MINOR: connection: add a new flag CO_FL_PRIVATE

This flag is set on an outgoing connection when this connection gets
some properties that must not be shared with other connections, such
as dynamic transparent source binding, SNI or a proxy protocol header,
or an authentication challenge from the server. This will be needed
later to implement connection reuse.

diff --git a/include/types/connection.h b/include/types/connection.h
index 8192ef5a640195b8f77c6ba292f1b96dcb8568e5..12a96854f09762c7f23e1c63dd755e115c64a25c 100644 (file)
--- a/include/types/connection.h
+++ b/include/types/connection.h
@@ -119,7 +119,10 @@ enum {
         */
        CO_FL_POLL_SOCK     = CO_FL_HANDSHAKE | CO_FL_WAIT_L4_CONN | CO_FL_WAIT_L6_CONN,
 
-       /* unused : 0x10000000, 0x20000000, 0x40000000 */
+       /* This connection may not be shared between clients */
+       CO_FL_PRIVATE       = 0x10000000,
+
+       /* unused : 0x20000000, 0x40000000 */
 
        /* This last flag indicates that the transport layer is used (for instance
         * by logs) and must not be cleared yet. The last call to conn_xprt_close()

diff --git a/src/backend.c b/src/backend.c
index bbe9573a52561eec2f6363f7e6bd2bcb31904572..3c00acfd66fbafdf9515224e6837e1f5341f17c1 100644 (file)
--- a/src/backend.c
+++ b/src/backend.c
@@ -1087,6 +1087,7 @@ int connect_server(struct stream *s)
                /* process the case where the server requires the PROXY protocol to be sent */
                srv_conn->send_proxy_ofs = 0;
                if (srv && srv->pp_opts) {
+                       srv_conn->flags |= CO_FL_PRIVATE;
                        srv_conn->send_proxy_ofs = 1; /* must compute size */
                        cli_conn = objt_conn(strm_orig(s));
                        if (cli_conn)
@@ -1152,6 +1153,7 @@ int connect_server(struct stream *s)
                                        smp->data.str.len = smp->data.str.size - 1;
                                smp->data.str.str[smp->data.str.len] = 0;
                                ssl_sock_set_servername(srv_conn, smp->data.str.str);
+                               srv_conn->flags |= CO_FL_PRIVATE;
                        }
                }
 #endif /* USE_OPENSSL */

diff --git a/src/proto_http.c b/src/proto_http.c
index d1acf30a9aa6e02e8792cdb3325ca85b13860cb7..fb831b983326b4c14ec159df141fe948a0fe2187 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -5155,6 +5155,7 @@ void http_end_txn_clean_session(struct stream *s)
                 * it's better to do it (at least it helps with debugging).
                 */
                s->txn->flags |= TX_PREFER_LAST;
+               srv_conn->flags |= CO_FL_PRIVATE;
        }
 
        if (fe->options2 & PR_O2_INDEPSTR)

diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 734d469bd697bdbec16991cac0daf79286e73e2f..e6da5d18e42ccd7840af5c769e7717436c0f1657 100644 (file)
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -474,12 +474,15 @@ int tcp_connect_server(struct connection *conn, int data, int delack)
 
                if (is_inet_addr(&conn->addr.from)) {
                        switch (src->opts & CO_SRC_TPROXY_MASK) {
-                       case CO_SRC_TPROXY_ADDR:
                        case CO_SRC_TPROXY_CLI:
+                               conn->flags |= CO_FL_PRIVATE;
+                               /* fall through */
+                       case CO_SRC_TPROXY_ADDR:
                                flags = 3;
                                break;
                        case CO_SRC_TPROXY_CIP:
                        case CO_SRC_TPROXY_DYN:
+                               conn->flags |= CO_FL_PRIVATE;
                                flags = 1;
                                break;
                        }