wangle::Acceptor Class Reference

#include <Acceptor.h>

Inheritance diagram for wangle::Acceptor:

Public Types
enum	State : uint32_t { State::kInit, State::kRunning, State::kDraining, State::kDone }

Public Member Functions
	Acceptor (const ServerSocketConfig &accConfig)
	~Acceptor () override
virtual void	setSSLCacheProvider (const std::shared_ptr< SSLCacheProvider > &cacheProvider)
virtual void	init (folly::AsyncServerSocket *serverSocket, folly::EventBase *eventBase, SSLStats *stats=nullptr)
virtual void	resetSSLContextConfigs ()
void	addSSLContextConfig (const SSLContextConfig &sslCtxConfig)
SSLContextManager *	getSSLContextManager () const
virtual void	setTLSTicketSecrets (const std::vector< std::string > &oldSecrets, const std::vector< std::string > &currentSecrets, const std::vector< std::string > &newSecrets)
uint32_t	getNumConnections () const
virtual folly::EventBase *	getEventBase () const
virtual wangle::ConnectionManager *	getConnectionManager ()
void	addConnection (wangle::ManagedConnection *connection)
State	getState () const
std::chrono::milliseconds	getConnTimeout () const
const std::string &	getName () const
std::chrono::milliseconds	getSSLHandshakeTimeout () const
void	setGracefulShutdownTimeout (std::chrono::milliseconds gracefulShutdown)
std::chrono::milliseconds	getGracefulShutdownTimeout () const
virtual void	forceStop ()
bool	isSSL () const
const ServerSocketConfig &	getConfig () const
virtual void	onDoneAcceptingConnection (int fd, const folly::SocketAddress &clientAddr, std::chrono::steady_clock::time_point acceptTime) noexcept
void	processEstablishedConnection (int fd, const folly::SocketAddress &clientAddr, std::chrono::steady_clock::time_point acceptTime, TransportInfo &tinfo) noexcept
virtual void	startHandshakeManager (folly::AsyncSSLSocket::UniquePtr sslSock, Acceptor *acceptor, const folly::SocketAddress &clientAddr, std::chrono::steady_clock::time_point acceptTime, TransportInfo &tinfo) noexcept
void	drainAllConnections ()
virtual void	drainConnections (double pctToDrain)
void	dropAllConnections ()
virtual void	dropConnections (double pctToDrop)
virtual void	plaintextConnectionReady (folly::AsyncTransportWrapper::UniquePtr sock, const folly::SocketAddress &clientAddr, const std::string &nextProtocolName, SecureTransportType secureTransportType, TransportInfo &tinfo)
void	connectionReady (folly::AsyncTransportWrapper::UniquePtr sock, const folly::SocketAddress &clientAddr, const std::string &nextProtocolName, SecureTransportType secureTransportType, TransportInfo &tinfo)
virtual void	sslConnectionReady (folly::AsyncTransportWrapper::UniquePtr sock, const folly::SocketAddress &clientAddr, const std::string &nextProtocol, SecureTransportType secureTransportType, TransportInfo &tinfo)
virtual void	sslConnectionError (const folly::exception_wrapper &ex)
virtual void	updateSSLStats (const folly::AsyncTransportWrapper *, std::chrono::milliseconds, SSLErrorEnum) noexcept
Public Member Functions inherited from folly::AsyncServerSocket::AcceptCallback
virtual	~AcceptCallback ()=default
virtual void	acceptStarted () noexcept
Public Member Functions inherited from wangle::ConnectionManager::Callback
virtual	~Callback ()=default
Public Member Functions inherited from folly::AsyncUDPServerSocket::Callback
virtual void	onListenPaused () noexcept
virtual void	onListenResumed () noexcept
virtual	~Callback ()=default

Static Public Member Functions
static uint64_t	getTotalNumPendingSSLConns ()

Protected Member Functions
virtual uint64_t	getConnectionCountForLoadShedding (void) const
virtual uint64_t	getActiveConnectionCountForLoadShedding () const
virtual uint64_t	getWorkerMaxConnections () const
virtual bool	canAccept (const folly::SocketAddress &)
virtual void	onNewConnection (folly::AsyncTransportWrapper::UniquePtr, const folly::SocketAddress *, const std::string &, SecureTransportType, const TransportInfo &)
void	onListenStarted () noexceptoverride
void	onListenStopped () noexceptoverride
void	onDataAvailable (std::shared_ptr< folly::AsyncUDPSocket >, const folly::SocketAddress &, std::unique_ptr< folly::IOBuf >, bool) noexceptoverride
virtual folly::AsyncSocket::UniquePtr	makeNewAsyncSocket (folly::EventBase *base, int fd)
virtual folly::AsyncSSLSocket::UniquePtr	makeNewAsyncSSLSocket (const std::shared_ptr< folly::SSLContext > &ctx, folly::EventBase *base, int fd)
virtual void	onConnectionsDrained ()
void	connectionAccepted (int fd, const folly::SocketAddress &clientAddr) noexceptoverride
void	acceptError (const std::exception &ex) noexceptoverride
void	acceptStopped () noexceptoverride
void	onEmpty (const wangle::ConnectionManager &cm) override
void	onConnectionAdded (const ManagedConnection *) override
void	onConnectionRemoved (const ManagedConnection *) override
void	setLoadShedConfig (std::shared_ptr< const LoadShedConfiguration > loadShedConfig, const IConnectionCounter *counter)
virtual void	initDownstreamConnectionManager (folly::EventBase *eventBase)
virtual DefaultToFizzPeekingCallback *	getFizzPeeker ()
virtual std::shared_ptr< fizz::server::FizzServerContext >	createFizzContext ()
virtual std::shared_ptr< fizz::server::TicketCipher >	createFizzTicketCipher (folly::Optional< std::string >=folly::none)
void	updateFizzContext (fizz::server::FizzServerContext *)

Protected Attributes
folly::EventBase *	base_ {nullptr}
const ServerSocketConfig	accConfig_
folly::AsyncSocket::OptionMap	socketOptions_
std::unique_ptr< SSLContextManager >	sslCtxManager_
SecurityProtocolContextManager	securityProtocolCtxManager_
TLSPlaintextPeekingCallback	tlsPlaintextPeekingCallback_
DefaultToSSLPeekingCallback	defaultPeekingCallback_
DefaultToFizzPeekingCallback	defaultFizzPeeker_
wangle::ConnectionManager::UniquePtr	downstreamConnectionManager_
std::shared_ptr< SSLCacheProvider >	cacheProvider_
wangle::TLSTicketKeySeeds	currentSecrets_

Private Member Functions
	Acceptor (Acceptor const &)=delete
Acceptor &	operator= (Acceptor const &)=delete
void	checkDrained ()

Private Attributes
State	state_ {State::kInit}
uint64_t	numPendingSSLConns_ {0}
bool	forceShutdownInProgress_ {false}
std::shared_ptr< const LoadShedConfiguration >	loadShedConfig_ {nullptr}
const IConnectionCounter *	connectionCounter_ {nullptr}
std::chrono::milliseconds	gracefulShutdownTimeout_ {5000}

Static Private Attributes
static std::atomic< uint64_t >	totalNumPendingSSLConns_ {0}

Detailed Description

An abstract acceptor for TCP-based network services.

