconn/channel: Move CF_NEVER_WAIT into the SC and rename it The channel flag CF_NEVER_WAIT is renamed to SC_FL_SND_NEVERWAIT and moved into the stream-connector.
2023-03-17 10:38:18 -04:00
s->scf->flags &= ~SC_FL_SND_NEVERWAIT;
MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it The channel flag CF_READ_DONTWAIT is renamed to SC_FL_RCV_ONCE and moved into the stream-connector.
2023-03-16 09:40:03 -04:00
s->scf->flags |= SC_FL_RCV_ONCE; /* one read is usually enough */
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
BUG/MINOR: mcli: Pretend the mux have more data to deliver between two commands Since the commit "OPTIM: stconn: Don't pretend mux have more data to deliver on EOI/EOS/ERROR", the SC no longer pretend its mux have more data to deliver when one of EOI/EOS/ERROR flags are set on its sedesc. However, for the master cli, it is an issue because any EOI/EOS at the end of a command is in fact detected on the attempt to get the next command. To do so, the stream is reset. Because if the commit above, the next received is never performed. To fix the issue, when the stream is reset, the front SC pretend its mux have more data to deliver. This patch must only be bacported if the commit above is backported.
2024-09-27 12:14:33 -04:00
se_have_more_data(s->scf->sedesc);
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->req.flags |= CF_WAKE_ONCE; /* need to be called again if there is some command left in the request */
s->res.analysers &= ~AN_RES_WAIT_CLI;
/* We must trim any excess data from the response buffer, because we
* may have blocked an invalid response from a server that we don't
CLEANUP: assorted typo fixes in the code and comments This is 7th iteration of typo fixes
2020-04-07 16:07:56 -04:00
* want to accidentally forward once we disable the analysers, nor do
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
* we want those data to come along with next response. A typical
* example of such data would be from a buggy server responding to
* a HEAD with some data, or sending more than the advertised
* content-length.
*/
if (unlikely(ci_data(&s->res)))
b_set_data(&s->res.buf, co_data(&s->res));
/* Now we can realign the response buffer */
c_realign_if_empty(&s->res);
MEDIUM: stconn: Replace read and write timeouts by a unique I/O timeout Read and write timeouts (.rto and .wto) are now replaced by an unique timeout, call .ioto. Since the recent refactoring on channel's timeouts, both use the same value, the client timeout on client side and the server timeout on the server side. Thus, this part may be simplified. Now it represents the I/O timeout.
2023-02-15 02:13:33 -05:00
s->scf->ioto = strm_fe(s)->timeout.client;
s->scb->ioto = TICK_ETERNITY;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
s->req.analyse_exp = TICK_ETERNITY;
s->res.analyse_exp = TICK_ETERNITY;
CLEANUP: stconn: Remove old read and write expiration dates Old read and write expiration dates are no longer used. Thus we can safely remove them.
2023-02-20 02:23:51 -05:00
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* we're removing the analysers, we MUST re-enable events detection.
* We don't enable close on the response channel since it's either
* already closed, or in keep-alive with an idle connection handler.
*/
channel_auto_read(&s->req);
channel_auto_close(&s->req);
channel_auto_read(&s->res);
return 1;
}
return 0;
}
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
/*
* The mworker functions are used to initialize the CLI in the master process
*/
MEDIUM: mworker: stop the master proxy in the workers The master proxy which handles the CLI should not be used or shown in the stats of the workers. This proxy is now disabled after the fork.
2018-10-26 08:47:45 -04:00
/*
* Stop the mworker proxy
*/
void mworker_cli_proxy_stop()
{
MEDIUM: mworker: does not create the CLI proxy when no listener Does not create the CLI proxy if no -S argument was specified. It prevents a warning that says that the MASTER proxy does not have any bind option.
2018-11-06 11:37:12 -05:00
if (mworker_proxy)
stop_proxy(mworker_proxy);
MEDIUM: mworker: stop the master proxy in the workers The master proxy which handles the CLI should not be used or shown in the stats of the workers. This proxy is now disabled after the fork.
2018-10-26 08:47:45 -04:00
}
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
/*
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
* Create the MASTER proxy
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
*/
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
int mworker_cli_create_master_proxy(char **errmsg)
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
{
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
mworker_proxy = alloc_new_proxy("MASTER", PR_CAP_LISTEN|PR_CAP_INT, errmsg);
if (!mworker_proxy) {
return -1;
}
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
mworker_proxy->mode = PR_MODE_CLI;
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
/* default to 10 concurrent connections */
mworker_proxy->maxconn = 10;
/* no timeout */
mworker_proxy->timeout.client = 0;
mworker_proxy->conf.file = strdup("MASTER");
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
mworker_proxy->conf.line = 0;
mworker_proxy->accept = frontend_accept;
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
mworker_proxy->lbprm.algo = BE_LB_ALGO_NONE;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
/* Does not init the default target the CLI applet, but must be done in
* the request parsing code */
mworker_proxy->default_target = NULL;
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
mworker_proxy->next = proxies_list;
proxies_list = mworker_proxy;
return 0;
}
/*
* Attach servers to ipc_fd[0] of all presented in proc_list workers. Master and
* worker share MCLI sockpair (ipc_fd[0] and ipc_fd[1]). Servers are attached to
* ipc_fd[0], which is always opened at master side. ipc_fd[0] of worker, started
* before the reload, is inherited in master after the reload (execvp).
*/
int mworker_cli_attach_server(char **errmsg)
{
char *msg = NULL;
struct mworker_proc *child;
BUG_ON((mworker_proxy == NULL), "Triggered in mworker_cli_attach_server(), "
"mworker_proxy must be created before this call.\n");
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
/* create all servers using the mworker_proc list */
list_for_each_entry(child, &proc_list, list) {
struct server *newsrv = NULL;
struct sockaddr_storage *sk;
int port1, port2, port;
struct protocol *proto;
BUG/MINOR: cli/mworker: can't start haproxy with 2 programs When trying to start HAProxy with the master CLI and more than one program in the configuration, it refuses to start with: [ALERT] 013/132926 (1378) : parsing [cur--1:0] : proxy 'MASTER', another server named 'cur--1' was already defined at line 0, please use distinct names. [ALERT] 013/132926 (1378) : Fatal errors found in configuration. The problem is that haproxy tries to create a server for the MASTER proxy but only the worker are supposed to be in the server list. Fix issue #446. Must be backported as far as 2.0.
2020-01-14 09:25:02 -05:00
/* only the workers support the master CLI */
if (!(child->options & PROC_O_TYPE_WORKER))
continue;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
newsrv = new_server(mworker_proxy);
if (!newsrv)
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
if (child->options & PROC_O_INIT)
MEDIUM: global: remove the relative_pid from global and mworker The relative_pid is always 1. In mworker mode we also have a child->relative_pid which is always equalt relative_pid, except for a master (0) or external process (-1), but these types are usually tested for, except for one place that was amended to carefully check for the PROC_O_TYPE_WORKER option. Changes were pretty limited as most usages of relative_pid were for designating a process in stats output and peers protocol.
2021-06-15 03:08:18 -04:00
memprintf(&msg, "cur-%d", 1);
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
else
memprintf(&msg, "old-%d", child->pid);
newsrv->next = mworker_proxy->srv;
mworker_proxy->srv = newsrv;
newsrv->conf.file = strdup(msg);
newsrv->id = strdup(msg);
newsrv->conf.line = 0;
memprintf(&msg, "sockpair@%d", child->ipc_fd[0]);
MINOR: tools: make str2sa_range() directly return type hints str2sa_range() already allows the caller to provide <proto> in order to get a pointer on the protocol matching with the string input thanks to 5fc9328a ("MINOR: tools: make str2sa_range() directly return the protocol") However, as stated into the commit message, there is a trick: "we can fail to return a protocol in case the caller accepts an fqdn for use later. This is what servers do and in this case it is valid to return no protocol" In this case, we're unable to return protocol because the protocol lookup depends on both the [proto type + xprt type] and the [family type] to be known. While family type might not be directly resolved when fqdn is involved (because family type might be discovered using DNS queries), proto type and xprt type are already known. As such, the caller might be interested in knowing those address related hints even if the address family type is not yet resolved and thus the matching protocol cannot be looked up. Thus in this patch we add the optional net_addr_type (custom type) argument to str2sa_range to enable the caller to check the protocol type and transport type when the function succeeds.
2023-11-09 05:19:24 -05:00
if ((sk = str2sa_range(msg, &port, &port1, &port2, NULL, &proto, NULL,
MINOR: mworker/cli: split mworker_cli_proxy_create There are two parts in mworker_cli_proxy_create(): allocating and setting up MASTER proxy and allocating and setting up servers on ipc_fd[0] of the sockpairs shared with workers. So, let's split mworker_cli_proxy_create() into two functions respectively. Each of them takes **errmsg as an argument to write an error message, which may be triggered by some subcalls. The content of this errmsg will allow to extend the final alert message shown to user, if these new functions will fail. The main goals of this split is to allow to move these two parts independantly in future and makes the code of haproxy initialization in haproxy.c more transparent.
2024-10-23 11:29:10 -04:00
errmsg, NULL, NULL, NULL, PA_O_STREAM)) == 0) {
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
BUG/MINOR: cli: Fix memory leak Valgrind's memcheck reports memory leaks in cli.c, because the out parameter of memprintf is not properly freed: ==31035== 11 bytes in 1 blocks are definitely lost in loss record 16 of 101 ==31035== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4C2FDEF: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4A3C72: my_realloc2 (standard.h:1364) ==31035== by 0x4A3C72: memvprintf (standard.c:3459) ==31035== by 0x4A3D93: memprintf (standard.c:3482) ==31035== by 0x4AF77E: mworker_cli_sockpair_new (cli.c:2324) ==31035== by 0x48E826: init (haproxy.c:1749) ==31035== by 0x408BBC: main (haproxy.c:2725) ==31035== ==31035== 11 bytes in 1 blocks are definitely lost in loss record 17 of 101 ==31035== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4C2FDEF: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4A3C72: my_realloc2 (standard.h:1364) ==31035== by 0x4A3C72: memvprintf (standard.c:3459) ==31035== by 0x4A3D93: memprintf (standard.c:3482) ==31035== by 0x4AF071: mworker_cli_proxy_create (cli.c:2172) ==31035== by 0x48EC89: init (haproxy.c:1760) ==31035== by 0x408BBC: main (haproxy.c:2725) These leaks were introduced in commits ce83b4a5dd48c000dec68f9d551945d21e9ac7ac and 8a02257d88276e2f2f10c407d2961995f74a192c which are specific to haproxy 1.9 dev.
2018-11-22 10:46:50 -05:00
}
CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) This makes the code more readable and less prone to copy-paste errors. In addition, it allows to place some __builtin_constant_p() predicates to trigger a link-time error in case the compiler knows that the freed area is constant. It will also produce compile-time error if trying to free something that is not a regular pointer (e.g. a function). The DEBUG_MEM_STATS macro now also defines an instance for ha_free() so that all these calls can be checked. 178 occurrences were converted. The vast majority of them were handled by the following Coccinelle script, some slightly refined to better deal with "&*x" or with long lines: @ rule @ expression E; @@ - free(E); - E = NULL; + ha_free(&E); It was verified that the resulting code is the same, more or less a handful of cases where the compiler optimized slightly differently the temporary variable that holds the copy of the pointer. A non-negligible amount of {free(str);str=NULL;str_len=0;} are still present in the config part (mostly header names in proxies). These ones should also be cleaned for the same reasons, and probably be turned into ist strings.
2021-02-20 04:46:51 -05:00
ha_free(&msg);
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
MINOR: tools: make str2sa_range() directly return the protocol We'll need this so that it can return pointers to stacked protocol in the future (for QUIC). In addition this removes a lot of tests for protocol validity in the callers. Some of them were checked further apart, or after a call to str2listener() and they were simplified as well. There's still a trick, we can fail to return a protocol in case the caller accepts an fqdn for use later. This is what servers do and in this case it is valid to return no protocol. A typical example is: server foo localhost:1111
2020-09-16 12:25:03 -04:00
if (!proto->connect) {
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
}
/* no port specified */
newsrv->flags |= SRV_F_MAPPORTS;
newsrv->addr = *sk;
MEDIUM: cli: implement 'mode cli' proxy analyzers This patch implements analysers for parsing the CLI and extra features for the master's CLI. For each command (sent alone, or separated by ; or \n) the request analyser will determine to which server it should send the request. The 'mode cli' proxy is able to parse a prefix for each command which is used to select the apropriate server. The prefix start by @ and is followed by "master", the PID preceded by ! or the relative PID. (e.g. @master, @1, @!1234). The servers are not round-robined anymore. The command is sent with a SHUTW which force the server to close the connection after sending its response. However the proxy allows a keepalive connection on the client side and does not close. The response analyser does not do much stuff, it only reinits the connection when it received a close from the server, and forward the response. It does not analyze the response data. The only guarantee of the end of the response is the close of the server, we can't rely on the double \n since it's not send by every command. This could be reimplemented later as a filter.
2018-10-26 08:47:40 -04:00
/* don't let the server participate to load balancing */
newsrv->iweight = 0;
newsrv->uweight = 0;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
srv_lb_commit_status(newsrv);
MEDIUM: mworker: find the server ptr using a CLI prefix Add a struct server pointer in the mworker_proc struct so we can easily use it as a target for the mworker proxy. pcli_prefix_to_pid() is used to find the right PID of the worker when using a prefix in the CLI. (@master, @#<relative pid> , @<pid>) pcli_pid_to_server() is used to find the right target server for the CLI proxy.
2018-10-26 08:47:38 -04:00
child->srv = newsrv;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
}
CLEANUP: mworker: use the proxy helper functions in mworker_cli_proxy_create() Cleanup the mworker_cli_proxy_create() function by removing the allocation and init of the proxy which is done manually, and replace it by alloc_new_proxy(). Do the same with the free_proxy() function. This patch also move the insertion at the end of the function.
