parent
75e5fdca69
commit
17c3512f22
@ -0,0 +1,480 @@
|
||||
/*
|
||||
* mod_proxy - connect to proxy backends for generating content
|
||||
*
|
||||
* Description:
|
||||
* mod_proxy connects to a backend over tcp or unix sockets
|
||||
*
|
||||
* Setups:
|
||||
* none
|
||||
* Options:
|
||||
* none
|
||||
* Actions:
|
||||
* proxy <socket> - connect to backend at <socket>
|
||||
* socket: string, either "ip:port" or "unix:/path"
|
||||
*
|
||||
* Example config:
|
||||
* proxy "127.0.0.1:9090"
|
||||
*
|
||||
* TODO:
|
||||
* - header mangling (X-Forwarded-For, Connection:)
|
||||
* - handle 1xx responses
|
||||
* - keep-alive connections
|
||||
*
|
||||
* Author:
|
||||
* Copyright (c) 2009 Stefan Bühler
|
||||
*/
|
||||
|
||||
#include <lighttpd/base.h>
|
||||
#include <lighttpd/plugin_core.h>
|
||||
|
||||
|
||||
LI_API gboolean mod_proxy_init(liModules *mods, liModule *mod);
|
||||
LI_API gboolean mod_proxy_free(liModules *mods, liModule *mod);
|
||||
|
||||
|
||||
typedef struct proxy_connection proxy_connection;
|
||||
typedef struct proxy_context proxy_context;
|
||||
|
||||
|
||||
typedef enum {
|
||||
SS_WAIT_FOR_REQUEST,
|
||||
SS_CONNECT,
|
||||
SS_CONNECTING,
|
||||
SS_CONNECTED,
|
||||
SS_DONE
|
||||
} proxy_state;
|
||||
|
||||
|
||||
struct proxy_connection {
|
||||
proxy_context *ctx;
|
||||
liVRequest *vr;
|
||||
proxy_state state;
|
||||
int fd;
|
||||
ev_io fd_watcher;
|
||||
liChunkQueue *proxy_in, *proxy_out;
|
||||
|
||||
liHttpResponseCtx parse_response_ctx;
|
||||
gboolean response_headers_finished;
|
||||
};
|
||||
|
||||
struct proxy_context {
|
||||
gint refcount;
|
||||
liSocketAddress socket;
|
||||
GString *socket_str;
|
||||
guint timeout;
|
||||
liPlugin *plugin;
|
||||
};
|
||||
|
||||
/**********************************************************************************/
|
||||
|
||||
static proxy_context* proxy_context_new(liServer *srv, liPlugin *p, GString *dest_socket) {
|
||||
liSocketAddress saddr;
|
||||
proxy_context* ctx;
|
||||
saddr = li_sockaddr_from_string(dest_socket, 80);
|
||||
if (NULL == saddr.addr) {
|
||||
ERROR(srv, "Invalid socket address '%s'", dest_socket->str);
|
||||
return NULL;
|
||||
}
|
||||
ctx = g_slice_new0(proxy_context);
|
||||
ctx->refcount = 1;
|
||||
ctx->socket = saddr;
|
||||
ctx->timeout = 5;
|
||||
ctx->plugin = p;
|
||||
ctx->socket_str = g_string_new_len(GSTR_LEN(dest_socket));
|
||||
return ctx;
|
||||
}
|
||||
|
||||
static void proxy_context_release(proxy_context *ctx) {
|
||||
if (!ctx) return;
|
||||
assert(g_atomic_int_get(&ctx->refcount) > 0);
|
||||
if (g_atomic_int_dec_and_test(&ctx->refcount)) {
|
||||
li_sockaddr_clear(&ctx->socket);
|
||||
g_string_free(ctx->socket_str, TRUE);
|
||||
g_slice_free(proxy_context, ctx);
|
||||
}
|
||||
}
|
||||
|
||||
static void proxy_context_acquire(proxy_context *ctx) {
|
||||
assert(g_atomic_int_get(&ctx->refcount) > 0);
|
||||
g_atomic_int_inc(&ctx->refcount);
|
||||
}
|
||||
|
||||
static void proxy_fd_cb(struct ev_loop *loop, ev_io *w, int revents);
|
||||
|
||||
static proxy_connection* proxy_connection_new(liVRequest *vr, proxy_context *ctx) {
|
||||
proxy_connection* pcon = g_slice_new0(proxy_connection);
|
