|  |  | 
|  | /* | 
|  | * Copyright (C) Igor Sysoev | 
|  | * Copyright (C) Nginx, Inc. | 
|  | */ | 
|  |  | 
|  |  | 
|  | #include <ngx_config.h> | 
|  | #include <ngx_core.h> | 
|  | #include <ngx_event.h> | 
|  | #include <ngx_event_connect.h> | 
|  |  | 
|  |  | 
|  | #if (NGX_HAVE_TRANSPARENT_PROXY) | 
|  | static ngx_int_t ngx_event_connect_set_transparent(ngx_peer_connection_t *pc, | 
|  | ngx_socket_t s); | 
|  | #endif | 
|  |  | 
|  |  | 
|  | ngx_int_t | 
|  | ngx_event_connect_peer(ngx_peer_connection_t *pc) | 
|  | { | 
|  | int                rc, type, value; | 
|  | #if (NGX_HAVE_IP_BIND_ADDRESS_NO_PORT || NGX_LINUX) | 
|  | in_port_t          port; | 
|  | #endif | 
|  | ngx_int_t          event; | 
|  | ngx_err_t          err; | 
|  | ngx_uint_t         level; | 
|  | ngx_socket_t       s; | 
|  | ngx_event_t       *rev, *wev; | 
|  | ngx_connection_t  *c; | 
|  |  | 
|  | rc = pc->get(pc, pc->data); | 
|  | if (rc != NGX_OK) { | 
|  | return rc; | 
|  | } | 
|  |  | 
|  | type = (pc->type ? pc->type : SOCK_STREAM); | 
|  |  | 
|  | s = ngx_socket(pc->sockaddr->sa_family, type, 0); | 
|  |  | 
|  | ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pc->log, 0, "%s socket %d", | 
|  | (type == SOCK_STREAM) ? "stream" : "dgram", s); | 
|  |  | 
|  | if (s == (ngx_socket_t) -1) { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | ngx_socket_n " failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  |  | 
|  | c = ngx_get_connection(s, pc->log); | 
|  |  | 
|  | if (c == NULL) { | 
|  | if (ngx_close_socket(s) == -1) { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | ngx_close_socket_n " failed"); | 
|  | } | 
|  |  | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | c->type = type; | 
|  |  | 
|  | if (pc->rcvbuf) { | 
|  | if (setsockopt(s, SOL_SOCKET, SO_RCVBUF, | 
|  | (const void *) &pc->rcvbuf, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(SO_RCVBUF) failed"); | 
|  | goto failed; | 
|  | } | 
|  | } | 
|  |  | 
|  | if (pc->so_keepalive) { | 
|  | value = 1; | 
|  |  | 
|  | if (setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, | 
|  | (const void *) &value, sizeof(int)) | 
|  | == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(SO_KEEPALIVE) failed, ignored"); | 
|  | } | 
|  | } | 
|  |  | 
|  | if (ngx_nonblocking(s) == -1) { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | ngx_nonblocking_n " failed"); | 
|  |  | 
|  | goto failed; | 
|  | } | 
|  |  | 
|  | if (pc->local) { | 
|  |  | 
|  | #if (NGX_HAVE_TRANSPARENT_PROXY) | 
|  | if (pc->transparent) { | 
|  | if (ngx_event_connect_set_transparent(pc, s) != NGX_OK) { | 
|  | goto failed; | 
|  | } | 
|  | } | 
|  | #endif | 
|  |  | 
|  | #if (NGX_HAVE_IP_BIND_ADDRESS_NO_PORT || NGX_LINUX) | 
|  | port = ngx_inet_get_port(pc->local->sockaddr); | 
|  | #endif | 
|  |  | 
|  | #if (NGX_HAVE_IP_BIND_ADDRESS_NO_PORT) | 
|  |  | 
|  | if (pc->sockaddr->sa_family != AF_UNIX && port == 0) { | 
|  | static int  bind_address_no_port = 1; | 
|  |  | 
|  | if (bind_address_no_port) { | 
|  | if (setsockopt(s, IPPROTO_IP, IP_BIND_ADDRESS_NO_PORT, | 
|  | (const void *) &bind_address_no_port, | 
|  | sizeof(int)) == -1) | 
|  | { | 
|  | err = ngx_socket_errno; | 
|  |  | 
|  | if (err != NGX_EOPNOTSUPP && err != NGX_ENOPROTOOPT) { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, err, | 
|  | "setsockopt(IP_BIND_ADDRESS_NO_PORT) " | 
|  | "failed, ignored"); | 
|  |  | 
|  | } else { | 
|  | bind_address_no_port = 0; | 
|  | } | 
|  | } | 
|  | } | 
|  | } | 
|  |  | 
|  | #endif | 
|  |  | 
|  | #if (NGX_LINUX) | 
