Mercurial > hg > nginx
view src/stream/ngx_stream_handler.c @ 6679:40e8ce405859
Stream: postpone session initialization under accept mutex.
Previously, it was possible that some system calls could be
invoked while holding the accept mutex. This is clearly
wrong as it prevents incoming connections from being accepted
as quickly as possible.
author | Dmitry Volyntsev <xeioex@nginx.com> |
---|---|
date | Tue, 06 Sep 2016 21:28:13 +0300 |
parents | 0125b151c9a5 |
children | 7357abd1fa8c |
line wrap: on
line source
/* * Copyright (C) Roman Arutyunyan * Copyright (C) Nginx, Inc. */ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> #include <ngx_stream.h> static void ngx_stream_close_connection(ngx_connection_t *c); static u_char *ngx_stream_log_error(ngx_log_t *log, u_char *buf, size_t len); static void ngx_stream_init_session_handler(ngx_event_t *rev); static void ngx_stream_init_session(ngx_connection_t *c); #if (NGX_STREAM_SSL) static void ngx_stream_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c); static void ngx_stream_ssl_handshake_handler(ngx_connection_t *c); #endif void ngx_stream_init_connection(ngx_connection_t *c) { u_char text[NGX_SOCKADDR_STRLEN]; size_t len; ngx_uint_t i; ngx_time_t *tp; ngx_event_t *rev; struct sockaddr *sa; ngx_stream_port_t *port; struct sockaddr_in *sin; ngx_stream_in_addr_t *addr; ngx_stream_session_t *s; ngx_stream_addr_conf_t *addr_conf; #if (NGX_HAVE_INET6) struct sockaddr_in6 *sin6; ngx_stream_in6_addr_t *addr6; #endif ngx_stream_core_srv_conf_t *cscf; ngx_stream_core_main_conf_t *cmcf; /* find the server configuration for the address:port */ port = c->listening->servers; if (port->naddrs > 1) { /* * There are several addresses on this port and one of them * is the "*:port" wildcard so getsockname() is needed to determine * the server address. * * AcceptEx() and recvmsg() already gave this address. */ if (ngx_connection_local_sockaddr(c, NULL, 0) != NGX_OK) { ngx_stream_close_connection(c); return; } sa = c->local_sockaddr; switch (sa->sa_family) { #if (NGX_HAVE_INET6) case AF_INET6: sin6 = (struct sockaddr_in6 *) sa; addr6 = port->addrs; /* the last address is "*" */ for (i = 0; i < port->naddrs - 1; i++) { if (ngx_memcmp(&addr6[i].addr6, &sin6->sin6_addr, 16) == 0) { break; } } addr_conf = &addr6[i].conf; break; #endif default: /* AF_INET */ sin = (struct sockaddr_in *) sa; addr = port->addrs; /* the last address is "*" */ for (i = 0; i < port->naddrs - 1; i++) { if (addr[i].addr == sin->sin_addr.s_addr) { break; } } addr_conf = &addr[i].conf; break; } } else { switch (c->local_sockaddr->sa_family) { #if (NGX_HAVE_INET6) case AF_INET6: addr6 = port->addrs; addr_conf = &addr6[0].conf; break; #endif default: /* AF_INET */ addr = port->addrs; addr_conf = &addr[0].conf; break; } } s = ngx_pcalloc(c->pool, sizeof(ngx_stream_session_t)); if (s == NULL) { ngx_stream_close_connection(c); return; } s->signature = NGX_STREAM_MODULE; s->main_conf = addr_conf->ctx->main_conf; s->srv_conf = addr_conf->ctx->srv_conf; #if (NGX_STREAM_SSL) s->ssl = addr_conf->ssl; #endif s->connection = c; c->data = s; cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); ngx_set_connection_log(c, cscf->error_log); len = ngx_sock_ntop(c->sockaddr, c->socklen, text, NGX_SOCKADDR_STRLEN, 1); ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%uA %sclient %*s connected to %V", c->number, c->type == SOCK_DGRAM ? "udp " : "", len, text, &addr_conf->addr_text); c->log->connection = c->number; c->log->handler = ngx_stream_log_error; c->log->data = s; c->log->action = "initializing connection"; c->log_error = NGX_ERROR_INFO; cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); s->variables = ngx_pcalloc(s->connection->pool, cmcf->variables.nelts * sizeof(ngx_stream_variable_value_t)); if (s->variables == NULL) { ngx_stream_close_connection(c); return; } tp = ngx_timeofday(); s->start_sec = tp->sec; s->start_msec = tp->msec; rev = c->read; rev->handler = ngx_stream_init_session_handler; if (ngx_use_accept_mutex) { ngx_post_event(rev, &ngx_posted_events); return; } rev->handler(rev); } static void ngx_stream_init_session_handler(ngx_event_t *rev) { int tcp_nodelay; ngx_int_t rc; ngx_connection_t *c; ngx_stream_session_t *s; ngx_stream_core_srv_conf_t *cscf; ngx_stream_core_main_conf_t *cmcf; c = rev->data; s = c->data; c->log->action = "initializing session"; cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); if (cmcf->limit_conn_handler) { rc = cmcf->limit_conn_handler(s); if (rc == NGX_ERROR) { ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } if (rc == NGX_ABORT) { ngx_stream_finalize_session(s, NGX_STREAM_SERVICE_UNAVAILABLE); return; } } if (cmcf->access_handler) { rc = cmcf->access_handler(s); if (rc == NGX_ERROR) { ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } if (rc == NGX_ABORT) { ngx_stream_finalize_session(s, NGX_STREAM_FORBIDDEN); return; } } cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); if (c->type == SOCK_STREAM && cscf->tcp_nodelay && c->tcp_nodelay == NGX_TCP_NODELAY_UNSET) { ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, "tcp_nodelay"); tcp_nodelay = 1; if (setsockopt(c->fd, IPPROTO_TCP, TCP_NODELAY, (const void *) &tcp_nodelay, sizeof(int)) == -1) { ngx_connection_error(c, ngx_socket_errno, "setsockopt(TCP_NODELAY) failed"); ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } c->tcp_nodelay = NGX_TCP_NODELAY_SET; } #if (NGX_STREAM_SSL) { ngx_stream_ssl_conf_t *sslcf; sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module); if (s->ssl) { c->log->action = "SSL handshaking"; if (sslcf->ssl.ctx == NULL) { ngx_log_error(NGX_LOG_ERR, c->log, 0, "no \"ssl_certificate\" is defined " "in server listening on SSL port"); ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } ngx_stream_ssl_init_connection(&sslcf->ssl, c); return; } } #endif ngx_stream_init_session(c); } static void ngx_stream_init_session(ngx_connection_t *c) { ngx_stream_session_t *s; ngx_stream_core_srv_conf_t *cscf; s = c->data; c->log->action = "handling client connection"; cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_stream_max_module); if (s->ctx == NULL) { ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } cscf->handler(s); } #if (NGX_STREAM_SSL) static void ngx_stream_ssl_init_connection(ngx_ssl_t *ssl, ngx_connection_t *c) { ngx_stream_session_t *s; ngx_stream_ssl_conf_t *sslcf; s = c->data; if (ngx_ssl_create_connection(ssl, c, 0) == NGX_ERROR) { ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } if (ngx_ssl_handshake(c) == NGX_AGAIN) { sslcf = ngx_stream_get_module_srv_conf(s, ngx_stream_ssl_module); ngx_add_timer(c->read, sslcf->handshake_timeout); c->ssl->handler = ngx_stream_ssl_handshake_handler; return; } ngx_stream_ssl_handshake_handler(c); } static void ngx_stream_ssl_handshake_handler(ngx_connection_t *c) { if (!c->ssl->handshaked) { ngx_stream_finalize_session(c->data, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } if (c->read->timer_set) { ngx_del_timer(c->read); } ngx_stream_init_session(c); } #endif void ngx_stream_finalize_session(ngx_stream_session_t *s, ngx_uint_t rc) { ngx_stream_core_main_conf_t *cmcf; ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, "finalize stream session: %i", rc); s->status = rc; cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); if (cmcf->access_log_handler) { (void) cmcf->access_log_handler(s); } ngx_stream_close_connection(s->connection); } static void ngx_stream_close_connection(ngx_connection_t *c) { ngx_pool_t *pool; ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "close stream connection: %d", c->fd); #if (NGX_STREAM_SSL) if (c->ssl) { if (ngx_ssl_shutdown(c) == NGX_AGAIN) { c->ssl->handler = ngx_stream_close_connection; return; } } #endif #if (NGX_STAT_STUB) (void) ngx_atomic_fetch_add(ngx_stat_active, -1); #endif pool = c->pool; ngx_close_connection(c); ngx_destroy_pool(pool); } static u_char * ngx_stream_log_error(ngx_log_t *log, u_char *buf, size_t len) { u_char *p; ngx_stream_session_t *s; if (log->action) { p = ngx_snprintf(buf, len, " while %s", log->action); len -= p - buf; buf = p; } s = log->data; p = ngx_snprintf(buf, len, ", %sclient: %V, server: %V", s->connection->type == SOCK_DGRAM ? "udp " : "", &s->connection->addr_text, &s->connection->listening->addr_text); len -= p - buf; buf = p; if (s->log_handler) { p = s->log_handler(log, buf, len); } return p; }