There is one acceptor object per thread for each listening socket. When a new connection arrives on the listening socket, it is accepted by one of the acceptor objects. From that point on the connection will be processed by that acceptor's thread.

The acceptor will call the abstract onNewConnection() method to create a new ManagedConnection object for each accepted socket. The acceptor also tracks all outstanding connections that it has accepted.

Definition at line 58 of file Acceptor.h.

Member Enumeration Documentation

enum wangle::Acceptor::State : uint32_t

strong

Enumerator
kInit
kRunning
kDraining
kDone

Definition at line 64 of file Acceptor.h.

                   : uint32_t {
    kInit,  // not yet started
    kRunning, // processing requests normally
    kDraining, // processing outstanding conns, but not accepting new ones
    kDone,  // no longer accepting, and all connections finished
  };

Constructor & Destructor Documentation

wangle::Acceptor::Acceptor ( const ServerSocketConfig &  accConfig )

explicit

Definition at line 54 of file Acceptor.cpp.

                                                      :
  accConfig_(accConfig),
  socketOptions_(accConfig.getSocketOptions()) {
}

wangle::Acceptor::~Acceptor ( void  )

override

Definition at line 184 of file Acceptor.cpp.

                        {
}

wangle::Acceptor::Acceptor ( Acceptor const &  )

privatedelete

Member Function Documentation

void wangle::Acceptor::acceptError ( const std::exception &  ex )

overrideprotectedvirtualnoexcept

acceptError() is called if an error occurs while accepting.

The AcceptCallback will remain installed even after an accept error, as the errors are typically somewhat transient, such as being out of file descriptors. The server socket must be explicitly stopped if you wish to stop accepting after an error.

Parameters

ex	An exception representing the error.

Implements folly::AsyncServerSocket::AcceptCallback.

Definition at line 432 of file Acceptor.cpp.

Referenced by onConnectionsDrained().

                                                     {
  // An error occurred.
  // The most likely error is out of FDs.  AsyncServerSocket will back off
  // briefly if we are out of FDs, then continue accepting later.
  // Just log a message here.
  LOG(ERROR) << "error accepting on acceptor socket: " << ex.what();
}

void wangle::Acceptor::acceptStopped ( )

overrideprotectedvirtualnoexcept

acceptStopped() will be called when this AcceptCallback is removed from the AsyncServerSocket, or when the AsyncServerSocket is destroyed, whichever occurs first.

No more calls to connectionAccepted() or acceptError() will be made after acceptStopped() is invoked.

Reimplemented from folly::AsyncServerSocket::AcceptCallback.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 441 of file Acceptor.cpp.

References checkDrained(), drainAllConnections(), kDone, kDraining, and state_.

Referenced by wangle::ServerAcceptor< Pipeline >::acceptStopped(), and onConnectionsDrained().

                                 {
  VLOG(3) << "Acceptor " << this << " acceptStopped()";
  // Drain the open client connections
  drainAllConnections();

  // If we haven't yet finished draining, begin doing so by marking ourselves
  // as in the draining state. We must be sure to hit checkDrained() here, as
  // if we're completely idle, we can should consider ourself drained
  // immediately (as there is no outstanding work to complete to cause us to
  // re-evaluate this).
  if (state_ != State::kDone) {
    state_ = State::kDraining;
    checkDrained();
  }
}

void wangle::Acceptor::addConnection

(

wangle::ManagedConnection *

connection

)

Invoked when a new ManagedConnection is created.

This allows the Acceptor to track the outstanding connections, for tracking timeouts and for ensuring that all connections have been drained on shutdown.

Definition at line 501 of file Acceptor.cpp.

References downstreamConnectionManager_.

Referenced by getConnectionManager(), and wangle::ServerAcceptor< Pipeline >::read().

                                                    {
  // Add the socket to the timeout manager so that it can be cleaned
  // up after being left idle for a long time.
  downstreamConnectionManager_->addConnection(conn, true);
}

void wangle::Acceptor::addSSLContextConfig

(

const SSLContextConfig &

sslCtxConfig

)

Dynamically add a new SSLContextConfig

Definition at line 187 of file Acceptor.cpp.

References accConfig_, wangle::ServerSocketConfig::bindAddress, cacheProvider_, wangle::ServerSocketConfig::initialTicketSeeds, wangle::ServerSocketConfig::sslCacheOptions, and sslCtxManager_.

Referenced by setSSLCacheProvider().

                                                                       {
  sslCtxManager_->addSSLContextConfig(sslCtxConfig,
                                      accConfig_.sslCacheOptions,
                                      &accConfig_.initialTicketSeeds,
                                      accConfig_.bindAddress,
                                      cacheProvider_);
}

bool wangle::Acceptor::canAccept ( const folly::SocketAddress &  address )

protectedvirtual

Hook for subclasses to drop newly accepted connections prior to handshaking.

Definition at line 228 of file Acceptor.cpp.

References connectionCounter_, folly::SocketAddress::describe(), getActiveConnectionCountForLoadShedding(), getConnectionCountForLoadShedding(), wangle::IConnectionCounter::getNumConnections(), getWorkerMaxConnections(), loadShedConfig_, and uint64_t.

Referenced by connectionAccepted(), and getWorkerMaxConnections().

                                                     {
  if (!connectionCounter_) {
    return true;
  }

  const auto totalConnLimit =
    loadShedConfig_ ? loadShedConfig_->getMaxConnections() : 0;
  if (totalConnLimit == 0) {
    return true;
  }

  uint64_t currentConnections = connectionCounter_->getNumConnections();
  uint64_t maxConnections = getWorkerMaxConnections();
  if (currentConnections < maxConnections) {
    return true;
  }

  if (loadShedConfig_ && loadShedConfig_->isWhitelisted(address)) {
    return true;
  }

  // Take care of the connection counts across all acceptors.
  // Expensive since a lock must be taken to get the counter.

  // getConnectionCountForLoadShedding() call can be very expensive,
  // don't call it if you are not going to use the results.
  const auto totalConnExceeded =
    totalConnLimit > 0 && getConnectionCountForLoadShedding() >= totalConnLimit;

  const auto activeConnLimit =
    loadShedConfig_ ? loadShedConfig_->getMaxActiveConnections() : 0;
  // getActiveConnectionCountForLoadShedding() call can be very expensive,
  // don't call it if you are not going to use the results.
  const auto activeConnExceeded =
    !totalConnExceeded &&
    activeConnLimit > 0 &&
    getActiveConnectionCountForLoadShedding() >= activeConnLimit;

  if (!activeConnExceeded && !totalConnExceeded) {
    return true;
  }
  LOG_EVERY_N(ERROR, 1000) << "shedding connection because activeConnExceeded="
                           << activeConnExceeded << "totalConnExceeded="
                           << totalConnExceeded;
  VLOG(4) << address.describe() << " not whitelisted";
  return false;
}

void wangle::Acceptor::checkDrained ( )

private

Definition at line 466 of file Acceptor.cpp.