2021-07-29 09:13:22 -04:00
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
return 0;
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
error:
list_for_each_entry(child, &proc_list, list) {
free((char *)child->srv->conf.file); /* cast because of const char * */
free(child->srv->id);
CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) This makes the code more readable and less prone to copy-paste errors. In addition, it allows to place some __builtin_constant_p() predicates to trigger a link-time error in case the compiler knows that the freed area is constant. It will also produce compile-time error if trying to free something that is not a regular pointer (e.g. a function). The DEBUG_MEM_STATS macro now also defines an instance for ha_free() so that all these calls can be checked. 178 occurrences were converted. The vast majority of them were handled by the following Coccinelle script, some slightly refined to better deal with "&*x" or with long lines: @ rule @ expression E; @@ - free(E); - E = NULL; + ha_free(&E); It was verified that the resulting code is the same, more or less a handful of cases where the compiler optimized slightly differently the temporary variable that holds the copy of the pointer. A non-negligible amount of {free(str);str=NULL;str_len=0;} are still present in the config part (mostly header names in proxies). These ones should also be cleaned for the same reasons, and probably be turned into ist strings.
2021-02-20 04:46:51 -05:00
ha_free(&child->srv);
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
}
free(msg);
return -1;
MEDIUM: mworker: proxy for the master CLI This patch implements a listen proxy within the master. It uses the sockpair of all the workers as servers. In the current state of the code, the proxy is only doing round robin on the CLI of the workers. A CLI mode will be needed to know to which CLI send the requests.
2018-10-26 08:47:35 -04:00
}
MINOR: cli: Add a command to send listening sockets. Add a new command that will send all the listening sockets, via the stats socket, and their properties. This is a first step to workaround the linux problem when reloading haproxy.
2017-04-05 16:24:59 -04:00
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
/*
* Create a new listener for the master CLI proxy
*/
MINOR: mworker/cli: rename mworker_cli_proxy_new_listener This is the first commit in a series to add the support of 4 primary reload use-cases for the new master-worker architecture: 1. Newly forked worker process dies before any reload, due to some errors in the configuration. Newly forked worker process crashes before any reload after sending its "READY" state to master. 2. Newly forked worker process dies due to some errors in the new configuration. This happens after reload, when this new configuration was supplied, so the previous worker process is still here. 3. Newly forked worker process crashes after sending its "READY" state to master due to some bugs. This happens after reload, so the previous worker process is still here. 4. Newly forked worker process has sent its "READY" state to master and starts to receive traffic. This happens after reload, the old worker hasn't terminated yet, as it is waiting on some idle connection and it crashes. Let's rename in this commit mworker_cli_proxy_new_listener() to mworker_cli_master_proxy_new_listener() to outline, that this function creates "master-socket" bind conf and allocates a listener. This listener is attached to the MASTER proxy and it's bound to the ipc_fd[0] of the sockpair, inherited in master and in worker processes (master CLI sockpair).
2024-10-03 05:28:05 -04:00
struct bind_conf *mworker_cli_master_proxy_new_listener(char *line)
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
{
struct bind_conf *bind_conf;
struct listener *l;
char *err = NULL;
char *args[MAX_LINE_ARGS + 1];
int arg;
int cur_arg;
BUG/MINOR: cli: fix out of bounds in -S parser Out of bounds when the number or arguments is greater than MAX_LINE_ARGS. Fix issue #377. Must be backported in 2.0 and 1.9.
2019-11-25 03:58:37 -05:00
arg = 1;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
args[0] = line;
/* args is a bind configuration with spaces replaced by commas */
while (*line && arg < MAX_LINE_ARGS) {
if (*line == ',') {
*line++ = '\0';
while (*line == ',')
line++;
BUG/MINOR: cli: fix out of bounds in -S parser Out of bounds when the number or arguments is greater than MAX_LINE_ARGS. Fix issue #377. Must be backported in 2.0 and 1.9.
2019-11-25 03:58:37 -05:00
args[arg++] = line;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
}
line++;
}
BUG/MINOR: cli: fix out of bounds in -S parser Out of bounds when the number or arguments is greater than MAX_LINE_ARGS. Fix issue #377. Must be backported in 2.0 and 1.9.
2019-11-25 03:58:37 -05:00
args[arg] = "\0";
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
bind_conf = bind_conf_alloc(mworker_proxy, "master-socket", 0, "", xprt_get(XPRT_RAW));
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
if (!bind_conf)
goto err;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
bind_conf->level &= ~ACCESS_LVL_MASK;
bind_conf->level |= ACCESS_LVL_ADMIN;
MINOR: cli: set the ACCESS_MASTER* bits on the master bind_conf Right now the code is a bit hackish, it tests for the keyword's level flags but checks the applet's origin to compare the bits. Let's start by properly setting the ACCESS_MASTER_ONLY and ACCESS_MASTER flags on the master CLI's bind_conf so that they are automatically present all the time.
2021-03-12 09:00:57 -05:00
bind_conf->level |= ACCESS_MASTER | ACCESS_MASTER_ONLY;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
if (!str2listener(args[0], mworker_proxy, bind_conf, "master-socket", 0, &err)) {
ha_alert("Cannot create the listener of the master CLI\n");
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto err;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
}
cur_arg = 1;
while (*args[cur_arg]) {
struct bind_kw *kw;
MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords Just like with the server keywords, now's the turn of "bind" keywords. The difference is that 100% of the bind keywords are registered, thus we do not need the list of extra keywords. There are multiple bind line parsers today, all were updated: - peers - log - dgram-bind - cli $ printf "listen f\nbind :8000 tcut\n" | ./haproxy -c -f /dev/stdin [NOTICE] 070/101358 (25146) : haproxy version is 2.4-dev11-7b8787-26 [NOTICE] 070/101358 (25146) : path to executable is ./haproxy [ALERT] 070/101358 (25146) : parsing [/dev/stdin:2] : 'bind :8000' unknown keyword 'tcut'; did you mean 'tcp-ut' maybe ? [ALERT] 070/101358 (25146) : Error(s) found in configuration file : /dev/stdin [ALERT] 070/101358 (25146) : Fatal errors found in configuration.
2021-03-12 04:14:07 -05:00
const char *best;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
kw = bind_find_kw(args[cur_arg]);
if (kw) {
if (!kw->parse) {
memprintf(&err, "'%s %s' : '%s' option is not implemented in this version (check build options).",
args[0], args[1], args[cur_arg]);
goto err;
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (kw->parse(args, cur_arg, global.cli_fe, bind_conf, &err) != 0) {
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
if (err)
memprintf(&err, "'%s %s' : '%s'", args[0], args[1], err);
else
memprintf(&err, "'%s %s' : error encountered while processing '%s'",
args[0], args[1], args[cur_arg]);
goto err;
}
cur_arg += 1 + kw->skip;
continue;
}
MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords Just like with the server keywords, now's the turn of "bind" keywords. The difference is that 100% of the bind keywords are registered, thus we do not need the list of extra keywords. There are multiple bind line parsers today, all were updated: - peers - log - dgram-bind - cli $ printf "listen f\nbind :8000 tcut\n" | ./haproxy -c -f /dev/stdin [NOTICE] 070/101358 (25146) : haproxy version is 2.4-dev11-7b8787-26 [NOTICE] 070/101358 (25146) : path to executable is ./haproxy [ALERT] 070/101358 (25146) : parsing [/dev/stdin:2] : 'bind :8000' unknown keyword 'tcut'; did you mean 'tcp-ut' maybe ? [ALERT] 070/101358 (25146) : Error(s) found in configuration file : /dev/stdin [ALERT] 070/101358 (25146) : Fatal errors found in configuration.
2021-03-12 04:14:07 -05:00
best = bind_find_best_kw(args[cur_arg]);
if (best)
memprintf(&err, "'%s %s' : unknown keyword '%s'. Did you mean '%s' maybe ?",
args[0], args[1], args[cur_arg], best);
else
memprintf(&err, "'%s %s' : unknown keyword '%s'.",
args[0], args[1], args[cur_arg]);
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
goto err;
}
MINOR: listener: move the ->accept callback to the bind_conf The accept callback directly derives from the upper layer, generally it's session_accept_fd(). As such it's also defined per bind line so it makes sense to move it there.
2023-01-12 13:10:17 -05:00
bind_conf->accept = session_accept_fd;
MINOR: listener: move the nice field to the bind_conf This is another bind line setting which can move to the bind_conf. Note that it leaves a 2-byte hole in the listener struct.
2023-01-12 13:32:45 -05:00
bind_conf->nice = -64; /* we want to boost priority for local stats */
MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf These two flags are entirely for internal use and are even per proxy in practice since they're used for peers and CLI to indicate (for the first one) that the listener(s) are not subject to connection limits, and for the second that the listener(s) should not be stopped on soft-stop. No need to keep them in the listeners, let's move them to the bind_conf under names BC_O_UNLIMITED and BC_O_NOSTOP.
2023-01-12 13:58:42 -05:00
bind_conf->options |= BC_O_UNLIMITED; /* don't make the peers subject to global limits */
MINOR: listener: remove the useless ->default_target field This field is used by stream_new() to optionally set the applet the stream will connect to for simple proxies like the CLI for example. But it has never been configurable to anything and is always strictly equal to the frontend's ->default_target. Let's just drop it and make stream_new() only use the frontend's. It makes more sense anyway as we don't want the proxy to work differently based on the "bind" line. This idea was brought in 1.6 hoping that the h2 implementation would use applets for decoding (which was dropped after the very first attempt in 1.8).
2023-01-12 13:18:34 -05:00
BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1 A previous fix was pushed for that (13fb7170be "BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1" ). Unfortunately, instead of the master CLI, it is the sockpairs between the master and the workers that were pinned to the first thread of the group 1. So the crash is still there. So, again, to fix the bug the master CLI is now pinned on the first thread of the first group. patch should fix the issue #2259 and must be backported to 2.8.
2023-11-28 15:50:21 -05:00
/* Pin master CLI on the first thread of the first group only */
thread_set_pin_grp1(&bind_conf->thread_set, 1);
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
list_for_each_entry(l, &bind_conf->listeners, by_bind) {
MINOR: listeners: move the LI_O_MWORKER flag to the receiver This listener flag indicates whether the receiver part of the listener is specific to the master or to the workers. In practice it's only used by the master's CLI right now. It's used to know whether or not the FD must be closed before forking the workers. For this reason it's way more of a receiver's property than a listener's property, so let's move it there under the name RX_F_MWORKER. The rest of the code remains unchanged.
2020-10-09 10:11:46 -04:00
l->rx.flags |= RX_F_MWORKER; /* we are keeping this FD in the master */
BUG/MINOR: config: don't over-count the global maxsock value global.maxsock used to be augmented by the frontend's maxconn value for each frontend listener, which is absurd when there are many listeners in a frontend because the frontend's maxconn fixes an upper limit to how many connections will be accepted on all of its listeners anyway. What is needed instead is to add one to count the listening socket. In addition, the CLI's and peers' value was incremented twice, the first time when creating the listener and the second time in the main init code. Let's now make sure we only increment global.maxsock by the required amount of sockets. This means not adding maxconn for each listener, and relying on the global values when they are correct.
2019-02-27 10:25:28 -05:00
global.maxsock++; /* for the listening socket */
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
}
BUG/MINOR: config: don't over-count the global maxsock value global.maxsock used to be augmented by the frontend's maxconn value for each frontend listener, which is absurd when there are many listeners in a frontend because the frontend's maxconn fixes an upper limit to how many connections will be accepted on all of its listeners anyway. What is needed instead is to add one to count the listening socket. In addition, the CLI's and peers' value was incremented twice, the first time when creating the listener and the second time in the main init code. Let's now make sure we only increment global.maxsock by the required amount of sockets. This means not adding maxconn for each listener, and relying on the global values when they are correct.
2019-02-27 10:25:28 -05:00
global.maxsock += mworker_proxy->maxconn;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
MINOR: mworker: mworker_cli_proxy_new_listener() returns a bind_conf mworker_cli_proxy_new_listener() now returns a bind_conf * or NULL upon failure.
2022-09-24 09:51:27 -04:00
return bind_conf;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
err:
ha_alert("%s\n", err);
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
free(err);
free(bind_conf);
MINOR: mworker: mworker_cli_proxy_new_listener() returns a bind_conf mworker_cli_proxy_new_listener() now returns a bind_conf * or NULL upon failure.
2022-09-24 09:51:27 -04:00
return NULL;
MEDIUM: mworker: create CLI listeners from argv[] This patch introduces mworker_cli_proxy_new_listener() which allows the creation of new listeners for the CLI proxy. Using this function it is possible to create new listeners from the program arguments with -Sa <unix_socket>. It is allowed to create multiple listeners with several -Sa.
2018-10-26 08:47:36 -04:00
}
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
/*
MINOR: mworker/cli: create master CLI sockpair before fork The main idea here is to create a master CLI inherited sockpair just before the master-worker fork. And only then after the fork let each process to bind a needed listener to the its end of this sockpair. Like this master and worker processes can close unused "ends" of its sockpair copy (ipc_fd[0] for worker and and ipc_fd[1] for master). When this sockpair creation happens inside the mworker_cli_global_proxy_new_listener() is not possible for the master to close ipc_fd[1] bound to the GLOBAL proxy listener, as this triggers a BUG_ON(fd->owner) in fd_insert() in master context, because master process has alredy entered in its polling loop and poller in its turn tries to reused closed fd.
2024-10-03 05:32:16 -04:00
* Creates a "master-socket" bind conf and a listener. Assigns
MINOR: mworker/cli: rename and clean mworker_cli_sockpair_new Let's rename mworker_cli_sockpair_new() to mworker_cli_global_proxy_new_listener() to outline that this function creates the GLOBAL proxy, allocates the listener with "master-socket" bind conf and attaches this listener to this GLOBAL proxy. Listener is bound to ipc_fd[1] of the sockpair inherited in master and in worker (master CLI sockpair).
2024-10-02 08:49:30 -04:00
* this new listener to the one "end" of the given process <proc> sockpair in
* order to have a new master CLI listening socket for this process.
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
*/
MINOR: mworker/cli: rename and clean mworker_cli_sockpair_new Let's rename mworker_cli_sockpair_new() to mworker_cli_global_proxy_new_listener() to outline that this function creates the GLOBAL proxy, allocates the listener with "master-socket" bind conf and attaches this listener to this GLOBAL proxy. Listener is bound to ipc_fd[1] of the sockpair inherited in master and in worker (master CLI sockpair).
