Commit 0ad89343 authored by Nigel Kukard's avatar Nigel Kukard
Browse files

Merge branch 'nkukard-pipelining-support'

parents 8b1b6fae fc144699
......@@ -61,7 +61,8 @@ sub configure {
$cfg->{'cache_file'} = '/var/run/cbpolicyd/cache';
$cfg->{'track_sessions'} = 0;
$server->{'timeout'} = 120;
$server->{'timeout_idle'} = 1015;
$server->{'timeout_busy'} = 115;
$server->{'background'} = "yes";
$server->{'pid_file'} = "/var/run/cbpolicyd/cbpolicyd.pid";
$server->{'log_level'} = 2;
......@@ -119,7 +120,7 @@ sub configure {
'cidr_allow', 'cidr_deny',
'pid_file',
'user', 'group',
'timeout',
'timeout_idle', 'timeout_busy',
'background',
'min_servers',
'min_spare_servers',
......@@ -388,12 +389,18 @@ sub process_request {
my $log = defined($self->{'config'}{'logging'}{'modules'});
# Found module
my $found;
# How many times did we pipeline...
my $policyRequests = 0;
#
# Loop till we fill up the buffer
#
# Beginning label, we do pipelining ...
CONN_READ:
# Found module, set to 1 if found, 0 if otherwize
my $found = 0;
# Buffer
my $buf = "";
......@@ -418,23 +425,36 @@ sub process_request {
# Last if found
last if ($found);
# We need to store this cause we use it below a few times
my $bufLen = length($buf);
# Again ... too large
if (length($buf) > 16*1024) {
if ($bufLen > 16*1024) {
$self->log(LOG_WARN,"[CBPOLICYD] Request too large from => Peer: ".$server->{'peeraddr'}.":".$server->{'peerport'}.", Local: ".
$server->{'sockaddr'}.":".$server->{'sockport'});
return;
}
# Setup timeout
my $timeout;
# If buffer length > 0, its a busy connection
if ($bufLen > 0) {
$timeout = $server->{'timeout_busy'};
# Else its idle
} else {
$timeout = $server->{'timeout_idle'};
}
# Check for timeout....
my $n = select($fdset,undef,undef,$server->{'timeout'});
my $n = select($fdset,undef,undef,$timeout);
if (!$n) {
$self->log(LOG_WARN,"[CBPOLICYD] Timeout from => Peer: ".$server->{'peeraddr'}.":".$server->{'peerport'}.", Local: ".
$server->{'sockaddr'}.":".$server->{'sockport'});
$self->log(LOG_WARN,"[CBPOLICYD] Timed out after ".$timeout."s from => Peer: ".$server->{'peeraddr'}.":".
$server->{'peerport'}.", Local: ".$server->{'sockaddr'}.":".$server->{'sockport'});
return;
}
# Read in 8kb
$n = sysread(STDIN,$buf,8192,length($buf));
$n = sysread(STDIN,$buf,8192,$bufLen);
if (!$n) {
my $reason = defined($n) ? "Client closed connection" : "sysread[$!]";
$self->log(LOG_WARN,"[CBPOLICYD] $reason => Peer: ".$server->{'peeraddr'}.":".$server->{'peerport'}.", Local: ".
......@@ -449,7 +469,6 @@ sub process_request {
return;
}
# Set protocol handler
$server->{'_protocol_handler'} = $found;
......@@ -540,7 +559,10 @@ sub process_request {
return;
}
$self->log(LOG_DEBUG,"[CBPOLICYD] Got request, running modules...") if ($log);
# Increment counter
$policyRequests++;
$self->log(LOG_INFO,"[CBPOLICYD] Got request #$policyRequests" . ($policyRequests > 1 ? " (pipelined)" : ""));
# Loop with modules
foreach my $module ( sort { $b->{'priority'} <=> $a->{'priority'} } @{$self->{'modules'}} ) {
......@@ -592,8 +614,10 @@ sub process_request {
# Grab and return response
my $response = $self->protocol_getresponse();
print($response);
# Carry on with pipelining?
goto CONN_READ;
}
......
......@@ -115,8 +115,11 @@ log_mail=maillog
# eg. /var/run/cbpolicyd/policyd.sock
#port=10031
# Timeout in communication with clients, defaults to 120s
#timeout=120
# Timeout in communication with clients
# Idle timeout in postfix defaults to 1015s (active connection)
#timeout_idle=1015
# Busy sockets in postfix defaults to 100s
#timeout_busy=115
# cidr_allow/cidr_deny
# Comma, whitespace or semi-colon separated. Contains a CIDR block to
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment