From ca79f59365c03c7c7422c80e9d9986f8834a95b8 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Wed, 17 Jul 2019 19:04:47 +0200 Subject: [PATCH] MEDIUM: connection: make sure all address producers allocate their address This commit places calls to sockaddr_alloc() at the places where an address is needed, and makes sure that the allocation is properly tested. This does not add too many error paths since connection allocations are already in the vicinity and share the same error paths. For the two cases where a clear_addr() was called, instead the address was not allocated. --- include/proto/connection.h | 6 ++++++ src/backend.c | 6 ++++-- src/checks.c | 18 ++++++++---------- src/connection.c | 3 +++ src/hlua.c | 6 +++++- src/http_ana.c | 4 ++-- src/peers.c | 4 +++- src/session.c | 4 +++- 8 files changed, 34 insertions(+), 17 deletions(-) diff --git a/include/proto/connection.h b/include/proto/connection.h index c1ce51d22..6d2e78401 100644 --- a/include/proto/connection.h +++ b/include/proto/connection.h @@ -675,6 +675,9 @@ static inline int conn_get_src(struct connection *conn) if (!conn_ctrl_ready(conn) || !conn->ctrl->get_src) return 0; + if (!sockaddr_alloc(&conn->src)) + return 0; + if (conn->ctrl->get_src(conn->handle.fd, (struct sockaddr *)conn->src, sizeof(*conn->src), obj_type(conn->target) != OBJ_TYPE_LISTENER) == -1) @@ -695,6 +698,9 @@ static inline int conn_get_dst(struct connection *conn) if (!conn_ctrl_ready(conn) || !conn->ctrl->get_dst) return 0; + if (!sockaddr_alloc(&conn->dst)) + return 0; + if (conn->ctrl->get_dst(conn->handle.fd, (struct sockaddr *)conn->dst, sizeof(*conn->dst), obj_type(conn->target) != OBJ_TYPE_LISTENER) == -1) diff --git a/src/backend.c b/src/backend.c index 18d249871..dcf364201 100644 --- a/src/backend.c +++ b/src/backend.c @@ -826,7 +826,8 @@ int assign_server_address(struct stream *s, struct connection *srv_conn) DPRINTF(stderr,"assign_server_address : s=%p\n",s); - /* FIXME WTA: an address allocation will soon be needed here */ + if (!sockaddr_alloc(&srv_conn->dst)) + return SRV_STATUS_INTERNAL; if ((s->flags & SF_DIRECT) || (s->be->lbprm.algo & BE_LB_KIND)) { /* A server is necessarily known for this stream */ @@ -1039,7 +1040,8 @@ static void assign_tproxy_address(struct stream *s) else return; - /* FIXME WTA: an address allocation will soon be needed here for src */ + if (!sockaddr_alloc(&srv_conn->src)) + return; switch (src->opts & CO_SRC_TPROXY_MASK) { case CO_SRC_TPROXY_ADDR: diff --git a/src/checks.c b/src/checks.c index c2fc87c38..61acb17c0 100644 --- a/src/checks.c +++ b/src/checks.c @@ -1614,7 +1614,9 @@ static int connect_conn_chk(struct task *t) /* Maybe there were an older connection we were waiting on */ check->wait_list.events = 0; - /* FIXME WTA: we'll have to dynamically allocate the dst address here */ + if (!sockaddr_alloc(&conn->dst)) + return SF_ERR_RESOURCE; + if (is_addr(&check->addr)) { /* we'll connect to the check addr specified on the server */ *conn->dst = check->addr; @@ -1643,10 +1645,6 @@ static int connect_conn_chk(struct task *t) } /* no client address */ - /* FIXME WTA: we'll have to dynamically allocate the src address here - * before clearing it, or better release it and make it null. - */ - clear_addr(conn->src); conn_prepare(conn, proto, check->xprt); if (conn_install_mux(conn, &mux_pt_ops, cs, s->proxy, NULL) < 0) @@ -2862,12 +2860,12 @@ static int