2024-10-02 08:49:30 -04:00
int mworker_cli_global_proxy_new_listener(struct mworker_proc *proc)
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
{
struct bind_conf *bind_conf;
struct listener *l;
char *path = NULL;
char *err = NULL;
/* XXX: we might want to use a separate frontend at some point */
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!global.cli_fe) {
if ((global.cli_fe = cli_alloc_fe("GLOBAL", "master-socket", 0)) == NULL) {
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
ha_alert("out of memory trying to allocate the stats frontend");
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
}
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
bind_conf = bind_conf_alloc(global.cli_fe, "master-socket", 0, "", xprt_get(XPRT_RAW));
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
if (!bind_conf)
goto error;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
bind_conf->level &= ~ACCESS_LVL_MASK;
bind_conf->level |= ACCESS_LVL_ADMIN; /* TODO: need to lower the rights with a CLI keyword*/
MEDIUM: mworker: seamless reload use the internal sockpairs With the master worker, the seamless reload was still requiring an external stats socket to the previous process, which is a pain to configure. This patch implements a way to use the internal socketpair between the master and the workers to transfer the sockets during the reload. This way, the master will always try to transfer the socket, even without any configuration. The master will still reload with the -x argument, followed by the sockpair@ syntax. ( ex -x sockpair@4 ). Which use the FD of internal CLI to the worker.
2021-11-24 12:45:37 -05:00
bind_conf->level |= ACCESS_FD_LISTENERS;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
MINOR: mworker/cli: rename and clean mworker_cli_sockpair_new Let's rename mworker_cli_sockpair_new() to mworker_cli_global_proxy_new_listener() to outline that this function creates the GLOBAL proxy, allocates the listener with "master-socket" bind conf and attaches this listener to this GLOBAL proxy. Listener is bound to ipc_fd[1] of the sockpair inherited in master and in worker (master CLI sockpair).
2024-10-02 08:49:30 -04:00
if (!memprintf(&path, "sockpair@%d", proc->ipc_fd[1])) {
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
ha_alert("Cannot allocate listener.\n");
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
}
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
if (!str2listener(path, global.cli_fe, bind_conf, "master-socket", 0, &err)) {
BUG/MINOR: cli: Fix memory leak Valgrind's memcheck reports memory leaks in cli.c, because the out parameter of memprintf is not properly freed: ==31035== 11 bytes in 1 blocks are definitely lost in loss record 16 of 101 ==31035== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4C2FDEF: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4A3C72: my_realloc2 (standard.h:1364) ==31035== by 0x4A3C72: memvprintf (standard.c:3459) ==31035== by 0x4A3D93: memprintf (standard.c:3482) ==31035== by 0x4AF77E: mworker_cli_sockpair_new (cli.c:2324) ==31035== by 0x48E826: init (haproxy.c:1749) ==31035== by 0x408BBC: main (haproxy.c:2725) ==31035== ==31035== 11 bytes in 1 blocks are definitely lost in loss record 17 of 101 ==31035== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4C2FDEF: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==31035== by 0x4A3C72: my_realloc2 (standard.h:1364) ==31035== by 0x4A3C72: memvprintf (standard.c:3459) ==31035== by 0x4A3D93: memprintf (standard.c:3482) ==31035== by 0x4AF071: mworker_cli_proxy_create (cli.c:2172) ==31035== by 0x48EC89: init (haproxy.c:1760) ==31035== by 0x408BBC: main (haproxy.c:2725) These leaks were introduced in commits ce83b4a5dd48c000dec68f9d551945d21e9ac7ac and 8a02257d88276e2f2f10c407d2961995f74a192c which are specific to haproxy 1.9 dev.
2018-11-22 10:46:50 -05:00
free(path);
MINOR: mworker/cli: rename and clean mworker_cli_sockpair_new Let's rename mworker_cli_sockpair_new() to mworker_cli_global_proxy_new_listener() to outline that this function creates the GLOBAL proxy, allocates the listener with "master-socket" bind conf and attaches this listener to this GLOBAL proxy. Listener is bound to ipc_fd[1] of the sockpair inherited in master and in worker (master CLI sockpair).
2024-10-02 08:49:30 -04:00
ha_alert("Cannot create a CLI sockpair listener.\n");
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
goto error;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
}
CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) This makes the code more readable and less prone to copy-paste errors. In addition, it allows to place some __builtin_constant_p() predicates to trigger a link-time error in case the compiler knows that the freed area is constant. It will also produce compile-time error if trying to free something that is not a regular pointer (e.g. a function). The DEBUG_MEM_STATS macro now also defines an instance for ha_free() so that all these calls can be checked. 178 occurrences were converted. The vast majority of them were handled by the following Coccinelle script, some slightly refined to better deal with "&*x" or with long lines: @ rule @ expression E; @@ - free(E); - E = NULL; + ha_free(&E); It was verified that the resulting code is the same, more or less a handful of cases where the compiler optimized slightly differently the temporary variable that holds the copy of the pointer. A non-negligible amount of {free(str);str=NULL;str_len=0;} are still present in the config part (mostly header names in proxies). These ones should also be cleaned for the same reasons, and probably be turned into ist strings.
2021-02-20 04:46:51 -05:00
ha_free(&path);
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
MINOR: listener: move the ->accept callback to the bind_conf The accept callback directly derives from the upper layer, generally it's session_accept_fd(). As such it's also defined per bind line so it makes sense to move it there.
2023-01-12 13:10:17 -05:00
bind_conf->accept = session_accept_fd;
MINOR: listener: move the nice field to the bind_conf This is another bind line setting which can move to the bind_conf. Note that it leaves a 2-byte hole in the listener struct.
2023-01-12 13:32:45 -05:00
bind_conf->nice = -64; /* we want to boost priority for local stats */
MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf These two flags are entirely for internal use and are even per proxy in practice since they're used for peers and CLI to indicate (for the first one) that the listener(s) are not subject to connection limits, and for the second that the listener(s) should not be stopped on soft-stop. No need to keep them in the listeners, let's move them to the bind_conf under names BC_O_UNLIMITED and BC_O_NOSTOP.
2023-01-12 13:58:42 -05:00
bind_conf->options |= BC_O_UNLIMITED | BC_O_NOSTOP;
MINOR: listener: remove the useless ->default_target field This field is used by stream_new() to optionally set the applet the stream will connect to for simple proxies like the CLI for example. But it has never been configurable to anything and is always strictly equal to the frontend's ->default_target. Let's just drop it and make stream_new() only use the frontend's. It makes more sense anyway as we don't want the proxy to work differently based on the "bind" line. This idea was brought in 1.6 hoping that the h2 implementation would use applets for decoding (which was dropped after the very first attempt in 1.8).
2023-01-12 13:18:34 -05:00
BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1 There is no reason to start the master CLI on several threads and on several groups. And in fact, it must not be done otherwise the same FD is inserted several times in the fdtab, leading to a crash during startup because of a BUG_ON(). It happens when several groups are configured. To fix the bug the master CLI is now pinned on the first thread of the first group. This patch should fix the issue #2259 and must be backported to 2.8.