||||
|
||||
proxy_context_acquire(ctx);
|
||||
pcon->ctx = ctx;
|
||||
pcon->vr = vr;
|
||||
pcon->fd = -1;
|
||||
ev_init(&pcon->fd_watcher, proxy_fd_cb);
|
||||
ev_io_set(&pcon->fd_watcher, -1, 0);
|
||||
pcon->fd_watcher.data = pcon;
|
||||
pcon->proxy_in = li_chunkqueue_new();
|
||||
pcon->proxy_out = li_chunkqueue_new();
|
||||
pcon->state = SS_WAIT_FOR_REQUEST;
|
||||
li_http_response_parser_init(&pcon->parse_response_ctx, &vr->response, pcon->proxy_in, FALSE, FALSE);
|
||||
pcon->response_headers_finished = FALSE;
|
||||
return pcon;
|
||||
}
|
||||
|
||||
static void proxy_connection_free(proxy_connection *pcon) {
|
||||
liVRequest *vr;
|
||||
if (!pcon) return;
|
||||
|
||||
vr = pcon->vr;
|
||||
ev_io_stop(vr->wrk->loop, &pcon->fd_watcher);
|
||||
proxy_context_release(pcon->ctx);
|
||||
if (pcon->fd != -1) close(pcon->fd);
|
||||
|
||||
li_chunkqueue_free(pcon->proxy_in);
|
||||
li_chunkqueue_free(pcon->proxy_out);
|
||||
|
||||
li_http_response_parser_clear(&pcon->parse_response_ctx);
|
||||
|
||||
g_slice_free(proxy_connection, pcon);
|
||||
}
|
||||
|
||||
/**********************************************************************************/
|
||||
/* proxy stream helper */
|
||||
|
||||
static void stream_send_chunks(liChunkQueue *out, liChunkQueue *in) {
|
||||
li_chunkqueue_steal_all(out, in);
|
||||
|
||||
if (in->is_closed && !out->is_closed) {
|
||||
out->is_closed = TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
/**********************************************************************************/
|
||||
|
||||
static void proxy_send_headers(liVRequest *vr, proxy_connection *pcon) {
|
||||
GString *head = g_string_sized_new(4095);
|
||||
liHttpHeader *header;
|
||||
GList *iter;
|
||||
gchar *enc_path;
|
||||
|
||||
g_string_append_len(head, GSTR_LEN(vr->request.http_method_str));
|
||||
g_string_append_len(head, CONST_STR_LEN(" "));
|
||||
|
||||
enc_path = g_uri_escape_string(vr->request.uri.path->str, "/", FALSE);
|
||||
g_string_append(head, enc_path);
|
||||
g_free(enc_path);
|
||||
|
||||
if (vr->request.uri.query->len > 0) {
|
||||
g_string_append_len(head, CONST_STR_LEN("?"));
|
||||
g_string_append_len(head, GSTR_LEN(vr->request.uri.query));
|
||||
}
|
||||
|
||||
switch (vr->request.http_version) {
|
||||
case LI_HTTP_VERSION_1_1:
|
||||
g_string_append_len(head, CONST_STR_LEN(" HTTP/1.1"));
|
||||
break;
|
||||
case LI_HTTP_VERSION_1_0:
|
||||
default:
|
||||
g_string_append_len(head, CONST_STR_LEN(" HTTP/1.0"));
|
||||
break;
|
||||
}
|
||||
|
||||
#if 0
|
||||
proxy_append_header(con, "X-Forwarded-For", (char *)inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
|
||||
/* http_host is NOT is just a pointer to a buffer
|
||||
* which is NULL if it is not set */
|
||||
if (con->request.http_host &&
|
||||
!buffer_is_empty(con->request.http_host)) {
|
||||
proxy_set_header(con, "X-Host", con->request.http_host->ptr);
|
||||
}
|
||||
proxy_set_header(con, "X-Forwarded-Proto", con->conf.is_ssl ? "https" : "http");
|
||||
|
||||
/* request header */
|
||||
for (i = 0; i < con->request.headers->used; i++) {
|
||||
data_string *ds;
|
||||
|
||||
ds = (data_string *)con->request.headers->data[i];
|
||||
