trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r1236470 [1/3] - in /trafficserver/traffic/trunk: ./ iocore/cluster/ iocore/net/ lib/records/ lib/ts/ mgmt/ mgmt/cli/ mgmt/utils/ proxy/ proxy/config/ proxy/http/ proxy/logging/
Date Fri, 27 Jan 2012 00:33:33 GMT
Author: amc
Date: Fri Jan 27 00:33:31 2012
New Revision: 1236470

URL: http://svn.apache.org/viewvc?rev=1236470&view=rev
Log:
TS-1077: Configure all proxy ports in a single config record.

Added:
    trafficserver/traffic/trunk/lib/records/I_RecHttp.h
    trafficserver/traffic/trunk/lib/records/RecHttp.cc
Modified:
    trafficserver/traffic/trunk/CHANGES
    trafficserver/traffic/trunk/iocore/cluster/ClusterConfig.cc
    trafficserver/traffic/trunk/iocore/cluster/ClusterHandlerBase.cc
    trafficserver/traffic/trunk/iocore/net/Connection.cc
    trafficserver/traffic/trunk/iocore/net/I_NetProcessor.h
    trafficserver/traffic/trunk/iocore/net/I_NetVConnection.h
    trafficserver/traffic/trunk/iocore/net/P_Connection.h
    trafficserver/traffic/trunk/iocore/net/P_NetAccept.h
    trafficserver/traffic/trunk/iocore/net/P_SSLConfig.h
    trafficserver/traffic/trunk/iocore/net/P_SSLNetProcessor.h
    trafficserver/traffic/trunk/iocore/net/P_UnixNetProcessor.h
    trafficserver/traffic/trunk/iocore/net/P_UnixNetVConnection.h
    trafficserver/traffic/trunk/iocore/net/SSLConfig.cc
    trafficserver/traffic/trunk/iocore/net/SSLNet.cc
    trafficserver/traffic/trunk/iocore/net/UnixConnection.cc
    trafficserver/traffic/trunk/iocore/net/UnixNetAccept.cc
    trafficserver/traffic/trunk/iocore/net/UnixNetPages.cc
    trafficserver/traffic/trunk/iocore/net/UnixNetProcessor.cc
    trafficserver/traffic/trunk/iocore/net/UnixNetVConnection.cc
    trafficserver/traffic/trunk/lib/records/Makefile.am
    trafficserver/traffic/trunk/lib/ts/ink_inet.cc
    trafficserver/traffic/trunk/lib/ts/ink_inet.h
    trafficserver/traffic/trunk/mgmt/LocalManager.cc
    trafficserver/traffic/trunk/mgmt/LocalManager.h
    trafficserver/traffic/trunk/mgmt/Main.cc
    trafficserver/traffic/trunk/mgmt/RecordsConfig.cc
    trafficserver/traffic/trunk/mgmt/cli/ShowCmd.cc
    trafficserver/traffic/trunk/mgmt/utils/WebMgmtUtils.cc
    trafficserver/traffic/trunk/proxy/IPAllow.h
    trafficserver/traffic/trunk/proxy/InkAPI.cc
    trafficserver/traffic/trunk/proxy/InkAPITest.cc
    trafficserver/traffic/trunk/proxy/InkAPITestTool.cc
    trafficserver/traffic/trunk/proxy/Main.cc
    trafficserver/traffic/trunk/proxy/Main.h
    trafficserver/traffic/trunk/proxy/Prefetch.cc
    trafficserver/traffic/trunk/proxy/SocksProxy.cc
    trafficserver/traffic/trunk/proxy/TestHook.cc
    trafficserver/traffic/trunk/proxy/UglyLogStubs.cc
    trafficserver/traffic/trunk/proxy/Update.cc
    trafficserver/traffic/trunk/proxy/config/records.config.default.in
    trafficserver/traffic/trunk/proxy/http/HttpAccept.cc
    trafficserver/traffic/trunk/proxy/http/HttpAccept.h
    trafficserver/traffic/trunk/proxy/http/HttpClientSession.h
    trafficserver/traffic/trunk/proxy/http/HttpConfig.cc
    trafficserver/traffic/trunk/proxy/http/HttpConfig.h
    trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.cc
    trafficserver/traffic/trunk/proxy/http/HttpProxyServerMain.h
    trafficserver/traffic/trunk/proxy/http/HttpSM.cc
    trafficserver/traffic/trunk/proxy/http/HttpTransact.cc
    trafficserver/traffic/trunk/proxy/http/HttpTransact.h
    trafficserver/traffic/trunk/proxy/http/HttpUpdateSM.cc
    trafficserver/traffic/trunk/proxy/logging/LogCollationAccept.cc

Modified: trafficserver/traffic/trunk/CHANGES
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/CHANGES?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/CHANGES (original)
+++ trafficserver/traffic/trunk/CHANGES Fri Jan 27 00:33:31 2012
@@ -1,5 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache Traffic Server 3.1.2
+
+  *) [TS-1077] All proxy ports are now configured by
+   proxy.config.http.server_ports. All other port configuration values
+   are deprecated.
+
   *) [TS-1091] CFLAGS=-w` causes configure script to wrongly guess style of
    `gethostbyname_r` on BSD flavors. Author: Marc Abramowitz.
 

Modified: trafficserver/traffic/trunk/iocore/cluster/ClusterConfig.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/cluster/ClusterConfig.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/cluster/ClusterConfig.cc (original)
+++ trafficserver/traffic/trunk/iocore/cluster/ClusterConfig.cc Fri Jan 27 00:33:31 2012
@@ -106,8 +106,8 @@ ClusterAccept::ClusterAcceptEvent(int ev
 	opt.recv_bufsize = socket_recv_bufsize;
 	opt.send_bufsize = socket_send_bufsize;
 	opt.etype = ET_CLUSTER;
-	opt.port = cluster_port;
-	opt.domain = AF_INET;
+	opt.local_port = cluster_port;
+	opt.ip_family = AF_INET;
         accept_action = netProcessor.main_accept(this, NO_FD,
                                                  NULL, NULL,
                                                  false, false, opt);

Modified: trafficserver/traffic/trunk/iocore/cluster/ClusterHandlerBase.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/cluster/ClusterHandlerBase.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/cluster/ClusterHandlerBase.cc (original)
+++ trafficserver/traffic/trunk/iocore/cluster/ClusterHandlerBase.cc Fri Jan 27 00:33:31 2012
@@ -849,7 +849,7 @@ ClusterHandler::connectClusterEvent(int 
     opt.sockopt_flags = cluster_sockopt_flags;
     opt.etype = ET_CLUSTER;
     opt.addr_binding = NetVCOptions::INTF_ADDR;
-    ink_inet_ip4_set(&opt.local_addr, this_cluster_machine()->ip);
+    opt.local_ip = this_cluster_machine()->ip;
 
     // TODO: Should we check the Action* returned here?
     netProcessor.connect_re(this, machine->ip,

Modified: trafficserver/traffic/trunk/iocore/net/Connection.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/Connection.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/Connection.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/Connection.cc Fri Jan 27 00:33:31 2012
@@ -89,6 +89,13 @@ Server::accept(Connection * c)
   if (res < 0)
     return res;
   c->fd = res;
+  if (is_debug_tag_set("iocore_net_server")) {
+    ip_port_text_buffer ipb1, ipb2;
+      Debug("iocore_net_server", "Connection accepted [Server]. %s -> %s\n"
+        , ink_inet_nptop(&c->addr, ipb2, sizeof(ipb2))
+        , ink_inet_nptop(&addr, ipb1, sizeof(ipb1))
+      );
+  }
 
 #ifdef SET_CLOSE_ON_EXEC
   if ((res = safe_fcntl(fd, F_SETFD, 1)) < 0)

Modified: trafficserver/traffic/trunk/iocore/net/I_NetProcessor.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/I_NetProcessor.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/I_NetProcessor.h (original)
+++ trafficserver/traffic/trunk/iocore/net/I_NetProcessor.h Fri Jan 27 00:33:31 2012
@@ -48,17 +48,20 @@ public:
 
     /// Port on which to listen.
     /// 0 => don't care, which is useful if the socket is already bound.
-    int port;
+    int local_port;
+    /// Local address to bind for accept.
+    /// If not set -> any address.
+    InkInetAddr local_ip;
+    /// IP address family.
+    /// @note Ignored if an explicit incoming address is set in the
+    /// the configuration (@c local_ip). If neither is set IPv4 is used.
+    int ip_family;
     /// Should we use accept threads? If so, how many?
     int accept_threads;
-    /// Communication domain (default: AF_INET)
-    /// @note Ignored if an explicit incoming address is set in the
-    /// the configuration (@c incoming_ip_to_bind).
-    int domain;
     /// Event type to generate on accept.
     EventType etype;
     /** If @c true, the continuation is called back with
-	@c NET_EVENT_ACCEPT_SUCCEED,
+	@c NET_EVENT_ACCEPT_SUCCEED
 	or @c NET_EVENT_ACCEPT_FAILED on success and failure resp.
     */
     bool f_callback_on_open;
@@ -79,8 +82,6 @@ public:
     /// Socket options for @c sockopt.
     /// 0 => do not set options.
     uint32_t sockopt_flags;
-    /// Transparency on related connection to origin server.
-    bool f_outbound_transparent;
     /** Transparency on client (user agent) connection.
 	@internal This is irrelevant at a socket level (since inbound
 	transparency must be set up when the listen socket is created)
@@ -114,83 +115,16 @@ public:
     @param cont Continuation to be called back with events this
       continuation is not locked on callbacks and so the handler must
       be re-entrant.
-    @param addr address and/or port to bind.
     @param opt Accept options.
     @return Action, that can be cancelled to cancel the accept. The
       port becomes free immediately.
    */
   inkcoreapi virtual Action * accept(
     Continuation * cont,
-    sockaddr const* addr,
     AcceptOptions const& opt = DEFAULT_ACCEPT_OPTIONS
   );
 
