MINOR: checks: add linger option to tcp connect

Allow declaring tcpcheck connect commands with a new parameter,
"linger". This option will configure the connection to avoid using an
RST segment to close, instead following the four-way termination
handshake. Some servers would otherwise log each healthcheck as
an error.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 45312fd44477de7e59f4f2c7b2ca6b56759a96cd..df0928003d9e7ace33cefaf845a3b2d40ea58546 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9817,6 +9817,8 @@ tcp-check connect [params*]
 
     ssl          opens a ciphered connection
 
+    linger    cleanly close the connection instead of using a single RST.
+
     Examples:
          # check HTTP and HTTPs services on a server.
          # first open port 80 thanks to server line port directive, then
@@ -9836,7 +9838,7 @@ tcp-check connect [params*]
 
          # check both POP and IMAP from a single server:
          option tcp-check
-         tcp-check connect port 110
+         tcp-check connect port 110 linger
          tcp-check expect string +OK\ POP3\ ready
          tcp-check connect port 143
          tcp-check expect string *\ OK\ IMAP4\ ready

diff --git a/include/types/checks.h b/include/types/checks.h
index 93d552ff17dff484c131ae0671ab3261b2ea6acd..d284d3f0e145ccca77d2fe8a865d7bb6ac30a40f 100644 (file)
--- a/include/types/checks.h
+++ b/include/types/checks.h
@@ -223,6 +223,7 @@ enum tcpcheck_rule_type {
 #define TCPCHK_OPT_NONE         0x0000  /* no options specified, default */
 #define TCPCHK_OPT_SEND_PROXY   0x0001  /* send proxy-protocol string */
 #define TCPCHK_OPT_SSL          0x0002  /* SSL connection */
+#define TCPCHK_OPT_LINGER       0x0004  /* Do not RST connection, let it linger */
 
 struct tcpcheck_rule {
        struct list list;                       /* list linked to from the proxy */

diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index 4b099c181d03a2e6315a6439bdb0fd6f4d603ee7..1f74ddbe4ea6b6174ff595c60ff7554c652a16d1 100644 (file)
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -3097,6 +3097,10 @@ stats_error_parsing:
                                        cur_arg++;
                                }
 #endif /* USE_OPENSSL */
+                               else if (strcmp(args[cur_arg], "linger") == 0) {
+                                       tcpcheck->conn_opts |= TCPCHK_OPT_LINGER;
+                                       cur_arg++;
+                               }
                                /* comment for this tcpcheck line */
                                else if (strcmp(args[cur_arg], "comment") == 0) {
                                        if (!*args[cur_arg + 1]) {
@@ -3110,9 +3114,9 @@ stats_error_parsing:
                                }
                                else {
 #ifdef USE_OPENSSL
-                                       ha_alert("parsing [%s:%d] : '%s %s' expects 'comment', 'port', 'send-proxy' or 'ssl' but got '%s' as argument.\n",
+                                       ha_alert("parsing [%s:%d] : '%s %s' expects 'comment', 'port', 'send-proxy', 'ssl' or 'linger' but got '%s' as argument.\n",
 #else /* USE_OPENSSL */
-                                       ha_alert("parsing [%s:%d] : '%s %s' expects 'comment', 'port', 'send-proxy' or but got '%s' as argument.\n",
+                                       ha_alert("parsing [%s:%d] : '%s %s' expects 'comment', 'port', 'send-proxy' or 'linger' but got '%s' as argument.\n",
 #endif /* USE_OPENSSL */
                                                 file, linenum, args[0], args[1], args[cur_arg]);
                                        err_code |= ERR_ALERT | ERR_FATAL;

diff --git a/src/checks.c b/src/checks.c
index bb45026bfd7738b5ed36a8041b57e38ec31e5f34..65030afe6dca84c20b49e9e34cfe2ad0cbe47c6c 100644 (file)
--- a/src/checks.c
+++ b/src/checks.c
@@ -2993,6 +2993,12 @@ static int tcpcheck_main(struct check *check)
                                        ret = SF_ERR_RESOURCE;
                        }
 
+                       if (conn_ctrl_ready(conn) &&
+                           check->current_step->conn_opts & TCPCHK_OPT_LINGER) {
+                               /* Some servers don't like reset on close */
+                               fdtab[cs->conn->handle.fd].linger_risk = 0;
+                       }
+
                        /* It can return one of :
                         *  - SF_ERR_NONE if everything's OK
                         *  - SF_ERR_SRVTO if there are no more servers