|
||||
if (ds->value->used && ds->key->used) {
|
||||
if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Connection"))) continue;
|
||||
if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Proxy-Connection"))) continue;
|
||||
|
||||
buffer_append_string_buffer(b, ds->key);
|
||||
buffer_append_string_len(b, CONST_STR_LEN(": "));
|
||||
buffer_append_string_buffer(b, ds->value);
|
||||
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
for (iter = g_queue_peek_head_link(&vr->request.headers->entries); iter; iter = g_list_next(iter)) {
|
||||
header = (liHttpHeader*) iter->data;
|
||||
g_string_append_len(head, GSTR_LEN(header->data));
|
||||
g_string_append_len(head, CONST_STR_LEN("\r\n"));
|
||||
}
|
||||
g_string_append_len(head, CONST_STR_LEN("\r\n"));
|
||||
|
||||
li_chunkqueue_append_string(pcon->proxy_out, head);
|
||||
}
|
||||
|
||||
static void proxy_forward_request(liVRequest *vr, proxy_connection *pcon) {
|
||||
stream_send_chunks(pcon->proxy_out, vr->in);
|
||||
if (pcon->proxy_out->length > 0)
|
||||
li_ev_io_add_events(vr->wrk->loop, &pcon->fd_watcher, EV_WRITE);
|
||||
}
|
||||
|
||||
/**********************************************************************************/
|
||||
|
||||
static liHandlerResult proxy_statemachine(liVRequest *vr, proxy_connection *pcon);
|
||||
|
||||
static void proxy_fd_cb(struct ev_loop *loop, ev_io *w, int revents) {
|
||||
proxy_connection *pcon = (proxy_connection*) w->data;
|
||||
|
||||
if (pcon->state == SS_CONNECTING) {
|
||||
if (LI_HANDLER_GO_ON != proxy_statemachine(pcon->vr, pcon)) {
|
||||
li_vrequest_error(pcon->vr);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
if (revents & EV_READ) {
|
||||
if (pcon->proxy_in->is_closed) {
|
||||
li_ev_io_rem_events(loop, w, EV_READ);
|
||||
} else {
|
||||
switch (li_network_read(pcon->vr, w->fd, pcon->proxy_in)) {
|
||||
case LI_NETWORK_STATUS_SUCCESS:
|
||||
break;
|
||||
case LI_NETWORK_STATUS_FATAL_ERROR:
|
||||
VR_ERROR(pcon->vr, "(%s) network read fatal error", pcon->ctx->socket_str->str);
|
||||
li_vrequest_error(pcon->vr);
|
||||
return;
|
||||
case LI_NETWORK_STATUS_CONNECTION_CLOSE:
|
||||
pcon->proxy_in->is_closed = TRUE;
|
||||
ev_io_stop(loop, w);
|
||||
close(pcon->fd);
|
||||
pcon->fd = -1;
|
||||
break;
|
||||
case LI_NETWORK_STATUS_WAIT_FOR_EVENT:
|
||||
break;
|
||||
case LI_NETWORK_STATUS_WAIT_FOR_AIO_EVENT:
|
||||
/* TODO: aio */
|
||||
li_ev_io_rem_events(loop, w, EV_READ);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (pcon->fd != -1 && (revents & EV_WRITE)) {
|
||||
if (pcon->proxy_out->length > 0) {
|
||||
switch (li_network_write(pcon->vr, w->fd, pcon->proxy_out, 256*1024)) {
|
||||
case LI_NETWORK_STATUS_SUCCESS:
|
||||
break;
|
||||
case LI_NETWORK_STATUS_FATAL_ERROR:
|
||||
VR_ERROR(pcon->vr, "(%s) network write fatal error", pcon->ctx->socket_str->str);
|
||||
li_vrequest_error(pcon->vr);
|
||||
return;
|
||||
case LI_NETWORK_STATUS_CONNECTION_CLOSE:
|
||||
pcon->proxy_in->is_closed = TRUE;
|
||||
ev_io_stop(loop, w);
|
||||
close(pcon->fd);
|
||||
pcon->fd = -1;
|
||||
break;
|
||||
case LI_NETWORK_STATUS_WAIT_FOR_EVENT:
|
||||
break;
|
||||
case LI_NETWORK_STATUS_WAIT_FOR_AIO_EVENT:
|
||||