   /**
-    @deprecated preserve backward compatibility with non-IPv6 iocore
-    
-    @param cont Continuation to be called back with events this
-      continuation is not locked on callbacks and so the handler must
-      be re-entrant.
-    @param port port to bind for accept.
-    @param domain communication domain
-    @param frequent_accept if true, accept is done on all event
-      threads and throttle limit is imposed if false, accept is done
-      just on one thread and no throttling is done.
-    @param accept_ip DEPRECATED.
-    @param accept_ip_str for IPv6 Address
-    @param callback_on_open if true, cont is called back with
-      NET_EVENT_ACCEPT_SUCCEED, or NET_EVENT_ACCEPT_FAILED on success
-      and failure resp.
-    @param accept_pool_size NT specific, better left unspecified.
-    @param accept_only can be used to customize accept, accept a
-      connection only if there is some data to be read. This works
-      only on supported platforms (NT & Win2K currently).
-    @param bound_sockaddr returns the sockaddr for the listen fd.
-    @param bound_sockaddr_size size of the sockaddr returned.
-    @param recv_bufsize used to set recv buffer size for accepted
-      connections (Works only on selected platforms ??).
-    @param send_bufsize used to set send buffer size for accepted
-      connections (Works only on selected platforms ??).
-    @param sockopt_flag can be used to define additional socket option.
-    @param etype Event Thread group to accept on.
-    @return Action, that can be cancelled to cancel the accept. The
-      port becomes free immediately.
-
-  */
-
-  inkcoreapi virtual Action * accept(Continuation * cont, int port, int domain = AF_INET, int accept_threads = -1,
-                                     bool frequent_accept = false,
-                                     // not used
-                                     unsigned int accept_ip = INADDR_ANY, char *accept_ip_str = NULL, bool callback_on_open = false,
-                                     SOCKET listen_socket_in = NO_FD,   // NT only
-                                     int accept_pool_size = ACCEPTEX_POOL_SIZE, // NT only
-                                     bool accept_only = false,
-                                     sockaddr * bound_sockaddr = 0,
-                                     int *bound_sockaddr_size = 0,
-                                     int recv_bufsize = 0,
-                                     int send_bufsize = 0, uint32_t sockopt_flag = 0, EventType etype = ET_NET)
-  {
-    ts_ip_endpoint ip;
-    AcceptOptions opt;
-    
-    if (accept_ip_str != NULL) {
-        ink_inet_pton(accept_ip_str, &ip.sa);
-        ink_inet_port_cast(&ip) = htons(port);
-        opt.domain = ip.sa.sa_family;
-    } else {
-      ink_inet_ip4_set(&ip, accept_ip, htons(port));
-    }
-
-    opt.send_bufsize = send_bufsize;
-    opt.recv_bufsize = recv_bufsize;
-    opt.sockopt_flags = sockopt_flag;
-    opt.accept_threads = accept_threads;
-    opt.etype = etype;
-    opt.frequent_accept = frequent_accept;
-    return accept(cont, &ip.sa, opt);
-  }
-
-  /**
     Accepts incoming connections on port. Accept connections on port.
     Accept is done on all net threads and throttle limit is imposed
     if frequent_accept flag is true. This is similar to the accept

Modified: trafficserver/traffic/trunk/iocore/net/I_NetVConnection.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/I_NetVConnection.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/I_NetVConnection.h (original)
+++ trafficserver/traffic/trunk/iocore/net/I_NetVConnection.h Fri Jan 27 00:33:31 2012
@@ -57,9 +57,6 @@ enum NetDataType
     connection logic will look at the address family of @a local_addr
     even if @a addr_binding is @c ANY_ADDR and bind to any address in
     that protocol. If it's not an IP protocol, IPv4 will be used.
-
-    @note Port values are encoded in the address. Use a port value
-    of 0 to indicate "don't care".
 */
 struct NetVCOptions {
   typedef NetVCOptions self; ///< Self reference type.
@@ -70,9 +67,26 @@ struct NetVCOptions {
     USE_UDP ///< UDP protocol.
   };
 
-  /// IP protocol to use on socket.
+  /// IP (TCP or UDP) protocol to use on socket.
   ip_protocol_t ip_proto;
 
+  /** IP address family.
+
+      This is used for inbound connections only if @c local_ip is not
+      set, which is sometimes more convenient for the client. This
+      defaults to @c AF_INET so if the client sets neither this nor @c
+      local_ip then IPv4 is used.
+
+      For outbound connections this is ignored and the family of the
+      remote address used.
+
+      @note This is (inconsistently) called "domain" and "protocol" in
+      other places. "family" is used here because that's what the
+      standard IP data structures use.
+
+  */
+  uint16_t ip_family;
+
   /** The set of ways in which the local address should be bound.
 
       The protocol is set by the contents of @a local_addr regardless
@@ -80,24 +94,41 @@ struct NetVCOptions {
 
       @note The difference between @c INTF_ADDR and @c FOREIGN_ADDR is
       whether transparency is enabled on the socket. It is the
-      client's responsibility to set this correctly based on whether the
-      address in @a local_addr is associated with an interface on the
-      local system, or is owned by a foreign system.  A binding style
-      of @c ANY_ADDR causes the value in @a local_addr to be ignored.
+      client's responsibility to set this correctly based on whether
+      the address in @a local_addr is associated with an interface on
+      the local system ( @c INTF_ADDR ) or is owned by a foreign
+      system ( @c FOREIGN_ADDR ).  A binding style of @c ANY_ADDR
+      causes the value in @a local_addr to be ignored.
+
+      The IP address and port are separate because most clients treat
+      these independently. For the same reason @c InkInetAddr is used
+      to be clear that it contains no port data.
 
       @see local_addr
       @see addr_binding
    */
   enum addr_bind_style {
     ANY_ADDR, ///< Bind to any available local address (don't care, default).
-    INTF_ADDR, ///< Bind to the interface address in @a local_addr.
+    INTF_ADDR, ///< Bind to interface address in @a local_addr.
     FOREIGN_ADDR ///< Bind to foreign address in @a local_addr.
   };
 
-  /// Address to use for local side of connection.
-  /// @note Ignored if @a addr_binding is @c ANY_ADDR.
-  /// @see addr_binding
-  ts_ip_endpoint local_addr;
+  /** Local address for the connection.
+
+      For outbound connections this must have the same family as the
+      remote address (which is not stored in this structure). For
+      inbound connections the family of this value overrides @a
+      ip_family if set.
+
+      @note Ignored if @a addr_binding is @c ANY_ADDR.
+      @see addr_binding
+      @see ip_family
+  */
+  InkInetAddr local_ip;
+  /** Local port for connection.
+      Set to 0 for "don't care" (default).
+   */
+  uint16_t local_port;
   /// How to bind the local address.
   /// @note Default is @c ANY_ADDR.
   addr_bind_style addr_binding;
@@ -451,15 +482,6 @@ public:
     is_transparent = state;
   }
 
-  /// Get the current flag state.
-  bool get_is_other_side_transparent() const {
-    return is_other_side_transparent;
-  }
-  /// Set the flag to @a value.
-  void set_is_other_side_transparent(bool value = true) {
-    is_other_side_transparent = value;
-  }
-
   /** Struct for holding a reference to a connection.
       The problem is that connections are accessed across thread boundaries
       and re-used so that a pointer to a VC can become not only stale
@@ -556,11 +578,6 @@ protected:
   bool is_internal_request;
   /// Set if this connection is transparent.
   bool is_transparent;
-  /// Set if the paired connection is (should be) transparent.
-  /// @internal Currently only used on client side connections
-  /// to track whether the origin server connection should
-  /// be transparent.
-  bool is_other_side_transparent;
 };
 
 inline
@@ -572,8 +589,7 @@ NetVConnection::NetVConnection():
   got_local_addr(0),
   got_remote_addr(0),
   is_internal_request(false),
-  is_transparent(false),
-  is_other_side_transparent(false)
+  is_transparent(false)
 {
   ink_zero(local_addr);
   ink_zero(remote_addr);

Modified: trafficserver/traffic/trunk/iocore/net/P_Connection.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_Connection.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_Connection.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_Connection.h Fri Jan 27 00:33:31 2012
@@ -198,13 +198,9 @@ protected:
 ///////////////////////////////////////////////////////////////////////
 struct Server: public Connection
 {
-  //
-  // IP address in network byte order
-  //
+  /// Client side (inbound) local IP address.
   ts_ip_endpoint accept_addr;
 
-  /// If set, transparently connect to origin server for requests.
-  bool f_outbound_transparent;
   /// If set, the related incoming connect was transparent.
   bool f_inbound_transparent;
 
@@ -234,9 +230,9 @@ struct Server: public Connection
 
   Server()
     : Connection()
-    , f_outbound_transparent(false)
+    , f_inbound_transparent(false)
   {
-    memset(&accept_addr, 0, sizeof(accept_addr));
+    ink_zero(accept_addr);
   }
 };
 

Modified: trafficserver/traffic/trunk/iocore/net/P_NetAccept.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_NetAccept.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_NetAccept.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_NetAccept.h Fri Jan 27 00:33:31 2012
@@ -83,8 +83,6 @@ struct NetAcceptAction:public Action, pu
 //
 struct NetAccept:public Continuation
 {
-  int port;
-  int domain;
   ink_hrtime period;
   Server server;
   void *alloc_cache;

Modified: trafficserver/traffic/trunk/iocore/net/P_SSLConfig.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_SSLConfig.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_SSLConfig.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_SSLConfig.h Fri Jan 27 00:33:31 2012
@@ -67,7 +67,6 @@ public:
   };
 
   SSL_TERMINATION_MODE getTerminationMode(void) const { return termMode; }
-  int getAcceptPort(void) const { return ssl_accept_port_number; }
   char *getConfigFilePath(void) const { return configFilePath; }
   char *getServerCertPathOnly(void) const { return serverCertPathOnly; }
   char *getServerCACertPathOnly(void) const { return CACertPath; }
@@ -91,7 +90,6 @@ private:
   char *cipherSuite;
   int clientCertLevel;
   int verify_depth;
-  int ssl_accept_port_number;
   int ssl_session_cache;
   int ssl_session_cache_size;
 

Modified: trafficserver/traffic/trunk/iocore/net/P_SSLNetProcessor.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_SSLNetProcessor.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_SSLNetProcessor.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_SSLNetProcessor.h Fri Jan 27 00:33:31 2012
@@ -69,12 +69,11 @@ public:
 
   SSL_CTX *getSSL_CTX(void) const {return ctx; }
   SSL_CTX *getClientSSL_CTX(void) const { return client_ctx; }
-  int getAcceptPort() { return accept_port_number; }
 
   static void logSSLError(const char *errStr = "", int critical = 1);
 
   SSLNetProcessor()
-    : verify_depth(0), ctx(NULL), client_ctx(NULL), sslMutexArray(NULL), accept_port_number(-1)
+    : verify_depth(0), ctx(NULL), client_ctx(NULL), sslMutexArray(NULL)
     {  };
   virtual ~SSLNetProcessor();
 
@@ -110,7 +109,6 @@ private:
   SSLNetProcessor(const SSLNetProcessor &);
   SSLNetProcessor & operator =(const SSLNetProcessor &);
 
-  int accept_port_number;
   static bool open_ssl_initialized;
 };
 

Modified: trafficserver/traffic/trunk/iocore/net/P_UnixNetProcessor.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_UnixNetProcessor.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_UnixNetProcessor.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_UnixNetProcessor.h Fri Jan 27 00:33:31 2012
@@ -39,7 +39,6 @@ public:
   virtual Action *accept_internal (
     Continuation * cont,
     int fd,
-    sockaddr const* accept_addr, ///< Address on which to listen.
     AcceptOptions const &opt
   );
 
@@ -78,9 +77,6 @@ public:
   // we probably wont need these members
   int n_netthreads;
   EThread **netthreads;
-
-  char *incoming_ip_to_bind;
-  ts_ip_endpoint incoming_ip_to_bind_saddr;
 };
 
 

