From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 1 Jul 2020 13:26:14 +0000 (+0200)
Subject: MINOR: connection: Add a wrapper to mark a connection as private
X-Git-Tag: v2.3-dev1~29
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=21ddc74e8a9c20310c39b1a8b6fc284616fa8c3a;p=thirdparty%2Fhaproxy.git

MINOR: connection: Add a wrapper to mark a connection as private

To set a connection as private, the conn_set_private() function must now be
called. It sets the CO_FL_PRIVATE flags, but it also remove the connection from
the available connection list, if necessary. For now, it never happens because
only HTTP/1 connections may be set as private after their creation. And these
connections are never inserted in the available connection list.
---

diff --git a/include/haproxy/connection.h b/include/haproxy/connection.h
index f8f235c1a7..b097488602 100644
--- a/include/haproxy/connection.h
+++ b/include/haproxy/connection.h
@@ -342,6 +342,17 @@ static inline void conn_set_owner(struct connection *conn, void *owner, void (*c
 	conn->destroy_cb = cb;
 }
 
+
+/* Mark the connection <conn> as private and remove it from the available connection list */
+static inline void conn_set_private(struct connection *conn)
+{
+	conn->flags |= CO_FL_PRIVATE;
+
+	/* Be sure to remove the connection from the available_conns list */
+	if (!MT_LIST_ISEMPTY(&conn->list))
+		MT_LIST_DEL(&conn->list);
+}
+
 /* Allocates a struct sockaddr from the pool if needed, assigns it to *sap and
  * returns it. If <sap> is NULL, the address is always allocated and returned.
  * if <sap> is non-null, an address will only be allocated if it points to a
diff --git a/src/backend.c b/src/backend.c
index e94fc1faf4..c83371e0d8 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -1403,7 +1403,7 @@ int connect_server(struct stream *s)
 		srv_cs = NULL;
 
 		if ((s->be->options & PR_O_REUSE_MASK) == PR_O_REUSE_NEVR)
-			conn->flags |= CO_FL_PRIVATE;
+			conn_set_private(srv_conn);
 	}
 
 	if (srv_conn && srv && was_unused) {
@@ -1474,7 +1474,7 @@ int connect_server(struct stream *s)
 		srv_conn->send_proxy_ofs = 0;
 
 		if (srv && srv->pp_opts) {
-			srv_conn->flags |= CO_FL_PRIVATE;
+			conn_set_private(srv_conn);
 			srv_conn->flags |= CO_FL_SEND_PROXY;
 			srv_conn->send_proxy_ofs = 1; /* must compute size */
 			if (cli_conn)
@@ -1530,7 +1530,7 @@ int connect_server(struct stream *s)
 					   srv->ssl_ctx.sni, SMP_T_STR);
 		if (smp_make_safe(smp)) {
 			ssl_sock_set_servername(srv_conn, smp->data.u.str.area);
-			srv_conn->flags |= CO_FL_PRIVATE;
+			conn_set_private(srv_conn);
 		}
 	}
 #endif /* USE_OPENSSL */
diff --git a/src/http_ana.c b/src/http_ana.c
index f394f98743..71e723c384 100644
--- a/src/http_ana.c
+++ b/src/http_ana.c
@@ -1838,7 +1838,7 @@ int http_wait_for_response(struct stream *s, struct channel *rep, int an_bit)
 			if ((ctx.value.len >= 4 && strncasecmp(ctx.value.ptr, "Nego", 4) == 0) ||
 			    (ctx.value.len >= 4 && strncasecmp(ctx.value.ptr, "NTLM", 4) == 0)) {
 				sess->flags |= SESS_FL_PREFER_LAST;
-				srv_conn->flags |= CO_FL_PRIVATE;
+				conn_set_private(srv_conn);
 				break;
 			}
 		}
diff --git a/src/mux_fcgi.c b/src/mux_fcgi.c
index 7cd5612195..64b91fdb46 100644
--- a/src/mux_fcgi.c
+++ b/src/mux_fcgi.c
@@ -3560,10 +3560,6 @@ static void fcgi_detach(struct conn_stream *cs)
 					return;
 				}
 			}
-
-			/* Be sure to remove the connection from the available_conns list */
-			if (!MT_LIST_ISEMPTY(&fconn->conn->list))
-				MT_LIST_DEL(&fconn->conn->list);
 		}
 		else {
 			if (eb_is_empty(&fconn->streams_by_id)) {
diff --git a/src/mux_h2.c b/src/mux_h2.c
index 22c67b02a7..bb554258ba 100644
--- a/src/mux_h2.c
+++ b/src/mux_h2.c
@@ -3961,10 +3961,6 @@ static void h2_detach(struct conn_stream *cs)
 						return;
 					}
 				}
-
-				/* Be sure to remove the connection from the available_conns list */
-				if (!MT_LIST_ISEMPTY(&h2c->conn->list))
-					MT_LIST_DEL(&h2c->conn->list);
 			}
 			else {
 				if (eb_is_empty(&h2c->streams_by_id)) {
diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index b772c88d9f..f2bc3de224 100644
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -415,14 +415,14 @@ int tcp_connect_server(struct connection *conn, int flags)
 		if (conn->src && is_inet_addr(conn->src)) {
 			switch (src->opts & CO_SRC_TPROXY_MASK) {
 			case CO_SRC_TPROXY_CLI:
-				conn->flags |= CO_FL_PRIVATE;
+				conn_set_private(conn);
 				/* fall through */
 			case CO_SRC_TPROXY_ADDR:
 				flags = 3;
 				break;
 			case CO_SRC_TPROXY_CIP:
 			case CO_SRC_TPROXY_DYN:
-				conn->flags |= CO_FL_PRIVATE;
+				conn_set_private(conn);
 				flags = 1;
 				break;
 			}
diff --git a/src/tcpcheck.c b/src/tcpcheck.c
index 4b8806c659..4e714fa352 100644
--- a/src/tcpcheck.c
+++ b/src/tcpcheck.c
@@ -1093,7 +1093,7 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec
 	if (status != SF_ERR_NONE)
 		goto fail_check;
 
-	conn->flags |= CO_FL_PRIVATE;
+	conn_set_private(conn);
 	conn->ctx = cs;
 
 	/* The mux may be initialized now if there isn't server attached to the