Skip to content

Fixed "Cannot assign requested address" for to-origin TPROXY FTP data#142

Merged
rousskov merged 1 commit intosquid-cache:masterfrom
k0rv1n:ftp_tproxy
Feb 2, 2018
Merged

Fixed "Cannot assign requested address" for to-origin TPROXY FTP data#142
rousskov merged 1 commit intosquid-cache:masterfrom
k0rv1n:ftp_tproxy

Conversation

@k0rv1n
Copy link
Contributor

@k0rv1n k0rv1n commented Feb 1, 2018
edited by rousskov
Loading

No description provided.

@squid-prbot
Copy link
Collaborator

squid-prbot commented Feb 1, 2018

Can one of the admins verify this patch?

@rousskov
Copy link
Contributor

rousskov commented Feb 1, 2018

OK to test

rousskov
rousskov requested changes Feb 1, 2018
View reviewed changes
Copy link
Contributor

@rousskov rousskov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See inlined comments for one bug and a question.

src/clients/FtpClient.cc Outdated
conn->tos = ctrl.conn->tos;
conn->nfmark = ctrl.conn->nfmark;
// Using non-local addresses in TPROXY mode requires appropriate socket option.
conn->flags = ctrl.conn->flags & COMM_TRANSPARENT;
Copy link
Contributor

@rousskov rousskov Feb 1, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not be overwriting the entire conn->flags value like this. If you want to copy the COMM_TRANSPARENT bit from the control connection flags, please copy it without touching the other bits of the conn->flags.

Please note that the above would remain true even if conn->flags were always zero at the time of assignment in the current code (but it is not zero AFAICT).

Copy link
Contributor Author

@k0rv1n k0rv1n Feb 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

src/clients/FtpClient.cc Outdated
conn->tos = ctrl.conn->tos;
conn->nfmark = ctrl.conn->nfmark;
// Using non-local addresses in TPROXY mode requires appropriate socket option.
conn->flags = ctrl.conn->flags & COMM_TRANSPARENT;
Copy link
Contributor

@rousskov rousskov Feb 1, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

getOutgoingAddress(), which works with somewhat related concepts, also sets COMM_DOBIND. Do we need that flag here as well?

Copy link
Contributor Author

@k0rv1n k0rv1n Feb 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On our setup everything works without COMM_DOBIND flag.

Copy link
Contributor

@yadij yadij Feb 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DOBIND is only necessary if the IP address might be the magic ANY_ADDR. Which this FtpClient code is never permitting to happen (the ctrl->local should never be ANY_ADDR).

@rousskov rousskov changed the title Fix FTP data connection in TPROXY mode Fixed "Cannot assign requested address" for to-origin TPROXY FTP data Feb 1, 2018
@rousskov
Copy link
Contributor

rousskov commented Feb 1, 2018

I updated PR title and description to use a more common error message text and to indicate that the bug affects Squid-to-origin connections.

yadij
yadij approved these changes Feb 2, 2018
View reviewed changes
Copy link
Contributor

@yadij yadij left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Latest revision looks okay to me, assuming it works.

@rousskov rousskov merged commit 613a432 into squid-cache:master Feb 2, 2018
squidadm pushed a commit to squidadm/squid that referenced this pull request Feb 12, 2018
@k0rv1n @squidadm
Fixed "Cannot assign requested address" for to-origin TPROXY FTP data (
33c1538 
…squid-cache#142)
squidadm pushed a commit to squidadm/squid that referenced this pull request Feb 12, 2018
@k0rv1n @squidadm
Fixed "Cannot assign requested address" for to-origin TPROXY FTP data (
9b8c571 
…squid-cache#142)
yadij pushed a commit that referenced this pull request Feb 13, 2018
@k0rv1n @yadij
Fixed "Cannot assign requested address" for to-origin TPROXY FTP data (
9dd43bb 
…#142)
squidadm pushed a commit to squidadm/squid that referenced this pull request Mar 15, 2018
@k0rv1n @squidadm
Fixed "Cannot assign requested address" for to-origin TPROXY FTP data (
403e352 
…squid-cache#142)
yadij pushed a commit that referenced this pull request Mar 15, 2018
@k0rv1n @yadij
Fixed "Cannot assign requested address" for to-origin TPROXY FTP data (
1330042 
…#142)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rousskov rousskov rousskov approved these changes

@yadij yadij yadij approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@k0rv1n @squid-prbot @rousskov @yadij