Modified: trafficserver/traffic/trunk/iocore/net/P_UnixNetVConnection.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/P_UnixNetVConnection.h?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/P_UnixNetVConnection.h (original)
+++ trafficserver/traffic/trunk/iocore/net/P_UnixNetVConnection.h Fri Jan 27 00:33:31 2012
@@ -45,7 +45,9 @@ TS_INLINE void
 NetVCOptions::reset()
 {
   ip_proto = USE_TCP;
-  memset(&local_addr, 0, sizeof(local_addr));
+  ip_family = AF_INET;
+  local_ip.invalidate();
+  local_port = 0;
   addr_binding = ANY_ADDR;
   f_blocking = false;
   f_blocking_connect = false;
@@ -205,7 +207,7 @@ public:
   EventIO ep;
   NetHandler *nh;
   unsigned int id;
-  int accept_port;
+  // amc - what is this for? Why not use remote_addr or con.addr?
   ts_ip_endpoint server_addr; /// Server address and port.
 
   union

Modified: trafficserver/traffic/trunk/iocore/net/SSLConfig.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/SSLConfig.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/SSLConfig.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/SSLConfig.cc Fri Jan 27 00:33:31 2012
@@ -34,6 +34,7 @@
 
 #include <string.h>
 #include "P_Net.h"
+#include <records/I_RecHttp.h>
 #include <openssl/ssl.h>
 
 int SslConfig::id = 0;
@@ -58,7 +59,6 @@ SslConfigParams::SslConfigParams()
 
   clientCertLevel = client_verify_depth = verify_depth = clientVerify = 0;
 
-  ssl_accept_port_number = 443;
   termMode = SSL_TERM_MODE_NONE;
   ssl_ctx_options = 0;
   ssl_session_cache = SSL_SESSION_CACHE_MODE_SERVER;
@@ -88,7 +88,6 @@ SslConfigParams::cleanup()
   ats_free_null(cipherSuite);
 
   clientCertLevel = client_verify_depth = verify_depth = clientVerify = 0;
-  ssl_accept_port_number = -1;
   termMode = SSL_TERM_MODE_NONE;
 }
 
@@ -149,19 +148,13 @@ SslConfigParams::initialize()
   char *clientCACertRelativePath = NULL;
   char *multicert_config_file = NULL;
 
-  int ssl_mode = SSL_TERM_MODE_NONE;
-
   cleanup();
 
   //+++++++++++++++++++++++++ Server part +++++++++++++++++++++++++++++++++
   verify_depth = 7;
 
-  IOCORE_ReadConfigInteger(ssl_mode, "proxy.config.ssl.enabled");
-  ssl_mode &= SSL_TERM_MODE_BOTH;
-  termMode = (SSL_TERMINATION_MODE) ssl_mode;
-
+  termMode = static_cast<SSL_TERMINATION_MODE>(HttpProxyPort::hasSSL() ? SSL_TERM_MODE_BOTH : 0);
   
-  IOCORE_ReadConfigInt32(ssl_accept_port_number, "proxy.config.ssl.server_port");
   IOCORE_ReadConfigInt32(clientCertLevel, "proxy.config.ssl.client.certification_level");
 
   IOCORE_ReadConfigStringAlloc(cipherSuite, "proxy.config.ssl.server.cipher_suite");

Modified: trafficserver/traffic/trunk/iocore/net/SSLNet.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/SSLNet.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/SSLNet.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/SSLNet.cc Fri Jan 27 00:33:31 2012
@@ -223,13 +223,6 @@ SSLNetProcessor::initSSL(SslConfigParams
   // to do the seeding of the PRNG for us. This is the case for all platforms that
   // has /dev/urandom for example.
 
-  accept_port_number = param->ssl_accept_port_number;
-  if ((unsigned int) accept_port_number >= 0xFFFF) {
-    Error("\ncannot listen on port %d.\naccept port cannot be larger than 65535.\n"
-                        "please check your Traffic Server configurations", accept_port_number);
-    return (1);
-  }
-
   meth = SSLv23_server_method();
   ctx = SSL_CTX_new(meth);
   if (!ctx) {

Modified: trafficserver/traffic/trunk/iocore/net/UnixConnection.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/UnixConnection.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/UnixConnection.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/UnixConnection.cc Fri Jan 27 00:33:31 2012
@@ -170,7 +170,7 @@ namespace {
       self::some_method (...) {
         /// allocate resource
         cleaner<self> clean_up(this, &self::cleanup);
-	// modify or check the resource
+        // modify or check the resource
         if (fail) return FAILURE; // cleanup() is called
         /// success!
         clean_up.reset(); // cleanup() not called after this
@@ -217,24 +217,29 @@ Connection::open(NetVCOptions const& opt
   int sock_type = NetVCOptions::USE_UDP == opt.ip_proto
     ? SOCK_DGRAM
     : SOCK_STREAM;
-  int protocol = AF_INET;
+  int family;
 
-  // copy it local so we can (potentially) modify it.
-  // we initialize it first since ink_inet_copy() won't do anything if opt.local_addr is invalid.
-  memset(&local_addr, 0, sizeof(local_addr));
-  ink_inet_copy(&local_addr, &opt.local_addr);
-
-  if (ink_inet_is_ip6(&opt.local_addr)) {
-    protocol = AF_INET6;
-    if (NetVCOptions::ANY_ADDR == opt.addr_binding)
-      local_addr.sin6.sin6_addr = in6addr_any;
+  // Need to do address calculations first, so we can determine the
+  // address family for socket creation.
+  ink_zero(local_addr);
+
+  if (NetVCOptions::FOREIGN_ADDR == opt.addr_binding ||
+    NetVCOptions::INTF_ADDR == opt.addr_binding
+  ) {
+    // Same for now, transparency for foreign addresses must be handled
+    // *after* the socket is created, and we need to do this calculation
+    // before the socket to get the IP family correct.
+    ink_release_assert(opt.local_ip.isValid());
+    local_addr.assign(opt.local_ip, htons(opt.local_port));
+    family = opt.local_ip.family();
   } else {
-    local_addr.sa.sa_family = AF_INET;   // must be set for ink_inet_ip_size() to succeed
-    if (NetVCOptions::ANY_ADDR == opt.addr_binding)
-      ink_inet_ip4_addr_cast(&local_addr) = INADDR_ANY;
+    // No local address specified, so use family option if possible.
+    family = ink_inet_is_ip(opt.ip_family) ? opt.ip_family : AF_INET;
+    local_addr.setToAnyAddr(family);
+    local_addr.port() = htons(opt.local_port);
   }
 
-  res = socketManager.socket(protocol, sock_type, 0);
+  res = socketManager.socket(family, sock_type, 0);
   if (-1 == res) return -errno;
 
   fd = res;
@@ -244,12 +249,29 @@ Connection::open(NetVCOptions const& opt
   // Try setting the various socket options, if requested.
 
   if (-1 == safe_setsockopt(fd,
-			    SOL_SOCKET,
-			    SO_REUSEADDR,
-			    reinterpret_cast<char *>(&enable_reuseaddr),
-			    sizeof(enable_reuseaddr)))
+                            SOL_SOCKET,
+                            SO_REUSEADDR,
+                            reinterpret_cast<char *>(&enable_reuseaddr),
+                            sizeof(enable_reuseaddr)))
     return -errno;
 
+  if (NetVCOptions::FOREIGN_ADDR == opt.addr_binding) {
+    static char const * const DEBUG_TEXT = "::open setsockopt() IP_TRANSPARENT";
+#if TS_USE_TPROXY
+    int value = 1;
+    if (-1 == safe_setsockopt(fd, SOL_IP, TS_IP_TRANSPARENT,
+                              reinterpret_cast<char*>(&value), sizeof(value)
+                              )) {
+      Debug("socket", "%s - fail %d:%s", DEBUG_TEXT, errno, strerror(errno));
+      return -errno;
+    } else {
+      Debug("socket", "%s set", DEBUG_TEXT);
+    }
+#else
+    Debug("socket", "%s - requested but TPROXY not configured", DEBUG_TEXT);
+#endif
+  }
+
   if (!opt.f_blocking_connect && -1 == safe_nonblocking(fd))
     return -errno;
 
@@ -283,25 +305,6 @@ Connection::open(NetVCOptions const& opt
     }
   }
 
-  if (NetVCOptions::FOREIGN_ADDR == opt.addr_binding
-    && ink_inet_is_ip(&local_addr)
-  ) {
-    static char const * const DEBUG_TEXT = "::open setsockopt() IP_TRANSPARENT";
-#if TS_USE_TPROXY
-    int value = 1;
-    if (-1 == safe_setsockopt(fd, SOL_IP, TS_IP_TRANSPARENT,
-			      reinterpret_cast<char*>(&value), sizeof(value)
-			      )) {
-      Debug("socket", "%s - fail %d:%s", DEBUG_TEXT, errno, strerror(errno));
-      return -errno;
-    } else {
-      Debug("socket", "%s set", DEBUG_TEXT);
-    }
-#else
-    Debug("socket", "%s - requested but TPROXY not configured", DEBUG_TEXT);
-#endif
-  }
-
   if (-1 == socketManager.ink_bind(fd, &local_addr.sa, ink_inet_ip_size(&local_addr.sa)))
     return -errno;
 
@@ -331,7 +334,7 @@ Connection::connect(sockaddr const* targ
   // and IO blocking differ, by turning it on or off as needed.
   if (-1 == res 
       && (opt.f_blocking_connect
-	  || ! (EINPROGRESS == errno || EWOULDBLOCK == errno))) {
+          || ! (EINPROGRESS == errno || EWOULDBLOCK == errno))) {
     return -errno;
   } else if (opt.f_blocking_connect && !opt.f_blocking) {
     if (-1 == safe_nonblocking(fd)) return -errno;

Modified: trafficserver/traffic/trunk/iocore/net/UnixNetAccept.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/UnixNetAccept.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/UnixNetAccept.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/UnixNetAccept.cc Fri Jan 27 00:33:31 2012
@@ -119,17 +119,9 @@ net_accept(NetAccept * na, void *ep, boo
 
     vc->submit_time = ink_get_hrtime();
     ink_inet_copy(&vc->server_addr, &vc->con.addr);
-    vc->accept_port = ink_inet_get_port(&na->server.addr);
     vc->mutex = new_ProxyMutex();
     vc->action_ = *na->action_;
     vc->set_is_transparent(na->server.f_inbound_transparent);
-    vc->set_is_other_side_transparent(na->server.f_outbound_transparent);
-    Debug(
-      "http_tproxy",
-      "Marking accepted %sconnection on %x as%s outbound transparent.\n",
-      na->server.f_inbound_transparent ? "inbound transparent " : "",
-      na, na->server.f_outbound_transparent ? "" : " not"
-    );
     vc->closed  = 0;
     SET_CONTINUATION_HANDLER(vc, (NetVConnHandler) & UnixNetVConnection::acceptEvent);
 