|  |  | 
|  | if (pc->type == SOCK_DGRAM && port != 0) { | 
|  | int  reuse_addr = 1; | 
|  |  | 
|  | if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, | 
|  | (const void *) &reuse_addr, sizeof(int)) | 
|  | == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(SO_REUSEADDR) failed"); | 
|  | goto failed; | 
|  | } | 
|  | } | 
|  |  | 
|  | #endif | 
|  |  | 
|  | if (bind(s, pc->local->sockaddr, pc->local->socklen) == -1) { | 
|  | ngx_log_error(NGX_LOG_CRIT, pc->log, ngx_socket_errno, | 
|  | "bind(%V) failed", &pc->local->name); | 
|  |  | 
|  | goto failed; | 
|  | } | 
|  | } | 
|  |  | 
|  | if (type == SOCK_STREAM) { | 
|  | c->recv = ngx_recv; | 
|  | c->send = ngx_send; | 
|  | c->recv_chain = ngx_recv_chain; | 
|  | c->send_chain = ngx_send_chain; | 
|  |  | 
|  | c->sendfile = 1; | 
|  |  | 
|  | if (pc->sockaddr->sa_family == AF_UNIX) { | 
|  | c->tcp_nopush = NGX_TCP_NOPUSH_DISABLED; | 
|  | c->tcp_nodelay = NGX_TCP_NODELAY_DISABLED; | 
|  |  | 
|  | #if (NGX_SOLARIS) | 
|  | /* Solaris's sendfilev() supports AF_NCA, AF_INET, and AF_INET6 */ | 
|  | c->sendfile = 0; | 
|  | #endif | 
|  | } | 
|  |  | 
|  | } else { /* type == SOCK_DGRAM */ | 
|  | c->recv = ngx_udp_recv; | 
|  | c->send = ngx_send; | 
|  | c->send_chain = ngx_udp_send_chain; | 
|  | } | 
|  |  | 
|  | c->log_error = pc->log_error; | 
|  |  | 
|  | rev = c->read; | 
|  | wev = c->write; | 
|  |  | 
|  | rev->log = pc->log; | 
|  | wev->log = pc->log; | 
|  |  | 
|  | pc->connection = c; | 
|  |  | 
|  | c->number = ngx_atomic_fetch_add(ngx_connection_counter, 1); | 
|  |  | 
|  | c->start_time = ngx_current_msec; | 
|  |  | 
|  | if (ngx_add_conn) { | 
|  | if (ngx_add_conn(c) == NGX_ERROR) { | 
|  | goto failed; | 
|  | } | 
|  | } | 
|  |  | 
|  | ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pc->log, 0, | 
|  | "connect to %V, fd:%d #%uA", pc->name, s, c->number); | 
|  |  | 
|  | rc = connect(s, pc->sockaddr, pc->socklen); | 
|  |  | 
|  | if (rc == -1) { | 
|  | err = ngx_socket_errno; | 
|  |  | 
|  |  | 
|  | if (err != NGX_EINPROGRESS | 
|  | #if (NGX_WIN32) | 
|  | /* Winsock returns WSAEWOULDBLOCK (NGX_EAGAIN) */ | 
|  | && err != NGX_EAGAIN | 
|  | #endif | 
|  | ) | 
|  | { | 
|  | if (err == NGX_ECONNREFUSED | 
|  | #if (NGX_LINUX) | 
|  | /* | 
|  | * Linux returns EAGAIN instead of ECONNREFUSED | 
|  | * for unix sockets if listen queue is full | 
|  | */ | 
|  | || err == NGX_EAGAIN | 
|  | #endif | 
|  | || err == NGX_ECONNRESET | 
|  | || err == NGX_ENETDOWN | 
|  | || err == NGX_ENETUNREACH | 
|  | || err == NGX_EHOSTDOWN | 
|  | || err == NGX_EHOSTUNREACH) | 
|  | { | 
|  | level = NGX_LOG_ERR; | 
|  |  | 
|  | } else { | 
|  | level = NGX_LOG_CRIT; | 
|  | } | 
|  |  | 
|  | ngx_log_error(level, c->log, err, "connect() to %V failed", | 
|  | pc->name); | 
|  |  | 
|  | ngx_close_connection(c); | 
|  | pc->connection = NULL; | 
|  |  | 
|  | return NGX_DECLINED; | 
|  | } | 
|  | } | 
|  |  | 
|  | if (ngx_add_conn) { | 
|  | if (rc == -1) { | 
|  |  | 
|  | /* NGX_EINPROGRESS */ | 
|  |  | 
|  | return NGX_AGAIN; | 
|  | } | 
|  |  | 
|  | ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pc->log, 0, "connected"); | 
|  |  | 
|  | wev->ready = 1; | 
|  |  | 
|  | return NGX_OK; | 
|  | } | 
|  |  | 
|  | if (ngx_event_flags & NGX_USE_IOCP_EVENT) { | 
|  |  | 
|  | ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pc->log, ngx_socket_errno, | 
|  | "connect(): %d", rc); | 
|  |  | 
|  | if (ngx_blocking(s) == -1) { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | ngx_blocking_n " failed"); | 
|  | goto failed; | 
|  | } | 
|  |  | 
|  | /* | 
|  | * FreeBSD's aio allows to post an operation on non-connected socket. | 
|  | * NT does not support it. | 
|  | * | 
|  | * TODO: check in Win32, etc. As workaround we can use NGX_ONESHOT_EVENT | 
|  | */ | 
|  |  | 
|  | rev->ready = 1; | 
|  | wev->ready = 1; | 
|  |  | 
|  | return NGX_OK; | 
|  | } | 
|  |  | 
|  | if (ngx_event_flags & NGX_USE_CLEAR_EVENT) { | 
|  |  | 
|  | /* kqueue */ | 
|  |  | 
|  | event = NGX_CLEAR_EVENT; | 
|  |  | 
|  | } else { | 
|  |  | 
|  | /* select, poll, /dev/poll */ | 
|  |  | 
|  | event = NGX_LEVEL_EVENT; | 
|  | } | 
|  |  | 
|  | if (ngx_add_event(rev, NGX_READ_EVENT, event) != NGX_OK) { | 
|  | goto failed; | 
|  | } | 
|  |  | 
|  | if (rc == -1) { | 
|  |  | 
|  | /* NGX_EINPROGRESS */ | 
|  |  | 
|  | if (ngx_add_event(wev, NGX_WRITE_EVENT, event) != NGX_OK) { | 
|  | goto failed; | 
|  | } | 
|  |  | 
|  | return NGX_AGAIN; | 
|  | } | 
|  |  | 
|  | ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pc->log, 0, "connected"); | 
|  |  | 
|  | wev->ready = 1; | 
|  |  | 
|  | return NGX_OK; | 
|  |  | 
|  | failed: | 
|  |  | 
|  | ngx_close_connection(c); | 
|  | pc->connection = NULL; | 
|  |  | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  |  | 
|  | #if (NGX_HAVE_TRANSPARENT_PROXY) | 
|  |  | 
|  | static ngx_int_t | 
|  | ngx_event_connect_set_transparent(ngx_peer_connection_t *pc, ngx_socket_t s) | 
|  | { | 
|  | int  value; | 
|  |  | 
|  | value = 1; | 
|  |  | 
|  | #if defined(SO_BINDANY) | 
|  |  | 
|  | if (setsockopt(s, SOL_SOCKET, SO_BINDANY, | 
|  | (const void *) &value, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(SO_BINDANY) failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | #else | 
|  |  | 
|  | switch (pc->local->sockaddr->sa_family) { | 
|  |  | 
|  | case AF_INET: | 
|  |  | 
|  | #if defined(IP_TRANSPARENT) | 
|  |  | 
|  | if (setsockopt(s, IPPROTO_IP, IP_TRANSPARENT, | 
|  | (const void *) &value, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(IP_TRANSPARENT) failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | #elif defined(IP_BINDANY) | 
|  |  | 
|  | if (setsockopt(s, IPPROTO_IP, IP_BINDANY, | 
|  | (const void *) &value, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(IP_BINDANY) failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | #endif | 
|  |  | 
|  | break; | 
|  |  | 
|  | #if (NGX_HAVE_INET6) | 
|  |  | 
|  | case AF_INET6: | 
|  |  | 
|  | #if defined(IPV6_TRANSPARENT) | 
|  |  | 
|  | if (setsockopt(s, IPPROTO_IPV6, IPV6_TRANSPARENT, | 
|  | (const void *) &value, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(IPV6_TRANSPARENT) failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | #elif defined(IPV6_BINDANY) | 
|  |  | 
|  | if (setsockopt(s, IPPROTO_IPV6, IPV6_BINDANY, | 
|  | (const void *) &value, sizeof(int)) == -1) | 
|  | { | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno, | 
|  | "setsockopt(IPV6_BINDANY) failed"); | 
|  | return NGX_ERROR; | 
|  | } | 
|  |  | 
|  | #else | 
|  |  | 
|  | ngx_log_error(NGX_LOG_ALERT, pc->log, 0, | 
|  | "could not enable transparent proxying for IPv6 " | 
|  | "on this platform"); | 
|  |  | 
|  | return NGX_ERROR; | 
|  |  | 
|  | #endif | 
|  |  | 
|  | break; | 
|  |  | 
|  | #endif /* NGX_HAVE_INET6 */ | 
|  |  | 
|  | } | 
|  |  | 
|  | #endif /* SO_BINDANY */ | 
|  |  | 
|  | return NGX_OK; | 
|  | } | 
|  |  | 
|  | #endif | 
|  |  | 
|  |  | 
|  | ngx_int_t | 
|  | ngx_event_get_peer(ngx_peer_connection_t *pc, void *data) | 
|  | { | 
|  | return NGX_OK; | 
|  | } |