References base_, downstreamConnectionManager_, forceShutdownInProgress_, kDone, kDraining, numPendingSSLConns_, onConnectionsDrained(), and state_.

Referenced by acceptStopped(), onEmpty(), sslConnectionError(), and sslConnectionReady().

                       {
  CHECK(state_ == State::kDraining);
  if (forceShutdownInProgress_ ||
      (downstreamConnectionManager_->getNumConnections() != 0) ||
      (numPendingSSLConns_ != 0)) {
    return;
  }

  VLOG(2) << "All connections drained from Acceptor=" << this << " in thread "
          << base_;

  downstreamConnectionManager_.reset();

  state_ = State::kDone;

  onConnectionsDrained();
}

void wangle::Acceptor::connectionAccepted ( int  fd, const folly::SocketAddress &  clientAddr  )

overrideprotectedvirtualnoexcept

connectionAccepted() is called whenever a new client connection is received.

The AcceptCallback will remain installed after connectionAccepted() returns.

Parameters

fd	The newly accepted client socket. The AcceptCallback assumes ownership of this socket, and is responsible for closing it when done. The newly accepted file descriptor will have already been put into non-blocking mode.
clientAddr	A reference to a SocketAddress struct containing the client's address. This struct is only guaranteed to remain valid until connectionAccepted() returns.

Implements folly::AsyncServerSocket::AcceptCallback.

Definition at line 277 of file Acceptor.cpp.

References canAccept(), folly::netops::close(), now(), onDoneAcceptingConnection(), folly::netops::setsockopt(), and socketOptions_.

Referenced by onConnectionsDrained().

                                                      {
  namespace fsp = folly::portability::sockets;
  if (!canAccept(clientAddr)) {
    // Send a RST to free kernel memory faster
    struct linger optLinger = {1, 0};
    fsp::setsockopt(fd, SOL_SOCKET, SO_LINGER, &optLinger, sizeof(optLinger));
    close(fd);
    return;
  }
  auto acceptTime = std::chrono::steady_clock::now();
  for (const auto& opt: socketOptions_) {
    opt.first.apply(fd, opt.second);
  }

  onDoneAcceptingConnection(fd, clientAddr, acceptTime);
}

void wangle::Acceptor::connectionReady	(	folly::AsyncTransportWrapper::UniquePtr	sock,
		const folly::SocketAddress &	clientAddr,
		const std::string &	nextProtocolName,
		SecureTransportType	secureTransportType,
		TransportInfo &	tinfo
	)

Process a connection that is to ready to receive L7 traffic. This method is called immediately upon accept for plaintext connections and upon completion of SSL handshaking or resumption for SSL connections.

Definition at line 365 of file Acceptor.cpp.

References wangle::TransportInfo::appProtocol, wangle::TransportInfo::initWithSocket(), kDraining, folly::gen::move, onNewConnection(), folly::AsyncSocket::setMaxReadsPerEvent(), and state_.

Referenced by HTTPTargetSessionAcceptor::connectionReady(), getTotalNumPendingSSLConns(), plaintextConnectionReady(), and sslConnectionReady().

                          {
  // Limit the number of reads from the socket per poll loop iteration,
  // both to keep memory usage under control and to prevent one fast-
  // writing client from starving other connections.
  auto asyncSocket = sock->getUnderlyingTransport<AsyncSocket>();
  asyncSocket->setMaxReadsPerEvent(16);
  tinfo.initWithSocket(asyncSocket);
  tinfo.appProtocol = std::make_shared<std::string>(nextProtocolName);
  if (state_ < State::kDraining) {
    onNewConnection(
      std::move(sock),
      &clientAddr,
      nextProtocolName,
      secureTransportType,
      tinfo);
  }
}

std::shared_ptr< fizz::server::FizzServerContext > wangle::Acceptor::createFizzContext ( )

protectedvirtual

Definition at line 135 of file Acceptor.cpp.

References accConfig_, and wangle::FizzConfigUtil::createFizzContext().

Referenced by getFizzPeeker(), init(), and resetSSLContextConfigs().

                                                                       {
  return FizzConfigUtil::createFizzContext(accConfig_);
}

std::shared_ptr< fizz::server::TicketCipher > wangle::Acceptor::createFizzTicketCipher ( folly::Optional< std::string >  pskContext = folly::none )

protectedvirtual

Definition at line 140 of file Acceptor.cpp.

References accConfig_, currentSecrets_, wangle::TLSTicketKeySeeds::currentSeeds, folly::gen::move, wangle::TLSTicketKeySeeds::newSeeds, wangle::TLSTicketKeySeeds::oldSeeds, wangle::ServerSocketConfig::sslCacheOptions, and wangle::SSLCacheOptions::sslCacheTimeout.

Referenced by getFizzPeeker(), and updateFizzContext().

                                                                    {
  return FizzConfigUtil::createTicketCipher<fizz::server::AES128TicketCipher>(
      currentSecrets_.oldSeeds,
      currentSecrets_.currentSeeds,
      currentSecrets_.newSeeds,
      accConfig_.sslCacheOptions.sslCacheTimeout,
      std::move(pskContext));
}

void wangle::Acceptor::drainAllConnections

(

)

Drains all open connections of their outstanding transactions. When a connection's transaction count reaches zero, the connection closes.

Definition at line 214 of file Acceptor.cpp.

References downstreamConnectionManager_, and gracefulShutdownTimeout_.

Referenced by acceptStopped(), and getTotalNumPendingSSLConns().

                              {
  if (downstreamConnectionManager_) {
    downstreamConnectionManager_->initiateGracefulShutdown(
      gracefulShutdownTimeout_);
  }
}

void wangle::Acceptor::drainConnections ( double  pctToDrain )

virtual

Drain defined percentage of connections.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 485 of file Acceptor.cpp.

References base_, downstreamConnectionManager_, getNumConnections(), gracefulShutdownTimeout_, and folly::INFO.

Referenced by wangle::ServerAcceptor< Pipeline >::drainConnections(), and getTotalNumPendingSSLConns().

                                            {
  if (downstreamConnectionManager_) {
    LOG(INFO) << "Draining " << pctToDrain * 100 << "% of "
              << getNumConnections() << " connections from Acceptor=" << this
              << " in thread " << base_;
    assert(base_->isInEventBaseThread());
    downstreamConnectionManager_->
      drainConnections(pctToDrain, gracefulShutdownTimeout_);
  }
}

void wangle::Acceptor::dropAllConnections

(

)

Drop all connections.

forceStop() schedules dropAllConnections() to be called in the acceptor's thread.