@@ -250,13 +242,14 @@ NetAccept::do_listen(bool non_blocking, 
 
   if (server.fd != NO_FD) {
     if ((res = server.setup_fd_for_listen(non_blocking, recv_bufsize, send_bufsize, transparent))) {
-      Warning("unable to listen on main accept port %d: errno = %d, %s", port, errno, strerror(errno));
+
+      Warning("unable to listen on main accept port %d: errno = %d, %s", ntohs(server.accept_addr.port()), errno, strerror(errno));
       goto Lretry;
     }
   } else {
   Lretry:
     if ((res = server.listen(non_blocking, recv_bufsize, send_bufsize, transparent)))
-      Warning("unable to listen on port %d: %d %d, %s", port, res, errno, strerror(errno));
+      Warning("unable to listen on port %d: %d %d, %s", ntohs(server.accept_addr.port()), res, errno, strerror(errno));
   }
   if (callback_on_open && !action_->cancelled) {
     if (res)
@@ -322,13 +315,7 @@ NetAccept::do_blocking_accept(EThread * 
     NET_SUM_GLOBAL_DYN_STAT(net_connections_currently_open_stat, 1);
     vc->submit_time = now;
     ink_inet_copy(&vc->server_addr, &vc->con.addr);
-    vc->accept_port = ink_inet_port_cast(&server.addr);
     vc->set_is_transparent(server.f_inbound_transparent);
-    vc->set_is_other_side_transparent(server.f_outbound_transparent);
-    Debug("http_tproxy", "Marking accepted %sconnection on %x as%s outbound transparent.\n",
-	  server.f_inbound_transparent ? "inbound transparent " : "",
-	  this, server.f_outbound_transparent ? "" : " not"
-	  );
     vc->mutex = new_ProxyMutex();
     vc->action_ = *action_;
     SET_CONTINUATION_HANDLER(vc, (NetVConnHandler) & UnixNetVConnection::acceptEvent);
@@ -469,13 +456,7 @@ NetAccept::acceptFastEvent(int event, vo
 
     vc->submit_time = ink_get_hrtime();
     ink_inet_copy(&vc->server_addr, &vc->con.addr);
-    vc->accept_port = ink_inet_get_port(&server.addr);
     vc->set_is_transparent(server.f_inbound_transparent);
-    vc->set_is_other_side_transparent(server.f_outbound_transparent);
-    Debug("http_tproxy", "Marking fast accepted %sconnection on as%s outbound transparent.\n",
-	  server.f_inbound_transparent ? "transparent " : "",
-	  server.f_outbound_transparent ? "" : " not"
-	  );
     vc->mutex = new_ProxyMutex();
     vc->thread = e->ethread;
 
@@ -541,7 +522,6 @@ NetAccept::acceptLoopEvent(int event, Ev
 
 NetAccept::NetAccept()
   : Continuation(NULL),
-    port(0),
     period(0),
     alloc_cache(0),
     ifd(-1), callback_on_open(false), recv_bufsize(0), send_bufsize(0), sockopt_flags(0), etype(0)

Modified: trafficserver/traffic/trunk/iocore/net/UnixNetPages.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/UnixNetPages.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/UnixNetPages.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/UnixNetPages.cc Fri Jan 27 00:33:31 2012
@@ -63,18 +63,19 @@ struct ShowNet: public ShowCont
 
     ink_hrtime now = ink_get_hrtime();
     forl_LL(UnixNetVConnection, vc, nh->open_list) {
-      uint16_t port = ink_inet_get_port(&addr.sa);
+//      uint16_t port = ink_inet_get_port(&addr.sa);
       if (ink_inet_is_ip(&addr) && addr != vc->server_addr)
         continue;
-      if (port && port != ink_inet_get_port(&vc->server_addr.sa) && port != vc->accept_port)
-        continue;
+//      if (port && port != ink_inet_get_port(&vc->server_addr.sa) && port != vc->accept_port)
+//        continue;
       char ipbuf[INET6_ADDRSTRLEN];
       ink_inet_ntop(&vc->server_addr.sa, ipbuf, sizeof(ipbuf));
       char opt_ipbuf[INET6_ADDRSTRLEN];
       char interbuf[80];
-      snprintf(interbuf, sizeof(interbuf), "[%s] %s",
+      snprintf(interbuf, sizeof(interbuf), "[%s] %s:%d",
         vc->options.toString(vc->options.addr_binding),
-        ink_inet_ntop(&vc->options.local_addr.sa, opt_ipbuf, sizeof(opt_ipbuf))
+        vc->options.local_ip.toString(opt_ipbuf, sizeof(opt_ipbuf)),
+        vc->options.local_port
       );
       CHECK_SHOW(show("<tr>"
                       //"<td><a href=\"/connection/%d\">%d</a></td>"
@@ -83,7 +84,7 @@ struct ShowNet: public ShowCont
                       "<td>%d</td>"     // port
                       "<td>%d</td>"     // fd
                       "<td>%s</td>"     // interbuf
-                      "<td>%d</td>"     // accept port
+//                      "<td>%d</td>"     // accept port
                       "<td>%d secs ago</td>"    // start time
                       "<td>%d</td>"     // thread id
                       "<td>%d</td>"     // read enabled
@@ -102,7 +103,7 @@ struct ShowNet: public ShowCont
                       ink_inet_get_port(&vc->server_addr),
                       vc->con.fd,
                       interbuf,
-                      vc->accept_port,
+//                      vc->accept_port,
                       (int) ((now - vc->submit_time) / HRTIME_SECOND),
                       ethread->id,
                       vc->read.enabled,

Modified: trafficserver/traffic/trunk/iocore/net/UnixNetProcessor.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/UnixNetProcessor.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/UnixNetProcessor.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/UnixNetProcessor.cc Fri Jan 27 00:33:31 2012
@@ -33,9 +33,10 @@ NetProcessor::AcceptOptions const NetPro
 NetProcessor::AcceptOptions&
 NetProcessor::AcceptOptions::reset()
 {
-  port = 0;
+  local_port = 0;
+  local_ip.invalidate();
   accept_threads = -1;
-  domain = AF_INET;
+  ip_family = AF_INET;
   etype = ET_NET;
   f_callback_on_open = false;
   localhost_only = false;
@@ -43,7 +44,6 @@ NetProcessor::AcceptOptions::reset()
   recv_bufsize = 0;
   send_bufsize = 0;
   sockopt_flags = 0;
-  f_outbound_transparent = false;
   f_inbound_transparent = false;
   return *this;
 }
@@ -63,14 +63,13 @@ net_next_connection_number()
 
 Action *
 NetProcessor::accept(Continuation* cont,
-  sockaddr const* accept_addr,
   AcceptOptions const& opt
 ) {
   Debug("iocore_net_processor",
         "NetProcessor::accept - port %d,recv_bufsize %d, send_bufsize %d, sockopt 0x%0lX",
-    ink_inet_get_port(accept_addr), opt.recv_bufsize, opt.send_bufsize, opt.sockopt_flags);
+    opt.local_port, opt.recv_bufsize, opt.send_bufsize, opt.sockopt_flags);
 
-  return ((UnixNetProcessor *) this)->accept_internal(cont, NO_FD, accept_addr, opt);
+  return ((UnixNetProcessor *) this)->accept_internal(cont, NO_FD, opt);
 }
 
 Action *
@@ -79,37 +78,23 @@ NetProcessor::main_accept(Continuation *
   AcceptOptions const& opt
 ) {
   UnixNetProcessor* this_unp = static_cast<UnixNetProcessor*>(this);
-  ts_ip_endpoint addr;
-
   Debug("iocore_net_processor", "NetProcessor::main_accept - port %d,recv_bufsize %d, send_bufsize %d, sockopt 0x%0lX",
-        opt.port, opt.recv_bufsize, opt.send_bufsize, opt.sockopt_flags);
-  if (opt.localhost_only) {
-    ink_inet_ip4_set(&addr.sa, htonl(INADDR_LOOPBACK), htons(opt.port));
-  } else {
-    if (ink_inet_is_ip(&this_unp->incoming_ip_to_bind_saddr)) {
-      ink_inet_copy(&addr.sa, &this_unp->incoming_ip_to_bind_saddr);
-      ink_inet_port_cast(&addr.sa) = htons(opt.port);
-    } else {
-      ink_inet_ip4_set(&addr, INADDR_ANY, htons(opt.port));
-    }
-  }
-  return this_unp->accept_internal(cont, fd, &addr.sa, opt);
+        opt.local_port, opt.recv_bufsize, opt.send_bufsize, opt.sockopt_flags);
+  return this_unp->accept_internal(cont, fd, opt);
 }
 
-
-
 Action *
 UnixNetProcessor::accept_internal(
   Continuation *cont,
   int fd,
-  sockaddr const* accept_addr,
   AcceptOptions const& opt
 ) {
   EventType et = opt.etype; // setEtype requires non-const ref.
   NetAccept *na = createNetAccept();
   EThread *thread = this_ethread();
   ProxyMutex *mutex = thread->mutex;
-  int accept_threads = opt.accept_threads;
+  int accept_threads = opt.accept_threads; // might be changed.
+  ts_ip_endpoint accept_ip; // local binding address.
 
   // Potentially upgrade to SSL.
   upgradeEtype(et);
@@ -119,19 +104,27 @@ UnixNetProcessor::accept_internal(
     IOCORE_ReadConfigInteger(accept_threads, "proxy.config.accept_threads");
 
   NET_INCREMENT_DYN_STAT(net_accepts_currently_open_stat);
+
+  // We've handled the config stuff at start up, but there are a few cases
+  // we must handle at this point.
+  if (opt.localhost_only)
+    accept_ip.setToLoopback(opt.ip_family);
+  else if (opt.local_ip.isValid())
+    accept_ip.assign(opt.local_ip);
+  else
+    accept_ip.setToAnyAddr(opt.ip_family);
+  ink_debug_assert(0 < opt.local_port && opt.local_port < 65536);
+  accept_ip.port() = htons(opt.local_port);
+
   na->accept_fn = net_accept; // All callers used this.
   na->server.fd = fd;
-  ink_inet_copy(&na->server.accept_addr, accept_addr);
-  na->server.f_outbound_transparent = opt.f_outbound_transparent;
+  ink_inet_copy(&na->server.accept_addr, &accept_ip);
   na->server.f_inbound_transparent = opt.f_inbound_transparent;
-  if (opt.f_outbound_transparent || opt.f_inbound_transparent) {
+  if (opt.f_inbound_transparent) {
     Debug(
       "http_tproxy",
-      "Marking accept server %x on port %d as %s%s%s transparent.\n",
-      na, opt.port,
-      (opt.f_outbound_transparent ? "outbound" : ""),
-      (opt.f_outbound_transparent && opt.f_inbound_transparent ? ", " : ""),
-      (opt.f_inbound_transparent ? "inbound" : "")
+      "Marking accept server %x on port %d as inbound transparent.\n",
+      na, opt.local_port
     );
   }
 
@@ -160,10 +153,10 @@ UnixNetProcessor::accept_internal(
           a = createNetAccept();
           *a = *na;
           a->init_accept_loop();
-          Debug("iocore_net_accept", "Created accept thread #%d for port %d", i, ink_inet_get_port(accept_addr));
+          Debug("iocore_net_accept", "Created accept thread #%d for port %d", i, ink_inet_get_port(&accept_ip));
         }
         // Start the "template" accept thread last.
-        Debug("iocore_net_accept", "Created accept thread #%d for port %d", accept_threads, ink_inet_get_port(accept_addr));
+        Debug("iocore_net_accept", "Created accept thread #%d for port %d", accept_threads, ink_inet_get_port(&accept_ip));
         na->init_accept_loop();
       }
     } else {
@@ -428,10 +421,6 @@ UnixNetProcessor::start(int)
 #endif
   }
 
-  if (0 == (incoming_ip_to_bind = IOCORE_ConfigReadString("proxy.local.incoming_ip_to_bind")) ||
-      0 != ink_inet_pton(incoming_ip_to_bind, &incoming_ip_to_bind_saddr))
-    memset(&incoming_ip_to_bind_saddr, 0, sizeof(incoming_ip_to_bind_saddr));
-
   RecData d;
   d.rec_int = 0;
   change_net_connections_throttle(NULL, RECD_INT, d, NULL);

Modified: trafficserver/traffic/trunk/iocore/net/UnixNetVConnection.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/iocore/net/UnixNetVConnection.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/iocore/net/UnixNetVConnection.cc (original)
+++ trafficserver/traffic/trunk/iocore/net/UnixNetVConnection.cc Fri Jan 27 00:33:31 2012
@@ -1,25 +1,25 @@
 /** @file
 
-  A brief file description
+    A brief file description
 
-  @section license License
+    @section license License
 
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
- */
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+*/
 
 #include "P_Net.h"
 
@@ -557,7 +557,6 @@ UnixNetVConnection::do_io_write(Continua
     if (nbytes && !write.enabled)
       write.vio.reenable();
   } else {
-    write.vio.buffer.clear();
     disable_write(this);
   }
   return &write.vio;
@@ -584,9 +583,9 @@ UnixNetVConnection::do_io_close(int aler
     closed = -1;
 
   if (!recursion) {
-     EThread *t = this_ethread();
-     if (nh->mutex->thread_holding == t)
-       close_UnixNetVConnection(this, t);
+    EThread *t = this_ethread();
+    if (nh->mutex->thread_holding == t)
+      close_UnixNetVConnection(this, t);
   }
 }
 
@@ -727,19 +726,19 @@ UnixNetVConnection::reenable(VIO *vio)
           nh->write_enable_list.push(this);
         }
       }
-	  if (nh->trigger_event && nh->trigger_event->ethread->signal_hook)
-		nh->trigger_event->ethread->signal_hook(nh->trigger_event->ethread);
+      if (nh->trigger_event && nh->trigger_event->ethread->signal_hook)
+        nh->trigger_event->ethread->signal_hook(nh->trigger_event->ethread);
     } else {
       if (vio == &read.vio) {
         ep.modify(EVENTIO_READ);
-	ep.refresh(EVENTIO_READ);
+        ep.refresh(EVENTIO_READ);
         if (read.triggered)
           nh->read_ready_list.in_or_enqueue(this);
         else
           nh->read_ready_list.remove(this);
       } else {
         ep.modify(EVENTIO_WRITE);
-	ep.refresh(EVENTIO_WRITE);
+        ep.refresh(EVENTIO_WRITE);
         if (write.triggered)
           nh->write_ready_list.in_or_enqueue(this);
         else
@@ -786,7 +785,7 @@ UnixNetVConnection::UnixNetVConnection()
     next_inactivity_timeout_at(0),
 #endif
     active_timeout(NULL), nh(NULL),
-    id(0), accept_port(0), flags(0), recursion(0), submit_time(0), oob_ptr(0),
+    id(0), flags(0), recursion(0), submit_time(0), oob_ptr(0),
     from_accept_thread(false)
 {
   memset(&local_addr, 0, sizeof local_addr);
@@ -1063,27 +1062,25 @@ UnixNetVConnection::connectUp(EThread *t
     return CONNECT_FAILURE;
   }
 
-  // Create an AF_INET6 socket if we're going to connect to an AF_INET6
-  // address.
-  if (ink_inet_is_ip6(&server_addr) &&
-        (options.addr_binding == NetVCOptions::ANY_ADDR ||
-         !ink_inet_is_ip(&options.local_addr))) {
-    ink_inet_ip6_set(&options.local_addr, in6addr_any);
-  }
+  // Force family to agree with remote (server) address.
+  options.ip_family = server_addr.sa.sa_family;
   
   //
   // Initialize this UnixNetVConnection
   //
-  char addrbuf[INET6_ADDRSTRLEN];
-  int res = 0;
-  Debug("iocore_net", "connectUp:: local_addr=%s [%s]\n",
-           ink_inet_ntop(&options.local_addr.sa, addrbuf, sizeof(addrbuf)),
-	   NetVCOptions::toString(options.addr_binding)
-	   );
+  if (is_debug_tag_set("iocore_net")) {
+    char addrbuf[INET6_ADDRSTRLEN];
+    Debug("iocore_net", "connectUp:: local_addr=%s:%d [%s]\n",
+      options.local_ip.isValid()
+      ? options.local_ip.toString(addrbuf, sizeof(addrbuf))
+      : "*",
+      options.local_port,
+      NetVCOptions::toString(options.addr_binding)
+    );
+  }
 
 
-  nh = get_NetHandler(t);
-  res = con.open(options);
+  int res = con.open(options);
   if (0 == res) {
     // Must connect after EventIO::Start() to avoid a race condition
     // when edge triggering is used.
@@ -1113,6 +1110,7 @@ UnixNetVConnection::connectUp(EThread *t
   // function code not to be duplicated in the inherited SSL class.
   //  sslStartHandShake (SSL_EVENT_CLIENT, err);
 
+  nh = get_NetHandler(t);
   nh->open_list.enqueue(this);
 
   ink_assert(!inactivity_timeout_in);
@@ -1134,7 +1132,6 @@ UnixNetVConnection::free(EThread *t)
   read.vio.mutex.clear();
   write.vio.mutex.clear();
   flags = 0;
-  accept_port = 0;
   SET_CONTINUATION_HANDLER(this, (NetVConnHandler) & UnixNetVConnection::startEvent);
   nh = NULL;
   read.triggered = 0;

Added: trafficserver/traffic/trunk/lib/records/I_RecHttp.h
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/lib/records/I_RecHttp.h?rev=1236470&view=auto
==============================================================================
--- trafficserver/traffic/trunk/lib/records/I_RecHttp.h (added)
+++ trafficserver/traffic/trunk/lib/records/I_RecHttp.h Fri Jan 27 00:33:31 2012
@@ -0,0 +1,295 @@
+/** @file
+
+  HTTP configuration support.
+
+  @section license License
+
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ */
+
+#ifndef _I_REC_HTTP_H
+#define _I_REC_HTTP_H
+
+#include <ts/ink_inet.h>
+#include <ts/Vec.h>
+
+/// Load default inbound IP addresses from the configuration file.
+void RecHttpLoadIp(
+  char const* name,    ///< Name of value in configuration file.
+  InkInetAddr& ip4, ///< [out] IPv4 address.
+  InkInetAddr& ip6  ///< [out] Ipv6 address.
+);
+
+/** Description of an proxy port.
+
+    This consolidates the options needed for proxy ports, both data
+    and parsing. It provides a static global set of ports for
+    convenience although it can be used with an externally provided
+    set.
+
+    Options are described by a colon separated list of keywords
+    without spaces. The options are applied in left to right order. If
+    options do not conflict the order is irrelevant.
+
+    Current supported options (case insensitive):
+
+    - ipv4 : Use IPv4.
+    - ipv6 : Use IPv6.
+    - ssl : SSL port.
+    - compressed : Compressed data.
+    - blind : Blind tunnel.
+    - tr-in : Inbound transparent (ignored if @c full is set).
+    - tr-out : Outbound transparent (ignored if @c full is set).
+    - tr-full : Fully transparent (inbound and outbound). Equivalent to "tr-in:tr-out".
+    - [number] : Port number.
+    - fd[number] : File descriptor.
+    - ip-in[IP addr] : Address to bind for inbound connections.
+    - ip-out[IP addr]: Address to bind for outbound connections.
+
+    For example, the string "ipv6:8080:full" means "Listen on port
+    8080 using IPv6 and full transparency". This is the same as
+    "8080:full:ipv6". The only option active by default is @c
+    ipv4. All others must be explicitly enabled. The port number
+    option is the only required option.
+
+    If @c ip-in or @c ip-out is used, the address family must agree
+    with the @c ipv4 or @c ipv6 option. If the address is IPv6, it
+    must be enclosed with brackets '[]' to distinguish its colons from
+    the value separating colons. An IPv4 may be enclosed in brackets
+    for constistency.
+
+    @note The previous notation is supported but deprecated.
+
+    @internal This is intended to replace the current bifurcated
+    processing that happens in Manager and Server. It also changes the
+    syntax so that a useful set of options can be supported and easily
+    extended as needed. Note that all options must start with a letter
+    - starting with a digit is reserved for the port value. Options
+    must not contain spaces or punctuation other than '-' and '_'.
+ */
+struct HttpProxyPort {
+private:
+  typedef HttpProxyPort self; ///< Self reference type.
+public:
+  /// Explicitly supported collection of proxy ports.
+  typedef Vec<self> Group;
+
+  /// Type of transport on the connection.
+  enum TransportType {
+    TRANSPORT_DEFAULT = 0, ///< Default (normal HTTP).
+    TRANSPORT_COMPRESSED, ///< Compressed HTTP.
+    TRANSPORT_BLIND_TUNNEL, ///< Blind tunnel (no processing).
+    TRANSPORT_SSL ///< SSL connection.
+  };
+  int m_fd; ///< Pre-opened file descriptor if present.
+  TransportType m_type; ///< Type of connection.
+  int m_port; ///< Port on which to listen.
+  unsigned int m_family; ///< IP address family.
+  /// True if inbound connects (from client) are transparent.
+  bool m_inbound_transparent_p;
+  /// True if outbound connections (to origin servers) are transparent.
+  bool m_outbound_transparent_p;
+  /// Local address for inbound connections (listen address).
+  InkInetAddr m_inbound_ip;
+  /// Local address for outbound connections (to origin server).
+  InkInetAddr m_outbound_ip4;
+  /// Local address for outbound connections (to origin server).
+  InkInetAddr m_outbound_ip6;
+
+  /// Default constructor.
+  HttpProxyPort();
+
+  /** Select the local outbound address object.
+
+      @return The IP address for @a family
+  */
+  InkInetAddr& outboundIp(
+    uint16_t family ///< IP address family.
+  );
+
+  /// Check for SSL port.
+  bool isSSL() const;
+
+  /// Process options text.
+  /// @a opts should not contain any whitespace, only the option string.
+  /// This object's internal state is updated as specified by @a opts.
+  /// @return @c true if a port option was successfully processed, @c false otherwise.
+  bool processOptions(
+    char const* opts ///< String containing the options.
+  );
+
+  /** Global instance.
+
+      In general this data needs to be loaded only once. To support
+      that a global instance is provided. If accessed, it will
+      automatically load itself from the configuration data if not
+      already loaded.
+  */
+  static Vec<self>& global();
+
+  /// Check for SSL ports.
+  /// @return @c true if any port in @a ports is an SSL port.
+  static bool hasSSL(
+		     Group const& ports ///< Ports to check.
+		     );
+
+  /// Check for SSL ports.
+  /// @return @c true if any global port is an SSL port.
+  static bool hasSSL();
+
+  /** Load all relevant configuration data.
+
+      This is hardwired to look up the appropriate values in the
+      configuration files. It clears @a ports and then loads all found
+      values in to it.
+
+      @return @c true if at least one valid port description was
+      found, @c false if none.
+  */
+  static bool loadConfig(
+    Vec<self>& ports ///< Destination for found port data.
+  );
+
+  /** Load all relevant configuration data into the global ports.
+
+      @return @c true if at least one valid port description was
+      found, @c false if none.
+  */
+  static bool loadConfig();
+
+  /** Load ports from a value string.
+
+      Load ports from single string with port descriptors. Ports
+      found are added to @a ports. @a value may safely be @c NULL or empty.
+
+      @note This is used primarily internally but is available if needed.
+      @return @c true if a valid port was found, @c false if none.
+  */
+  static bool loadValue(
+    Vec<self>& ports, ///< Destination for found port data.
+    char const* value ///< Source port data.
+  );
+
+  /** Load ports from a value string into the global ports.
+
+      Load ports from single string of port descriptors into the
+      global set of ports. @a value may safely be @c NULL or empty.
+
+      @return @c true if a valid port was found, @c false if none.
+  */
+  static bool loadValue(
+    char const* value ///< Source port data.
+  );
+
+  /// Load default value if @a ports is empty.
+  /// @return @c true if the default was needed / loaded.
+  static bool loadDefaultIfEmpty(
+    Vec<self>& ports ///< Load target.
+  );
+
+  /// Load default value into the global set if it is empty.
+  /// @return @c true if the default was needed / loaded.
+  static bool loadDefaultIfEmpty();
+
+  /** Find an HTTP port in @a ports.
+      If @a family is specified then only ports for that family
+      are checked.
+      @return The port if found, @c NULL if not.
+  */
+  static self* findHttp(
+			Group const& ports, ///< Group to search.
+			uint16_t family = AF_UNSPEC  ///< Desired address family.
+			);
+
+  /** Find an HTTP port in the global ports.
+      If @a family is specified then only ports for that family
+      are checked.
+      @return The port if found, @c NULL if not.
+  */
+  static self* findHttp(uint16_t family = AF_UNSPEC);
+
+  /** Create text description to be used for inter-process access.
+      Prints the file descriptor and then any options.
+
+      @return The number of characters used for the description.
+  */
+  int print(
+    char* out, ///< Output string.
+    size_t n ///< Maximum output length.
+  );
+
+  static char const* const PORTS_CONFIG_NAME; ///< New unified port descriptor.
+  static char const* const PORT_CONFIG_NAME; ///< Old port only entry.
+  static char const* const ATTR_CONFIG_NAME; ///< Old attribute only entry.
+  static char const* const OTHER_PORTS_CONFIG_NAME; ///< Old "other" ports.
+  static char const* const SSL_ENABLED_CONFIG_NAME; ///< SSL enable flag.
+  static char const* const SSL_PORT_CONFIG_NAME; ///< Old style SSL port.
+
+  /// Default value if no other values can be found.
+  static char const* const DEFAULT_VALUE;
+
+  // Keywords (lower case versions, but compares should be case insensitive)
+  static char const* const OPT_FD_PREFIX; ///< Prefix for file descriptor value.
+  static char const* const OPT_OUTBOUND_IP_PREFIX; ///< Prefix for inbound IP address.
+  static char const* const OPT_INBOUND_IP_PREFIX; ///< Prefix for outbound IP address.
+  static char const* const OPT_IPV6; ///< IPv6.
+  static char const* const OPT_IPV4; ///< IPv4
+  static char const* const OPT_TRANSPARENT_INBOUND; ///< Inbound transparent.
+  static char const* const OPT_TRANSPARENT_OUTBOUND; ///< Outbound transparent.
+  static char const* const OPT_TRANSPARENT_FULL; ///< Full transparency.
+  static char const* const OPT_SSL; ///< SSL (experimental)
+  static char const* const OPT_BLIND_TUNNEL; ///< Blind tunnel.
+  static char const* const OPT_COMPRESSED; ///< Compressed.
+
+  static Vec<self> m_global; ///< Global ("default") data.
+};
+
+
+inline bool HttpProxyPort::isSSL() const { return TRANSPORT_SSL == m_type; }
+inline InkInetAddr&
+HttpProxyPort::outboundIp(uint16_t family) {
+  if (AF_INET == family) return m_outbound_ip4;
+  else if (AF_INET6 == family) return m_outbound_ip6;
+  else ink_release_assert(!"Invalid family for outbound address on proxy port.");
+  return *static_cast<InkInetAddr*>(0); // bogus, makes compiler happy.
+}
+
+inline bool
+HttpProxyPort::loadValue(char const* value) {
+  return self::loadValue(m_global, value);
+}
+inline bool
+HttpProxyPort::loadConfig() {
+  return self::loadConfig(m_global);
+}
+inline bool
+HttpProxyPort::loadDefaultIfEmpty() {
+  return self::loadDefaultIfEmpty(m_global);
+}
+inline Vec<HttpProxyPort>&
+HttpProxyPort::global() {
+  return m_global;
+}
+inline bool
+HttpProxyPort::hasSSL() {
+  return self::hasSSL(m_global);
+}
+inline HttpProxyPort* HttpProxyPort::findHttp(uint16_t family) {
+  return self::findHttp(m_global, family);
+}
+
+#endif // I_REC_HTTP_H

Modified: trafficserver/traffic/trunk/lib/records/Makefile.am
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/lib/records/Makefile.am?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/lib/records/Makefile.am (original)
+++ trafficserver/traffic/trunk/lib/records/Makefile.am Fri Jan 27 00:33:31 2012
@@ -53,6 +53,7 @@ libreclocal_a_SOURCES = \
   RecMessage.cc \
   RecMutex.cc \
   RecTree.cc \
+  I_RecHttp.h RecHttp.cc \
   RecUtils.cc
 
 librecprocess_a_CXXFLAGS = $(ink_with_modules_process)
@@ -78,5 +79,6 @@ librecprocess_a_SOURCES = \
   RecMutex.cc \
   RecProcess.cc \
   RecTree.cc \
+  I_RecHttp.h RecHttp.cc \
   RecUtils.cc
 

Added: trafficserver/traffic/trunk/lib/records/RecHttp.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/lib/records/RecHttp.cc?rev=1236470&view=auto
==============================================================================
--- trafficserver/traffic/trunk/lib/records/RecHttp.cc (added)
+++ trafficserver/traffic/trunk/lib/records/RecHttp.cc Fri Jan 27 00:33:31 2012
@@ -0,0 +1,399 @@
+# include <records/I_RecCore.h>
+# include <records/I_RecHttp.h>
+# include <ts/ink_defs.h>
+# include <ts/Tokenizer.h>
+# include <strings.h>
+
+void RecHttpLoadIp(char const* value_name, InkInetAddr& ip4, InkInetAddr& ip6)
+{
+  char value[1024];
+  ip4.invalidate();
+  ip6.invalidate();
+  if (REC_ERR_OKAY == RecGetRecordString(value_name, value, sizeof(value))) {
+    Tokenizer tokens(", ");
+    int n_addrs = tokens.Initialize(value);
+    for (int i = 0 ; i < n_addrs ; ++i ) {
+      char const* host = tokens[i];
+      ts_ip_endpoint tmp4, tmp6;
+      // For backwards compatibility we need to support the use of host names
+      // for the address to bind.
+      if (0 == ink_inet_getbestaddrinfo(host, &tmp4, &tmp6)) {
+        if (ink_inet_is_ip4(&tmp4)) {
+          if (!ip4.isValid()) ip4 = tmp4;
+          else Warning("'%s' specifies more than one IPv4 address, ignoring %s.", value_name, host);
+        }
+        if (ink_inet_is_ip6(&tmp6)) {
+          if (!ip6.isValid()) ip6 = tmp6;
+          else Warning("'%s' specifies more than one IPv6 address, ignoring %s.", value_name, host);
+        }
+      } else {
+        Warning("'%s' has an value '%s' that is not recognized as an IP address, ignored.", value_name, host);
+      }
+    }
+  }
+}
+
+
+char const* const HttpProxyPort::DEFAULT_VALUE = "8080";
+
+char const* const HttpProxyPort::PORT_CONFIG_NAME = "proxy.config.http.server_port";
+char const* const HttpProxyPort::ATTR_CONFIG_NAME = "proxy.config.http.server_port_attr";
+char const* const HttpProxyPort::OTHER_PORTS_CONFIG_NAME = "proxy.config.http.server_other_ports";
+char const* const HttpProxyPort::PORTS_CONFIG_NAME = "proxy.config.http.server_ports";
+char const* const HttpProxyPort::SSL_ENABLED_CONFIG_NAME = "proxy.config.ssl.enabled";
+char const* const HttpProxyPort::SSL_PORT_CONFIG_NAME = "proxy.config.ssl.server_port";
+
+char const* const HttpProxyPort::OPT_FD_PREFIX = "fd";
+char const* const HttpProxyPort::OPT_OUTBOUND_IP_PREFIX = "ip-out";
+char const* const HttpProxyPort::OPT_INBOUND_IP_PREFIX = "ip-in";
+char const* const HttpProxyPort::OPT_IPV6 = "ipv6";
+char const* const HttpProxyPort::OPT_IPV4 = "ipv4";
+char const* const HttpProxyPort::OPT_TRANSPARENT_INBOUND = "tr-in";
+char const* const HttpProxyPort::OPT_TRANSPARENT_OUTBOUND = "tr-out";
+char const* const HttpProxyPort::OPT_TRANSPARENT_FULL = "tr-full";
+char const* const HttpProxyPort::OPT_SSL = "ssl";
+char const* const HttpProxyPort::OPT_BLIND_TUNNEL = "blind";
+char const* const HttpProxyPort::OPT_COMPRESSED = "compressed";
+
+// File local constants.
+namespace {
+size_t const OPT_FD_PREFIX_LEN = strlen(HttpProxyPort::OPT_FD_PREFIX);
+size_t const OPT_OUTBOUND_IP_PREFIX_LEN = strlen(HttpProxyPort::OPT_OUTBOUND_IP_PREFIX);
+size_t const OPT_INBOUND_IP_PREFIX_LEN = strlen(HttpProxyPort::OPT_INBOUND_IP_PREFIX);
+}
+
+Vec<HttpProxyPort> HttpProxyPort::m_global;
+
+HttpProxyPort::HttpProxyPort()
+  : m_fd(ts::NO_FD)
+  , m_type(TRANSPORT_DEFAULT)
+  , m_port(0)
+  , m_family(AF_INET)
+  , m_inbound_transparent_p(false)
+  , m_outbound_transparent_p(false)
+{
+}
+
+bool HttpProxyPort::hasSSL(Group const& ports) {
+  bool zret = false;
+  for ( int i = 0 , n = ports.length() ; i < n && !zret ; ++i ) {
+    if (ports[i].isSSL()) zret = true;
+  }
+  return zret;
+}
+
+HttpProxyPort* HttpProxyPort::findHttp(Group const& ports, uint16_t family) {
+  bool check_family_p = ink_inet_is_ip(family);
+  self* zret = 0;
+  for ( int i = 0 , n = ports.length() ; i < n && !zret ; ++i ) {
+    HttpProxyPort& p = ports[i];
+    if (p.m_port && // has a valid port
+	TRANSPORT_DEFAULT == p.m_type && // is normal HTTP
+	( !check_family_p || p.m_family == family) // right address family
+	)
+      zret = &p;;
+  }
+  return zret;
+}
+
+bool
+HttpProxyPort::loadConfig(Vec<self>& entries) {
+  char* text;
+  char* attr;
+  bool found_p;
+
+  // Do current style port configuration first.
+  text = REC_readString(PORTS_CONFIG_NAME, &found_p);
+  if (found_p) self::loadValue(entries, text);
+  ats_free(text);
+
+  // Check old style single port.
+  // Yeah, it's ugly, but it should be purged on the next major release.
+  int sp = REC_ConfigReadInteger(PORT_CONFIG_NAME);
+  attr = REC_ConfigReadString(ATTR_CONFIG_NAME);
+  if (-1 == sp) {
+    // Default value, ignore.
+  } else if (0 < sp && sp < 65536) {
+    char buff[6 + 1 + strlen(attr) + 1];
+    sprintf(buff, "%d:%s", sp, attr);
+    self::loadValue(entries, buff);
+  } else {
+    Warning("Invalid port value %d is not in the range 1..65535 for '%s'.", sp, PORT_CONFIG_NAME);
+  }
+  ats_free(attr);
+
+  // Do the "other" ports.
+  text = REC_ConfigReadString(OTHER_PORTS_CONFIG_NAME);
+  self::loadValue(entries, text);
+  ats_free(text);
+
+  // Check for old style SSL configuration. We only put this in iff
+  // SSL is explicitly enabled and has the server port set.
+  RecInt ssl_enabled;
+  RecInt ssl_port;
+  if (REC_ERR_OKAY == RecGetRecordInt(SSL_ENABLED_CONFIG_NAME, &ssl_enabled) && ssl_enabled) {
+    if (REC_ERR_OKAY == RecGetRecordInt(SSL_PORT_CONFIG_NAME, &ssl_port)) {
+      if (0 < ssl_port && ssl_port < 65536) {
+        HttpProxyPort port;
+        port.m_port = ssl_port;
+        port.m_type = TRANSPORT_SSL;
+        entries.push_back(port);
+      } else if (-1 != ssl_port) {
+	// -1 is used as the sentinel value in the config record for
+	// "not set by user".
+        Warning("SSL enabled but port value %d is not in the range 1..65535.\n",
+                ssl_port);
+      }
+    }
+  }
+
+  return 0 < entries.length();
+}
+
+bool
+HttpProxyPort::loadDefaultIfEmpty(Group& ports) {
+  RecInt ssl_enabled;
+
+  if (0 == ports.length())
+    self::loadValue(ports, DEFAULT_VALUE);
+
+  // Check to see if we need to force an SSL port.
+  if (REC_ERR_OKAY == RecGetRecordInt(SSL_ENABLED_CONFIG_NAME, &ssl_enabled) &&
+      ssl_enabled) {
+    // SSL is explicitly enabled, so force an SSL port if there isn't one.
+    if (!self::hasSSL(ports)) {
+      HttpProxyPort port;
+      RecInt ssl_port = -1;
+      RecGetRecordInt(SSL_PORT_CONFIG_NAME, &ssl_port);
+      if (ssl_port < 1 || 65535 < ssl_port) ssl_port = 443;
+      port.m_port = ssl_port;
+      port.m_type = TRANSPORT_SSL;
+      ports.push_back(port);
+    }
+  }
+  return 0 < ports.length();
+}
+
+bool
+HttpProxyPort::loadValue(Vec<self>& ports, char const* text) {
+  int n_elts = ports.length(); // remember this.
+  if (text && *text) {
+    Tokenizer tokens(", ");
+    int n_ports = tokens.Initialize(text);
+    if (n_ports > 0) {
+      for ( int p = 0 ; p < n_ports ; ++p ) {
+        char const* elt = tokens[p];