li_ev_io_rem_events(loop, w, EV_WRITE);
|
||||
/* TODO: aio */
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (pcon->proxy_out->length == 0) {
|
||||
li_ev_io_rem_events(loop, w, EV_WRITE);
|
||||
}
|
||||
}
|
||||
|
||||
if (!pcon->response_headers_finished && LI_HANDLER_GO_ON == li_http_response_parse(pcon->vr, &pcon->parse_response_ctx)) {
|
||||
pcon->response_headers_finished = TRUE;
|
||||
li_vrequest_handle_response_headers(pcon->vr);
|
||||
}
|
||||
|
||||
if (pcon->response_headers_finished) {
|
||||
li_chunkqueue_steal_all(pcon->vr->out, pcon->proxy_in);
|
||||
pcon->vr->out->is_closed = pcon->proxy_in->is_closed;
|
||||
li_vrequest_handle_response_body(pcon->vr);
|
||||
}
|
||||
|
||||
/* only possible if we didn't found a header */
|
||||
if (pcon->proxy_in->is_closed && !pcon->vr->out->is_closed) {
|
||||
VR_ERROR(pcon->vr, "(%s) unexpected end-of-file (perhaps the proxy process died)", pcon->ctx->socket_str->str);
|
||||
li_vrequest_error(pcon->vr);
|
||||
}
|
||||
}
|
||||
|
||||
/**********************************************************************************/
|
||||
/* state machine */
|
||||
|
||||
static void proxy_close(liVRequest *vr, liPlugin *p);
|
||||
|
||||
static liHandlerResult proxy_statemachine(liVRequest *vr, proxy_connection *pcon) {
|
||||
liPlugin *p = pcon->ctx->plugin;
|
||||
|
||||
switch (pcon->state) {
|
||||
case SS_WAIT_FOR_REQUEST:
|
||||
/* do *not* wait until we have all data */
|
||||
pcon->state = SS_CONNECT;
|
||||
|
||||
/* fall through */
|
||||
case SS_CONNECT:
|
||||
do {
|
||||
pcon->fd = socket(pcon->ctx->socket.addr->plain.sa_family, SOCK_STREAM, 0);
|
||||
} while (-1 == pcon->fd && errno == EINTR);
|
||||
if (-1 == pcon->fd) {
|
||||
if (errno == EMFILE) {
|
||||
li_server_out_of_fds(vr->wrk->srv);
|
||||
}
|
||||
VR_ERROR(vr, "Couldn't open socket: %s", g_strerror(errno));
|
||||
return LI_HANDLER_ERROR;
|
||||
}
|
||||
li_fd_init(pcon->fd);
|
||||
ev_io_set(&pcon->fd_watcher, pcon->fd, EV_READ | EV_WRITE);
|
||||
ev_io_start(vr->wrk->loop, &pcon->fd_watcher);
|
||||
|
||||
/* fall through */
|
||||
case SS_CONNECTING:
|
||||
if (-1 == connect(pcon->fd, &pcon->ctx->socket.addr->plain, pcon->ctx->socket.len)) {
|
||||
switch (errno) {
|
||||
case EINPROGRESS:
|
||||
case EALREADY:
|
||||
case EINTR:
|
||||
pcon->state = SS_CONNECTING;
|
||||
return LI_HANDLER_GO_ON;
|
||||
case EAGAIN: /* backend overloaded */
|
||||
proxy_close(vr, p);
|
||||
li_vrequest_backend_overloaded(vr);
|
||||
return LI_HANDLER_GO_ON;
|
||||
default:
|
||||
VR_ERROR(vr, "Couldn't connect to '%s': %s",
|
||||
li_sockaddr_to_string(pcon->ctx->socket, vr->wrk->tmp_str, TRUE)->str,
|
||||
g_strerror(errno));
|
||||
proxy_close(vr, p);
|
||||
li_vrequest_backend_dead(vr);
|
||||
return LI_HANDLER_GO_ON;
|
||||
}
|
||||
}
|
||||
|
||||
pcon->state = SS_CONNECTED;
|
||||
|
||||
/* prepare stream */
|
||||
proxy_send_headers(vr, pcon);
|
||||
|
||||
/* fall through */
|
||||
case SS_CONNECTED:
|
||||
proxy_forward_request(vr, pcon);
|
||||
break;
|
||||
|
||||
case SS_DONE:
|
||||
break;
|
||||
}
|
||||
|
||||
return LI_HANDLER_GO_ON;
|
||||
}
|
||||
|
||||
|
||||
