From: Willy Tarreau Date: Wed, 17 Jul 2019 09:27:38 +0000 (+0200) Subject: MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping X-Git-Tag: v2.1-dev2~327 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3cc01d84b30ee216cb8ab5eec504cb26641f314f;p=thirdparty%2Fhaproxy.git MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping The backend connect code uses conn_get_{from,to}_addr to forward addresses in transparent mode and to map server ports, without really checking if the operation succeeds. In preparation of future changes, let's switch to conn_get_{src,dst}() and integrate status check for possible failures. --- diff --git a/include/proto/stream_interface.h b/include/proto/stream_interface.h index 6727921ebc..e0f699184c 100644 --- a/include/proto/stream_interface.h +++ b/include/proto/stream_interface.h @@ -526,7 +526,7 @@ static inline int si_connect(struct stream_interface *si, struct connection *con /* needs src ip/port for logging */ if (si->flags & SI_FL_SRC_ADDR) - conn_get_from_addr(conn); + conn_get_src(conn); return ret; } diff --git a/src/backend.c b/src/backend.c index 169481c461..dc0c2985cf 100644 --- a/src/backend.c +++ b/src/backend.c @@ -678,12 +678,12 @@ int assign_server(struct stream *s) switch (s->be->lbprm.algo & BE_LB_PARM) { case BE_LB_HASH_SRC: conn = objt_conn(strm_orig(s)); - if (conn && conn->addr.from.ss_family == AF_INET) { + if (conn && conn_get_src(conn) && conn->addr.from.ss_family == AF_INET) { srv = get_server_sh(s->be, (void *)&((struct sockaddr_in *)&conn->addr.from)->sin_addr, 4, prev_srv); } - else if (conn && conn->addr.from.ss_family == AF_INET6) { + else if (conn && conn_get_src(conn) && conn->addr.from.ss_family == AF_INET6) { srv = get_server_sh(s->be, (void *)&((struct sockaddr_in6 *)&conn->addr.from)->sin6_addr, 16, prev_srv); @@ -840,9 +840,9 @@ int assign_server_address(struct stream *s, struct connection *srv_conn) * locally on multiple addresses at once. Nothing is done * for AF_UNIX addresses. */ - conn_get_to_addr(cli_conn); - - if (cli_conn->addr.to.ss_family == AF_INET) { + if (!conn_get_dst(cli_conn)) { + /* do nothing if we can't retrieve the address */ + } else if (cli_conn->addr.to.ss_family == AF_INET) { ((struct sockaddr_in *)&srv_conn->addr.to)->sin_addr = ((struct sockaddr_in *)&cli_conn->addr.to)->sin_addr; } else if (cli_conn->addr.to.ss_family == AF_INET6) { ((struct sockaddr_in6 *)&srv_conn->addr.to)->sin6_addr = ((struct sockaddr_in6 *)&cli_conn->addr.to)->sin6_addr; @@ -854,14 +854,14 @@ int assign_server_address(struct stream *s, struct connection *srv_conn) if ((__objt_server(s->target)->flags & SRV_F_MAPPORTS) && cli_conn) { int base_port; - conn_get_to_addr(cli_conn); - - /* First, retrieve the port from the incoming connection */ - base_port = get_host_port(&cli_conn->addr.to); + if (conn_get_dst(cli_conn)) { + /* First, retrieve the port from the incoming connection */ + base_port = get_host_port(&cli_conn->addr.to); - /* Second, assign the outgoing connection's port */ - base_port += get_host_port(&srv_conn->addr.to); - set_host_port(&srv_conn->addr.to, base_port); + /* Second, assign the outgoing connection's port */ + base_port += get_host_port(&srv_conn->addr.to); + set_host_port(&srv_conn->addr.to, base_port); + } } } else if (s->be->options & PR_O_DISPATCH) { @@ -870,9 +870,8 @@ int assign_server_address(struct stream *s, struct connection *srv_conn) } else if ((s->be->options & PR_O_TRANSP) && cli_conn) { /* in transparent mode, use the original dest addr if no dispatch specified */ - conn_get_to_addr(cli_conn); - - if (cli_conn->addr.to.ss_family == AF_INET || cli_conn->addr.to.ss_family == AF_INET6) + if (conn_get_dst(cli_conn) && + (cli_conn->addr.to.ss_family == AF_INET || cli_conn->addr.to.ss_family == AF_INET6)) srv_conn->addr.to = cli_conn->addr.to; } else if (s->be->options & PR_O_HTTP_PROXY) { @@ -1046,7 +1045,7 @@ static void assign_tproxy_address(struct stream *s) case CO_SRC_TPROXY_CIP: /* FIXME: what can we do if the client connects in IPv6 or unix socket ? */ cli_conn = objt_conn(strm_orig(s)); - if (cli_conn) + if (cli_conn && conn_get_src(cli_conn)) srv_conn->addr.from = cli_conn->addr.from; else memset(&srv_conn->addr.from, 0, sizeof(srv_conn->addr.from)); @@ -1474,7 +1473,7 @@ int connect_server(struct stream *s) srv_conn->flags |= CO_FL_SEND_PROXY; srv_conn->send_proxy_ofs = 1; /* must compute size */ if (cli_conn) - conn_get_to_addr(cli_conn); + conn_get_dst(cli_conn); } assign_tproxy_address(s);