Definition at line 513 of file Acceptor.cpp.

References base_, downstreamConnectionManager_, forceShutdownInProgress_, folly::INFO, folly::EventBase::isInEventBaseThread(), kDone, numPendingSSLConns_, onConnectionsDrained(), and state_.

Referenced by forceStop(), and getTotalNumPendingSSLConns().

                             {
  if (downstreamConnectionManager_) {
    LOG(INFO) << "Dropping all connections from Acceptor=" << this
              << " in thread " << base_;
    assert(base_->isInEventBaseThread());
    forceShutdownInProgress_ = true;
    downstreamConnectionManager_->dropAllConnections();
    CHECK(downstreamConnectionManager_->getNumConnections() == 0);
    downstreamConnectionManager_.reset();
  }
  CHECK(numPendingSSLConns_ == 0);

  state_ = State::kDone;
  onConnectionsDrained();
}

void wangle::Acceptor::dropConnections ( double  pctToDrop )

virtual

Force-drop "pct" (0.0 to 1.0) of remaining client connections, regardless of whether they are busy or idle.

Note: unlike dropAllConnections(), this function can be called from any thread.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 530 of file Acceptor.cpp.

References base_, downstreamConnectionManager_, forceShutdownInProgress_, getNumConnections(), folly::INFO, and folly::EventBase::runInEventBaseThread().

Referenced by wangle::ServerAcceptor< Pipeline >::dropConnections(), and getTotalNumPendingSSLConns().

                                          {
  base_->runInEventBaseThread([&, pctToDrop] {
    if (downstreamConnectionManager_) {
      LOG(INFO) << "Dropping " << pctToDrop * 100 << "% of "
                << getNumConnections() << " connections from Acceptor=" << this
                << " in thread " << base_;
      assert(base_->isInEventBaseThread());
      forceShutdownInProgress_ = true;
      downstreamConnectionManager_->dropConnections(pctToDrop);
    }
  });
}

void wangle::Acceptor::forceStop ( )

virtual

Force the acceptor to drop all connections and stop processing.

This function may be called from any thread. The acceptor will not necessarily stop before this function returns: the stop will be scheduled to run in the acceptor's thread.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 508 of file Acceptor.cpp.

References base_, dropAllConnections(), and folly::EventBase::runInEventBaseThread().

Referenced by wangle::ServerAcceptor< Pipeline >::forceStop(), getGracefulShutdownTimeout(), and TEST().

                    {
  base_->runInEventBaseThread([&] { dropAllConnections(); });
}

virtual uint64_t wangle::Acceptor::getActiveConnectionCountForLoadShedding ( ) const

inlineprotectedvirtual

Reimplemented in wangle::TestableAcceptor.

Definition at line 322 of file Acceptor.h.

Referenced by canAccept().

{ return 0; }

const ServerSocketConfig& wangle::Acceptor::getConfig ( ) const

inline

Definition at line 197 of file Acceptor.h.

References accConfig_.

{ return accConfig_; }

virtual uint64_t wangle::Acceptor::getConnectionCountForLoadShedding ( void  ) const

inlineprotectedvirtual

Reimplemented in wangle::TestableAcceptor.

Definition at line 321 of file Acceptor.h.

Referenced by canAccept().

{ return 0; }

virtual wangle::ConnectionManager* wangle::Acceptor::getConnectionManager ( )

inlinevirtual

Access the Acceptor's downstream (client-side) ConnectionManager

Definition at line 132 of file Acceptor.h.

References addConnection(), and downstreamConnectionManager_.

Referenced by wangle::AcceptorHandshakeManager::startHandshakeTimeout().

                                                          {
    return downstreamConnectionManager_.get();
  }

milliseconds wangle::Acceptor::getConnTimeout

(

)

const

Get the current connection timeout.

Definition at line 497 of file Acceptor.cpp.

References accConfig_, and wangle::ServerSocketConfig::connectionIdleTimeout.

Referenced by getState().

                               {
  return accConfig_.connectionIdleTimeout;
}

virtual folly::EventBase* wangle::Acceptor::getEventBase ( ) const

inlinevirtual

Access the Acceptor's event base.

Definition at line 127 of file Acceptor.h.

References base_.

Referenced by wangle::ServerBootstrap< DefaultPipeline >::bind(), wangle::ServerBootstrap< DefaultPipeline >::bindImpl(), proxygen::HTTPServer::updateTicketSeeds(), and proxygen::HTTPServer::updateTLSCredentials().

{ return base_; }

virtual DefaultToFizzPeekingCallback* wangle::Acceptor::getFizzPeeker ( )

inlineprotectedvirtual

Definition at line 414 of file Acceptor.h.

References createFizzContext(), createFizzTicketCipher(), defaultFizzPeeker_, folly::none, and updateFizzContext().

Referenced by init(), resetSSLContextConfigs(), and setTLSTicketSecrets().

                                                        {
    return &defaultFizzPeeker_;
  }

std::chrono::milliseconds wangle::Acceptor::getGracefulShutdownTimeout ( ) const

inline

Definition at line 182 of file Acceptor.h.

References forceStop(), and gracefulShutdownTimeout_.

Referenced by proxygen::SimpleController::getGracefulShutdownTimeout().

                                                           {
    return gracefulShutdownTimeout_;
  }

const std::string& wangle::Acceptor::getName ( ) const

inline

Returns the name of this VIP.

Will return an empty string if no name has been configured.

Definition at line 162 of file Acceptor.h.

References accConfig_, and wangle::ServerSocketConfig::name.

Referenced by proxygen::ServiceWorker::addServiceAcceptor(), and init().

                                   {
    return accConfig_.name;
  }

uint32_t wangle::Acceptor::getNumConnections ( ) const

inline

Return the number of outstanding connections in this service instance.

Definition at line 119 of file Acceptor.h.

References downstreamConnectionManager_, and uint32_t.

Referenced by drainConnections(), dropConnections(), and TEST().

                                     {
    return downstreamConnectionManager_ ?
      (uint32_t)downstreamConnectionManager_->getNumConnections() : 0;
  }

SSLContextManager* wangle::Acceptor::getSSLContextManager ( ) const

inline

Definition at line 104 of file Acceptor.h.

References setTLSTicketSecrets(), and sslCtxManager_.

                                                  {
    return sslCtxManager_.get();
  }

std::chrono::milliseconds wangle::Acceptor::getSSLHandshakeTimeout ( ) const

inline

Returns the ssl handshake connection timeout of this VIP

Definition at line 169 of file Acceptor.h.

References accConfig_, and wangle::ServerSocketConfig::sslHandshakeTimeout.

Referenced by wangle::AcceptorHandshakeManager::startHandshakeTimeout().

                                                       {
    return accConfig_.sslHandshakeTimeout;
  }

State wangle::Acceptor::getState ( ) const

inline

Get this acceptor's current state.

