From: Amaury Denoyelle Date: Thu, 19 Oct 2023 09:07:15 +0000 (+0200) Subject: MINOR: server: convert @reverse to rev@ standard format X-Git-Tag: v2.9-dev8~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9d4c7c1151c5f9ec721645f9a81ba7c5b4a34906;p=thirdparty%2Fhaproxy.git MINOR: server: convert @reverse to rev@ standard format Remove the recently introduced '@reverse' notation for HTTP reverse servers. Instead, reuse the 'rev@' prefix already defined for bind lines. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index 25683f4847..7ef9d724f1 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -11534,18 +11534,13 @@ server
[:[port]] [param*] one of them over the FD. The bind part will use the received socket as the client FD. Should be used carefully. + - 'rev@' -> custom address family for a passive server in + HTTP reverse context. You may want to reference some environment variables in the address parameter, see section 2.3 about environment variables. The "init-addr" setting can be used to modify the way IP addresses should be resolved upon startup. - Additionally, there is a special address notation defined for - servers which does not have any address assigned. Currently, only - '@reverse' is valid. This instantiates a server which can only be - used with reverse connect. This mode requires the proxy to be in - HTTP mode and the server to explicitly use HTTP/2, either through - 'proto' or 'alpn' keywords. - is an optional port specification. If set, all connections will be sent to this port. If unset, the same port the client connected to will be used. The port may also be prefixed by a "+" diff --git a/include/haproxy/proto_reverse_connect.h b/include/haproxy/proto_reverse_connect.h index 0c07356e09..a2113d35c1 100644 --- a/include/haproxy/proto_reverse_connect.h +++ b/include/haproxy/proto_reverse_connect.h @@ -14,6 +14,8 @@ struct connection *rev_accept_conn(struct listener *l, int *status); void rev_unbind_receiver(struct listener *l); int rev_set_affinity(struct connection *conn, int new_tid); +int rev_connect(struct connection *conn, int flags); + int rev_accepting_conn(const struct receiver *rx); void rev_notify_preconn_err(struct listener *l); diff --git a/reg-tests/connection/reverse_connect_full.vtc b/reg-tests/connection/reverse_connect_full.vtc index e8b051ba53..1124f6a467 100644 --- a/reg-tests/connection/reverse_connect_full.vtc +++ b/reg-tests/connection/reverse_connect_full.vtc @@ -21,7 +21,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse + server dev rev@ frontend priv bind "fd@${priv}" proto h2 diff --git a/reg-tests/connection/reverse_server.vtc b/reg-tests/connection/reverse_server.vtc index 40ddc49d3d..43edcdfeaf 100644 --- a/reg-tests/connection/reverse_server.vtc +++ b/reg-tests/connection/reverse_server.vtc @@ -18,7 +18,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse + server dev rev@ frontend priv bind "fd@${priv}" proto h2 diff --git a/reg-tests/connection/reverse_server_name.vtc b/reg-tests/connection/reverse_server_name.vtc index b8d5cf885c..76473d5416 100644 --- a/reg-tests/connection/reverse_server_name.vtc +++ b/reg-tests/connection/reverse_server_name.vtc @@ -19,7 +19,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse ssl sni hdr(x-name) verify none + server dev rev@ ssl sni hdr(x-name) verify none frontend priv bind "fd@${priv}" ssl crt ${testdir}/common.pem verify required ca-verify-file ${testdir}/ca-auth.crt alpn h2 diff --git a/src/proto_reverse_connect.c b/src/proto_reverse_connect.c index 293c13418e..e02620476c 100644 --- a/src/proto_reverse_connect.c +++ b/src/proto_reverse_connect.c @@ -36,6 +36,8 @@ struct protocol proto_reverse_connect = { .accept_conn = rev_accept_conn, .set_affinity = rev_set_affinity, + .connect = rev_connect, + /* address family */ .fam = &proto_fam_reverse_connect, @@ -343,6 +345,12 @@ int rev_set_affinity(struct connection *conn, int new_tid) return -1; } +/* Simple callback to enable definition of passive HTTP reverse servers. */ +int rev_connect(struct connection *conn, int flags) +{ + return SF_ERR_NONE; +} + int rev_accepting_conn(const struct receiver *rx) { return 1; diff --git a/src/server.c b/src/server.c index 3c40ca7fe6..e7ce3d70b2 100644 --- a/src/server.c +++ b/src/server.c @@ -2805,22 +2805,6 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg, else newsrv->tmpl_info.prefix = strdup(args[1]); - /* special address specifier */ - if (args[*cur_arg][0] == '@') { - if (strcmp(args[*cur_arg], "@reverse") == 0) { - newsrv->flags |= SRV_F_REVERSE; - } - else { - ha_alert("unknown server address specifier '%s'\n", - args[*cur_arg]); - err_code |= ERR_ALERT | ERR_FATAL; - goto out; - } - - (*cur_arg)++; - parse_flags &= ~SRV_PARSE_PARSE_ADDR; - } - /* several ways to check the port component : * - IP => port=+0, relative (IPv4 only) * - IP: => port=+0, relative @@ -2845,8 +2829,13 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg, } if (!port1 || !port2) { - /* no port specified, +offset, -offset */ - newsrv->flags |= SRV_F_MAPPORTS; + if (sk->ss_family != AF_CUST_REV_SRV) { + /* no port specified, +offset, -offset */ + newsrv->flags |= SRV_F_MAPPORTS; + } + else { + newsrv->flags |= SRV_F_REVERSE; + } } /* save hostname and create associated name resolution */