tcpcheck_main(struct check *check) conn->target = s ? &s->obj_type : &proxy->obj_type; /* no client address */ - /* FIXME WTA: we'll have to dynamically allocate the src address here - * before clearing it, or better release it and make it null. - */ - clear_addr(conn->src); - /* FIXME WTA: we'll have to dynamically allocate the dst address here */ + if (!sockaddr_alloc(&conn->dst)) { + ret = SF_ERR_RESOURCE; + goto fail_check; + } + if (is_addr(&check->addr)) { /* we'll connect to the check addr specified on the server */ *conn->dst = check->addr; diff --git a/src/connection.c b/src/connection.c index 0277309ac..602fc79ec 100644 --- a/src/connection.c +++ b/src/connection.c @@ -402,6 +402,9 @@ int conn_recv_proxy(struct connection *conn, int flag) if (!conn_ctrl_ready(conn)) goto fail; + if (!sockaddr_alloc(&conn->src) || !sockaddr_alloc(&conn->dst)) + goto fail; + if (!fd_recv_ready(conn->handle.fd)) goto not_ready; diff --git a/src/hlua.c b/src/hlua.c index 150faecb7..49f056c39 100644 --- a/src/hlua.c +++ b/src/hlua.c @@ -2461,7 +2461,11 @@ __LJMP static int hlua_socket_connect(struct lua_State *L) WILL_LJMP(luaL_error(L, "connect: port ranges not supported : address '%s'", ip)); } - /* FIXME WTA: dst address allocation needed here! */ + if (!sockaddr_alloc(&conn->dst)) { + xref_unlock(&socket->xref, peer); + WILL_LJMP(luaL_error(L, "connect: internal error")); + } + memcpy(conn->dst, addr, sizeof(struct sockaddr_storage)); /* Set port. */ diff --git a/src/http_ana.c b/src/http_ana.c index c5c928d16..782c1689d 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -741,7 +741,8 @@ int http_process_request(struct stream *s, struct channel *req, int an_bit) struct ist uri, path; /* Note that for now we don't reuse existing proxy connections */ - if (unlikely((conn = cs_conn(si_alloc_cs(&s->si[1], NULL))) == NULL)) { + if (unlikely((conn = cs_conn(si_alloc_cs(&s->si[1], NULL))) == NULL || + !sockaddr_alloc(&conn->dst))) { txn->req.err_state = txn->req.msg_state; txn->req.msg_state = HTTP_MSG_ERROR; txn->status = 500; @@ -759,7 +760,6 @@ int http_process_request(struct stream *s, struct channel *req, int an_bit) uri = htx_sl_req_uri(sl); path = http_get_path(uri); - /* FIXME WTA: below we'll need to dynamically allocate the dst address */ if (url2sa(uri.ptr, uri.len - path.len, conn->dst, NULL) == -1) goto return_bad_req; diff --git a/src/peers.c b/src/peers.c index 193ef0e51..8fa6a8e4a 100644 --- a/src/peers.c +++ b/src/peers.c @@ -2539,7 +2539,9 @@ static struct appctx *peer_session_create(struct peers *peers, struct peer *peer conn->target = s->target = peer_session_target(peer, s); - /* FIXME WTA: a sockaddr allocation will be needed here */ + if (!sockaddr_alloc(&conn->dst)) + goto out_free_cs; + memcpy(conn->dst, &peer->addr, sizeof(*conn->dst)); conn_prepare(conn, peer->proto, peer_xprt(peer)); diff --git a/src/session.c b/src/session.c index 782d4889c..7def38734 100644 --- a/src/session.c +++ b/src/session.c @@ -155,8 +155,10 @@ int session_accept_fd(struct listener *l, int cfd, struct sockaddr_storage *addr if (unlikely((cli_conn = conn_new()) == NULL)) goto out_close; + if (!sockaddr_alloc(&cli_conn->src)) + goto out_free_conn; + cli_conn->handle.fd = cfd; - /* FIXME WTA: an allocation will be needed here. Better steal the original address on success */ *cli_conn->src = *addr; cli_conn->flags |= CO_FL_ADDR_FROM_SET; cli_conn->target = &l->obj_type;