use user-agent for searching a client

avbelov23 · avbelov23 · commit ddf7998dc06b · 2019-02-22T15:07:17.000+03:00
diff --git a/tempesta_fw/client.c b/tempesta_fw/client.c
@@ -58,6 +58,8 @@ typedef struct {
 
 static TDB *client_db;
 
+unsigned long tfw_hash_str_len(const TfwStr *str, unsigned long str_len);
+
 /**
  * Called when a client socket is closed.
  */
@@ -147,16 +149,16 @@ tfw_client_ent_init(TdbRec *rec, void (*init)(void *), void *data)
 }
 
 /**
- * Find a client corresponding to @addr and @cli_addr (e.g. from X-Forwarded-For).
- * More advanced identification is possible based on User-Agent,
- * Cookie and other HTTP headers.
+ * Find a client corresponding to @addr, @cli_addr (e.g. from X-Forwarded-For)
+ * and @user_agent.
  *
  * The returned TfwClient reference must be released via tfw_client_put()
  * when the @sk is closed.
  * TODO #515 employ eviction strategy for the table.
  */
 TfwClient *
-tfw_client_obtain(TfwAddr addr, TfwAddr *cli_addr, void (*init)(void *))
+tfw_client_obtain(TfwAddr addr, TfwAddr *cli_addr, TfwStr *user_agent,
+		  void (*init)(void *))
 {
 	TfwClientEntry *ent;
 	TfwClient *cli;
@@ -171,6 +173,8 @@ tfw_client_obtain(TfwAddr addr, TfwAddr *cli_addr, void (*init)(void *))
 	if (cli_addr)
 		key ^= hash_calc((const char *)&cli_addr->sin6_addr,
 				 sizeof(cli_addr->sin6_addr));
+	if (user_agent)
+		key ^= tfw_hash_str_len(user_agent, 256);
 
 	len = sizeof(*ent);
 	rec = tdb_rec_get_alloc(client_db, key, &len, &tfw_client_addr_eq,
diff --git a/tempesta_fw/client.h b/tempesta_fw/client.h
@@ -37,7 +37,7 @@ typedef struct {
 } TfwClient;
 
 TfwClient *tfw_client_obtain(TfwAddr addr, TfwAddr *cli_addr,
-			     void (*init)(void *));
+			     TfwStr *user_agent, void (*init)(void *));
 void tfw_client_put(TfwClient *cli);
 int tfw_client_for_each(int (*fn)(void *));
 void tfw_client_set_lifetime(unsigned int lifetime);
diff --git a/tempesta_fw/http.c b/tempesta_fw/http.c
@@ -2841,7 +2841,7 @@ tfw_http_get_ip_from_xff(TfwHttpReq *req)
 static int
 tfw_http_req_client_link(TfwConn *conn, TfwHttpReq *req)
 {
-	TfwStr s_ip;
+	TfwStr s_ip, s_user_agent, *ua;
 	TfwAddr addr;
 	TfwClient *cli, *conn_cli;
 
@@ -2851,7 +2851,11 @@ tfw_http_req_client_link(TfwConn *conn, TfwHttpReq *req)
 			return TFW_BLOCK;
 
 		conn_cli = (TfwClient *)conn->peer;
-		cli = tfw_client_obtain(conn_cli->addr, &addr, NULL);
+		ua = &req->h_tbl->tbl[TFW_HTTP_HDR_USER_AGENT];
+		tfw_http_msg_clnthdr_val(ua, TFW_HTTP_HDR_USER_AGENT,
+					 &s_user_agent);
+		cli = tfw_client_obtain(conn_cli->addr, &addr, &s_user_agent,
+					NULL);
 		if (cli) {
 			if (cli != conn_cli)
 				req->peer = cli;
diff --git a/tempesta_fw/http_limits.c b/tempesta_fw/http_limits.c
@@ -339,7 +339,7 @@ frang_conn_new(struct sock *sk)
 	TfwAddr addr;
 
 	ss_getpeername(sk, &addr);
-	cli = tfw_client_obtain(addr, NULL, __frang_init_acc);
+	cli = tfw_client_obtain(addr, NULL, NULL, __frang_init_acc);
 	if (unlikely(!cli)) {
 		TFW_ERR("can't obtain a client for frang accounting\n");
 		return TFW_BLOCK;
diff --git a/tempesta_fw/sock_clnt.c b/tempesta_fw/sock_clnt.c
@@ -160,7 +160,7 @@ tfw_sock_clnt_new(struct sock *sk)
 	tfw_connection_unlink_from_sk(sk);
 
 	ss_getpeername(sk, &addr);
-	cli = tfw_client_obtain(addr, NULL, NULL);
+	cli = tfw_client_obtain(addr, NULL, NULL, NULL);
 	if (!cli) {
 		TFW_ERR("can't obtain a client for the new socket\n");
 		return -ENOENT;