Definition at line 148 of file Acceptor.h.

References getConnTimeout(), and state_.

Referenced by TEST().

                         {
    return state_;
  }

static uint64_t wangle::Acceptor::getTotalNumPendingSSLConns ( )

inlinestatic

Definition at line 199 of file Acceptor.h.

References connectionReady(), drainAllConnections(), drainConnections(), dropAllConnections(), dropConnections(), folly::pushmi::__adl::noexcept(), onDoneAcceptingConnection(), plaintextConnectionReady(), processEstablishedConnection(), sslConnectionError(), sslConnectionReady(), startHandshakeManager(), string, and totalNumPendingSSLConns_.

                                               {
    return totalNumPendingSSLConns_.load();
  }

virtual uint64_t wangle::Acceptor::getWorkerMaxConnections ( ) const

inlineprotectedvirtual

Definition at line 323 of file Acceptor.h.

References canAccept(), connectionCounter_, and wangle::IConnectionCounter::getMaxConnections().

Referenced by canAccept().

                                                   {
    return connectionCounter_->getMaxConnections();
  }

void wangle::Acceptor::init ( folly::AsyncServerSocket *  serverSocket, folly::EventBase *  eventBase, SSLStats *  stats = nullptr  )

virtual

Initialize the Acceptor to run in the specified EventBase thread, receiving connections from the specified AsyncServerSocket.

This method will be called from the AsyncServerSocket's primary thread, not the specified EventBase thread.

Reimplemented in wangle::ServerAcceptor< Pipeline >, and proxygen::HTTPAcceptor.

Definition at line 60 of file Acceptor.cpp.

References accConfig_, folly::AsyncServerSocket::addAcceptCallback(), wangle::SecurityProtocolContextManager::addPeeker(), wangle::ServerSocketConfig::allowInsecureConnectionsOnSecureServer, wangle::ServerSocketConfig::bindAddress, cacheProvider_, createFizzContext(), wangle::TLSTicketKeySeeds::currentSeeds, defaultPeekingCallback_, wangle::FizzConfig::enableFizz, wangle::ServerSocketConfig::fizzConfig, getFizzPeeker(), getName(), folly::AsyncServerSocket::getSockets(), folly::INFO, initDownstreamConnectionManager(), wangle::ServerSocketConfig::initialTicketSeeds, wangle::ServerSocketConfig::isSSL(), folly::gen::move, wangle::TLSTicketKeySeeds::newSeeds, wangle::TLSTicketKeySeeds::oldSeeds, securityProtocolCtxManager_, setTLSTicketSecrets(), socketOptions_, wangle::ServerSocketConfig::sslCacheOptions, wangle::ServerSocketConfig::sslContextConfigs, sslCtxManager_, wangle::ServerSocketConfig::strictSSL, and tlsPlaintextPeekingCallback_.

Referenced by wangle::ServerAcceptor< Pipeline >::init(), setSSLCacheProvider(), TEST(), and TestAcceptor::TestAcceptor().

                                {
  if (accConfig_.isSSL()) {

    if (accConfig_.allowInsecureConnectionsOnSecureServer) {
      securityProtocolCtxManager_.addPeeker(&tlsPlaintextPeekingCallback_);
    }

    if (accConfig_.fizzConfig.enableFizz) {
      auto fizzCtx = createFizzContext();
      auto* peeker = getFizzPeeker();
      peeker->setContext(std::move(fizzCtx));
      securityProtocolCtxManager_.addPeeker(peeker);
      setTLSTicketSecrets(
          accConfig_.initialTicketSeeds.oldSeeds,
          accConfig_.initialTicketSeeds.currentSeeds,
          accConfig_.initialTicketSeeds.newSeeds);
    } else {
      securityProtocolCtxManager_.addPeeker(&defaultPeekingCallback_);
    }

    if (!sslCtxManager_) {
      sslCtxManager_ = std::make_unique<SSLContextManager>(
        eventBase,
        "vip_" + getName(),
        accConfig_.strictSSL, stats);
    }
    try {
      for (const auto& sslCtxConfig : accConfig_.sslContextConfigs) {
        sslCtxManager_->addSSLContextConfig(
          sslCtxConfig,
          accConfig_.sslCacheOptions,
          &accConfig_.initialTicketSeeds,
          accConfig_.bindAddress,
          cacheProvider_);
      }

      CHECK(sslCtxManager_->getDefaultSSLCtx());
    } catch (const std::runtime_error& ex) {
      if (accConfig_.strictSSL) {
        throw;
      } else {
        sslCtxManager_->clear();
        // This is not a Not a fatal error, but useful to know.
        LOG(INFO) << "Failed to configure TLS. This is not a fatal error. "
                  << ex.what();
      }
    }
  }

  initDownstreamConnectionManager(eventBase);
  if (serverSocket) {
    serverSocket->addAcceptCallback(this, eventBase);

    for (auto& fd : serverSocket->getSockets()) {
      if (fd < 0) {
        continue;
      }
      for (const auto& opt: socketOptions_) {
        opt.first.apply(fd, opt.second);
      }
    }
  }
}

void wangle::Acceptor::initDownstreamConnectionManager ( folly::EventBase *  eventBase )

protectedvirtual

Definition at line 126 of file Acceptor.cpp.

References accConfig_, base_, wangle::ServerSocketConfig::connectionIdleTimeout, downstreamConnectionManager_, kRunning, wangle::ConnectionManager::makeUnique(), and state_.

Referenced by init().

                                                                   {
  CHECK(nullptr == this->base_ || eventBase == this->base_);
  base_ = eventBase;
  state_ = State::kRunning;
  downstreamConnectionManager_ = ConnectionManager::makeUnique(
    eventBase, accConfig_.connectionIdleTimeout, this);
}

bool wangle::Acceptor::isSSL ( ) const

inline

Definition at line 195 of file Acceptor.h.

References accConfig_, and wangle::ServerSocketConfig::isSSL().

Referenced by proxygen::HTTPServer::updateTicketSeeds(), and proxygen::HTTPServer::updateTLSCredentials().

{ return accConfig_.isSSL(); }

virtual folly::AsyncSocket::UniquePtr wangle::Acceptor::makeNewAsyncSocket ( folly::EventBase *  base, int  fd  )

inlineprotectedvirtual

Reimplemented in proxygen::HTTPSessionAcceptor.

Definition at line 365 of file Acceptor.h.

Referenced by processEstablishedConnection().

              {
    return folly::AsyncSocket::UniquePtr(
        new folly::AsyncSocket(base, fd));
  }

virtual folly::AsyncSSLSocket::UniquePtr wangle::Acceptor::makeNewAsyncSSLSocket ( const std::shared_ptr< folly::SSLContext > &  ctx, folly::EventBase *  base, int  fd  )

inlineprotectedvirtual

Definition at line 372 of file Acceptor.h.

Referenced by processEstablishedConnection().

