/*
- * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
+ * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
/* DEBUG: section 05 Listener Socket Handler */
#include "squid.h"
+#include "acl/FilledChecklist.h"
#include "anyp/PortCfg.h"
#include "base/TextException.h"
#include "client_db.h"
#include "globals.h"
#include "ip/Intercept.h"
#include "ip/QosConfig.h"
+#include "log/access_log.h"
#include "MasterXaction.h"
#include "profiler/Profiler.h"
#include "SquidConfig.h"
bzero(&afa, sizeof(afa));
debugs(5, DBG_IMPORTANT, "Installing accept filter '" << Config.accept_filter << "' on " << conn);
xstrncpy(afa.af_name, Config.accept_filter, sizeof(afa.af_name));
- if (setsockopt(conn->fd, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa)) < 0)
- debugs(5, DBG_CRITICAL, "WARNING: SO_ACCEPTFILTER '" << Config.accept_filter << "': '" << xstrerror());
+ if (setsockopt(conn->fd, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa)) < 0) {
+ int xerrno = errno;
+ debugs(5, DBG_CRITICAL, "WARNING: SO_ACCEPTFILTER '" << Config.accept_filter << "': '" << xstrerr(xerrno));
+ }
#elif defined(TCP_DEFER_ACCEPT)
int seconds = 30;
if (strncmp(Config.accept_filter, "data=", 5) == 0)
seconds = atoi(Config.accept_filter + 5);
- if (setsockopt(conn->fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, &seconds, sizeof(seconds)) < 0)
- debugs(5, DBG_CRITICAL, "WARNING: TCP_DEFER_ACCEPT '" << Config.accept_filter << "': '" << xstrerror());
+ if (setsockopt(conn->fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, &seconds, sizeof(seconds)) < 0) {
+ int xerrno = errno;
+ debugs(5, DBG_CRITICAL, "WARNING: TCP_DEFER_ACCEPT '" << Config.accept_filter << "': '" << xstrerr(xerrno));
+ }
#else
debugs(5, DBG_CRITICAL, "WARNING: accept_filter not supported on your OS");
#endif
// Set TOS if needed.
// To correctly implement TOS values on listening sockets, probably requires
// more work to inherit TOS values to created connection objects.
- if (conn->tos &&
- Ip::Qos::setSockTos(conn->fd, conn->tos, conn->remote.isIPv4() ? AF_INET : AF_INET6) < 0)
- conn->tos = 0;
+ if (conn->tos)
+ Ip::Qos::setSockTos(conn, conn->tos)
#if SO_MARK
- if (conn->nfmark &&
- Ip::Qos::setSockNfmark(conn->fd, conn->nfmark) < 0)
- conn->nfmark = 0;
+ if (conn->nfmark)
+ Ip::Qos::setSockNfmark(conn, conn->nfmark);
#endif
#endif
} catch (const std::exception &e) {
fatalf("FATAL: error while accepting new client connection: %s\n", e.what());
} catch (...) {
- fatal("FATAL: error while accepting new client connection: [unkown]\n");
+ fatal("FATAL: error while accepting new client connection: [unknown]\n");
}
}
return false;
}
+static void
+logAcceptError(const Comm::ConnectionPointer &conn)
+{
+ AccessLogEntry::Pointer al = new AccessLogEntry;
+ al->tcpClient = conn;
+ al->url = "error:accept-client-connection";
+ ACLFilledChecklist ch(nullptr, nullptr, nullptr);
+ ch.src_addr = conn->remote;
+ ch.my_addr = conn->local;
+ accessLogLog(al, &ch);
+}
+
void
Comm::TcpAcceptor::acceptOne()
{
// A non-recoverable error; notify the caller */
debugs(5, 5, HERE << "non-recoverable error:" << status() << " handler Subscription: " << theCallSub);
+ if (intendedForUserConnections())
+ logAcceptError(newConnDetails);
notify(flag, newConnDetails);
mustStop("Listener socket closed");
return;
if (theCallSub != NULL) {
AsyncCall::Pointer call = theCallSub->callback();
CommAcceptCbParams ¶ms = GetCommParams<CommAcceptCbParams>(call);
- params.xaction = new MasterXaction;
+ params.xaction = new MasterXaction(XactionInitiator::initClient);
params.xaction->squidPort = listenPort_;
params.fd = conn->fd;
params.conn = params.xaction->tcpClient = newConnDetails;
PROF_stop(comm_accept);
- if (ignoreErrno(errno)) {
- debugs(50, 5, HERE << status() << ": " << xstrerror());
+ if (ignoreErrno(errcode)) {
+ debugs(50, 5, status() << ": " << xstrerr(errcode));
return Comm::NOMESSAGE;
} else if (ENFILE == errno || EMFILE == errno) {
- debugs(50, 3, HERE << status() << ": " << xstrerror());
+ debugs(50, 3, status() << ": " << xstrerr(errcode));
return Comm::COMM_ERROR;
} else {
- debugs(50, DBG_IMPORTANT, HERE << status() << ": " << xstrerror());
+ debugs(50, DBG_IMPORTANT, MYNAME << status() << ": " << xstrerr(errcode));
return Comm::COMM_ERROR;
}
}
if (clientdbEstablished(details->remote, 0) > Config.client_ip_max_connections) {
debugs(50, DBG_IMPORTANT, "WARNING: " << details->remote << " attempting more than " << Config.client_ip_max_connections << " connections.");
Ip::Address::FreeAddr(gai);
+ PROF_stop(comm_accept);
return Comm::COMM_ERROR;
}
}
Ip::Address::InitAddr(gai);
details->local.setEmpty();
if (getsockname(sock, gai->ai_addr, &gai->ai_addrlen) != 0) {
- debugs(50, DBG_IMPORTANT, "ERROR: getsockname() failed to locate local-IP on " << details << ": " << xstrerror());
+ int xerrno = errno;
+ debugs(50, DBG_IMPORTANT, "ERROR: getsockname() failed to locate local-IP on " << details << ": " << xstrerr(xerrno));
Ip::Address::FreeAddr(gai);
+ PROF_stop(comm_accept);
return Comm::COMM_ERROR;
}
details->local = *gai;
// so we end up with a uniform "(HTTP|FTP-data|HTTPS|...) remote-ip:remote-port"
fd_open(sock, FD_SOCKET, "HTTP Request");
- fdd_table[sock].close_file = NULL;
- fdd_table[sock].close_line = 0;
-
fde *F = &fd_table[sock];
details->remote.toStr(F->ipaddr,MAX_IPSTRLEN);
F->remote_port = details->remote.port();
// Perform NAT or TPROXY operations to retrieve the real client/dest IP addresses
if (conn->flags&(COMM_TRANSPARENT|COMM_INTERCEPTION) && !Ip::Interceptor.Lookup(details, conn)) {
+ debugs(50, DBG_IMPORTANT, "ERROR: NAT/TPROXY lookup failed to locate original IPs on " << details);
// Failed.
+ PROF_stop(comm_accept);
return Comm::COMM_ERROR;
}
projects / thirdparty / squid.git / blobdiff