2023-09-13 04:13:30 -04:00
/* Pin master CLI on the first thread of the first group only */
thread_set_pin_grp1(&bind_conf->thread_set, 1);
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
list_for_each_entry(l, &bind_conf->listeners, by_bind) {
CLEANUP: atomic/tree-wide: replace single increments/decrements with inc/dec This patch replaces roughly all occurrences of an HA_ATOMIC_ADD(&foo, 1) or HA_ATOMIC_SUB(&foo, 1) with the equivalent HA_ATOMIC_INC(&foo) and HA_ATOMIC_DEC(&foo) respectively. These are 507 changes over 45 files.
2021-04-06 07:53:36 -04:00
HA_ATOMIC_INC(&unstoppable_jobs);
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
/* it's a sockpair but we don't want to keep the fd in the master */
MINOR: listener: move the INHERITED flag down to the receiver It's the receiver's FD that's inherited from the parent process, not the listener's so the flag must move to the receiver so that appropriate actions can be taken.
2020-09-01 09:41:59 -04:00
l->rx.flags &= ~RX_F_INHERITED;
BUG/MINOR: config: don't over-count the global maxsock value global.maxsock used to be augmented by the frontend's maxconn value for each frontend listener, which is absurd when there are many listeners in a frontend because the frontend's maxconn fixes an upper limit to how many connections will be accepted on all of its listeners anyway. What is needed instead is to add one to count the listening socket. In addition, the CLI's and peers' value was incremented twice, the first time when creating the listener and the second time in the main init code. Let's now make sure we only increment global.maxsock by the required amount of sockets. This means not adding maxconn for each listener, and relying on the global values when they are correct.
2019-02-27 10:25:28 -05:00
global.maxsock++; /* for the listening socket */
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
}
return 0;
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
error:
MINOR: mworker/cli: rename and clean mworker_cli_sockpair_new Let's rename mworker_cli_sockpair_new() to mworker_cli_global_proxy_new_listener() to outline that this function creates the GLOBAL proxy, allocates the listener with "master-socket" bind conf and attaches this listener to this GLOBAL proxy. Listener is bound to ipc_fd[1] of the sockpair inherited in master and in worker (master CLI sockpair).
2024-10-02 08:49:30 -04:00
close(proc->ipc_fd[1]);
BUG/MINOR: mworker: fix FD leak and memory leak in error path Fix some memory leak and a FD leak in the error path of the master proxy initialisation. It's a really minor issue since the process is exiting when taking those error paths.
2018-11-22 10:46:51 -05:00
free(err);
return -1;
MEDIUM: mworker: each worker socketpair is a CLI listener The init code of the mworker_proc structs has been moved before the init of the listeners. Each socketpair is now connected to a CLI within the workers, which allows the master to access their CLI. The inherited flag of the worker side socketpair is removed so the socket can be closed in the master.
2018-10-26 08:47:30 -04:00
}
CLEANUP: applet: rename struct si_applet to applet Since this one does not depend on stream_interface anymore, remove the "si_" prefix.
2015-04-13 07:50:30 -04:00
static struct applet cli_applet = {
MAJOR: connection: replace struct target with a pointer to an enum Instead of storing a couple of (int, ptr) in the struct connection and the struct session, we use a different method : we only store a pointer to an integer which is stored inside the target object and which contains a unique type identifier. That way, the pointer allows us to retrieve the object type (by dereferencing it) and the object's address (by computing the displacement in the target structure). The NULL pointer always corresponds to OBJ_TYPE_NONE. This reduces the size of the connection and session structs. It also simplifies target assignment and compare. In order to improve the generated code, we try to put the obj_type element at the beginning of all the structs (listener, server, proxy, si_applet), so that the original and target pointers are always equal. A lot of code was touched by massive replaces, but the changes are not that important.
2012-11-11 18:42:33 -05:00
.obj_type = OBJ_TYPE_APPLET,
[MINOR] stream_interface: make use of an applet descriptor for IO handlers I/O handlers are still delicate to manipulate. They have no type, they're just raw functions which have no knowledge of themselves. Let's have them declared as applets once for all. That way we can have multiple applets share the same handler functions and we can store their names there. When we later need to add more parameters (eg: usage stats), we'll be able to do so in the applets themselves. The CLI functions has been prefixed with "cli" instead of "stats" as it's clearly what is going on there. The applet descriptor in the stream interface should get all the applet specific data (st0, ...) but this will be done in the next patch so that we don't pollute this one too much.
2011-02-13 07:16:36 -05:00
.name = "<CLI>", /* used for logging */
.fct = cli_io_handler,
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
.rcv_buf = appctx_raw_rcv_buf,
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
.snd_buf = cli_snd_buf,
BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list show sess <id> puts a backref into the session it's dumping. If the output is interrupted, the backref cannot always be removed because it's only done in the I/O handler. This can randomly corrupt the backref list when the session closes, because it passes the pointer to the next session which itself might be watched. The case is hard to reproduce (hundreds of attempts) but monitoring systems might encounter it frequently. Thus we have to add a release handler which does the cleanup even when the I/O handler is not called. This issue should also be present in 1.4 so the patch should be backported.
2012-11-25 20:22:40 -05:00
.release = cli_release_handler,
[MINOR] stream_interface: make use of an applet descriptor for IO handlers I/O handlers are still delicate to manipulate. They have no type, they're just raw functions which have no knowledge of themselves. Let's have them declared as applets once for all. That way we can have multiple applets share the same handler functions and we can store their names there. When we later need to add more parameters (eg: usage stats), we'll be able to do so in the applets themselves. The CLI functions has been prefixed with "cli" instead of "stats" as it's clearly what is going on there. The applet descriptor in the stream interface should get all the applet specific data (st0, ...) but this will be done in the next patch so that we don't pollute this one too much.
2011-02-13 07:16:36 -05:00
};
[MEDIUM] add support for "show sess" in unix stats socket It is now possible to list all known sessions by issuing "show sess" on the unix stats socket. The format is not much evolved but it is very useful for debugging. The doc has been updated to reflect the new keyword.
2008-12-07 16:29:48 -05:00
MINOR: mworker/cli: the master CLI use its own applet Following the patch b4daee ("MINOR: sock: add a check against cross worker<->master socket activities"), this patch adds a dedicated applet for the master CLI. It ensures that the CLI connection can't be used with the master rights in the case of bugs.
2020-11-05 04:28:53 -05:00
/* master CLI */
static struct applet mcli_applet = {
.obj_type = OBJ_TYPE_APPLET,
.name = "<MCLI>", /* used for logging */
.fct = cli_io_handler,
MAJOR: cli: Update the CLI applet to handle its own buffers It is the third applet to be refactored to use its own buffers. In addition to the CLI applet, some I/O handlers of CLI commands were also updated, especially the stats ones. Some command I/O handlers were updated to use applet's buffers instead of channels ones.
2024-02-15 07:34:05 -05:00
.rcv_buf = appctx_raw_rcv_buf,
MAJOR: cli: Use a custom .snd_buf function to only copy the current command The CLI applet is now using its own snd_buf callback function. Instead of copying as most output data as possible, only one command is copied at a time. To do so, a new state CLI_ST_PARSEREQ is added for the CLI applet. In this state, the CLI I/O handle knows a full command was copied into its input buffer and it must parse this command to evaluate it.