/**********************************************************************************/
|
||||
|
||||
static liHandlerResult proxy_handle(liVRequest *vr, gpointer param, gpointer *context) {
|
||||
proxy_context *ctx = (proxy_context*) param;
|
||||
proxy_connection *pcon;
|
||||
UNUSED(context);
|
||||
if (!li_vrequest_handle_indirect(vr, ctx->plugin)) return LI_HANDLER_GO_ON;
|
||||
|
||||
pcon = proxy_connection_new(vr, ctx);
|
||||
if (!pcon) {
|
||||
return LI_HANDLER_ERROR;
|
||||
}
|
||||
g_ptr_array_index(vr->plugin_ctx, ctx->plugin->id) = pcon;
|
||||
|
||||
li_chunkqueue_set_limit(pcon->proxy_in, vr->out->limit);
|
||||
li_chunkqueue_set_limit(pcon->proxy_out, vr->in->limit);
|
||||
if (vr->out->limit) vr->out->limit->io_watcher = &pcon->fd_watcher;
|
||||
|
||||
return proxy_statemachine(vr, pcon);
|
||||
}
|
||||
|
||||
|
||||
static liHandlerResult proxy_handle_request_body(liVRequest *vr, liPlugin *p) {
|
||||
proxy_connection *pcon = (proxy_connection*) g_ptr_array_index(vr->plugin_ctx, p->id);
|
||||
if (!pcon) return LI_HANDLER_ERROR;
|
||||
|
||||
return proxy_statemachine(vr, pcon);
|
||||
}
|
||||
|
||||
static void proxy_close(liVRequest *vr, liPlugin *p) {
|
||||
proxy_connection *pcon = (proxy_connection*) g_ptr_array_index(vr->plugin_ctx, p->id);
|
||||
g_ptr_array_index(vr->plugin_ctx, p->id) = NULL;
|
||||
if (pcon) {
|
||||
if (vr->out->limit) vr->out->limit->io_watcher = NULL;
|
||||
proxy_connection_free(pcon);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static void proxy_free(liServer *srv, gpointer param) {
|
||||
proxy_context *ctx = (proxy_context*) param;
|
||||
UNUSED(srv);
|
||||
|
||||
proxy_context_release(ctx);
|
||||
}
|
||||
|
||||
static liAction* proxy_create(liServer *srv, liPlugin* p, liValue *val) {
|
||||
proxy_context *ctx;
|
||||
|
||||
if (val->type != LI_VALUE_STRING) {
|
||||
ERROR(srv, "%s", "proxy expects a string as parameter");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
ctx = proxy_context_new(srv, p, val->data.string);
|
||||
if (!ctx) return NULL;
|
||||
|
||||
return li_action_new_function(proxy_handle, NULL, proxy_free, ctx);
|
||||
}
|
||||
|
||||
static const liPluginOption options[] = {
|
||||
{ NULL, 0, NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
static const liPluginAction actions[] = {
|
||||
{ "proxy", proxy_create },
|
||||
{ NULL, NULL }
|
||||
};
|
||||
|
||||
static const liPluginSetup setups[] = {
|
||||
{ NULL, NULL }
|
||||
};
|
||||
|
||||
|
||||
static void plugin_init(liServer *srv, liPlugin *p) {
|
||||
UNUSED(srv);
|
||||
|
||||
p->options = options;
|
||||
p->actions = actions;
|
||||
p->setups = setups;
|
||||
|
||||
p->handle_request_body = proxy_handle_request_body;
|
||||
p->handle_vrclose = proxy_close;
|
||||
}
|
||||
|
||||
|
||||
gboolean mod_proxy_init(liModules *mods, liModule *mod) {
|
||||
MODULE_VERSION_CHECK(mods);
|
||||
|
||||
mod->config = li_plugin_register(mods->main, "mod_proxy", plugin_init);
|
||||
|
||||
return mod->config != NULL;
|
||||
}
|
||||
|
||||
gboolean mod_proxy_free(liModules *mods, liModule *mod) {
|
||||
if (mod->config)
|
||||
li_plugin_free(mods->main, mod->config);
|
||||
|
||||
return TRUE;
|
||||
}
|
Loading…
Reference in new issue