/* * nghttp2 - HTTP/2 C Library * * Copyright (c) 2016 Tatsuhiro Tsujikawa * * Permission is hereby granted, free of charge, to any person obtaining * a copy of this software and associated documentation files (the * "Software"), to deal in the Software without restriction, including * without limitation the rights to use, copy, modify, merge, publish, * distribute, sublicense, and/or sell copies of the Software, and to * permit persons to whom the Software is furnished to do so, subject to * the following conditions: * * The above copyright notice and this permission notice shall be * included in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ #include "shrpx_api_downstream_connection.h" #include "shrpx_client_handler.h" #include "shrpx_upstream.h" #include "shrpx_downstream.h" #include "shrpx_worker.h" #include "shrpx_connection_handler.h" #include "shrpx_log.h" namespace shrpx { namespace { // List of API endpoints const std::array &apis() { static const auto apis = new std::array{{ APIEndpoint{ StringRef::from_lit("/api/v1beta1/backendconfig"), true, (1 << API_METHOD_POST) | (1 << API_METHOD_PUT), &APIDownstreamConnection::handle_backendconfig, }, APIEndpoint{ StringRef::from_lit("/api/v1beta1/configrevision"), true, (1 << API_METHOD_GET), &APIDownstreamConnection::handle_configrevision, }, }}; return *apis; } } // namespace namespace { // The method string. This must be same order of APIMethod. constexpr StringRef API_METHOD_STRING[] = { StringRef::from_lit("GET"), StringRef::from_lit("POST"), StringRef::from_lit("PUT"), }; } // namespace APIDownstreamConnection::APIDownstreamConnection(Worker *worker) : worker_(worker), api_(nullptr), shutdown_read_(false) {} APIDownstreamConnection::~APIDownstreamConnection() {} int APIDownstreamConnection::attach_downstream(Downstream *downstream) { if (LOG_ENABLED(INFO)) { DCLOG(INFO, this) << "Attaching to DOWNSTREAM:" << downstream; } downstream_ = downstream; return 0; } void APIDownstreamConnection::detach_downstream(Downstream *downstream) { if (LOG_ENABLED(INFO)) { DCLOG(INFO, this) << "Detaching from DOWNSTREAM:" << downstream; } downstream_ = nullptr; } // API status, which is independent from HTTP status code. But // generally, 2xx code for API_SUCCESS, and otherwise API_FAILURE. enum { API_SUCCESS, API_FAILURE, }; int APIDownstreamConnection::send_reply(unsigned int http_status, int api_status, const StringRef &data) { shutdown_read_ = true; auto upstream = downstream_->get_upstream(); auto &resp = downstream_->response(); resp.http_status = http_status; auto &balloc = downstream_->get_block_allocator(); StringRef api_status_str; switch (api_status) { case API_SUCCESS: api_status_str = StringRef::from_lit("Success"); break; case API_FAILURE: api_status_str = StringRef::from_lit("Failure"); break; default: assert(0); } constexpr auto M1 = StringRef::from_lit("{\"status\":\""); constexpr auto M2 = StringRef::from_lit("\",\"code\":"); constexpr auto M3 = StringRef::from_lit("}"); // 3 is the number of digits in http_status, assuming it is 3 digits // number. auto buflen = M1.size() + M2.size() + M3.size() + data.size() + api_status_str.size() + 3; auto buf = make_byte_ref(balloc, buflen); auto p = buf.base; p = std::copy(std::begin(M1), std::end(M1), p); p = std::copy(std::begin(api_status_str), std::end(api_status_str), p); p = std::copy(std::begin(M2), std::end(M2), p); p = util::utos(p, http_status); p = std::copy(std::begin(data), std::end(data), p); p = std::copy(std::begin(M3), std::end(M3), p); buf.len = p - buf.base; auto content_length = util::make_string_ref_uint(balloc, buf.len); resp.fs.add_header_token(StringRef::from_lit("content-length"), content_length, false, http2::HD_CONTENT_LENGTH); switch (http_status) { case 400: case 405: case 413: resp.fs.add_header_token(StringRef::from_lit("connection"), StringRef::from_lit("close"), false, http2::HD_CONNECTION); break; } if (upstream->send_reply(downstream_, buf.base, buf.len) != 0) { return -1; } return 0; } namespace { const APIEndpoint *lookup_api(const StringRef &path) { switch (path.size()) { case 26: switch (path[25]) { case 'g': if (util::streq_l("/api/v1beta1/backendconfi", std::begin(path), 25)) { return &apis()[0]; } break; } break; case 27: switch (path[26]) { case 'n': if (util::streq_l("/api/v1beta1/configrevisio", std::begin(path), 26)) { return &apis()[1]; } break; } break; } return nullptr; } } // namespace int APIDownstreamConnection::push_request_headers() { auto &req = downstream_->request(); auto path = StringRef{std::begin(req.path), std::find(std::begin(req.path), std::end(req.path), '?')}; api_ = lookup_api(path); if (!api_) { send_reply(404, API_FAILURE); return 0; } switch (req.method) { case HTTP_GET: if (!(api_->allowed_methods & (1 << API_METHOD_GET))) { error_method_not_allowed(); return 0; } break; case HTTP_POST: if (!(api_->allowed_methods & (1 << API_METHOD_POST))) { error_method_not_allowed(); return 0; } break; case HTTP_PUT: if (!