2024-02-20 02:47:38 -05:00
.snd_buf = cli_snd_buf,
MINOR: mworker/cli: the master CLI use its own applet Following the patch b4daee ("MINOR: sock: add a check against cross worker<->master socket activities"), this patch adds a dedicated applet for the master CLI. It ensures that the CLI connection can't be used with the master rights in the case of bugs.
2020-11-05 04:28:53 -05:00
.release = cli_release_handler,
};
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
/* register cli keywords */
static struct cli_kw_list cli_kws = {{ },{
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
{ { "help", NULL }, NULL, cli_parse_simple, NULL, NULL, NULL, ACCESS_MASTER },
MINOR: cli: add an 'echo' command Add an echo command to write text over the CLI output.
2024-10-24 11:20:57 -04:00
{ { "echo", NULL }, "echo <text> : print text to the output", cli_parse_echo, NULL, NULL, NULL, ACCESS_MASTER },
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
{ { "prompt", NULL }, NULL, cli_parse_simple, NULL, NULL, NULL, ACCESS_MASTER },
{ { "quit", NULL }, NULL, cli_parse_simple, NULL, NULL, NULL, ACCESS_MASTER },
{ { "_getsocks", NULL }, NULL, _getsocks, NULL },
BUG/MINOR: mworker/cli: don't display help on master applet When in expert or experimental mode on the master CLI, and issuing a command for the master process, all commands are prefixed by "mode-experimental -" or/and "mode-expert on -", however these commands were not available in the master applet, so the help was issued for each one.
2022-02-02 05:23:58 -05:00
{ { "expert-mode", NULL }, NULL, cli_parse_expert_experimental_mode, NULL, NULL, NULL, ACCESS_MASTER }, // not listed
{ { "experimental-mode", NULL }, NULL, cli_parse_expert_experimental_mode, NULL, NULL, NULL, ACCESS_MASTER }, // not listed
MINOR: mworker/cli: mcli-debug-mode enables every command "mcli-debug-mode on" enables every command that were meant for a worker, on the CLI of the master. Which mean you can issue, "show fd", show stat" in order to debug the MASTER proxy. You can also combine it with "expert-mode on" or "experimental-mode on" to access to more commands.
2022-02-02 05:43:20 -05:00
{ { "mcli-debug-mode", NULL }, NULL, cli_parse_expert_experimental_mode, NULL, NULL, NULL, ACCESS_MASTER_ONLY }, // not listed
BUG/MINOR: cli: fix CLI handler "set anon global-key" call Anonymization mode has two CLI handlers "set anon <on|off>" and "set anon global-key". The last one only requires admin level. However, as cli_find_kw() is implemented, only the first handler will be retrieved as they both start with the same prefix "set anon". This has the effect to execute the wrong handler for "set anon global-key" with an error message about an invalid keyword. To fix this, handlers definition have been separated for both "set anon on" and "set anon off" commands. This allows to have minimal changes while keeping the same "set anon" prefix for each commands. Also take this opportunity to fix a reference to a non-existing "set global-key" CLI handler in the documentation. This must be backported up to 2.7.
2023-03-03 11:11:10 -05:00
{ { "set", "anon", "on" }, "set anon on [value] : activate the anonymized mode", cli_parse_set_anon, NULL, NULL },
{ { "set", "anon", "off" }, "set anon off : deactivate the anonymized mode", cli_parse_set_anon, NULL, NULL },
MINOR: cli: correct commentary and replace 'set global-key' name Correct a commentary in in include/haproxy/global-t.h and include/haproxy/tools.h Replace the CLI command 'set global-key <key>' by 'set anon global-key <key>' in order to find it easily when you don't remember it, the recommandation can guide you when you just tap 'set anon'. No backport needed, except if anonymization mechanism is backported.
2022-09-29 04:36:11 -04:00
{ { "set", "anon", "global-key", NULL }, "set anon global-key <value> : change the global anonymizing key", cli_parse_set_global_key, NULL, NULL },
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
{ { "set", "maxconn", "global", NULL }, "set maxconn global <value> : change the per-process maxconn setting", cli_parse_set_maxconn_global, NULL },
{ { "set", "rate-limit", NULL }, "set rate-limit <setting> <value> : change a rate limiting value", cli_parse_set_ratelimit, NULL },
{ { "set", "severity-output", NULL }, "set severity-output [none|number|string]: set presence of severity level in feedback information", cli_parse_set_severity_output, NULL, NULL },
{ { "set", "timeout", NULL }, "set timeout [cli] <delay> : change a timeout setting", cli_parse_set_timeout, NULL, NULL },
MINOR: anon: store the anonymizing key in the CLI's appctx In order to allow users to dump internal states using a specific key without changing the global one, we're introducing a key in the CLI's appctx. This key is preloaded from the global one when "set anon on" is used (and if none exists, a random one is assigned). And the key can optionally be assigned manually for the whole CLI session. A "show anon" command was also added to show the anon state, and the current key if the users has sufficient permissions. In addition, a "debug dev hash" command was added to test the feature.
2022-09-14 11:24:22 -04:00
{ { "show", "anon", NULL }, "show anon : display the current state of anonymized mode", cli_parse_show_anon, NULL },
MINOR: cli: make "show env" accessible via master CLI without enabling debug Before this patch, we have need to put the master CLI in debug mode to be able to issue 'show env' command for the master process. Output of this command is handy even for the master process context, as it allows to control its environment variables, which could be used/modified in the 'global' section. So, let's provide in 'show env' command structure the level ACCESS_MASTER. This allows to see and to access this command in master CLI without putting it in debug mode.
2024-11-18 04:46:33 -05:00
{ { "show", "env", NULL }, "show env [var] : dump environment variables known to the process", cli_parse_show_env, cli_io_handler_show_env, NULL, NULL, ACCESS_MASTER },
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
{ { "show", "cli", "sockets", NULL }, "show cli sockets : dump list of cli sockets", cli_parse_default, cli_io_handler_show_cli_sock, NULL, NULL, ACCESS_MASTER },
{ { "show", "cli", "level", NULL }, "show cli level : display the level of the current CLI session", cli_parse_show_lvl, NULL, NULL, NULL, ACCESS_MASTER},
MINOR: cli: support filtering on FD types in "show fd" Depending on what we're debugging, some FDs can represent pollution in the "show fd" output. Here we add a set of filters allowing to pick (or exclude) any combination of listener, frontend conn, backend conn, pipes, etc. "show fd l" will only list listening connections for example.
2023-03-31 10:33:53 -04:00
{ { "show", "fd", NULL }, "show fd [-!plcfbsd]* [num] : dump list of file descriptors in use or a specific one", cli_parse_show_fd, cli_io_handler_show_fd, NULL },
MINOR: cli: "show version" displays the current process version This patch implements a simple "show version" command which returns the version of the current process. It's available from the master and the worker processes, so it is easy to check if the master and the workers have the same version. This is a minor patch that really improve compatibility checks for scripts. Could be backported in haproxy version as far as 2.0.