+        HttpProxyPort entry;
+        if (entry.processOptions(elt)) ports.push_back(entry);
+        else Warning("No port was found in port configuration element '%s'", elt);
+      }
+    }
+  }
+  return ports.length() > n_elts; // we added at least one port.
+}
+
+bool
+HttpProxyPort::processOptions(char const* opts) {
+  bool zret = false; // no port found yet.
+  bool af_set_p = false; // AF explicitly specified.
+  bool bracket_p = false; // inside brackets during parse.
+  Vec<char*> values; // Pointers to single option values.
+
+  // Make a copy we can modify safely.
+  size_t opts_len = strlen(opts) + 1;
+  char* text = static_cast<char*>(alloca(opts_len));
+  memcpy(text, opts, opts_len);
+
+  // Split the copy in to tokens.
+  char* token = 0;
+  for (char* spot = text ; *spot ; ++spot ) {
+    if (bracket_p) {
+      if (']' == *spot) bracket_p = false;
+    } else if (':' == *spot) {
+      *spot = 0;
+      token = 0;
+    } else {
+      if (! token) {
+        token = spot;
+        values.push_back(token);
+      }
+      if ('[' == *spot) bracket_p = true;
+    }
+  }
+  if (bracket_p) {
+    Warning("Invalid port descriptor '%s' - left bracket without closing right bracket.");
+    return zret;
+  }
+
+  for ( int i = 0, n_items = values.length() ; i < n_items ; ++i) {
+    char const* item = values[i];
+    if (isdigit(item[0])) { // leading digit -> port value
+      char* ptr;
+      int port = strtoul(item, &ptr, 10);
+      if (ptr == item) {
+        // really, this shouldn't happen, since we checked for a leading digit.
+        Warning("Mangled port value '%s' in port configuration '%s'", item, opts);
+      } else if (port <= 0 || 65536 <= port) {
+        Warning("Port value '%s' out of range in port configuration '%s'", item, opts);
+      } else {
+        m_port = port;
+        zret = true;
+      }
+    } else if (0 == strncasecmp(OPT_FD_PREFIX, item, OPT_FD_PREFIX_LEN)) {
+      char* ptr; // tmp for syntax check.
+      item += OPT_FD_PREFIX_LEN; // skip prefix
+      if ('-' == *item || '=' == *item) ++item; // permit optional '-' or '='
+      int fd = strtoul(item, &ptr, 10);
+      if (ptr == item) {
+        Warning("Mangled file descriptor value '%s' in port descriptor '%s'", item, opts);
+      } else {
+        m_fd = fd;
+        zret = true;
+      }
+    } else if (0 == strncasecmp(OPT_INBOUND_IP_PREFIX, item, OPT_INBOUND_IP_PREFIX_LEN)) {
+      ts_ip_endpoint ip;
+      item += OPT_INBOUND_IP_PREFIX_LEN; // skip prefix
+      if ('-' == *item || '=' == *item) ++item; // permit optional '-' or '='
+      if (0 == ink_inet_pton(item, &ip))
+        m_inbound_ip = ip;
+      else
+        Warning("Invalid IP address value '%s' in port descriptor '%s'",
+          item, opts
+        );
+    } else if (0 == strncasecmp(OPT_OUTBOUND_IP_PREFIX, item, OPT_OUTBOUND_IP_PREFIX_LEN)) {
+      InkInetAddr ip;
+      item += OPT_OUTBOUND_IP_PREFIX_LEN; // skip prefix
+      if ('-' == *item || '=' == *item) ++item; // permit optional '-' or '='
+      if (0 == ip.load(item))
+        this->outboundIp(ip.family()) = ip;
+      else
+        Warning("Invalid IP address value '%s' in port descriptor '%s'",
+          item, opts
+        );
+    } else if (0 == strcasecmp("X", item)) {
+      // defaults
+    } else if (0 == strcasecmp("C", item) || 0 == strcasecmp(OPT_COMPRESSED, item)) {
+      m_type = TRANSPORT_COMPRESSED;
+    } else if (0 == strcasecmp("T", item) || 0 == strcasecmp(OPT_BLIND_TUNNEL, item)) {
+      m_type = TRANSPORT_BLIND_TUNNEL;
+    } else if (0 == strcasecmp("X6", item) || 0 == strcasecmp(OPT_IPV6, item)) {
+      m_family = AF_INET6;
+      m_type = TRANSPORT_DEFAULT;
+      af_set_p = true;
+    } else if (0 == strcasecmp(OPT_IPV4, item)) {
+      m_family = AF_INET;
+      af_set_p = true;
+    } else if (0 == strcasecmp("S", item) || 0 == strcasecmp(OPT_SSL, item)) {
+      m_type = TRANSPORT_SSL;
+      m_inbound_transparent_p = m_outbound_transparent_p = false;
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_INBOUND, item) ||
+      0 == strcasecmp("<", item)) {
+# if TS_USE_TPROXY
+      m_inbound_transparent_p = true;
+# else
+      Warning("Transparency requested [%s] in port descriptor '%s' but TPROXY was not configured.", item, opts);
+# endif
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_OUTBOUND, item) ||
+      0 == strcasecmp(">", item)) {
+# if TS_USE_TPROXY
+      m_outbound_transparent_p = true;
+# else
+      Warning("Transparency requested [%s] in port descriptor '%s' but TPROXY was not configured.", item, opts);
+# endif
+    } else if (0 == strcasecmp(OPT_TRANSPARENT_FULL, item)||
+      0 == strcasecmp("=", item)) {
+# if TS_USE_TPROXY
+      m_inbound_transparent_p = true;
+      m_outbound_transparent_p = true;
+# else
+      Warning("Transparency requested [%s] in port descriptor '%s' but TPROXY was not configured.", item, opts);
+# endif
+    } else {
+      Warning("Invalid option '%s' in port configuration '%s'", item, opts);
+    }
+  }
+
+  bool in_ip_set_p = m_inbound_ip.isValid();
+
+  if (af_set_p) {
+    if (in_ip_set_p && m_family != m_inbound_ip.family()) {
+      Warning("Invalid port descriptor '%s' - the inbound adddress family [%s] is not the same type as the explict family value [%s].", ink_inet_family_name(m_inbound_ip.family()), ink_inet_family_name(m_family));
+      zret = false;
+    }
+  } else if (in_ip_set_p) {
+    m_family = m_inbound_ip.family(); // set according to address.
+  }
+
+  return zret;
+}
+
+int
+HttpProxyPort::print(char* out, size_t n) {
+  size_t zret = 0; // # of chars printed so far.
+  ip_text_buffer ipb;
+  bool need_colon_p = false;
+
+  if (m_inbound_ip.isValid()) {
+    zret += snprintf(out+zret, n-zret, "%s=[%s]",
+      OPT_INBOUND_IP_PREFIX,
+      m_inbound_ip.toString(ipb, sizeof(ipb))
+    );
+    need_colon_p = true;
+  }
+  if (zret >= n) return n;
+
+  if (m_outbound_ip4.isValid()) {
+    if (need_colon_p) out[zret++] = ':';
+    zret += snprintf(out+zret, n-zret, "%s=[%s]",
+      OPT_OUTBOUND_IP_PREFIX,
+      m_outbound_ip4.toString(ipb, sizeof(ipb))
+    );
+    need_colon_p = true;
+  }
+  if (zret >= n) return n;
+
+  if (m_outbound_ip6.isValid()) {
+    if (need_colon_p) out[zret++] = ':';
+    zret += snprintf(out+zret, n-zret, "%s=[%s]",
+      OPT_OUTBOUND_IP_PREFIX,
+      m_outbound_ip6.toString(ipb, sizeof(ipb))
+    );
+    need_colon_p = true;
+  }
+  if (zret >= n) return n;
+
+  if (0 != m_port) {
+    if (need_colon_p) out[zret++] = ':';
+    zret += snprintf(out+zret, n-zret, "%d", m_port);
+    need_colon_p = true;
+  }
+  if (zret >= n) return n;
+
+  if (ts::NO_FD != m_fd) {
+    if (need_colon_p) out[zret++] = ':';
+    zret += snprintf(out+zret, n-zret, "fd=%d", m_fd);
+    need_colon_p = true;
+  }
+  if (zret >= n) return n;
+
+  if (AF_INET6 == m_family)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_IPV6);
+  if (zret >= n) return n;
+
+  if (TRANSPORT_BLIND_TUNNEL == m_type)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_BLIND_TUNNEL);
+  else if (TRANSPORT_SSL == m_type)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_SSL);
+  else if (TRANSPORT_COMPRESSED == m_type)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_COMPRESSED);
+  if (zret >= n) return n;
+
+  if (m_outbound_transparent_p && m_inbound_transparent_p)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_TRANSPARENT_FULL);
+  else if (m_inbound_transparent_p)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_TRANSPARENT_INBOUND);
+  else if (m_outbound_transparent_p)
+    zret += snprintf(out+zret, n-zret, ":%s", OPT_TRANSPARENT_OUTBOUND);
+
+  return min(zret,n);
+}