(api_->allowed_methods & (1 << API_METHOD_PUT))) { error_method_not_allowed(); return 0; } break; default: error_method_not_allowed(); return 0; } // This works with req.fs.content_length == -1 if (req.fs.content_length > static_cast(get_config()->api.max_request_body)) { send_reply(413, API_FAILURE); return 0; } return 0; } int APIDownstreamConnection::error_method_not_allowed() { auto &resp = downstream_->response(); size_t len = 0; for (uint8_t i = 0; i < API_METHOD_MAX; ++i) { if (api_->allowed_methods & (1 << i)) { // The length of method + ", " len += API_METHOD_STRING[i].size() + 2; } } assert(len > 0); auto &balloc = downstream_->get_block_allocator(); auto iov = make_byte_ref(balloc, len + 1); auto p = iov.base; for (uint8_t i = 0; i < API_METHOD_MAX; ++i) { if (api_->allowed_methods & (1 << i)) { auto &s = API_METHOD_STRING[i]; p = std::copy(std::begin(s), std::end(s), p); p = std::copy_n(", ", 2, p); } } p -= 2; *p = '\0'; resp.fs.add_header_token(StringRef::from_lit("allow"), StringRef{iov.base, p}, false, -1); return send_reply(405, API_FAILURE); } int APIDownstreamConnection::push_upload_data_chunk(const uint8_t *data, size_t datalen) { if (shutdown_read_ || !api_->require_body) { return 0; } auto output = downstream_->get_request_buf(); auto &apiconf = get_config()->api; if (output->rleft() + datalen > apiconf.max_request_body) { send_reply(413, API_FAILURE); return 0; } output->append(data, datalen); // We don't have to call Upstream::resume_read() here, because // request buffer is effectively unlimited. Actually, we cannot // call it here since it could recursively call this function again. return 0; } int APIDownstreamConnection::end_upload_data() { if (shutdown_read_) { return 0; } return api_->handler(*this); } int APIDownstreamConnection::handle_backendconfig() { auto output = downstream_->get_request_buf(); std::array iov; auto iovcnt = output->riovec(iov.data(), 2); if (iovcnt == 0) { send_reply(200, API_SUCCESS); return 0; } std::unique_ptr large_buf; // If data spans in multiple chunks, pull them up into one // contiguous buffer. if (iovcnt > 1) { large_buf = make_unique(output->rleft()); auto len = output->rleft(); output->remove(large_buf.get(), len); iov[0].iov_base = large_buf.get(); iov[0].iov_len = len; } Config new_config{}; new_config.conn.downstream = std::make_shared(); const auto &downstreamconf = new_config.conn.downstream; auto config = get_config(); auto &src = config->conn.downstream; downstreamconf->timeout = src->timeout; downstreamconf->connections_per_host = src->connections_per_host; downstreamconf->connections_per_frontend = src->connections_per_frontend; downstreamconf->request_buffer_size = src->request_buffer_size; downstreamconf->response_buffer_size = src->response_buffer_size; downstreamconf->family = src->family; std::set include_set; for (auto first = reinterpret_cast(iov[0].iov_base), last = first + iov[0].iov_len; first != last;) { auto eol = std::find(first, last, '\n'); if (eol == last) { break; } if (first == eol || *first == '#') { first = ++eol; continue; } auto eq = std::find(first, eol, '='); if (eq == eol) { send_reply(400, API_FAILURE); return 0; } auto opt = StringRef{first, eq}; auto optval = StringRef{eq + 1, eol}; auto optid = option_lookup_token(opt.c_str(), opt.size()); switch (optid) { case SHRPX_OPTID_BACKEND: break; default: first = ++eol; continue; } if (parse_config(&new_config, optid, opt, optval, include_set) != 0) { send_reply(400, API_FAILURE); return 0; } first = ++eol; } auto &tlsconf = config->tls; if (configure_downstream_group(&new_config, config->http2_proxy, true, tlsconf) != 0) { send_reply(400, API_FAILURE); return 0; } auto conn_handler = worker_->get_connection_handler(); conn_handler->send_replace_downstream(downstreamconf); send_reply(200, API_SUCCESS); return 0; } int APIDownstreamConnection::handle_configrevision() { auto config = get_config(); auto &balloc = downstream_->get_block_allocator(); // Construct the following string: // , // "data":{ // "configRevision": N // } auto data = concat_string_ref( balloc, StringRef::from_lit(R"(,"data":{"configRevision":)"), util::make_string_ref_uint(balloc, config->config_revision), StringRef::from_lit("}")); send_reply(200, API_SUCCESS, data); return 0; } void APIDownstreamConnection::pause_read(IOCtrlReason reason) {} int APIDownstreamConnection::resume_read(IOCtrlReason reason, size_t consumed) { return 0; } void APIDownstreamConnection::force_resume_read() {} int APIDownstreamConnection::on_read() { return 0; } int APIDownstreamConnection::on_write() { return 0; } void APIDownstreamConnection::on_upstream_change(Upstream *uptream) {} bool APIDownstreamConnection::poolable() const { return false; } const std::shared_ptr & APIDownstreamConnection::get_downstream_addr_group() const { static std::shared_ptr s; return s; } DownstreamAddr *APIDownstreamConnection::get_addr() const { return nullptr; } } // namespace shrpx