From: Willy Tarreau Date: Wed, 17 Jul 2019 17:04:47 +0000 (+0200) Subject: MEDIUM: connection: make sure all address producers allocate their address X-Git-Tag: v2.1-dev2~299 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ca79f59365c03c7c7422c80e9d9986f8834a95b8;p=thirdparty%2Fhaproxy.git MEDIUM: connection: make sure all address producers allocate their address This commit places calls to sockaddr_alloc() at the places where an address is needed, and makes sure that the allocation is properly tested. This does not add too many error paths since connection allocations are already in the vicinity and share the same error paths. For the two cases where a clear_addr() was called, instead the address was not allocated. --- diff --git a/include/proto/connection.h b/include/proto/connection.h index c1ce51d22a..6d2e78401a 100644 --- a/include/proto/connection.h +++ b/include/proto/connection.h @@ -675,6 +675,9 @@ static inline int conn_get_src(struct connection *conn) if (!conn_ctrl_ready(conn) || !conn->ctrl->get_src) return 0; + if (!sockaddr_alloc(&conn->src)) + return 0; + if (conn->ctrl->get_src(conn->handle.fd, (struct sockaddr *)conn->src, sizeof(*conn->src), obj_type(conn->target) != OBJ_TYPE_LISTENER) == -1) @@ -695,6 +698,9 @@ static inline int conn_get_dst(struct connection *conn) if (!conn_ctrl_ready(conn) || !conn->ctrl->get_dst) return 0; + if (!sockaddr_alloc(&conn->dst)) + return 0; + if (conn->ctrl->get_dst(conn->handle.fd, (struct sockaddr *)conn->dst, sizeof(*conn->dst), obj_type(conn->target) != OBJ_TYPE_LISTENER) == -1) diff --git a/src/backend.c b/src/backend.c index 18d2498716..dcf364201b 100644 --- a/src/backend.c +++ b/src/backend.c @@ -826,7 +826,8 @@ int assign_server_address(struct stream *s, struct connection *srv_conn) DPRINTF(stderr,"assign_server_address : s=%p\n",s); - /* FIXME WTA: an address allocation will soon be needed here */ + if (!sockaddr_alloc(&srv_conn->dst)) + return SRV_STATUS_INTERNAL; if ((s->flags & SF_DIRECT) || (s->be->lbprm.algo & BE_LB_KIND)) { /* A server is necessarily known for this stream */ @@ -1039,7 +1040,8 @@ static void assign_tproxy_address(struct stream *s) else return; - /* FIXME WTA: an address allocation will soon be needed here for src */ + if (!sockaddr_alloc(&srv_conn->src)) + return; switch (src->opts & CO_SRC_TPROXY_MASK) { case CO_SRC_TPROXY_ADDR: diff --git a/src/checks.c b/src/checks.c index c2fc87c38e..61acb17c0f 100644 --- a/src/checks.c +++ b/src/checks.c @@ -1614,7 +1614,9 @@ static int connect_conn_chk(struct task *t) /* Maybe there were an older connection we were waiting on */ check->wait_list.events = 0; - /* FIXME WTA: we'll have to dynamically allocate the dst address here */ + if (!sockaddr_alloc(&conn->dst)) + return SF_ERR_RESOURCE; + if (is_addr(&check->addr)) { /* we'll connect to the check addr specified on the server */ *conn->dst = check->addr; @@ -1643,10 +1645,6 @@ static int connect_conn_chk(struct task *t) } /* no client address */ - /* FIXME WTA: we'll have to dynamically allocate the src address here - * before clearing it, or better release it and make it null. - */ - clear_addr(conn->src); conn_prepare(conn, proto, check->xprt); if (conn_install_mux(conn, &mux_pt_ops, cs, s->proxy, NULL) < 0) @@ -2862,12 +2860,12 @@ static int tcpcheck_main(struct check *check) conn->target = s ? &s->obj_type : &proxy->obj_type; /* no client address */ - /* FIXME WTA: we'll have to dynamically allocate the src address here - * before clearing it, or better release it and make it null. - */ - clear_addr(conn->src); - /* FIXME WTA: we'll have to dynamically allocate the dst address here */ + if (!sockaddr_alloc(&conn->dst)) { + ret = SF_ERR_RESOURCE; + goto fail_check; + } + if (is_addr(&check->addr)) { /* we'll connect to the check addr specified on the server */ *conn->dst = check->addr; diff --git a/src/connection.c b/src/connection.c index 0277309aca..602fc79ec4 100644 --- a/src/connection.c +++ b/src/connection.c @@ -402,6 +402,9 @@ int conn_recv_proxy(struct connection *conn, int flag) if (!conn_ctrl_ready(conn)) goto fail; + if (!sockaddr_alloc(&conn->src) || !sockaddr_alloc(&conn->dst)) + goto fail; + if (!fd_recv_ready(conn->handle.fd)) goto not_ready; diff --git a/src/hlua.c b/src/hlua.c index 150faecb75..49f056c398 100644 --- a/src/hlua.c +++ b/src/hlua.c @@ -2461,7 +2461,11 @@ __LJMP static int hlua_socket_connect(struct lua_State *L) WILL_LJMP(luaL_error(L, "connect: port ranges not supported : address '%s'", ip)); } - /* FIXME WTA: dst address allocation needed here! */ + if (!sockaddr_alloc(&conn->dst)) { + xref_unlock(&socket->xref, peer); + WILL_LJMP(luaL_error(L, "connect: internal error")); + } + memcpy(conn->dst, addr, sizeof(struct sockaddr_storage)); /* Set port. */ diff --git a/src/http_ana.c b/src/http_ana.c index c5c928d167..782c1689df 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -741,7 +741,8 @@ int http_process_request(struct stream *s, struct channel *req, int an_bit) struct ist uri, path; /* Note that for now we don't reuse existing proxy connections */ - if (unlikely((conn = cs_conn(si_alloc_cs(&s->si[1], NULL))) == NULL)) { + if (unlikely((conn = cs_conn(si_alloc_cs(&s->si[1], NULL))) == NULL || + !sockaddr_alloc(&conn->dst))) { txn->req.err_state = txn->req.msg_state; txn->req.msg_state = HTTP_MSG_ERROR; txn->status = 500; @@ -759,7 +760,6 @@ int http_process_request(struct stream *s, struct channel *req, int an_bit) uri = htx_sl_req_uri(sl); path = http_get_path(uri); - /* FIXME WTA: below we'll need to dynamically allocate the dst address */ if (url2sa(uri.ptr, uri.len - path.len, conn->dst, NULL) == -1) goto return_bad_req; diff --git a/src/peers.c b/src/peers.c index 193ef0e519..8fa6a8e4a7 100644 --- a/src/peers.c +++ b/src/peers.c @@ -2539,7 +2539,9 @@ static struct appctx *peer_session_create(struct peers *peers, struct peer *peer conn->target = s->target = peer_session_target(peer, s); - /* FIXME WTA: a sockaddr allocation will be needed here */ + if (!sockaddr_alloc(&conn->dst)) + goto out_free_cs; + memcpy(conn->dst, &peer->addr, sizeof(*conn->dst)); conn_prepare(conn, peer->proto, peer_xprt(peer)); diff --git a/src/session.c b/src/session.c index 782d4889c4..7def387347 100644 --- a/src/session.c +++ b/src/session.c @@ -155,8 +155,10 @@ int session_accept_fd(struct listener *l, int cfd, struct sockaddr_storage *addr if (unlikely((cli_conn = conn_new()) == NULL)) goto out_close; + if (!sockaddr_alloc(&cli_conn->src)) + goto out_free_conn; + cli_conn->handle.fd = cfd; - /* FIXME WTA: an allocation will be needed here. Better steal the original address on success */ *cli_conn->src = *addr; cli_conn->flags |= CO_FL_ADDR_FROM_SET; cli_conn->target = &l->obj_type;