2021-12-14 09:22:29 -05:00
{ { "show", "version", NULL }, "show version : show version of the current process", cli_parse_show_version, NULL, NULL, NULL, ACCESS_MASTER },
CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages There were 102 CLI commands whose help were zig-zagging all along the dump making them unreadable. This patch realigns all these messages so that the command now uses up to 40 characters before the delimiting colon. About a third of the commands did not correctly list their arguments which were added after the first version, so they were all updated. Some abuses of the term "id" were fixed to use a more explanatory term. The "set ssl ocsp-response" command was not listed because it lacked a help message, this was fixed as well. The deprecated enable/disable commands for agent/health/server were prominently written as deprecated. Whenever possible, clearer explanations were provided.
2021-05-07 05:38:37 -04:00
{ { "operator", NULL }, "operator : lower the level of the current CLI session to operator", cli_parse_set_lvl, NULL, NULL, NULL, ACCESS_MASTER},
{ { "user", NULL }, "user : lower the level of the current CLI session to user", cli_parse_set_lvl, NULL, NULL, NULL, ACCESS_MASTER},
MINOR: cli/wait: add a condition to wait on a server to become unused The "wait" command now supports a condition, "srv-unused", which waits for the designated server to become totally unused, indicating that it is removable. Upon each wakeup it calls srv_check_for_deletion() to verify if conditions are met, if not if it's recoverable, or if it's not recoverable, and proceeds according to this, never waiting for a final decision longer than the configured delay. The purpose is to make it possible to remove servers from the CLI after waiting for their sessions to be terminated: $ socat -t5 /path/to/socket - <<< " disable server px/srv1 shutdown sessions server px/srv1 wait 2s srv-unused px/srv1 del server px/srv1" Or even wait for connections to terminate themselves: $ socat -t70 /path/to/socket - <<< " disable server px/srv1 wait 1m srv-unused px/srv1 del server px/srv1"
2024-02-09 14:35:52 -05:00
{ { "wait", NULL }, "wait {-h|<delay_ms>} cond [args...] : wait the specified delay or condition (-h to see list)", cli_parse_wait, cli_io_handler_wait, cli_release_wait, NULL },
MINOR: mworker/cli: add _send_status to support state transition In the new master-worker architecture, when a worker process is forked and successfully initialized it needs somehow to communicate its "READY" state to the master, in order to terminate the previous worker and workers, that might exceeded max_reloads counter. So, let's implement for this a new master CLI _send_status command. A new worker can send its status string "READY" to the master, when it's about entering to the run poll loop, thus it can start to receive data. In _send_status() in the master context we update the status of the new worker: PROC_O_INIT flag is withdrawn. When TERM signal is sent to a worker, worker terminates and this triggers the mworker_catch_sigchld() handler in master. This handler deletes the exiting process entry from the processes list. In _send_status() we loop over the processes list twice. At the first time, in order to stop workers that exceeded the max_reloads counter. At the second time, in order to stop the worker forked before the last reload. In the corner case, when max_reloads=1, we avoid to send SIGTERM twice to the same worker by setting sigterm_sent flag during the first loop.
2024-10-02 08:48:01 -04:00
{ { "_send_status", NULL }, NULL, _send_status, NULL, NULL, NULL, ACCESS_MASTER_ONLY },
REORG: cli: make "show env" also use the generic keyword registration This way we don't have any more state specific to a given yieldable command. The other commands should be easier to move as they only involve a parser.
2016-11-22 14:21:23 -05:00
{{},}
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, cli_register_kw, &cli_kws);
BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS Benoit Dolez reported a failure to start haproxy 1.5-dev19. The process would immediately report an internal error with missing fetches from some crap instead of ACL names. The cause is that some versions of gcc seem to trim static structs containing a variable array when moving them to BSS, and only keep the fixed size, which is just a list head for all ACL and sample fetch keywords. This was confirmed at least with gcc 3.4.6. And we can't move these structs to const because they contain a list element which is needed to link all of them together during the parsing. The bug indeed appeared with 1.5-dev19 because it's the first one to have some empty ACL keyword lists. One solution is to impose -fno-zero-initialized-in-bss to everyone but this is not really nice. Another solution consists in ensuring the struct is never empty so that it does not move there. The easy solution consists in having a non-null list head since it's not yet initialized. A new "ILH" list head type was thus created for this purpose : create an Initialized List Head so that gcc cannot move the struct to BSS. This fixes the issue for this version of gcc and does not create any burden for the declarations.
2013-06-21 17:16:39 -04:00
static struct cfg_kw_list cfg_kws = {ILH, {
CLEANUP: cli: rename the last few "stats_" to "cli_" There were still a very small list of functions, variables and fields called "stats_" while they were really purely CLI-centric. There's the frontend called "stats_fe" in the global section, which instantiates a "cli_applet" called "<CLI>" so it was renamed "cli_fe". The "alloc_stats_fe" function cas renamed to "cli_alloc_fe" which also better matches the naming convention of all cli-specific functions. Finally the "stats_permission_denied_msg" used to return an error on the CLI was renamed "cli_permission_denied_msg". Now there's no more "stats_something" that designates the CLI.
2021-03-13 05:00:33 -05:00
{ CFG_GLOBAL, "stats", cli_parse_global },
[MEDIUM] modularize the global "stats" keyword configuration parser The "stats" keyword already relied on an external parser, let's make use of the new keyword registration mechanism.
2008-07-09 14:12:41 -04:00
{ 0, NULL, NULL },
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, cfg_register_keywords, &cfg_kws);
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
static struct bind_kw_list bind_kws = { "STAT", { }, {
MINOR: cli: add 'expose-fd listeners' to pass listeners FDs This patch changes the stats socket rights for allowing the sending of listening sockets. The previous behavior was to allow any unix stats socket with admin level to send sockets. It's not possible anymore, you have to set this option to activate the socket sending. Example: stats socket /var/run/haproxy4.sock mode 666 expose-fd listeners level user process 4
2017-05-26 11:42:10 -04:00
{ "level", bind_parse_level, 1 }, /* set the unix socket admin level */
{ "expose-fd", bind_parse_expose_fd, 1 }, /* set the unix socket expose fd rights */
MINOR: cli: add socket commands and config to prepend informational messages with severity Adds cli commands to change at runtime whether informational messages are prepended with severity level or not, with support for numeric and worded severity in line with syslog severity level. Adds stats socket config keyword severity-output to set default behavior per socket on startup.
2017-07-20 05:59:48 -04:00
{ "severity-output", bind_parse_severity_output, 1 }, /* set the severity output format */
MEDIUM: stats: make use of the standard "bind" parsers to parse global socket The global stats socket statement now makes use of the standard bind parsers. This results in all UNIX socket options being set by proto_uxst and in all TCP and SSL options being inherited and usable. For example it is now possible to enable a stats socket over SSL/TCP by appending the "ssl" keyword and a certificate after "crt". The code is simplified since we don't have a special case to parse this config keyword anymore.
2012-09-22 13:32:35 -04:00
{ NULL, NULL, 0 },
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, bind_register_keywords, &bind_kws);
[MEDIUM] modularize the global "stats" keyword configuration parser The "stats" keyword already relied on an external parser, let's make use of the new keyword registration mechanism.
2008-07-09 14:12:41 -04:00
[MEDIUM] moved stats and buffer generic functions to new files Neither the primitives used to write data to a buffer, nor the stats dump functions are HTTP-specific anymore. Move them to dedicated files
2007-10-17 11:06:05 -04:00
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in a new issue Copy permalink