From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH backup 1/7] proxy: factor out accept_connection
Date: Tue, 11 May 2021 15:53:54 +0200 [thread overview]
Message-ID: <20210511135400.32406-2-w.bumiller@proxmox.com> (raw)
In-Reply-To: <20210511135400.32406-1-w.bumiller@proxmox.com>
no functional changes, moved code and named the channel's
type for more readability
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
diff -w for a quicker view:
diff --git a/src/bin/proxmox-backup-proxy.rs b/src/bin/proxmox-backup-proxy.rs
index 31dc8332..27d1cbeb 100644
--- a/src/bin/proxmox-backup-proxy.rs
+++ b/src/bin/proxmox-backup-proxy.rs
@@ -170,19 +170,31 @@ async fn run() -> Result<(), Error> {
Ok(())
}
+type ClientStreamResult =
+ Result<std::pin::Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>, Error>;
+const MAX_PENDING_ACCEPTS: usize = 1024;
+
fn accept_connections(
listener: tokio::net::TcpListener,
acceptor: Arc<openssl::ssl::SslAcceptor>,
debug: bool,
-) -> tokio::sync::mpsc::Receiver<Result<std::pin::Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>, Error>> {
-
- const MAX_PENDING_ACCEPTS: usize = 1024;
+) -> tokio::sync::mpsc::Receiver<ClientStreamResult> {
let (sender, receiver) = tokio::sync::mpsc::channel(MAX_PENDING_ACCEPTS);
+ tokio::spawn(accept_connection(listener, acceptor, debug, sender));
+
+ receiver
+}
+
+async fn accept_connection(
+ listener: tokio::net::TcpListener,
+ acceptor: Arc<openssl::ssl::SslAcceptor>,
+ debug: bool,
+ sender: tokio::sync::mpsc::Sender<ClientStreamResult>,
+) {
let accept_counter = Arc::new(());
- tokio::spawn(async move {
loop {
match listener.accept().await {
Err(err) => {
@@ -246,9 +258,6 @@ fn accept_connections(
}
}
}
- });
-
- receiver
}
src/bin/proxmox-backup-proxy.rs | 127 +++++++++++++++++---------------
1 file changed, 68 insertions(+), 59 deletions(-)
diff --git a/src/bin/proxmox-backup-proxy.rs b/src/bin/proxmox-backup-proxy.rs
index 31dc8332..27d1cbeb 100644
--- a/src/bin/proxmox-backup-proxy.rs
+++ b/src/bin/proxmox-backup-proxy.rs
@@ -170,85 +170,94 @@ async fn run() -> Result<(), Error> {
Ok(())
}
+type ClientStreamResult =
+ Result<std::pin::Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>, Error>;
+const MAX_PENDING_ACCEPTS: usize = 1024;
+
fn accept_connections(
listener: tokio::net::TcpListener,
acceptor: Arc<openssl::ssl::SslAcceptor>,
debug: bool,
-) -> tokio::sync::mpsc::Receiver<Result<std::pin::Pin<Box<tokio_openssl::SslStream<tokio::net::TcpStream>>>, Error>> {
-
- const MAX_PENDING_ACCEPTS: usize = 1024;
+) -> tokio::sync::mpsc::Receiver<ClientStreamResult> {
let (sender, receiver) = tokio::sync::mpsc::channel(MAX_PENDING_ACCEPTS);
+ tokio::spawn(accept_connection(listener, acceptor, debug, sender));
+
+ receiver
+}
+
+async fn accept_connection(
+ listener: tokio::net::TcpListener,
+ acceptor: Arc<openssl::ssl::SslAcceptor>,
+ debug: bool,
+ sender: tokio::sync::mpsc::Sender<ClientStreamResult>,
+) {
let accept_counter = Arc::new(());
- tokio::spawn(async move {
- loop {
- match listener.accept().await {
- Err(err) => {
- eprintln!("error accepting tcp connection: {}", err);
- }
- Ok((sock, _addr)) => {
- sock.set_nodelay(true).unwrap();
- let _ = set_tcp_keepalive(sock.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
- let acceptor = Arc::clone(&acceptor);
-
- let ssl = match openssl::ssl::Ssl::new(acceptor.context()) {
- Ok(ssl) => ssl,
- Err(err) => {
- eprintln!("failed to create Ssl object from Acceptor context - {}", err);
- continue;
- },
- };
- let stream = match tokio_openssl::SslStream::new(ssl, sock) {
- Ok(stream) => stream,