Modified: trafficserver/traffic/trunk/lib/ts/ink_inet.cc
URL: http://svn.apache.org/viewvc/trafficserver/traffic/trunk/lib/ts/ink_inet.cc?rev=1236470&r1=1236469&r2=1236470&view=diff
==============================================================================
--- trafficserver/traffic/trunk/lib/ts/ink_inet.cc (original)
+++ trafficserver/traffic/trunk/lib/ts/ink_inet.cc Fri Jan 27 00:33:31 2012
@@ -182,6 +182,14 @@ const char *ink_inet_ntop(const struct s
   return zret;
 }
 
+char const*
+ink_inet_family_name(int family) {
+  return AF_INET == family ? "IPv4"
+    : AF_INET6 == family ? "IPv6"
+    : "Unspec"
+    ;
+}
+
 uint16_t ink_inet_port(const struct sockaddr *addr)
 {
   uint16_t port = 0;
@@ -210,49 +218,88 @@ char const* ink_inet_nptop(
   return dst;
 }
 
-int ink_inet_pton(char const* text, sockaddr* addr) {
-  int zret = -1;
-  addrinfo hints; // [out]
-  addrinfo *ai; // [in]
-  char* copy; // needed for handling brackets.
-
-  if ('[' == *text) {
-    /* Ugly. In a number of places we must use bracket notation
-       to support port numbers. Rather than mucking with that
-       everywhere, we'll tweak it here. Experimentally we can't
-       depend on getaddrinfo to handle it. Note that the text
-       buffer size includes space for the nul, so a bracketed
-       address is at most that size - 1 + 2 -> size+1.
-
-       It just gets better. In order to bind link local addresses
-       the scope_id must be set to the interface index. That's
-       most easily done by appending a %intf (where "intf" is the
-       name of the interface) to the address. Which makes
-       the address potentially larger than the standard maximum.
-       So we can't depend on that sizing.
-    */
-
-    size_t n = strlen(text);
-    copy = static_cast<char*>(alloca(n-1));
-    if (']' == text[n-1]) {
-      ink_strlcpy(copy, text+1, n-1);
-      text = copy;
+int
+ink_inet_parse(ts::ConstBuffer src, ts::ConstBuffer* addr, ts::ConstBuffer* port) {
+  addr->reset();
+  port->reset();
+
+  // Let's see if we can find out what's in the address string.
+  if (src) {
+    while (src && isspace(*src)) ++src;
+    // Check for brackets.
+    if ('[' == *src) {
+      /* Ugly. In a number of places we must use bracket notation
+         to support port numbers. Rather than mucking with that
+         everywhere, we'll tweak it here. Experimentally we can't
+         depend on getaddrinfo to handle it. Note that the text
+         buffer size includes space for the nul, so a bracketed
+         address is at most that size - 1 + 2 -> size+1.
+
+         It just gets better. In order to bind link local addresses
+         the scope_id must be set to the interface index. That's
+         most easily done by appending a %intf (where "intf" is the
+         name of the interface) to the address. Which makes
+         the address potentially larger than the standard maximum.
+         So we can't depend on that sizing.
+      */
+      ++src; // skip bracket.
+      *addr = src.splitOn(']');
+      if (*addr && ':' == *src) { // found the closing bracket and port colon
+        ++src; // skip colon.
+        *port = src;
+      } // else it's a fail for unclosed brackets.
     } else {
-      // Bad format, getaddrinfo isn't going to succeed.
-      return zret;
+      // See if there's exactly 1 colon
+      ts::ConstBuffer tmp = src.after(':');
+      if (tmp && ! tmp.find(':')) { // 1 colon and no others
+        src.clip(tmp.data() - 1); // drop port from address.
+        *port = tmp;
+      } // else 0 or > 1 colon and no brackets means no port.
+      *addr = src;
+    }
+    // clip port down to digits.
+    if (*port) {
+      char const* spot = port->data();
+      while (isdigit(*spot)) ++spot;
+      port->clip(spot);
     }
   }
+  return *addr ? 0 : -1; // true if we found an address.
+}
 
-  ink_zero(hints);
-  hints.ai_family = PF_UNSPEC;
-  hints.ai_flags = AI_NUMERICHOST|AI_PASSIVE;
-  if (0 == (zret = getaddrinfo(text, 0, &hints, &ai))) {
-    if (ink_inet_is_ip(ai->ai_addr)) {
-      if (addr) ink_inet_copy(addr, ai->ai_addr);
-      zret = 0;
+int
+ink_inet_pton(char const* text, sockaddr* ip) {
+  int zret = -1;
+  ts::ConstBuffer addr, port;
+  ts::ConstBuffer src(text, strlen(text)+1);
+
+  ink_inet_invalidate(ip);
+  if (0 == ink_inet_parse(src, &addr, &port)) {
+    // Copy if not terminated.
+    if (0 != addr[addr.size()-1]) {
+      char* tmp = static_cast<char*>(alloca(addr.size()+1));
+      memcpy(tmp, addr.data(), addr.size());
+      tmp[addr.size()] = 0;
+      addr.set(tmp, addr.size());
     }
-    freeaddrinfo(ai);
+    if (addr.find(':')) { // colon -> IPv6
+      in6_addr addr6;
+      if (inet_pton(AF_INET6, addr.data(), &addr6)) {
+        zret = 0;
+        ink_inet_ip6_set(ip, addr6);
+      }
+    } else { // no colon -> must be IPv4
+      in_addr addr4;
+      if (inet_aton(addr.data(), &addr4)) {
+        zret = 0;
+        ink_inet_ip4_set(ip, addr4.s_addr);
+      }
+    }
+    // If we had a successful conversion, set the port.
+    if (ink_inet_is_ip(ip))
+      ink_inet_port_cast(ip) = port ? htons(atoi(port.data())) : 0;
   }
+
   return zret;
 }
 
@@ -341,3 +388,87 @@ operator == (InkInetAddr const& lhs, soc
   } // else different families, not equal.
   return zret;
 }
+
+int
+ink_inet_getbestaddrinfo(char const* host,
+  ts_ip_endpoint* ip4,
+  ts_ip_endpoint* ip6
+) {
+  int zret = -1;
+  int port = 0; // port value to assign if we find an address.
+  addrinfo ai_hints;
+  addrinfo* ai_result;
+  ts::ConstBuffer addr_text, port_text;
+  ts::ConstBuffer src(host, strlen(host)+1);
+
+  if (ip4) ink_inet_invalidate(ip4);
+  if (ip6) ink_inet_invalidate(ip6);
+
+  if (0 == ink_inet_parse(src, &addr_text, &port_text)) {
+    // Copy if not terminated.
+    if (0 != addr_text[addr_text.size()-1]) {
+      char* tmp = static_cast<char*>(alloca(addr_text.size()+1));
+      memcpy(tmp, addr_text.data(), addr_text.size());
+      tmp[addr_text.size()] = 0;
+      addr_text.set(tmp, addr_text.size());
+    }
+    ink_zero(ai_hints);
+    ai_hints.ai_family = AF_UNSPEC;
+    ai_hints.ai_flags = AI_ADDRCONFIG;
+    zret = getaddrinfo(addr_text.data(), 0, &ai_hints, &ai_result);
+  
+    if (0 == zret) {
+      // Walk the returned addresses and pick the "best".
+      enum {
+        NA, // Not an (IP) Address.
+        LO, // Loopback.
+        MC, // Multicast.
+        NR, // Non-Routable.
+        GA  // Globally unique Address.
+      } spot_type = NA, ip4_type = NA, ip6_type = NA;
+      sockaddr const* ip4_src = 0;
+      sockaddr const* ip6_src = 0;
+
+      for ( addrinfo* ai_spot = ai_result
+          ; ai_spot
+          ; ai_spot = ai_spot->ai_next
+      ) {
+        sockaddr const* ai_ip = ai_spot->ai_addr;
+        if (!ink_inet_is_ip(ai_ip)) spot_type = NA;
+        else if (ink_inet_is_loopback(ai_ip)) spot_type = LO;
+        else if (ink_inet_is_nonroutable(ai_ip)) spot_type = NR;
+        else if (ink_inet_is_multicast(ai_ip)) spot_type = MC;
+        else spot_type = GA;
+        
+        if (spot_type == NA) continue; // Next!
+
+        if (ink_inet_is_ip4(ai_ip)) {
+          if (spot_type > ip4_type) {
+            ip4_src = ai_ip;
+            ip4_type = spot_type;
+          }
+        } else if (ink_inet_is_ip6(ai_ip)) {
+          if (spot_type > ip6_type) {
+            ip6_src = ai_ip;
+            ip6_type = spot_type;
+          }
+        }
+      }
+      if (ip4_type > NA) ink_inet_copy(ip4, ip4_src);
+      if (ip6_type > NA) ink_inet_copy(ip6, ip6_src);
+      freeaddrinfo(ai_result); // free *after* the copy.
+
+    }
+  }
+
+  // We don't really care if the port is null terminated - the parser
+  // would get all the digits so the next character is a non-digit (null or
+  // not) and atoi will do the right thing in either case.
+  if (port_text.size()) port = htons(atoi(port_text.data()));
+  if (ink_inet_is_ip(ip4)) ink_inet_port_cast(ip4) = port;
+  if (ink_inet_is_ip(ip6)) ink_inet_port_cast(ip6) = port;
+
+  if (!ink_inet_is_ip(ip4) && !ink_inet_is_ip(ip6)) zret = -1;
+
+  return zret;
+}



Mime
View raw message