                                                                             {
    return folly::AsyncSSLSocket::UniquePtr(
        new folly::AsyncSSLSocket(
          ctx,
          base,
          fd,
          true, /* set server */
          true /* defer the security negotiation until sslAccept */));
  }

void wangle::Acceptor::onConnectionAdded ( const ManagedConnection *  conn )

inlineoverrideprotectedvirtual

Invoked when a connection is added to the ConnectionManager.

Implements wangle::ConnectionManager::Callback.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 403 of file Acceptor.h.

{}

void wangle::Acceptor::onConnectionRemoved ( const ManagedConnection *  conn )

inlineoverrideprotectedvirtual

Invoked when a connection is removed from the ConnectionManager.

Implements wangle::ConnectionManager::Callback.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 404 of file Acceptor.h.

{}

virtual void wangle::Acceptor::onConnectionsDrained ( )

inlineprotectedvirtual

onConnectionsDrained() will be called once all connections have been drained while the acceptor is stopping.

Subclasses can override this method to perform any subclass-specific cleanup.

Reimplemented in proxygen::HTTPServerAcceptor.

Definition at line 392 of file Acceptor.h.

References acceptError(), acceptStopped(), connectionAccepted(), and onEmpty().

Referenced by checkDrained(), and dropAllConnections().

{}

void wangle::Acceptor::onDataAvailable ( std::shared_ptr< folly::AsyncUDPSocket >  socket, const folly::SocketAddress &  addr, std::unique_ptr< folly::IOBuf >  buf, bool  truncated  )

inlineoverrideprotectedvirtualnoexcept

Invoked when a new packet is received

Implements folly::AsyncUDPServerSocket::Callback.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 359 of file Acceptor.h.

                              {}

void wangle::Acceptor::onDoneAcceptingConnection ( int  fd, const folly::SocketAddress &  clientAddr, std::chrono::steady_clock::time_point  acceptTime  )

virtualnoexcept

Called right when the TCP connection has been accepted, before processing the first HTTP bytes (HTTP) or the SSL handshake (HTTPS)

Definition at line 295 of file Acceptor.cpp.

References processEstablishedConnection().

Referenced by connectionAccepted(), and getTotalNumPendingSSLConns().

                                                         {
  TransportInfo tinfo;
  processEstablishedConnection(fd, clientAddr, acceptTime, tinfo);
}

void wangle::Acceptor::onEmpty ( const wangle::ConnectionManager &  cm )

overrideprotectedvirtual

Invoked when the number of connections managed by the ConnectionManager changes from nonzero to zero.

Implements wangle::ConnectionManager::Callback.

Definition at line 458 of file Acceptor.cpp.

References checkDrained(), kDraining, and state_.

Referenced by onConnectionsDrained().

                                          {
  VLOG(3) << "Acceptor=" << this << " onEmpty()";
  if (state_ == State::kDraining) {
    checkDrained();
  }
}

void wangle::Acceptor::onListenStarted ( )

inlineoverrideprotectedvirtualnoexcept

Invoked when we start reading data from socket. It is invoked in each acceptors/listeners event base thread.

Implements folly::AsyncUDPServerSocket::Callback.

Definition at line 357 of file Acceptor.h.

{}

void wangle::Acceptor::onListenStopped ( )

inlineoverrideprotectedvirtualnoexcept

Invoked when the server socket is closed. It is invoked in each acceptors/listeners event base thread.

Implements folly::AsyncUDPServerSocket::Callback.

Definition at line 358 of file Acceptor.h.

{}

virtual void wangle::Acceptor::onNewConnection ( folly::AsyncTransportWrapper::UniquePtr  , const folly::SocketAddress *  , const std::string &  , SecureTransportType  , const TransportInfo &    )

inlineprotectedvirtual

Invoked when a new connection is created. This is where application starts processing a new downstream connection.

NOTE: Application should add the new connection to downstreamConnectionManager so that it can be garbage collected after certain period of idleness.

Parameters

sock	the socket connected to the client
address	the address of the client
nextProtocolName	the name of the L6 or L7 protocol to be spoken on the connection, if known (e.g., from TLS NPN during secure connection setup), or an empty string if unknown
secureTransportType	the name of the secure transport type that was requested by the client.

Reimplemented in wangle::ServerAcceptor< Pipeline >, proxygen::HTTPSessionAcceptor, TestAcceptor, proxygen::HTTPServerAcceptor, and TestAcceptor.

Definition at line 350 of file Acceptor.h.

Referenced by connectionReady().

                              {}

Acceptor& wangle::Acceptor::operator= ( Acceptor const &  )

privatedelete

void wangle::Acceptor::plaintextConnectionReady ( folly::AsyncTransportWrapper::UniquePtr  sock, const folly::SocketAddress &  clientAddr, const std::string &  nextProtocolName, SecureTransportType  secureTransportType, TransportInfo &  tinfo  )

virtual

Wrapper for connectionReady() that can be overridden by subclasses to deal with plaintext connections.

Definition at line 388 of file Acceptor.cpp.

References connectionReady(), and folly::gen::move.

Referenced by getTotalNumPendingSSLConns(), and processEstablishedConnection().

                          {
  connectionReady(
      std::move(sock),
      clientAddr,
      nextProtocolName,
      secureTransportType,
      tinfo);
}

void wangle::Acceptor::processEstablishedConnection ( int  fd, const folly::SocketAddress &  clientAddr, std::chrono::steady_clock::time_point  acceptTime, TransportInfo &  tinfo  )

noexcept

Begins either processing HTTP bytes (HTTP) or the SSL handshake (HTTPS)

Definition at line 304 of file Acceptor.cpp.

References accConfig_, base_, wangle::DROPPED, folly::pushmi::operators::error(), wangle::ServerSocketConfig::isSSL(), makeNewAsyncSocket(), makeNewAsyncSSLSocket(), wangle::ServerSocketConfig::maxConcurrentSSLHandshakes, folly::gen::move, wangle::ServerSocketConfig::name, wangle::NONE, numPendingSSLConns_, plaintextConnectionReady(), sslConnectionError(), sslCtxManager_, startHandshakeManager(), totalNumPendingSSLConns_, and updateSSLStats().

Referenced by getTotalNumPendingSSLConns(), and onDoneAcceptingConnection().

                                   {
  bool shouldDoSSL = false;
  if (accConfig_.isSSL()) {
    CHECK(sslCtxManager_);
    shouldDoSSL = sslCtxManager_->getDefaultSSLCtx() != nullptr;
  }
  if (shouldDoSSL) {
    AsyncSSLSocket::UniquePtr sslSock(
      makeNewAsyncSSLSocket(
        sslCtxManager_->getDefaultSSLCtx(), base_, fd));
    ++numPendingSSLConns_;
    ++totalNumPendingSSLConns_;
    if (numPendingSSLConns_ > accConfig_.maxConcurrentSSLHandshakes) {
      VLOG(2) << "dropped SSL handshake on " << accConfig_.name <<
        " too many handshakes in progress";
      auto error = SSLErrorEnum::DROPPED;
      auto latency = std::chrono::milliseconds(0);
      updateSSLStats(sslSock.get(), latency, error);
      auto ex = folly::make_exception_wrapper<SSLException>(
          error, latency, sslSock->getRawBytesReceived());
      sslConnectionError(ex);
      return;
    }

    tinfo.tfoSucceded = sslSock->getTFOSucceded();
    startHandshakeManager(
        std::move(sslSock),
        this,
        clientAddr,
        acceptTime,
        tinfo);
  } else {
    tinfo.secure = false;
    tinfo.acceptTime = acceptTime;
    AsyncSocket::UniquePtr sock(makeNewAsyncSocket(base_, fd));
    tinfo.tfoSucceded = sock->getTFOSucceded();
    plaintextConnectionReady(
        std::move(sock),
        clientAddr,
        empty_string,
        SecureTransportType::NONE,
        tinfo);
  }
}

void wangle::Acceptor::resetSSLContextConfigs ( )

virtual

Recreates ssl configs, re-reads certs

Definition at line 162 of file Acceptor.cpp.

References accConfig_, wangle::ServerSocketConfig::bindAddress, cacheProvider_, createFizzContext(), wangle::FizzConfig::enableFizz, wangle::ServerSocketConfig::fizzConfig, getFizzPeeker(), folly::gen::move, wangle::DefaultToFizzPeekingCallback::setContext(), wangle::ServerSocketConfig::sslCacheOptions, wangle::ServerSocketConfig::sslContextConfigs, sslCtxManager_, and updateFizzContext().

Referenced by setSSLCacheProvider(), and proxygen::HTTPServer::updateTLSCredentials().

                                      {
  if (accConfig_.fizzConfig.enableFizz) {
    auto ctx = createFizzContext();
    if (ctx) {
      updateFizzContext(ctx.get());
      getFizzPeeker()->setContext(std::move(ctx));
    }
  }
  try {
    sslCtxManager_->resetSSLContextConfigs(accConfig_.sslContextConfigs,
                                           accConfig_.sslCacheOptions,
                                           nullptr,
                                           accConfig_.bindAddress,
                                           cacheProvider_);
  } catch (const std::runtime_error& ex) {
    LOG(ERROR) << "Failed to re-configure TLS: "
               << ex.what()
               << "will keep old config";
  }

}

void wangle::Acceptor::setGracefulShutdownTimeout ( std::chrono::milliseconds  gracefulShutdown )

inline

Time after drainAllConnections() or acceptStopped() during which new requests on connections owned by the downstream ConnectionManager will be processed normally.

Definition at line 178 of file Acceptor.h.

References gracefulShutdownTimeout_.

                                                                          {
    gracefulShutdownTimeout_ = gracefulShutdown;
  }

void wangle::Acceptor::setLoadShedConfig ( std::shared_ptr< const LoadShedConfiguration >  loadShedConfig, const IConnectionCounter *  counter  )

protected

Definition at line 221 of file Acceptor.cpp.

References connectionCounter_, counter, and loadShedConfig_.

                                       {
  loadShedConfig_ = loadShedConfig;
  connectionCounter_ = counter;
}

virtual void wangle::Acceptor::setSSLCacheProvider ( const std::shared_ptr< SSLCacheProvider > &  cacheProvider )

inlinevirtual

Supply an SSL cache provider

Note

Call this before init()

Definition at line 78 of file Acceptor.h.

References addSSLContextConfig(), cacheProvider_, init(), and resetSSLContextConfigs().

                                                            {
    cacheProvider_ = cacheProvider;
  }

void wangle::Acceptor::setTLSTicketSecrets ( const std::vector< std::string > &  oldSecrets, const std::vector< std::string > &  currentSecrets, const std::vector< std::string > &  newSecrets  )

virtual

Sets TLS ticket secrets to use, or updates previously set secrets.

Definition at line 195 of file Acceptor.cpp.

References accConfig_, currentSecrets_, wangle::TLSTicketKeySeeds::currentSeeds, wangle::FizzConfig::enableFizz, wangle::ServerSocketConfig::fizzConfig, getFizzPeeker(), wangle::TLSTicketKeySeeds::newSeeds, wangle::TLSTicketKeySeeds::oldSeeds, sslCtxManager_, and updateFizzContext().

Referenced by getSSLContextManager(), init(), and proxygen::HTTPServer::updateTicketSeeds().

                                            {
  currentSecrets_.oldSeeds = oldSecrets;
  currentSecrets_.currentSeeds = currentSecrets;
  currentSecrets_.newSeeds = newSecrets;

  if (accConfig_.fizzConfig.enableFizz) {
    updateFizzContext(getFizzPeeker()->getContext().get());
  }

  if (sslCtxManager_) {
    sslCtxManager_->reloadTLSTicketKeys(
        oldSecrets, currentSecrets, newSecrets);
  }
}

void wangle::Acceptor::sslConnectionError ( const folly::exception_wrapper &  ex )

virtual

Notification callback for SSL handshake failures.

Reimplemented in wangle::ServerAcceptor< Pipeline >.

Definition at line 422 of file Acceptor.cpp.

References checkDrained(), kDraining, numPendingSSLConns_, state_, and totalNumPendingSSLConns_.

Referenced by getTotalNumPendingSSLConns(), processEstablishedConnection(), and wangle::ServerAcceptor< Pipeline >::sslConnectionError().

                                                               {
  CHECK(numPendingSSLConns_ > 0);
  --numPendingSSLConns_;
  --totalNumPendingSSLConns_;
  if (state_ == State::kDraining) {
    checkDrained();
  }
}

void wangle::Acceptor::sslConnectionReady ( folly::AsyncTransportWrapper::UniquePtr  sock, const folly::SocketAddress &  clientAddr, const std::string &  nextProtocol, SecureTransportType  secureTransportType, TransportInfo &  tinfo  )

virtual

Wrapper for connectionReady() that decrements the count of pending SSL connections. This should normally not be overridden.

Definition at line 403 of file Acceptor.cpp.

References checkDrained(), connectionReady(), kDraining, folly::gen::move, numPendingSSLConns_, state_, and totalNumPendingSSLConns_.

Referenced by getTotalNumPendingSSLConns().

                                                   {
  CHECK(numPendingSSLConns_ > 0);
  --numPendingSSLConns_;
  --totalNumPendingSSLConns_;
  connectionReady(
      std::move(sock),
      clientAddr,
      nextProtocol,
      secureTransportType,
      tinfo);
  if (state_ == State::kDraining) {
    checkDrained();
  }
}

void wangle::Acceptor::startHandshakeManager ( folly::AsyncSSLSocket::UniquePtr  sslSock, Acceptor *  acceptor, const folly::SocketAddress &  clientAddr, std::chrono::steady_clock::time_point  acceptTime, TransportInfo &  tinfo  )

virtualnoexcept

Creates and starts the handshake manager.

Definition at line 353 of file Acceptor.cpp.

References wangle::SecurityProtocolContextManager::getHandshakeManager(), folly::gen::move, securityProtocolCtxManager_, and wangle::AcceptorHandshakeManager::start().

Referenced by getTotalNumPendingSSLConns(), and processEstablishedConnection().

                                   {
  auto manager = securityProtocolCtxManager_.getHandshakeManager(
      this, clientAddr, acceptTime, tinfo);
  manager->start(std::move(sslSock));
}

void wangle::Acceptor::updateFizzContext ( fizz::server::FizzServerContext *  ctx )

protected

Definition at line 149 of file Acceptor.cpp.

References accConfig_, cipher, createFizzTicketCipher(), folly::gen::move, fizz::server::FizzServerContext::setTicketCipher(), wangle::ServerSocketConfig::sslContextConfigs, and string.

Referenced by getFizzPeeker(), resetSSLContextConfigs(), and setTLSTicketSecrets().

                                                                 {
  if (ctx) {
    std::string pskContext;
    if (!accConfig_.sslContextConfigs.empty()) {
      pskContext = accConfig_.sslContextConfigs.front().sessionContext.value_or(
        "");
    }
    auto cipher = createFizzTicketCipher(
        folly::Optional<std::string>(std::move(pskContext)));
    ctx->setTicketCipher(std::move(cipher));
  }
}

virtual void wangle::Acceptor::updateSSLStats ( const folly::AsyncTransportWrapper *  , std::chrono::milliseconds  , SSLErrorEnum    )

inlinevirtualnoexcept

Hook for subclasses to record stats about SSL connection establishment.

sock may be nullptr.

Definition at line 305 of file Acceptor.h.

Referenced by processEstablishedConnection().

                               {}

Member Data Documentation

const ServerSocketConfig wangle::Acceptor::accConfig_

protected

Definition at line 407 of file Acceptor.h.

Referenced by addSSLContextConfig(), createFizzContext(), createFizzTicketCipher(), getConfig(), getConnTimeout(), getName(), getSSLHandshakeTimeout(), init(), initDownstreamConnectionManager(), isSSL(), processEstablishedConnection(), resetSSLContextConfigs(), setTLSTicketSecrets(), and updateFizzContext().

folly::EventBase* wangle::Acceptor::base_ {nullptr}

protected

Our event loop.

Probably needs to be used to pass to a ManagedConnection implementation. Also visible in case a subclass wishes to do additional things w/ the event loop (e.g. in attach()).

Definition at line 319 of file Acceptor.h.

Referenced by checkDrained(), drainConnections(), dropAllConnections(), dropConnections(), forceStop(), getEventBase(), initDownstreamConnectionManager(), and processEstablishedConnection().

std::shared_ptr<SSLCacheProvider> wangle::Acceptor::cacheProvider_

protected

Definition at line 440 of file Acceptor.h.

Referenced by addSSLContextConfig(), init(), resetSSLContextConfigs(), and setSSLCacheProvider().

const IConnectionCounter* wangle::Acceptor::connectionCounter_ {nullptr}

private

Definition at line 458 of file Acceptor.h.

Referenced by canAccept(), getWorkerMaxConnections(), and setLoadShedConfig().

wangle::TLSTicketKeySeeds wangle::Acceptor::currentSecrets_

protected

Definition at line 441 of file Acceptor.h.

Referenced by createFizzTicketCipher(), and setTLSTicketSecrets().

DefaultToFizzPeekingCallback wangle::Acceptor::defaultFizzPeeker_

protected

Definition at line 436 of file Acceptor.h.

Referenced by getFizzPeeker().

DefaultToSSLPeekingCallback wangle::Acceptor::defaultPeekingCallback_

protected

Definition at line 435 of file Acceptor.h.

Referenced by init().

wangle::ConnectionManager::UniquePtr wangle::Acceptor::downstreamConnectionManager_

protected

Definition at line 438 of file Acceptor.h.

Referenced by addConnection(), checkDrained(), drainAllConnections(), drainConnections(), dropAllConnections(), dropConnections(), proxygen::HTTPSessionAcceptor::dropIdleConnections(), getConnectionManager(), getNumConnections(), and initDownstreamConnectionManager().

bool wangle::Acceptor::forceShutdownInProgress_ {false}

private

Definition at line 456 of file Acceptor.h.

Referenced by checkDrained(), dropAllConnections(), and dropConnections().

std::chrono::milliseconds wangle::Acceptor::gracefulShutdownTimeout_ {5000}

private

Definition at line 459 of file Acceptor.h.

Referenced by drainAllConnections(), drainConnections(), getGracefulShutdownTimeout(), and setGracefulShutdownTimeout().

std::shared_ptr<const LoadShedConfiguration> wangle::Acceptor::loadShedConfig_ {nullptr}

private

Definition at line 457 of file Acceptor.h.

Referenced by canAccept(), and setLoadShedConfig().

uint64_t wangle::Acceptor::numPendingSSLConns_ {0}

private

Definition at line 452 of file Acceptor.h.

Referenced by checkDrained(), dropAllConnections(), processEstablishedConnection(), sslConnectionError(), and sslConnectionReady().

SecurityProtocolContextManager wangle::Acceptor::securityProtocolCtxManager_

protected

Stores peekers for different security protocols.

Definition at line 432 of file Acceptor.h.

Referenced by init(), and startHandshakeManager().

folly::AsyncSocket::OptionMap wangle::Acceptor::socketOptions_

protected

Socket options to apply to the client socket

Definition at line 425 of file Acceptor.h.

Referenced by connectionAccepted(), and init().

std::unique_ptr<SSLContextManager> wangle::Acceptor::sslCtxManager_

protected

Definition at line 427 of file Acceptor.h.

Referenced by addSSLContextConfig(), getSSLContextManager(), init(), processEstablishedConnection(), resetSSLContextConfigs(), and setTLSTicketSecrets().

State wangle::Acceptor::state_ {State::kInit}

private

Definition at line 451 of file Acceptor.h.

Referenced by acceptStopped(), checkDrained(), connectionReady(), dropAllConnections(), getState(), initDownstreamConnectionManager(), onEmpty(), sslConnectionError(), and sslConnectionReady().

TLSPlaintextPeekingCallback wangle::Acceptor::tlsPlaintextPeekingCallback_

protected

Definition at line 434 of file Acceptor.h.

Referenced by init().

std::atomic< uint64_t > wangle::Acceptor::totalNumPendingSSLConns_ {0}

staticprivate

Definition at line 454 of file Acceptor.h.

Referenced by getTotalNumPendingSSLConns(), processEstablishedConnection(), sslConnectionError(), and sslConnectionReady().

---

The documentation for this class was generated from the following files:

• proxygen/wangle/wangle/acceptor/Acceptor.h
• proxygen/wangle/wangle/acceptor/Acceptor.cpp