- Err(err) => {
- eprintln!("failed to create SslStream using ssl and connection socket - {}", err);
- continue;
- },
- };
-
- let mut stream = Box::pin(stream);
- let sender = sender.clone();
-
- if Arc::strong_count(&accept_counter) > MAX_PENDING_ACCEPTS {
- eprintln!("connection rejected - to many open connections");
+ loop {
+ match listener.accept().await {
+ Err(err) => {
+ eprintln!("error accepting tcp connection: {}", err);
+ }
+ Ok((sock, _addr)) => {
+ sock.set_nodelay(true).unwrap();
+ let _ = set_tcp_keepalive(sock.as_raw_fd(), PROXMOX_BACKUP_TCP_KEEPALIVE_TIME);
+ let acceptor = Arc::clone(&acceptor);
+
+ let ssl = match openssl::ssl::Ssl::new(acceptor.context()) {
+ Ok(ssl) => ssl,
+ Err(err) => {
+ eprintln!("failed to create Ssl object from Acceptor context - {}", err);
continue;
- }
+ },
+ };
+ let stream = match tokio_openssl::SslStream::new(ssl, sock) {
+ Ok(stream) => stream,
+ Err(err) => {
+ eprintln!("failed to create SslStream using ssl and connection socket - {}", err);
+ continue;
+ },
+ };
+
+ let mut stream = Box::pin(stream);
+ let sender = sender.clone();
+
+ if Arc::strong_count(&accept_counter) > MAX_PENDING_ACCEPTS {
+ eprintln!("connection rejected - to many open connections");
+ continue;
+ }
- let accept_counter = accept_counter.clone();
- tokio::spawn(async move {
- let accept_future = tokio::time::timeout(
- Duration::new(10, 0), stream.as_mut().accept());
+ let accept_counter = accept_counter.clone();
+ tokio::spawn(async move {
+ let accept_future = tokio::time::timeout(
+ Duration::new(10, 0), stream.as_mut().accept());
- let result = accept_future.await;
+ let result = accept_future.await;
- match result {
- Ok(Ok(())) => {
- if sender.send(Ok(stream)).await.is_err() && debug {
- eprintln!("detect closed connection channel");
- }
+ match result {
+ Ok(Ok(())) => {
+ if sender.send(Ok(stream)).await.is_err() && debug {
+ eprintln!("detect closed connection channel");
}
- Ok(Err(err)) => {
- if debug {
- eprintln!("https handshake failed - {}", err);
- }
+ }
+ Ok(Err(err)) => {
+ if debug {
+ eprintln!("https handshake failed - {}", err);
}
- Err(_) => {
- if debug {
- eprintln!("https handshake timeout");
- }
+ }
+ Err(_) => {
+ if debug {
+ eprintln!("https handshake timeout");
}
}
+ }
- drop(accept_counter); // decrease reference count
- });
- }
+ drop(accept_counter); // decrease reference count
+ });
}
}
- });
-
- receiver
+ }
}
fn start_stat_generator() {
--
2.20.1
next prev parent reply other threads:[~2021-05-11 13:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-11 13:53 [pbs-devel] [PATCH backup 0/7] hot-reload proxy certificates Wolfgang Bumiller
2021-05-11 13:53 ` Wolfgang Bumiller [this message]
2021-05-11 13:53 ` [pbs-devel] [PATCH backup 2/7] proxy: "continue on error" for the accept call, too Wolfgang Bumiller
2021-05-11 13:53 ` [pbs-devel] [PATCH backup 3/7] proxy: Arc usage cleanup Wolfgang Bumiller
2021-05-11 13:53 ` [pbs-devel] [PATCH backup 4/7] proxy: factor out tls acceptor creation Wolfgang Bumiller
2021-05-11 13:53 ` [pbs-devel] [PATCH backup 5/7] proxy: implement 'reload-certificate' command Wolfgang Bumiller
2021-05-11 13:53 ` [pbs-devel] [PATCH backup 6/7] refactor send_command Wolfgang Bumiller
2021-05-11 13:54 ` [pbs-devel] [PATCH backup 7/7] hot-reload proxy certificate when updating via the API Wolfgang Bumiller
2021-05-11 16:11 ` [pbs-devel] applied-series: [PATCH backup 0/7] hot-reload proxy certificates Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210511135400.32406-2-w.bumiller@proxmox.com \
--to=w.bumiller@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox