324 lines
10 KiB
C
324 lines
10 KiB
C
/* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
* contributor license agreements. See the NOTICE file distributed with
|
|
* this work for additional information regarding copyright ownership.
|
|
* The ASF licenses this file to You under the Apache License, Version 2.0
|
|
* (the "License"); you may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include <assert.h>
|
|
#include <apr_strings.h>
|
|
|
|
#include <ap_mpm.h>
|
|
#include <ap_mmn.h>
|
|
|
|
#include <httpd.h>
|
|
#include <http_core.h>
|
|
#include <http_config.h>
|
|
#include <http_log.h>
|
|
#include <http_connection.h>
|
|
#include <http_protocol.h>
|
|
#include <http_request.h>
|
|
#include <http_ssl.h>
|
|
|
|
#include <mpm_common.h>
|
|
|
|
#include "h2_private.h"
|
|
#include "h2.h"
|
|
#include "h2_bucket_beam.h"
|
|
#include "h2_config.h"
|
|
#include "h2_conn_ctx.h"
|
|
#include "h2_mplx.h"
|
|
#include "h2_session.h"
|
|
#include "h2_stream.h"
|
|
#include "h2_protocol.h"
|
|
#include "h2_workers.h"
|
|
#include "h2_c1.h"
|
|
#include "h2_version.h"
|
|
#include "h2_util.h"
|
|
|
|
static struct h2_workers *workers;
|
|
|
|
static int async_mpm;
|
|
|
|
APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_in) *h2_c_logio_add_bytes_in;
|
|
APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *h2_c_logio_add_bytes_out;
|
|
|
|
apr_status_t h2_c1_child_init(apr_pool_t *pool, server_rec *s)
|
|
{
|
|
apr_status_t status = APR_SUCCESS;
|
|
int minw, maxw;
|
|
apr_time_t idle_limit;
|
|
|
|
status = ap_mpm_query(AP_MPMQ_IS_ASYNC, &async_mpm);
|
|
if (status != APR_SUCCESS) {
|
|
/* some MPMs do not implemnent this */
|
|
async_mpm = 0;
|
|
status = APR_SUCCESS;
|
|
}
|
|
|
|
h2_config_init(pool);
|
|
|
|
h2_get_workers_config(s, &minw, &maxw, &idle_limit);
|
|
workers = h2_workers_create(s, pool, maxw, minw, idle_limit);
|
|
|
|
h2_c_logio_add_bytes_in = APR_RETRIEVE_OPTIONAL_FN(ap_logio_add_bytes_in);
|
|
h2_c_logio_add_bytes_out = APR_RETRIEVE_OPTIONAL_FN(ap_logio_add_bytes_out);
|
|
|
|
return h2_mplx_c1_child_init(pool, s);
|
|
}
|
|
|
|
void h2_c1_child_stopping(apr_pool_t *pool, int graceful)
|
|
{
|
|
if (workers) {
|
|
h2_workers_shutdown(workers, graceful);
|
|
}
|
|
}
|
|
|
|
|
|
apr_status_t h2_c1_setup(conn_rec *c, request_rec *r, server_rec *s)
|
|
{
|
|
h2_session *session;
|
|
h2_conn_ctx_t *ctx;
|
|
apr_status_t rv;
|
|
|
|
if (!workers) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02911)
|
|
"workers not initialized");
|
|
rv = APR_EGENERAL;
|
|
goto cleanup;
|
|
}
|
|
|
|
rv = h2_session_create(&session, c, r, s, workers);
|
|
if (APR_SUCCESS != rv) goto cleanup;
|
|
|
|
ctx = h2_conn_ctx_get(c);
|
|
ap_assert(ctx);
|
|
h2_conn_ctx_assign_session(ctx, session);
|
|
/* remove the input filter of mod_reqtimeout, now that the connection
|
|
* is established and we have switched to h2. reqtimeout has supervised
|
|
* possibly configured handshake timeouts and needs to get out of the way
|
|
* now since the rest of its state handling assumes http/1.x to take place. */
|
|
ap_remove_input_filter_byhandle(c->input_filters, "reqtimeout");
|
|
|
|
cleanup:
|
|
return rv;
|
|
}
|
|
|
|
apr_status_t h2_c1_run(conn_rec *c)
|
|
{
|
|
apr_status_t status;
|
|
int mpm_state = 0;
|
|
h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(c);
|
|
|
|
ap_assert(conn_ctx);
|
|
ap_assert(conn_ctx->session);
|
|
do {
|
|
if (c->cs) {
|
|
c->cs->sense = CONN_SENSE_DEFAULT;
|
|
c->cs->state = CONN_STATE_HANDLER;
|
|
}
|
|
|
|
status = h2_session_process(conn_ctx->session, async_mpm);
|
|
|
|
if (APR_STATUS_IS_EOF(status)) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c,
|
|
H2_SSSN_LOG(APLOGNO(03045), conn_ctx->session,
|
|
"process, closing conn"));
|
|
c->keepalive = AP_CONN_CLOSE;
|
|
}
|
|
else {
|
|
c->keepalive = AP_CONN_KEEPALIVE;
|
|
}
|
|
|
|
if (ap_mpm_query(AP_MPMQ_MPM_STATE, &mpm_state)) {
|
|
break;
|
|
}
|
|
} while (!async_mpm
|
|
&& c->keepalive == AP_CONN_KEEPALIVE
|
|
&& mpm_state != AP_MPMQ_STOPPING);
|
|
|
|
if (c->cs) {
|
|
switch (conn_ctx->session->state) {
|
|
case H2_SESSION_ST_INIT:
|
|
case H2_SESSION_ST_IDLE:
|
|
case H2_SESSION_ST_BUSY:
|
|
case H2_SESSION_ST_WAIT:
|
|
c->cs->state = CONN_STATE_WRITE_COMPLETION;
|
|
if (c->cs && !conn_ctx->session->remote.emitted_count) {
|
|
/* let the MPM know that we are not done and want
|
|
* the Timeout behaviour instead of a KeepAliveTimeout
|
|
* See PR 63534.
|
|
*/
|
|
c->cs->sense = CONN_SENSE_WANT_READ;
|
|
}
|
|
break;
|
|
case H2_SESSION_ST_CLEANUP:
|
|
case H2_SESSION_ST_DONE:
|
|
default:
|
|
c->cs->state = CONN_STATE_LINGER;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return APR_SUCCESS;
|
|
}
|
|
|
|
apr_status_t h2_c1_pre_close(struct h2_conn_ctx_t *ctx, conn_rec *c)
|
|
{
|
|
h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(c);
|
|
|
|
if (conn_ctx && conn_ctx->session) {
|
|
apr_status_t status = h2_session_pre_close(conn_ctx->session, async_mpm);
|
|
return (status == APR_SUCCESS)? DONE : status;
|
|
}
|
|
return DONE;
|
|
}
|
|
|
|
int h2_c1_allows_direct(conn_rec *c)
|
|
{
|
|
if (!c->master) {
|
|
int is_tls = ap_ssl_conn_is_ssl(c);
|
|
const char *needed_protocol = is_tls? "h2" : "h2c";
|
|
int h2_direct = h2_config_cgeti(c, H2_CONF_DIRECT);
|
|
|
|
if (h2_direct < 0) {
|
|
h2_direct = is_tls? 0 : 1;
|
|
}
|
|
return (h2_direct && ap_is_allowed_protocol(c, NULL, NULL, needed_protocol));
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
int h2_c1_can_upgrade(request_rec *r)
|
|
{
|
|
if (!r->connection->master) {
|
|
int h2_upgrade = h2_config_rgeti(r, H2_CONF_UPGRADE);
|
|
return h2_upgrade > 0 || (h2_upgrade < 0 && !ap_ssl_conn_is_ssl(r->connection));
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static int h2_c1_hook_process_connection(conn_rec* c)
|
|
{
|
|
apr_status_t status;
|
|
h2_conn_ctx_t *ctx;
|
|
|
|
if (c->master) goto declined;
|
|
ctx = h2_conn_ctx_get(c);
|
|
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_h2, process_conn");
|
|
if (!ctx && c->keepalives == 0) {
|
|
const char *proto = ap_get_protocol(c);
|
|
|
|
if (APLOGctrace1(c)) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_h2, process_conn, "
|
|
"new connection using protocol '%s', direct=%d, "
|
|
"tls acceptable=%d", proto, h2_c1_allows_direct(c),
|
|
h2_protocol_is_acceptable_c1(c, NULL, 1));
|
|
}
|
|
|
|
if (!strcmp(AP_PROTOCOL_HTTP1, proto)
|
|
&& h2_c1_allows_direct(c)
|
|
&& h2_protocol_is_acceptable_c1(c, NULL, 1)) {
|
|
/* Fresh connection still is on http/1.1 and H2Direct is enabled.
|
|
* Otherwise connection is in a fully acceptable state.
|
|
* -> peek at the first 24 incoming bytes
|
|
*/
|
|
apr_bucket_brigade *temp;
|
|
char *peek = NULL;
|
|
apr_size_t peeklen;
|
|
|
|
temp = apr_brigade_create(c->pool, c->bucket_alloc);
|
|
status = ap_get_brigade(c->input_filters, temp,
|
|
AP_MODE_SPECULATIVE, APR_BLOCK_READ, 24);
|
|
|
|
if (status != APR_SUCCESS) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c, APLOGNO(03054)
|
|
"h2_h2, error reading 24 bytes speculative");
|
|
apr_brigade_destroy(temp);
|
|
return DECLINED;
|
|
}
|
|
|
|
apr_brigade_pflatten(temp, &peek, &peeklen, c->pool);
|
|
if ((peeklen >= 24) && !memcmp(H2_MAGIC_TOKEN, peek, 24)) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c,
|
|
"h2_h2, direct mode detected");
|
|
ctx = h2_conn_ctx_create_for_c1(c, c->base_server,
|
|
ap_ssl_conn_is_ssl(c)? "h2" : "h2c");
|
|
}
|
|
else if (APLOGctrace2(c)) {
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
|
|
"h2_h2, not detected in %d bytes(base64): %s",
|
|
(int)peeklen, h2_util_base64url_encode(peek, peeklen, c->pool));
|
|
}
|
|
apr_brigade_destroy(temp);
|
|
}
|
|
}
|
|
|
|
if (!ctx) goto declined;
|
|
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "process_conn");
|
|
if (!ctx->session) {
|
|
status = h2_c1_setup(c, NULL, ctx->server? ctx->server : c->base_server);
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, status, c, "conn_setup");
|
|
if (status != APR_SUCCESS) {
|
|
h2_conn_ctx_detach(c);
|
|
return !OK;
|
|
}
|
|
}
|
|
h2_c1_run(c);
|
|
return OK;
|
|
|
|
declined:
|
|
ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "h2_h2, declined");
|
|
return DECLINED;
|
|
}
|
|
|
|
static int h2_c1_hook_pre_close(conn_rec *c)
|
|
{
|
|
h2_conn_ctx_t *ctx;
|
|
|
|
/* secondary connection? */
|
|
if (c->master) {
|
|
return DECLINED;
|
|
}
|
|
|
|
ctx = h2_conn_ctx_get(c);
|
|
if (ctx) {
|
|
/* If the session has been closed correctly already, we will not
|
|
* find a h2_conn_ctx_there. The presence indicates that the session
|
|
* is still ongoing. */
|
|
return h2_c1_pre_close(ctx, c);
|
|
}
|
|
return DECLINED;
|
|
}
|
|
|
|
static const char* const mod_ssl[] = { "mod_ssl.c", NULL};
|
|
static const char* const mod_reqtimeout[] = { "mod_ssl.c", "mod_reqtimeout.c", NULL};
|
|
|
|
void h2_c1_register_hooks(void)
|
|
{
|
|
/* Our main processing needs to run quite late. Definitely after mod_ssl,
|
|
* as we need its connection filters, but also before reqtimeout as its
|
|
* method of timeouts is specific to HTTP/1.1 (as of now).
|
|
* The core HTTP/1 processing run as REALLY_LAST, so we will have
|
|
* a chance to take over before it.
|
|
*/
|
|
ap_hook_process_connection(h2_c1_hook_process_connection,
|
|
mod_reqtimeout, NULL, APR_HOOK_LAST);
|
|
|
|
/* One last chance to properly say goodbye if we have not done so
|
|
* already. */
|
|
ap_hook_pre_close_connection(h2_c1_hook_pre_close, NULL, mod_ssl, APR_HOOK_LAST);
|
|
}
|
|
|