From 9d4c7c1151c5f9ec721645f9a81ba7c5b4a34906 Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Thu, 19 Oct 2023 11:07:15 +0200 Subject: [PATCH] MINOR: server: convert @reverse to rev@ standard format Remove the recently introduced '@reverse' notation for HTTP reverse servers. Instead, reuse the 'rev@' prefix already defined for bind lines. --- doc/configuration.txt | 9 ++----- include/haproxy/proto_reverse_connect.h | 2 ++ reg-tests/connection/reverse_connect_full.vtc | 2 +- reg-tests/connection/reverse_server.vtc | 2 +- reg-tests/connection/reverse_server_name.vtc | 2 +- src/proto_reverse_connect.c | 8 ++++++ src/server.c | 25 ++++++------------- 7 files changed, 22 insertions(+), 28 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 25683f484..7ef9d724f 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -11534,18 +11534,13 @@ server
[:[port]] [param*] one of them over the FD. The bind part will use the received socket as the client FD. Should be used carefully. + - 'rev@' -> custom address family for a passive server in + HTTP reverse context. You may want to reference some environment variables in the address parameter, see section 2.3 about environment variables. The "init-addr" setting can be used to modify the way IP addresses should be resolved upon startup. - Additionally, there is a special address notation defined for - servers which does not have any address assigned. Currently, only - '@reverse' is valid. This instantiates a server which can only be - used with reverse connect. This mode requires the proxy to be in - HTTP mode and the server to explicitly use HTTP/2, either through - 'proto' or 'alpn' keywords. - is an optional port specification. If set, all connections will be sent to this port. If unset, the same port the client connected to will be used. The port may also be prefixed by a "+" diff --git a/include/haproxy/proto_reverse_connect.h b/include/haproxy/proto_reverse_connect.h index 0c07356e0..a2113d35c 100644 --- a/include/haproxy/proto_reverse_connect.h +++ b/include/haproxy/proto_reverse_connect.h @@ -14,6 +14,8 @@ struct connection *rev_accept_conn(struct listener *l, int *status); void rev_unbind_receiver(struct listener *l); int rev_set_affinity(struct connection *conn, int new_tid); +int rev_connect(struct connection *conn, int flags); + int rev_accepting_conn(const struct receiver *rx); void rev_notify_preconn_err(struct listener *l); diff --git a/reg-tests/connection/reverse_connect_full.vtc b/reg-tests/connection/reverse_connect_full.vtc index e8b051ba5..1124f6a46 100644 --- a/reg-tests/connection/reverse_connect_full.vtc +++ b/reg-tests/connection/reverse_connect_full.vtc @@ -21,7 +21,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse + server dev rev@ frontend priv bind "fd@${priv}" proto h2 diff --git a/reg-tests/connection/reverse_server.vtc b/reg-tests/connection/reverse_server.vtc index 40ddc49d3..43edcdfea 100644 --- a/reg-tests/connection/reverse_server.vtc +++ b/reg-tests/connection/reverse_server.vtc @@ -18,7 +18,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse + server dev rev@ frontend priv bind "fd@${priv}" proto h2 diff --git a/reg-tests/connection/reverse_server_name.vtc b/reg-tests/connection/reverse_server_name.vtc index b8d5cf885..76473d541 100644 --- a/reg-tests/connection/reverse_server_name.vtc +++ b/reg-tests/connection/reverse_server_name.vtc @@ -19,7 +19,7 @@ frontend pub use_backend be-reverse backend be-reverse - server dev @reverse ssl sni hdr(x-name) verify none + server dev rev@ ssl sni hdr(x-name) verify none frontend priv bind "fd@${priv}" ssl crt ${testdir}/common.pem verify required ca-verify-file ${testdir}/ca-auth.crt alpn h2 diff --git a/src/proto_reverse_connect.c b/src/proto_reverse_connect.c index 293c13418..e02620476 100644 --- a/src/proto_reverse_connect.c +++ b/src/proto_reverse_connect.c @@ -36,6 +36,8 @@ struct protocol proto_reverse_connect = { .accept_conn = rev_accept_conn, .set_affinity = rev_set_affinity, + .connect = rev_connect, + /* address family */ .fam = &proto_fam_reverse_connect, @@ -343,6 +345,12 @@ int rev_set_affinity(struct connection *conn, int new_tid) return -1; } +/* Simple callback to enable definition of passive HTTP reverse servers. */ +int rev_connect(struct connection *conn, int flags) +{ + return SF_ERR_NONE; +} + int rev_accepting_conn(const struct receiver *rx) { return 1; diff --git a/src/server.c b/src/server.c index 3c40ca7fe..e7ce3d70b 100644 --- a/src/server.c +++ b/src/server.c @@ -2805,22 +2805,6 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg, else newsrv->tmpl_info.prefix = strdup(args[1]); - /* special address specifier */ - if (args[*cur_arg][0] == '@') { - if (strcmp(args[*cur_arg], "@reverse") == 0) { - newsrv->flags |= SRV_F_REVERSE; - } - else { - ha_alert("unknown server address specifier '%s'\n", - args[*cur_arg]); - err_code |= ERR_ALERT | ERR_FATAL; - goto out; - } - - (*cur_arg)++; - parse_flags &= ~SRV_PARSE_PARSE_ADDR; - } - /* several ways to check the port component : * - IP => port=+0, relative (IPv4 only) * - IP: => port=+0, relative @@ -2845,8 +2829,13 @@ static int _srv_parse_init(struct server **srv, char **args, int *cur_arg, } if (!port1 || !port2) { - /* no port specified, +offset, -offset */ - newsrv->flags |= SRV_F_MAPPORTS; + if (sk->ss_family != AF_CUST_REV_SRV) { + /* no port specified, +offset, -offset */ + newsrv->flags |= SRV_F_MAPPORTS; + } + else { + newsrv->flags |= SRV_F_REVERSE; + } } /* save hostname and create associated name resolution */